ICMP主机探测过程
ICMP主机探测过程
#1
from scapy.all import * from random import randint from optparse import OptionParser
#2 对用户输入的参数进行接收和批量处理,并将处理后的ip地址传入Scan函数.
def main():
parser = OptionParser("Usage:%prog -i <target host> ") #输出帮助信息
parser.add_option('-i', type='string', dest='IP', help='specify target host')
#获取IP地址参数
options, args = parser.parse_args()
print("Scan report for " + options.IP + "\n")
#判断是单台还是多台主机
#IP中存在-,说明是要扫描多台主机
if '-' in options.IP:
# 代码举例:192.168.1.1-120
# 通过" - " 进行隔离,把192.168.1.1和120分开
# 把192.168.1.1通过" , "进行隔离,取最后一个数作为range 函数的start ,然后把120+1作为range 函数的stop
# 这样循坏遍历出需要扫描的IP地址
for i in range (int(options.IP.split('-')[0].split('.')[3]),int
(options.IP.split('-' )[1]) + 1):
Scan(
options.IP.split('.')[0] + '.' + options.IP.split('.')[1] + '.' +
options.IP.split('.')[2] + '.' + str(i))
time.sleep (0.2)
else:
Scan(options.IP)
print("\nScan finished!...\n")
if __name__ == "__main__":
try:
main()
except KeyboardInterrupt:
print('interrupted by user, killing all threads...')
#3 Scan函数通过调用ICMP, 构造好的请求包发送到目的地址.目的地址的应答数据判断目标是否存活,打印存活的主机IP地址"ip.ip.ip.ip"----"Host is up" 对于不存活的主机打印出"ip.ip.ip.ip"---"host is down"
def Scan(ip):
ip_id =randint(1, 65535)
icmp_id = randint(1, 65535)
icmp_seq = randint(1, 65535)
packet=IP(dst=ip, ttl=64, id=ip_id)/ICMP(id=icmp_id, seq=icmp_seq)/b'rootkit'
result = sr1(packet, timeout=1, verbose=False)
if result:
for rcv in result:
scan_ip = rcv[IP].src
print(scan_ip + '--->' 'Host is up')
else:
print(ip + '--->' 'host is down')
版权声明:本文为Xanyang原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。