python构造IP报文实例
作者:大囚长 时间:2023-07-10 20:40:51
我就废话不多说了,大家还是直接看代码吧!
import socket
import sys
import time
import struct
HOST, PORT = "10.60.66.66", 10086
def make_forward_iphdr(source_ip = '1.0.0.1', dest_ip = '2.0.0.2', proto = socket.IPPROTO_UDP) :
# ip header fields
ip_ihl = 5
ip_ver = 4
ip_tos = 0
ip_tot_len = 0 # kernel will fill the correct total length
ip_id = 54321 #Id of this packet
ip_frag_off = 0
ip_ttl = 255
ip_proto = proto
ip_check = 0 # kernel will fill the correct checksum
ip_saddr = socket.inet_aton ( source_ip ) #Spoof the source ip address if you want to
ip_daddr = socket.inet_aton ( dest_ip )
ip_ihl_ver = (ip_ver << 4) + ip_ihl
# the ! in the pack format string means network order
ip_header = struct.pack('!BBHHHBBH4s4s', ip_ihl_ver, ip_tos, ip_tot_len, ip_id, ip_frag_off, ip_ttl, ip_proto, ip_check, ip_saddr, ip_daddr)
return ip_header
def make_forward_udphdr(src_port = 1024, dst_port = 10086) :
udp_header = struct.pack('!HHHH', src_port, dst_port, 0, 0)
return udp_header
# checksum functions needed for calculation checksum
def checksum(msg):
s = 0
# loop taking 2 characters at a time
for i in range(0, len(msg), 2):
w = ord(msg[i]) + (ord(msg[i+1]) << 8 )
s = s + w
s = (s>>16) + (s & 0xffff);
s = s + (s >> 16);
#complement and mask to 4 byte short
s = ~s & 0xffff
return s
def make_tcp_data(ip_header, src_port = 1024, dst_port = 10086, source_ip='1.0.0.1', dest_ip='2.0.0.2', user_data = 'test') :
tcp_source = src_port # source port
tcp_dest = dst_port # destination port
tcp_seq = 454
tcp_ack_seq = 0
tcp_doff = 5 #4 bit field, size of tcp header, 5 * 4 = 20 bytes
#tcp flags
tcp_fin = 0
tcp_syn = 1
tcp_rst = 0
tcp_psh = 0
tcp_ack = 0
tcp_urg = 0
tcp_window = socket.htons (5840) # maximum allowed window size
tcp_check = 0
tcp_urg_ptr = 0
tcp_offset_res = (tcp_doff << 4) + 0
tcp_flags = tcp_fin + (tcp_syn << 1) + (tcp_rst << 2) + (tcp_psh <<3) + (tcp_ack << 4) + (tcp_urg << 5)
# the ! in the pack format string means network order
tcp_header = struct.pack('!HHLLBBHHH' , tcp_source, tcp_dest, tcp_seq, tcp_ack_seq, tcp_offset_res, tcp_flags, tcp_window, tcp_check, tcp_urg_ptr)
source_address = socket.inet_aton(source_ip)
dest_address = socket.inet_aton(dest_ip)
placeholder = 0
protocol = socket.IPPROTO_TCP
tcp_length = len(tcp_header) + len(user_data)
psh = struct.pack('!4s4sBBH' , source_address , dest_address , placeholder , protocol , tcp_length);
psh = psh + tcp_header + user_data;
tcp_check = checksum(psh)
#print tcp_checksum
# make the tcp header again and fill the correct checksum - remember checksum is NOT in network byte order
tcp_header = struct.pack('!HHLLBBH' , tcp_source, tcp_dest, tcp_seq, tcp_ack_seq, tcp_offset_res, tcp_flags, tcp_window) + struct.pack('H' , tcp_check) + struct.pack('!H' ,tcp_urg_ptr)
