asd
使用原始raw程式設計需要系統支援,某些windows已經不支援了。
構造socket:
s = socket.socket(socket.af_inet,socket.sock_raw)夠著ip頭結構
class ip(object):
def __init__(self, source, destination):
self.version = 4
self.ihl = 5 # internet header length
self.tos = 0 # type of service
self.tl = 0 # total length will be filled by kernel
self.id = 54321
self.flags = 0 # more fragments
self.offset = 0
self.ttl = 255
self.protocol = socket.ipproto_tcp
self.checksum = 0 # will be filled by kernel
self.source = socket.inet_aton(source)
self.destination = socket.inet_aton(destination)
def pack(self):
ver_ihl = (self.version << 4) + self.ihl
flags_offset = (self.flags << 13) + self.offset
ip_header = struct.pack("!bbhhhbbh4s4s",
ver_ihl,
self.tos,
self.tl,
self.id,
flags_offset,
self.ttl,
self.protocol,
self.checksum,
self.source,
self.destination)
構造ip可以使用:
ipobj = ip("127.0.0.1", "127.0.0.2") # 構造ip
ipobj.source = "localhost" # 改變源位址
構造tcp結構
class tcp(object):
def __init__(self, srcp, dstp):
self.srcp = srcp
self.dstp = dstp
self.seqn = 0
self.ackn = 0
self.offset = 5 # data offset: 5x4 = 20 bytes
self.reserved = 0
self.urg = 0
self.ack = 0
self.psh = 1
self.rst = 0
self.syn = 0
self.fin = 0
self.window = socket.htons(5840)
self.checksum = 0
self.urgp = 0
self.payload = ""
def pack(self, source, destination):
data_offset = (self.offset << 4) + 0
flags = self.fin + (self.syn << 1) + (self.rst << 2) + (self.psh << 3) + (self.ack << 4) + (self.urg << 5)
tcp_header = struct.pack('!hhllbbhhh',
self.srcp,
self.dstp,
self.seqn,
self.ackn,
data_offset,
flags,
self.window,
self.checksum,
self.urgp)
#pseudo header fields
source_ip = source
destination_ip = destination
reserved = 0
protocol = socket.ipproto_tcp
total_length = len(tcp_header) + len(self.payload)
# pseudo header
psh = struct.pack("!4s4sbbh",
source_ip,
destination_ip,
reserved,
protocol,
total_length)
psh = psh + tcp_header + self.payload
tcp_checksum = checksum(psh)
tcp_header = struct.pack("!hhllbbh",
self.srcp,
self.dstp,
self.seqn,
self.ackn,
data_offset,
flags,
self.window)
tcp_header+= struct.pack('h', tcp_checksum) + struct.pack('!h', self.urgp)
# 偽造頭部
source_ip = source
destination_ip = destination
reserved = 0
protocol = socket.ipproto_tcp
psh = struct.pack("!4s4sbbh",
source_ip,
destination_ip,
reserved,
protocol,
total_length)
psh = psh + tcp_header + self.payload
校驗函式:
def checksum(data):
s = 0
n = len(data) % 2
for i in range(0, len(data)-n, 2):
s+= ord(data[i]) + (ord(data[i+1]) << 8)
if n:
s+= ord(data[i+1])
while (s >> 16):
print("s >> 16: ", s >> 16)
s = (s & 0xffff) + (s >> 16)
print("sum:", s)
s = ~s & 0xffff
乙個小栗子
s = socket.socket(socket.af_inet,
socket.sock_raw,
socket.ipproto_raw)
src_host = "10.0.2.15"
dest_host = socket.gethostbyname("www.reddit.com")
data = "test!!"
# ip header
ipobj = ip(src_host, dest_host)
iph = ip_object.pack()
# tcp header
tcpobj = tcp(1234, 80)
tcpobj.data_length = len(data) # used in pseudo header
tcph = tcpobj.pack(ipobj.source,
ipobj.destination)
# injection
packet = iph + tcph + data
pinject.py
running the script:
python pinject.py --src=10.0.2.15 --dst=www.reddit.com
[+] local machine: 10.0.2.15
[+] remote machine: 198.41.209.142
[+] raw scoket created
[+] data to inject: test!!
[+] constructing ip header
[+] constructing tcp header
程式設計,還是程式設計
喜歡程式設計,雖然水平一般,但還是執著地學習與程式設計有關的知識。中間因為工作關係與程式設計遠離了一段時間,現在又重拾起來,細想起來還是因為喜歡吧。喜歡程式軟體的思想和原理,喜歡程式 的魅力和成就感。程式設計軟體的思想是最值得學習的,一直認為思想決定行動,思想改變世界。每種軟體的流行和受人追捧,無不...
少兒程式設計程式設計
機械人比賽,聽上去讓人有一種高大上的科技感,沒錯,在大多數人眼裡,玩機械人那是科學家做的事情,不過隨著機械人教育的普及,越來越多的孩子也能夠駕馭這高大上的機械人。格物斯坦小坦克告訴你原因,這是歸結於孩子對於程式設計課程的學習,學會對機械人進行程式設計了,自然就能玩轉機械人啦。參加機械人比賽的意義遠遠...
LINUX程式設計 socket程式設計
什麼是套接字 套接字是一種通訊過程,它使客戶 伺服器系統的開發工作既可以在本地單機上進行,也可以跨網路進行。套接字建立過程 1,建立乙個套接字,這是分配給該伺服器程序的乙個作業系統資源,套接字由伺服器通過系統呼叫socket建立出來的,所以其它程序將不能對它進行訪問。2,給套接字起個名字,用系統呼叫...