[ 笔 记 ] 主动信息收集_003 ( 三层发现 )

于 2019-07-20 13:51:19 发布
阅读量135 收藏
点赞数 1
分类专栏: 笔记
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_40636259/article/details/96585835
版权

主动信息收集[2]{
发现__三层发现:
优点: 可路由;
速度比较快;
缺点: 速度比二层慢;
经常被边界防火墙过滤;
IP, icmp 协议;
icmp : Internet 控制管理协议, 用于三层发现;

ping 1.1.1.1 -c 2  ;;request 端为icmp type 8 code 0 ;; 正常响应为type 0
ping -R 1.1.1.1 / traceroute 1.1.1.1  ;;追踪路由, 通过第一个包设置ttl为1,之后的逐个加一,来达到追踪每个路由的效果
使用 scapy :
	i=IP(dst="192.168.31.1")
	p=ICMP()
	ping=I/P/"padding"
	res = sr1(ping)

nmap:
	nmap -sn 123.125.114.0/24
	
fping:
	fping 192.168.31.1 -c 1   ;;与 ping 命令类似,支持ping地址段
	fping -g 192.168.31.1 192.168.31.255 >> result.txt
	fping -g 192.168.31.0/24

hping:
	能够发送几乎任何 TCP/IP 包;
	功能强大但只能扫描一个目标;
		hping3 1.1.1.1 --icmp -c 2
		for addr in $(seq 1 254); do hping3 1.1.1.$addr --icmp -c 1 >> handle.txt & done

}

python 多线程扫描脚本:

#!/usr/bin/python3
#-*-coding:utf-8-*-

import threading
#import requests
from scapy.all import *
import queue as Queue
import optparse

iplist = []

class opt1:
    def __init__(self):
        parser = optparse.OptionParser()
        parser.add_option('-a','--addr',dest='addr',help='A range of ipaddresses like: 192.168.31.0/24')
#        parser.add_option('')

        self.options,self.args=parser.parse_args()
#        print(self.options, self.args)


class myThread(threading.Thread):
    def __init__(self,name,q):
        threading.Thread.__init__(self)
        self.name = name
        self.q = q
    def run(self):
        print("[*] Starting "+ self.name)
        while True:
            try:
                ping(self.name,self.q)
            except:
                break
        print("[*] Exiting " + self.name)


#fh = open("a13.txt","a+")
def ping(threadName, q):
    ips = q.get(timeout=1)
    try:
        res = sr1(IP(dst=ips)/ICMP()/"folkqasswecan",timeout=0.1,verbose=False)
        print(res.display())
    except:
        pass

def main():
    threads = []
    opt123 = opt1()
    ipL = opt123.options.addr.split('.')
#    lenth = len(ipL)
    if len(ipL) != 4:
        print("[-]Error: What's your problem???")
        print("[!] Please use ./threadping.py -h to see the usages!!!")
        exit(1)
    for ipS in ipL:
        po = ipS.find('/')
        if po == -1:
            continue
        else:
            ipSe = ipS.split('/')[1]
            break
    threadList = ["Thread-1","Thread-2","Thread-3","Thread-4","Thread-5","Thread-6","Thread-7","Thread-8","Thread-9","Thread-10","Thread-11","Thread-12","Thread-13","Thread-14"]
    if (int(ipSe) == 24):
        workQueue = Queue.Queue(255)
        for i in range(1,255):
            iplist.append((str(ipL[0]) + '.' + str(ipL[1]) +'.' + str(ipL[2]) + '.' +str(i)))
    for tName in threadList:
        thread = myThread(tName, workQueue)
        thread.start()
        threads.append(thread)
    for ipsss in iplist:
        workQueue.put(ipsss)
    for t in threads:
        t.join()
    print("[*] Exitting...")
#    print(iplist)

if __name__ == "__main__":
    main()

在这里插入图片描述
在这里插入图片描述

inv@1id
关注
  • 1
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值