# final full packet - syn packets dont have any data
packet = ip_header + tcp_header + user_data
return packet
补充知识:python做在域名作为关键字的POST报文集合分类
将报文按域名分成不同的集合,而后写入excel,主要使用了字典数据结构
输入内容:
[域名,post报文(一个域名有多条,在不同行),域名类型]
输出内容:
[域名,POST报文集合,域名类型]
#-*- encoding:UTF-8 -*-
import openpyxl
from openpyxl import load_workbook
from openpyxl import Workbook
import numpy as np
import pandas as pd
import re
strinfo = re.compile('[ ]+')
book=load_workbook('ex2.xlsx','utf-8')
sheet=book.worksheets[0]
rows=sheet.max_row
cols=sheet.max_column
Post={}
Type={}
for i in range(2,rows+1):#向字典里添加元素
dn=sheet.cell(i,1).value
pv=sheet.cell(i,2).value
tv=sheet.cell(i,3).value
if Post.get(dn)==None:#第一次遇到這个域名
Post[dn]=pv
Type[dn]=tv
else:
Post[dn]+='\n'+pv
wb=Workbook()
sh=wb.worksheets[0]#输出表格
for i in range(2,rows+1):#从字典中取出内容存入excel
dn=sheet.cell(i,1).value
if i==2:
Post[dn]=Post[dn].replace('/',' ').replace(':',' ')
Post[dn]=Post[dn].replace('(',' ').replace(')',' ')
Post[dn]=Post[dn].replace('*',' ').replace(';',' ')
Post[dn]=Post[dn].replace('\t',' ').replace('\n',' ')
Post[dn]=Post[dn].replace('$',' ').replace('@',' ')
Post[dn]=Post[dn].replace('=',' ').replace('&',' ')
Post[dn]=Post[dn].replace(',',' ').replace('?',' ')
Post[dn]=strinfo.sub(' ',Post[dn])
sh.append([dn,Post[dn],Type[dn]])
else:
if dn!=sheet.cell(i-1,1).value:
Post[dn]=Post[dn].replace('/',' ').replace(':',' ')
Post[dn]=Post[dn].replace('(',' ').replace(')',' ')
Post[dn]=Post[dn].replace('*',' ').replace(';',' ')
Post[dn]=Post[dn].replace('\t',' ').replace('\n',' ')
Post[dn]=Post[dn].replace('$',' ').replace('@',' ')
Post[dn]=Post[dn].replace('=',' ').replace('&',' ')
Post[dn]=Post[dn].replace(',',' ').replace('?',' ')
Post[dn]=strinfo.sub(' ',Post[dn])
sh.append([dn,Post[dn],Type[dn]])
else:
continue
replace('_x000D_','')
wb.save('out.csv')
来源:https://blog.csdn.net/Jailman/article/details/79175619
标签:python,IP,报文
0
投稿猜你喜欢
PHP getDocNamespaces()函数讲解
2023-06-13 22:19:06
MySQL中XML数据的XPath支持
2009-12-15 21:57:00
Django如何简单快速实现PUT、DELETE方法
2021-04-14 17:53:07
matplotlib给子图添加图例的方法
2023-05-02 03:21:28
详解pandas绘制矩阵散点图(scatter_matrix)的方法
2022-06-09 18:52:34
Golang中实现数据脱敏处理的go-mask包分享
2024-02-12 17:24:55
jQuery 1.4官方中文手册[译]
2010-01-20 10:46:00
Python argparse库的基本使用步骤
2023-12-14 08:02:29
Python random模块用法解析及简单示例
2022-06-02 11:05:14
Python时间序列缺失值的处理方法(日期缺失填充)
2023-04-13 07:39:18
Mysql 错误问题汇总(不断更新中)
2024-01-18 23:51:22
Web表单设计:表单结构
2011-04-22 12:32:00
Python统计学一数据的概括性度量详解
2022-08-16 03:18:20
Opencv python 图片生成视频的方法示例
2021-11-08 22:18:38
使用jQuery简化Ajax开发
2010-04-11 21:09:00
关于Python中的向量相加和numpy中的向量相加效率对比
2022-09-30 04:22:44
用AspJpeg调整文字水印透明,生成图片水印的效果
2008-12-29 19:43:00
一文教你彻底解决Python包下载慢问题
2023-04-02 20:29:32
python实现excel转置问题详解
2023-06-27 23:27:27
Python数据分析之 Pandas Dataframe合并和去重操作
2022-12-31 07:11:59
