import time
from optparse import OptionParser
from random import randint
from scapy.all import *
def main():
usage = "Usage: %prog -i <ip address> -m <mode tcp|udp>"
# 输出帮助信息
parse = OptionParser(usage=usage)
parse.add_option("-i", '--ip', type="string", dest="targetIP", help="specify the IP address")
parse.add_option("-m", '--mode', type="string", dest="mode", help="specify the IP address")
# 获取网段地址
options, args = parse.parse_args()
#实例化用户输入的参数
if '-' in options.targetIP:
# 代码举例:192.168.1.1-120
# 通过“-”进行分隔,把192.168.1.1和120进行分离
# 把192.168.1.1通过“,”进行分隔,取最后一个数作为range函数的start,然后把120+1作为range函数的stop
# 这样循环遍历出需要扫描的IP地址
for i in range(int(options.targetIP.split('-')[0].split('.')[3]), int(options.targetIP.split('-')[1]) + 1):
address = options.targetIP.split('.')[0] + '.' + options.targetIP.split('.')[1] + '.' + options.targetIP.split('.')[2] + '.' + str(i)
if options.mode == "tcp":
TCPScan(address)
else:
UDPScan(address)
else:
if options.mode == "tcp":
TCPScan(options.targetIP)
else:
UDPScan(options.targetIP)
def TCPScan(ip):
try:
dport = random.randint(1, 65535)
# 随机目的端口
packet = IP(dst=ip)/TCP(flags="A",dport=dport)
# 构造标志位为ACK的数据包
response = sr1(packet,timeout=1.0, verbose=0)
if response:
if int(response[TCP].flags) == 4:
# 判断响应包中是否存在RST标志位
time.sleep(0.5)
print(ip + ' ' + "is up")
else:
print(ip + ' ' + "is down")
else:
print(ip + ' ' + "is down")
except Exception as error:
pass
def UDPScan(ip):
try:
dport = random.randint(1, 65535)
packet = IP(dst=ip)/UDP(dport=dport)
response = sr1(packet,timeout=1.0, verbose=0)
if response:
if int(response[IP].proto) == 1:
time.sleep(0.5)
print(ip + ' ' + "is up")
else:
print(ip + ' ' + "is down")
else:
print(ip + ' ' + "is down")
except:
pass
if __name__ == '__main__':
main()
# sudo python a.py -i 220.181.38.150-160 -m tcp
# 对于TCP、UDP主机发现,同样可以借助Nmap库来实现。这里需要用到Nmap的-sT和-PU两个参数。
# result = nm.scan(hosts=ip, arguments='-sT')
# result = nm.scan(hosts=targetIP, arguments='-PU')
TCP or UDP Host Discovery
最新推荐文章于 2024-10-12 09:21:12 发布