lua学习+项目实例

版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/wshlp123456/article/details/54890666

一 、 编写客户端服务器脚本(python)

 服务器端:

import socket    

s=socket.socket()   #创建socket对象

s.bind(('127.0.0.1',5566))    #ip地址和端口号

s.listen(5)

cs,address = s.accept()    #cs是新的socket对象

print 'got connected from',address

#cs.send('done')

ra=cs.recv(512)

print ra

cs.close()

客户端:

import socket

s=socket.socket()

s.connect(('127.0.0.1',5566))   #与服务器程序ip地址和端口号相同

s.send('client')

#data=s.recv(512)

s.close()

#print 'the data received is',data

参考资料: http://blog.csdn.net/linda1000/article/details/11474881

关键字: send和recv方法 ; socket 套件

二、 wireshark抓包

Wireshark抓本机包,windows下,在命令行中输入以下语句:

route add 192.168.1.106 mask 255.255.255.255 192.168.1.1metric 1

其中,192.168.1.106是本机ip 192.168.1.1是路由网关。其他都不变。

删除请求命令:add ---delete 后面metric1删除

参考资料:http://blog.csdn.net/neomc/article/details/6376891

三、lua 解析自定义协议

参考资料:用lua语言编写Wireshark插件解析自定义协议.doc(百度文库)


1.wireshark 安装目录下修改 init.lua 

2.wireshark 安装目录下新增test.lua文档 内容如下:

#定义协议字段,解释器dissector
--requie "dll"
---自定义协议hstproto
hstproto = Proto("hstProto","My Protocol for hst user","My Self-defined Protocol")
--定义包头字段
local f_wPacketSize = ProtoField.uint16("wPacketSize", "PacketSize",base.DEC)
local f_wDstSessionID = ProtoField.uint16("wDstSessionID", "DstSessionID")
local f_bPacketType = ProtoField.uint8("bPacketType", "PacketType",base.DEC,{ [1] = "QueryRequest",[2] = "SESSIONACK", [3] = "SESSIONBYE", [4] = "SESSIONREREQ",[5] = "DATAACK",
[6] = "ACTIVE",[7] = "PING",[8] = "PINGREP",[0] = "DATA"},0xf0)
local f_bVersion = ProtoField.uint8("bVersion", "Version",base.DEC,Version,0x0f)
--定义req报文字段
local f_bSessionType = ProtoField.uint8("bSessionType", "SessionType",base.DEC,SessionType,0x0f)
local f_bSecurityCount = ProtoField.uint8("bSecurityCount", "SecurityCount",base.DEC,SecurityCount,0xf0)
local f_wApplictionID = ProtoField.uint16("wApplictionID", "ApplictionID")
local f_wSrcSessionID = ProtoField.uint16("wSrcSessionID", "SrcSessionID")
local f_bSecurityTypes = ProtoField.uint8("bSecurityTypes", "SecurityTypes")
--定义ACK报文字段
local f_bAck = ProtoField.uint8("bAck", "Ack",base.DEC,Ack,0x0f)
local f_bSecurityType = ProtoField.uint8("bSecurityType", "SecurityType",base.DEC,SecurityType,0xf0)
local f_wAckSeqnum = ProtoField.uint16("wAckSeqnum", "AckSeqnum")
--定义DATAACK报文字段
local f_bAckType = ProtoField.uint8("bAckType", "AckType",base.DEC,AckType,0x0f)
local f_bReserved = ProtoField.uint8("bReserved", "Reserved",base.DEC,Reserved,0xf0)
--定义ping/pingrep报文字段
local f_dwDestIP = ProtoField.uint32("dwDestIP", "DestIP")
local f_dwTimeStamp = ProtoField.uint32("dwTimeStamp", "TimeStamp")
--定义DATA报文
local f_wSeqnum = ProtoField.uint16("wSeqnum", "Seqnum")
local f_wData = ProtoField.bytes("wData", "Data")


--定义分区字段
local f_Header = ProtoField.bytes("f_Header","Message Header")
local f_body = ProtoField.bytes("f_body","Message Body")


