python網絡工具供之後使用

時間 2021-01-19

標籤 python c# dom tcp ide spa code orm 遞歸 dns 欄目 Python 简体版

原文原文鏈接

1.DNS解析python

#!/usr/bin/envpythonc#

#coding=utf8dom

'''tcp

數據包格式:ide

(<IPfrag=0 proto=udp src=192.168.1.61dst=202.96.209.5 |<UDPsport=domaindpospa

rt=domain|<DNSid=1 qr=0 opcode=QUERY tc=0rd=1 qdcount=1 ancount=0 nscount=0code

arcount=0qd=<DNSQRqname='www.qq.com' qtype=Aqclass=IN |> |>>>, <IPversion=orm

4L ihl=5L tos=0x0len=88 id=53905 flags=DF frag=0L ttl=248 proto=udp chksum=0x4e遞歸

b7 src=202.96.209.5dst=192.168.1.61 options=[] |<UDPsport=domain dport=domaindns

len=68 chksum=0x2652 |<DNSid=1 qr=1L opcode=QUERY aa=0L tc=0L rd=1Lra=1L z=0

L rcode=ok qdcount=1ancount=2 nscount=0 arcount=0 qd=<DNSQRqname='www.qq.com.

' qtype=A qclass=IN|> an=<DNSRRrrname='www.qq.com.'type=A rclass=IN ttl=265

rdata='101.226.103.106'|<DNSRRrrname='www.qq.com.' type=Arclass=IN ttl=265 r

data='101.226.129.158'|>> ns=None ar=None |>>>)

'''

from scapy.allimport *

def DnsQuery(sip):

ip_header=IP(src=sip,dst="202.96.209.5")

udp_header=UDP(dport=53)

dns_header=DNS(id=1,qr=0,opcode=0,tc=0,rd=1,qdcount=1,ancount=0,nscount=0,arcount=0)#構造標準的DNS數據包

dns_header.qd=DNSQR(qname="www.qq.com",qtype=1,qclass=1)#構造DNS資源記錄

packet=ip_header/udp_header/dns_header

ans,unans=sr(packet,timeout=1,verbose=0)

type_dict={1:'A',5:'CNAME'}

#print ans[0]

for s,r in ans:

print "Received_IP:%s"%(r[IP].dst)

print "Query Domain:%s"%(r[DNS].qd.qname)

print "%s\t%s"%("Type","IP(Domain)")

print "-"*30

for i in xrange(15):

try:

print "%s\t%s"%(type_dict[r[DNS].an[i].type],r[DNS].an[i].rdata)

except:

pass

print "*"*30

for x in [61]:

ip="192.168.1."+str(x)

#print ip

DnsQuery(ip)

2.Scan Syn掃描

#!/usr/bin/envpython

#coding=utf8

'''

數據包格式:

(<IPfrag=0 proto=tcp dst=192.168.1.1|<TCPsport=16334 dport=tcpmuxflags=S |

>>,<IPversion=4L ihl=5L tos=0x0 len=40id=19281 flags= frag=0L ttl=255 proto=

tcp chksum=0xe4efsrc=192.168.1.1 dst=192.168.1.61 options=[] |<TCPsport=tcpmu

x dport=16334 seq=0ack=1 dataofs=5L reserved=0L flags=RA window=0 chksum=0xe471

urgptr=0 |<Paddingload='\x00\x00\x00\x00\x00\x00'|>>>)

'''

from scapy.allimport *

#ans,unans=sr(IP(dst="192.168.1.1")/TCP(dport=[23],flags="S"),timeout=2,verbose=0)

ans,unans=sr(IP(dst="192.168.1.1")/TCP(sport=RandShort(),dport=(1,1024),flags="S"),timeout=2,verbose=0)#發送SYN包

status_dict={18:'open',20:'closed'}

#print ans[0]

for s,r in ans:

sport,flags=r[TCP].sport,status_dict[r[TCP].flags]#獲取返回的數據包源端口和響應狀態,是ACK＋SYN，仍是RST+ACK,如果ACK+SYN則是open,不然是closed

if flags!="closed":

print "{0}{1}".format(sport,flags)

3.arp掃描，獲取存活主機的Mac

#!/usr/bin/envpython

#coding=utf8

'''

數據包格式

[(<Etherdst=ff:ff:ff:ff:ff:ff type=0x806|<ARPpdst=192.168.1.1 |>>,

<Etherdst=00:0c:29:a4:0c:45 src=00:18:b9:00:50:bftype=0x806 |<ARPhwtype=0x1pxype=0x800 hwlen=6 plen=4 op=is-at hwsrc=00:18:b9:00:50:bf psrc=192.168.1.1hwdst=00:0c:29:a4:0c:45 pdst=192.168.1.61 |<Paddingload='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'|>>>)]

'''

from scapy.allimport *

ans,unans=srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst="192.168.1.0/24"),timeout=2,verbose=0)

#print ans[0]#打印接收到的第1個包

for s,r in ans:#遞歸每個包(包中包含發送與接收包),s發送包,r接收包

print r[Ether].src,r[ARP].psrc#打印MAC＝>IP

若是想了解更多，請關注咱們的公衆號
公衆號ID:opdevos
掃碼關注