抓包、python网络编程之tcp、udp例子
2017-08-17 09:20
1181 查看
抓包
tcpdump
可以将网络-i:interface监听网卡
-
[root@server5 ~]# tcpdump -i ens33 11:09:26.967399 IP server5.example.com.ssh > localhost.53420: Flags [P.], seq 3438092:3438272, ack 521, win 251, length 180
- - nn:以ip和port方式显示来源主机和目的主机
-
[root@server3 ~]# ping -c 5 192.168.109.138 PING 192.168.109.138 (192.168.109.138) 56(84) bytes of data. 64 bytes from 192.168.109.138: icmp_seq=1 ttl=64 time=1.50 ms 64 bytes from 192.168.109.138: icmp_seq=2 ttl=64 time=0.215 ms 64 bytes from 192.168.109.138: icmp_seq=3 ttl=64 time=0.584 ms 64 bytes from 192.168.109.138: icmp_seq=4 ttl=64 time=0.236 ms 64 bytes from 192.168.109.138: icmp_seq=5 ttl=64 time=0.226 ms root@server5 ~]# tcpdump -i ens33 -nn 'icmp' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens33, link-type EN10MB (Ethernet), capture size 65535 bytes 11:13:52.860920 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 1, length 64 11:13:52.860972 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 1, length 64 11:13:53.862829 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 2, length 64 11:13:53.862874 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 2, length 64 11:13:54.864056 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 3, length 64 11:13:54.864115 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 3, length 64 11:13:55.864911 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 4, length 64 11:13:55.864961 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 4, length 64 11:13:56.865994 IP 192.168.109.131 > 192.168.109.138: ICMP echo request, id 25157, seq 5, length 64 11:13:56.866044 IP 192.168.109.138 > 192.168.109.131: ICMP echo reply, id 25157, seq 5, length 64
-
A:以ASCII方式显示数据包(抓取web数据)
X:数据包将会以十六进制和ASCII方式显示;常见表达式:host(主机)、port(端口)、src host(发包主机)、dst host(收包主机);多个条件,and、or组合,取反 ! 。
-
[root@server5 ~]# tcpdump -i ens33 -nn 'src host 192.168.109.138' 11:20:33.812916 IP 192.168.109.138.22 > 192.168.109.1.53420: Flags [P.], seq 2067212:2067392, ack 313, win 273, length 180 [root@server5 ~]# tcpdump -i ens33 -nn 'dst host 192.168.109.138 11:21:45.176663 IP 192.168.109.1.53420 > 192.168.109.138.22: Flags [.], ack 1762294598, win 256, length 0 [root@server5 ~]# tcpdump -i ens33 -nnA 'port 80' n........*.....M.....H.y..qR.0..aUqX....R._...?,e......~..........@t.........!...T....P>Q...`DPR..,B@...L. ...yh. .......*...Me.n.".....zk...?M.....TO....P4w........jQ;. ..d5Y....$A..KTZ76b.......CE.0E.:q.5..'\\L[..#.LP..QM.A@P....C!......P......LS#.)RaG..-! u.....(..|..&..c.b.S^.t<....B......nj"j...s [root@server2 ~]# curl 192.168.109.138:80 curl: (7) Failed connect to 192.168.109.138:80; No route to host [root@server5 ~]# tcpdump -i ens33 -nnA 'port 80 and src host 192.168.109.136' ..j........ 11:28:23.459622 IP 192.168.109.136.58326 > 192.168.109.138.80: Flags [S], seq 3779477931, win 29200, options [mss 1460,sackOK,TS val 177019357 ecr 0,nop,wscale 7], length 0 E..<Xv@.@.....m...m....P.FA.......r.N .........
