python解析发往本机的数据包示例 (解析数据包)
tcp.py
1 # -*- coding: cp936 -*- 2 import socket 3 from struct import * 4 from time import ctime,sleep 5 from os import system 6 system('title tcp sniffer') 7 system('color 05') 8 # the public network interface 9 HOST = socket.gethostbyname(socket.gethostname()) 10 # create a raw socket and bind it to the public interface 11 s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP) 12 s.bind((HOST, 0)) 13 # Include IP headers 14 s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) 15 # receive all packages 16 #s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON) 17 # receive a package 18 while 1==1: 19 packet = s.recvfrom(65565) 20 packet = packet[0] 21 ip_header = packet[0:20] 22 iph = unpack('!BBHHHBBH4s4s',ip_header) 23 version = iph[0] >> 4 #Version 24 ihl = iph[0] * 0xF #IHL 25 iph_length = ihl * 4 #Total Length 26 ttl = iph[5] 27 protocol = iph[6] 28 s_addr = socket.inet_ntoa(iph[8]) 29 d_addr = socket.inet_ntoa(iph[9]) 30 print ctime() 31 print 'Version : ' + str(version) + ' IHL : ' + str(ihl) + ' Total Length: '+str(iph_length) + ' TTL : ' +str(ttl) + ' Protocol : ' + str(protocol) + ' Source Address : ' + str(s_addr) + ' Destination Address : ' + str(d_addr) 32 if protocol == 6: 33 tcp_header = packet[20:40] 34 tcph = unpack('!HHLLBBHHH' , tcp_header) 35 source_port = tcph[0] 36 dest_port = tcph[1] 37 sequence = tcph[2] 38 acknowledgement = tcph[3] 39 doff_reserved = tcph[4] 40 tcph_length = doff_reserved >> 4 41 print 'Source Port : ' + str(source_port) + ' Dest Port : ' + str(dest_port) + ' Sequence Number : ' + str(sequence) + ' Acknowledgement : ' + str(acknowledgement) + ' TCP header length : ' + str(tcph_length) 42 data = packet[40:len(packet)] 43 print 'Data : ' + data 44 45 # disabled promiscuous mode 46 s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
udp.py
1 # -*- coding: cp936 -*- 2 import socket 3 from struct import * 4 from time import ctime,sleep 5 from os import system 6 system('title udp sniffer') 7 system('color 05') 8 # the public network interface 9 HOST = socket.gethostbyname(socket.gethostname()) 10 # create a raw socket and bind it to the public interface 11 s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP) 12 s.bind((HOST, 0)) 13 # Include IP headers 14 s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) 15 # receive all packages 16 #s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON) 17 # receive a package 18 while 1==1: 19 packet = s.recvfrom(65565) 20 packet = packet[0] 21 ip_header = packet[0:20] 22 iph = unpack('!BBHHHBBH4s4s',ip_header) 23 version = iph[0] >> 4 #Version 24 ihl = iph[0] * 0xF #IHL 25 iph_length = ihl * 4 #Total Length 26 ttl = iph[5] 27 protocol = iph[6] 28 s_addr = socket.inet_ntoa(iph[8]) 29 d_addr = socket.inet_ntoa(iph[9]) 30 if protocol == 17: 31 udp_header = packet[20:28] 32 udph = unpack('!HHHH' , udp_header) 33 source_port = udph[0] 34 dest_port = udph[1] 35 length = udph[2] 36 checksum = udph[3] 37 data = packet[28:len(packet)] 38 39 print ctime() 40 print 'Version : ' + str(version) + ' IHL : ' + str(ihl) + ' Total Length: '+str(iph_length) + ' TTL : ' +str(ttl) + ' Protocol : ' + str(protocol) + ' Source Address : ' + str(s_addr) + ' Destination Address : ' + str(d_addr) 41 print 'Source Port : ' + str(source_port) + ' Dest Port : ' + str(dest_port) + ' Length : ' + str(length) + ' Checksum : ' + str(checksum) 42 print 'Data : ' + data 43 # disabled promiscuous mode 44 s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
