python解析发往本机的数据包示例 (解析数据包)

yipeiwu_com6年前Python基础

tcp.py

复制代码 代码如下:

# -*- coding: cp936 -*-
import socket
from struct import *
from time import ctime,sleep
from os import system

system('title tcp sniffer')
system('color 05')

# the public network interface
HOST = socket.gethostbyname(socket.gethostname())

# create a raw socket and bind it to the public interface
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
s.bind((HOST, 0))

# Include IP headers
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)

# receive all packages
#s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

# receive a package
while 1==1:
    packet = s.recvfrom(65565)
    packet = packet[0]

    ip_header = packet[0:20]
    iph = unpack('!BBHHHBBH4s4s',ip_header)
    version = iph[0] >> 4 #Version
    ihl = iph[0] * 0xF    #IHL
    iph_length = ihl * 4  #Total Length
    ttl = iph[5]
    protocol = iph[6]
    s_addr = socket.inet_ntoa(iph[8])
    d_addr = socket.inet_ntoa(iph[9])
    print ctime()
    print 'Version : ' + str(version) + ' IHL : ' + str(ihl) + ' Total Length: '+str(iph_length) + ' TTL : ' +str(ttl) + ' Protocol : ' + str(protocol) + ' Source Address : ' + str(s_addr) + ' Destination Address : ' + str(d_addr)

    if protocol == 6:
        tcp_header = packet[20:40]
        tcph = unpack('!HHLLBBHHH' , tcp_header)
        source_port = tcph[0]
        dest_port = tcph[1]
        sequence = tcph[2]
        acknowledgement = tcph[3]
        doff_reserved = tcph[4]
        tcph_length = doff_reserved >> 4
        print 'Source Port : ' + str(source_port) + ' Dest Port : ' + str(dest_port) + ' Sequence Number : ' + str(sequence) + ' Acknowledgement : ' + str(acknowledgement) + ' TCP header length : ' + str(tcph_length)

        data = packet[40:len(packet)]
        print 'Data : ' + data


# disabled promiscuous mode
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)

udp.py

复制代码 代码如下:

# -*- coding: cp936 -*-
import socket
from struct import *
from time import ctime,sleep
from os import system

system('title udp sniffer')
system('color 05')
# the public network interface
HOST = socket.gethostbyname(socket.gethostname())

# create a raw socket and bind it to the public interface
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
s.bind((HOST, 0))

# Include IP headers
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)

# receive all packages
#s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

# receive a package
while 1==1:
    packet = s.recvfrom(65565)
    packet = packet[0]

    ip_header = packet[0:20]
    iph = unpack('!BBHHHBBH4s4s',ip_header)
    version = iph[0] >> 4 #Version
    ihl = iph[0] * 0xF    #IHL
    iph_length = ihl * 4  #Total Length
    ttl = iph[5]
    protocol = iph[6]
    s_addr = socket.inet_ntoa(iph[8])
    d_addr = socket.inet_ntoa(iph[9])

    if protocol == 17:
        udp_header = packet[20:28]
        udph = unpack('!HHHH' , udp_header)
        source_port = udph[0]
        dest_port = udph[1]
        length = udph[2]
        checksum = udph[3]
        data = packet[28:len(packet)]

        print ctime()
        print 'Version : ' + str(version) + ' IHL : ' + str(ihl) + ' Total Length: '+str(iph_length) + ' TTL : ' +str(ttl) + ' Protocol : ' + str(protocol) + ' Source Address : ' + str(s_addr) + ' Destination Address : ' + str(d_addr)
        print 'Source Port : ' + str(source_port) + ' Dest Port : ' + str(dest_port) + ' Length : ' + str(length) + ' Checksum : ' + str(checksum)
        print 'Data : ' + data

# disabled promiscuous mode
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)

相关文章

python英语单词测试小程序代码实例

这篇文章主要介绍了python英语单词测试小程序代码实例,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 爬取了扇贝英语网,并制作了一个...

python线程信号量semaphore使用解析

这篇文章主要介绍了python线程信号量semaphore使用解析,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下 一.semaphor...

pip install python 快速安装模块的教程图解

pip install python 快速安装模块的教程图解

之前python安装模块要在网络上下载,从python2.7.9之后,以及python3,python就自带pip 这个命令,能够快速的安装模块 1, 首先打开python的主文件夹...

在Python的Flask框架下使用sqlalchemy库的简单教程

flask中的sqlalchemy 相比于sqlalchemy封装的更加彻底一些 , 在一些方法上更简单 首先import类库: 在CODE上查看代码片派生到我的代码片 <...

Python实现计算最小编辑距离

Python实现计算最小编辑距离

最小编辑距离或莱文斯坦距离(Levenshtein),指由字符串A转化为字符串B的最小编辑次数。允许的编辑操作有:删除,插入,替换。具体内容可参见:维基百科—莱文斯坦距离。一般代码实现的...