学习自破壳学院
观察端口探流量
我们看到目标端口135是开放的,我们对其探测分析流量
-
下面我们对其未开放的端口进行探测,分析流量
-
探测原理
Python实现端口扫描
socket实现代码
import optparse
import socket
socket.setdefaulttimeout(0.5)
class ArgvHandler():
def __init__(self):
self.op = optparse.OptionParser()
self.op.add_option("-i","--ip",dest="ip")
self.op.add_option("-p","--port",dest="port")
self.options,self.args = self.op.parse_args()
def scan(ip,port):
print("des addr %s:%s is scanning..."%(ip,port))
try:
port = int(port)
sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM) #TCP
res = sock.connect_ex((ip,port))
if res == 0:
print('Result:OPEN')
else:
print('Result:CLOSE')
sock.close()
except socket.gaierror:
print('Hostname could not be resolved.Exiting')
except socket.error:
print("Can't connect to the ip")
def main():
in_args = ArgvHandler() # 实例化一个参数解析对象
scan(in_args.options.ip,in_args.options.port)
if __name__ == '__main__':
main()
scapy模块实现
import optparse
from scapy.all import *
socket.setdefaulttimeout(0.5)
class ArgvHandler():
def __init__(self):
self.op = optparse.OptionParser()
self.op.add_option("-i","--ip",dest="ip")
self.op.add_option("-p","--port",dest="port")
self.options,self.args = self.op.parse_args()
def scan(ip,port):
print("des addr %s:%s is scanning..."%(ip,port))
try:
port = int(port)
src_port = RandShort() #随机使用一个端口号
res = sr1(IP(dst=ip)/TCP(sport=src_port,dport=port,flags="S"),timeout=10)
if res.haslayer(TCP):
if res.getlayer(TCP).flags == "SA":
sr(IP(des=ip)/TCP(sport=src_port,dport=port,flags="AR"),timeout=10)
print("Result: OPEN")
elif res.getlayer(TCP).flags == "RA":
print("Result: CLOSE")
except:
print("Scan error!")
def main():
in_args = ArgvHandler() # 实例化一个参数解析对象
scan(in_args.options.ip,in_args.options.port)
if __name__ == '__main__':
main()
网友评论