sys port and process

最新推荐文章于 2023-09-07 13:26:36 发布
最新推荐文章于 2023-09-07 13:26:36 发布
阅读量824 收藏
点赞数
分类专栏: 系统底层-NDIS 文章标签: object struct socket system null integer
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xiaohua_de/article/details/6084027
版权

#include "ntddk.h"
#include "string.h"

#define SystemHandleInformation  16
#define TCPUDP_FLAG   100
#define WIN2K_SOCKET_FLAG  0x1a //2k
#define WINXP_SOCKET_FLAG  0x1c //xp
#define WIN2K3_SOCKET_FLAG  0x1a //2k3


#define WIN2K_EPROCESS_NAMEOFFSET    0x1fc //2k
#define WINXP_EPROCESS_NAMEOFFSET    0x174 //xp
#define WIN2K3_EPROCESS_NAMEOFFSET   0x1fc //2k3
#define  WIN7_EPPROCESS_NAMEOFFSET   0x16c

#define ObjectNameInformation  1
#define ObjectAllTypesInformation 3

#define  IOCTL_TCP_QUERY_INFORMATION_EX  0x120003
/*
typedef struct _OBJECT_NAME_INFORMATION {
UNICODE_STRING Name;
} OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;

typedef struct _OBJECT_TYPE_INFORMATION {
UNICODE_STRING Name;
ULONG ObjectCount;
ULONG HandleCount;
ULONG Reserved1[4];
ULONG PeakObjectCount;
ULONG PeakHandleCount;
ULONG Reserved2[4];
ULONG InvalidAttributes;
GENERIC_MAPPING GenericMapping;
ULONG ValidAccess;
UCHAR Unknown;
BOOLEAN MaintainHandleDatabase;
POOL_TYPE PoolType;
ULONG PagedPoolUsage;
ULONG NonPagedPoolUsage;
} OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;

typedef struct _OBJECT_ALL_TYPES_INFORMATION {
ULONG NumberOfTypes;
OBJECT_TYPE_INFORMATION TypeInformation;
} OBJECT_ALL_TYPES_INFORMATION, *POBJECT_ALL_TYPES_INFORMATION;
*/

#define ntohs(s) /
 ( ( ((s) >> 8) & 0x00FF ) | /
 ( ((s) << 8) & 0xFF00 ) )

typedef struct _TDI_CONNECTION_INFO {
 ULONG          State;
 ULONG          Event;
 ULONG          TransmittedTsdus;
 ULONG          ReceivedTsdus;
 ULONG          TransmissionErrors;
 ULONG          ReceiveErrors;
 LARGE_INTEGER  Throughput;
 LARGE_INTEGER  Delay;
 ULONG          SendBufferSize;
 ULONG          ReceiveBufferSize;
 BOOLEAN        Unreliable;
} TDI_CONNECTION_INFO, *PTDI_CONNECTION_INFO;

typedef struct _TDI_CONNECTION_INFORMATION {
 LONG   UserDataLength;
 PVOID  UserData;
 LONG   OptionsLength;
 PVOID  Options;
 LONG   RemoteAddressLength;
 PVOID  RemoteAddress;
} TDI_CONNECTION_INFORMATION, *PTDI_CONNECTION_INFORMATION;

typedef struct _SYSTEM_HANDLE_INFORMATION
{
 ULONG ProcessID;        //进程的标识ID
 UCHAR ObjectTypeNumber;        //对象类型
 UCHAR Flags;             //0x01 = PROTECT_FROM_CLOSE,0x02 = INHERIT
 USHORT Handle;             //对象句柄的数值
 PVOID  Object;            //对象句柄所指的内核对象地址 WinNT4/Windows2000是0x1A xp中是0x1c 2003中是
 ACCESS_MASK GrantedAccess;      //创建句柄时所准许的对象的访问权
}SYSTEM_HANDLE_INFORMATION, * PSYSTEM_HANDLE_INFORMATION;