w:直接将分组写入文件中,不打印
c:指定分组数量
d:将匹配的信息包以人们能够理解的汇编格式给出
dd:将匹配信息包的代码以C语言程序段格式给出
ddd:将匹配的信息包的代码以十进制形式给出
wireshark
安装方便简单易用的界面
提供丰富的界面
网络编程
套接字
两种类型的套接字:基于文件和面向网络的;Python支持:AF_UNIX、AF_NETLINK、AF_TIPC、AF_INET
面向连接的套接字:SOCK_STREAM、AF_INET
面向无连接的套接字:SOCK_DGRAM
网络编程实例
- 例子1,本机tcp进程通信
### client.py ### import socket #导入socket和thread模块所有属性 from thread import * print "Client" HOST = "localhost" PORT = 5001 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)#创建一个socket,返回socket的描述符 s.connect((HOST,PORT)) while True: data2 = raw_input() s.sendall(data2) ### server.py ### import socket print "Server" HOST = "localhost" PORT = 5001 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind((HOST, PORT)) s.listen(1) conn, addr = s.accept() print 'Connected by', addr while 1: data = conn.recv(1024) print data if data == "Ping": print "Pong!" conn.close()
-
- 例子2 不同网段tcp通信
[root@server2 ~]# cat test.py import socket from thread import * s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) print 'Socket Created' # 创建socket host = 'www.baidu.com' port = 80 remote_ip = socket.gethostbyname( host ) # 通过主机名得到IP地址 print 'Hostname could not be resolved. Exiting' s.connect((remote_ip , port)) # 使用IP和Port连接 print 'Socket Connected to ' + host + ' on ip ' + remote_ip message="GET / HTTP/1.1\r\n\r\n"# b243 请求返回首页内容 try: s.sendall(message) # 发送消息 except socket.error: print 'Send failed' sys.exit() print "Message send successfully" reply=s.recv(4096) # 回复消息 print reply s.close() [root@server2 ~]# python test.py Socket Created Hostname could not be resolved. Exiting Socket Connected to www.baidu.com on ip 61.135.169.125 Message send successfully HTTP/1.1 302 Moved Temporarily Date: Wed, 16 Aug 2017 08:13:57 GMT Content-Type: text/html Content-Length: 215 Connection: Keep-Alive Location: http://www.baidu.com/search/error.html Server: BWS/1.1 X-UA-Compatible: IE=Edge,chrome=1 BDPAGETYPE: 3 Set-Cookie: BDSVRTM=0; path=/ <html> <head><title>302 Found</title></head> <body bgcolor="white"> <center><h1>302 Found</h1></center> <hr><center>pr-nginx_1-0-350_BRANCH Branch Time : Tue Aug 8 20:41:04 CST 2017</center> </body> </html>
-
- 例子3 udp本机通信
[root@server2 ~]# cat udpclient.py import socket s=socket.socket(socket.AF_INET,socket.SOCK_DGRAM) for data in ['Moring','Afternoon','GoodNight']: s.sendto(data,("127.0.0.1",9999)) print s.recv(1024) s.close() [root@server2 ~]# cat udpserver.py import socket #from thread import * s=socket.socket(socket.AF_INET,socket.SOCK_DGRAM) s.bind(('127.0.0.1',9999)) print 'Bind UDP on 9999...' while True: data,addr=s.recvfrom(1024) print 'Received from %s:%s' % addr s.sendto("Hello,%s!" % data, addr) [root@server2 ~]# python udpserver.py Bind UDP on 9999... Received from 127.0.0.1:45357 Received from 127.0.0.1:45357 Received from 127.0.0.1:45357 [root@server2 ~]# python udpclient.py Hello,Moring! Hello,Afternoon! Hello,GoodNight!
异常 | 描述 |
---|---|
error | 套接字相关错误 |
herror | 主机和地址相关错误 |
gaierror | 地址相关错误 |
相关文章推荐
- 抓包、python网络编程之tcp、udp例子
- IPv6下网络编程socket, TCP和UDP例子,以及兼容IPV4和IPV6的类
- python 网络编程 TCP和UDP
- Python网络编程之socket编程(一)--使用TCP和UDP客户端和服务器通信
- 【Python网络编程】利用Python进行TCP、UDP套接字编程
- python网络编程之TCP通信实例和socketserver框架使用例子
- python网络编程之UDP通信实例(含服务器端、客户端、UDP广播例子)
- python 网络编程(TCP & UDP)
- IPv6下网络编程socket, TCP和UDP例子,以及兼容IPV4和IPV6的类
- python(12-2 网络编程 udp ,tcp 协议)
- linux下C/C++网络编程基本:socket实现tcp和udp的例子
- IPv6下网络编程socket, TCP和UDP例子,以及兼容IPV4和IPV6的类
- python网络编程之TCP通信实例和socketserver框架使用例子
- python 网络编程-TCP/UDP
- Python 网络编程操作TCP/UDP 初探(一)
- [python] 专题七.网络编程之套接字Socket、TCP和UDP通信实例
- python网络编程之UDP通信实例(含服务器端、客户端、UDP广播例子)
- Python网络编程之TCP与UDP协议套接字用法示例
- Python 网络编程操作TCP/UDP 初探(二)
- python网络编程之TCP通信实例和socketserver框架使用例子