---字段到添加协议中
hstproto.fields = { f_wPacketSize, f_wDstSessionID, f_bVersion, f_bPacketType,f_bSecurityTypes,f_bSessionType,f_bSecurityCount,f_bAck,f_bSecurityType,
f_wSrcSessionID,f_wApplictionID,f_wAckSeqnum,f_bAckType,f_bReserved,f_dwDestIP,f_dwTimeStamp,f_wSeqnum,f_wData}
---定义解析器
function hstproto.dissector(buffer,pinfo,tree)
    pinfo.cols.protocol:set("hstProto")
    pinfo.cols.info:set("This is hstProto data")
local buffer_len = buffer:len()
    local myProtoTree = tree:add(hstproto, buffer(0, buffer_len), "Following is fsmeeting Data")
 ----------  分离通用包头----------- 
  local offset = 0
    local myHeadTree = myProtoTree:add("Message Header")
  
    myHeadTree:add(f_wPacketSize, buffer(offset,2))
local PacketSize = buffer(offset,2):int()
offset = offset + 2
myHeadTree:add_le(f_wDstSessionID, buffer(offset,2))
offset = offset + 2
myHeadTree:add_le(f_bPacketType, buffer(offset,1))
    local bPacketType = buffer(offset,1):bitfield(0,4)
myHeadTree:add_le(f_bVersion, buffer(offset,1))
offset = offset + 1
 -------------分离协议报文------------
local myBodyTree = myProtoTree:add("Message Body")
--解析req报文
if bPacketType == 1 then
myBodyTree:add_le(f_bSessionType, buffer(offset,1))
myBodyTree:add_le(f_bSecurityCount, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wApplictionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_bSecurityTypes, buffer(offset,buffer_len-offset))

pinfo.cols.info:set("This is hstProto data:SESSIONREQ")
--解析ACK报文
elseif bPacketType == 2 then
myBodyTree:add_le(f_bAck, buffer(offset,1))
myBodyTree:add_le(f_bSecurityType, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2))
--offset = offset + 2
pinfo.cols.info:set("This is hstProto data:SESSIONACK")
--解析REREQ报文
elseif bPacketType == 4 then
myBodyTree:add_le(f_bSessionType, buffer(offset,1))
myBodyTree:add_le(f_bSecurityType, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wApplictionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2))
--offset = offset + 2
pinfo.cols.info:set("This is hstProto data:SESSIONREREQ")
--解析DATAACK报文
    elseif bPacketType == 5 then
myBodyTree:add_le(f_bAckType, buffer(offset,1))
myBodyTree:add_le(f_bReserved, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2))
--offset = offset + 2
pinfo.cols.info:set("This is hstProto data:SESSIONDATAACK")
--解析ping报文
    elseif bPacketType == 7 then
myBodyTree:add_le(f_dwDestIP, buffer(offset,4))
offset = offset + 4
myBodyTree:add_le(f_dwTimeStamp, buffer(offset,4))
--offset = offset + 4
pinfo.cols.info:set("This is hstProto data:SESSIONPING")
    --解析pingrep报文
    elseif bPacketType == 8 then
myBodyTree:add_le(f_dwDestIP, buffer(offset,4))
offset = offset + 4
myBodyTree:add_le(f_dwTimeStamp, buffer(offset,4))
--offset = offset + 4
pinfo.cols.info:set("This is hstProto data:SESSIONPINGREQ")
--解析bye报文
elseif bPacketType == 3 then
pinfo.cols.info:set("This is hstProto data:SESSIONBYE")
--解析Active报文
elseif bPacketType == 6 then
pinfo.cols.info:set("This is hstProto data:SESSIONACTIVE")
--解析data报文
elseif (bPacketType == 0 and buffer_len == PacketSize) then 
pinfo.cols.info:set("This is hstProto data:SESSIONDATARELIABLE")
myBodyTree:add_le(f_wSeqnum, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wData,buffer(offset,buffer_len-offset))
elseif (bPacketType == 0 and pinfo.len < PacketSize) then 
pinfo.cols.info:set("This is hstProto data:SESSIONDATARELIABLE segement")
myBodyTree:add_le(f_wSeqnum, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wData,buffer(offset,buffer_len-offset))
        
end



    





end
local tcp_port_table = DissectorTable.get("tcp.port")
local my_port = 1089
tcp_port_table:add(my_port, hstproto)

阅读更多
想对作者说点什么?

博主推荐

换一批

没有更多推荐了,返回首页