根据python文档,我们可以构建简单的嗅探器,如:
import socket
# the public network interface
HOST = socket.gethostbyname(socket.gethostname())
# create a raw socket and bind it to the public interface
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
s.bind((HOST, 0))
# Include IP headers
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
# receive all packages
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
# receive a package
print s.recvfrom(65565)
# disabled promiscuous mode
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
对于Windows平台但在linux socket.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
中不起作用。
该示例将如何查找linux平台?我如何在Linux中设置混杂模式?
修改
我收到了一条消息:
Traceback (most recent call last):
File "b.py", line 46, in <module>
sniffer(count=10,showPort=True,showRawData=True)
File "b.py", line 12, in sniffer
s.bind((HOST, 0))
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 19] No such device
当我为@ Christian-James-Bell编写代码并进行一些更改时:
import socket
def sniffer(count, bufferSize=65565, showPort=False, showRawData=False):
# the public network interface
HOST = socket.gethostbyname(socket.gethostname())
# create a raw socket and bind it to the public interface
s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.IPPROTO_IP)
# prevent socket from being left in TIME_WAIT state, enabling reuse
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind((HOST, 0))
# Include IP headers
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
# receive all packages
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
for i in range(count):
# receive a package
package = s.recvfrom(bufferSize)
printPacket(package, showPort, showRawData)
# disabled promiscuous mode
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
def printPacket(package, showPort, showRawData):
# index values for (data, header) tuple
dataIndex = 0
headerIndex = 1
# index values for (ipAddress, port) tuple
ipAddressIndex = 0
portIndex = 1
print('IP:', package[headerIndex][ipAddressIndex])
if(showPort):
print('Port:', package[headerIndex][portIndex])
print ('') #newline
if(showRawData):
print ('Data:', package[dataIndex])
sniffer(count=10,showPort=True,showRawData=True)
任何人都知道什么是错的?
答案 0 :(得分:-2)
import socket
def sniffer(count, bufferSize=65565, showPort=False, showRawData=False):
# the public network interface
HOST = socket.gethostbyname(socket.gethostname())
# create a raw socket and bind it to the public interface
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
# prevent socket from being left in TIME_WAIT state, enabling reuse
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind((HOST, 0))
# Include IP headers
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
# receive all packages
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
for i in range(count):
# receive a package
package = s.recvfrom(bufferSize)
printPacket(package, showPort, showRawData)
# disabled promiscuous mode
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
def printPacket(package, showPort, showRawData):
# index values for (data, header) tuple
dataIndex = 0
headerIndex = 1
# index values for (ipAddress, port) tuple
ipAddressIndex = 0
portIndex = 1
print('IP:', package[headerIndex][ipAddressIndex], end=' ')
if(showPort):
print('Port:', package[headerIndex][portIndex], end=' ')
print('') #newline
if(showRawData):
print('Data:', package[dataIndex])
sniffer(count=10,showPort=True,showRawData=True)