/*
http://forum.sysinternals.com/topic19403&OB=DESC.html

#define SystemExtendedHandleInformation 64

typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX
{
PVOID Object;
HANDLE UniqueProcessId;
HANDLE HandleValue;
ACCESS_MASK GrantedAccess;
USHORT CreatorBackTraceIndex;
USHORT ObjectTypeIndex;
ULONG HandleAttributes;
PVOID Reserved;
} SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX, *PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX;

typedef struct _SYSTEM_EXTENDED_HANDLE_INFORMATION
{
ULONG NumberOfHandles;
SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX Handles[1];
} SYSTEM_EXTENDED_HANDLE_INFORMATION, *PSYSTEM_EXTENDED_HANDLE_INFORMATION;

 

Summoned NtQuerySystemInformation with parameter SystemHandleInformation for systems where SystemVersion.dwMajorVersion = 5
and SystemVersion.dwMajorVersion = 6 with parameter SystemExtendedHandleInformation.

 


*/

NTSYSAPI
 NTSTATUS
 NTAPI
 ZwQuerySystemInformation(
 IN ULONG SystemInformationClass,
 IN OUT PVOID SystemInformation,
 IN ULONG SystemInformationLength,
 OUT PULONG ReturnLength);

NTSYSAPI
 NTSTATUS
 NTAPI
 NtDeviceIoControlFile(
 IN HANDLE FileHandle,
 IN HANDLE Event OPTIONAL,
 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
 IN PVOID ApcContext OPTIONAL,
 OUT PIO_STATUS_BLOCK IoStatusBlock,
 IN ULONG IoControlCode,
 IN PVOID InputBuffer OPTIONAL,
 IN ULONG InputBufferLength,
 OUT PVOID OutputBuffer OPTIONAL,
 IN ULONG OutputBufferLength
 );

NTSYSAPI
 NTSTATUS
 NTAPI
 ZwQueryObject(
 IN HANDLE ObjectHandle,
 IN ULONG ObjectInformationClass,
 OUT PVOID ObjectInformation,
 IN ULONG ObjectInformationLength,
 OUT PULONG ReturnLength OPTIONAL
 );

NTSYSAPI
 BOOLEAN
 NTAPI
 NtDuplicateObject(
 IN HANDLE hSourceProcessHandle,
 IN HANDLE hSourceHandle,
 IN HANDLE hTargetProcessHandle,
 OUT HANDLE * lpTargetHandle,
 IN ULONG dwDesiredAccess,
 IN BOOLEAN bInheritHandle,
 IN ULONG dwOptions
 );

NTSYSAPI
 NTSTATUS
 NTAPI
 PsLookupProcessByProcessId(
 IN ULONG ulProcId,
 OUT PEPROCESS * pEProcess
 );


NTSTATUS
 DriverEntry(IN PDRIVER_OBJECT DriverObject,
 IN PUNICODE_STRING RegistryPath);

void DriverUnload(IN PDRIVER_OBJECT DriverObject);

 

 


//几个全局变量,记录端口相关信息,最后列印出来
ULONG g_pid[1000];
ULONG g_port[1000];
ULONG g_handle[1000];
ULONG g_tcpudp[1000];
ULONG g_num =0 ;
ULONG g_tu[1000]; //g_tu=0 tcp, g_tu=1 udp

//获得所有句柄
ULONG GetHandleList()
{
 ULONG n;
 ULONG pBuffer;
 NTSTATUS status;
 DbgPrint("GetHandleList/n");

 pBuffer =(ULONG)ExAllocatePool(PagedPool,0x1000);
 status = ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,0x1000,&n);
 ExFreePool((PVOID)pBuffer);
 if(STATUS_INFO_LENGTH_MISMATCH == status)
 {
  pBuffer =(ULONG)ExAllocatePool(NonPagedPool,n);
  ZwQuerySystemInformation(SystemHandleInformation,(PVOID)pBuffer,n,NULL);
  return pBuffer;
 }
 else
  return 0;
}

//根据句柄得到端口信息
void GetOpenPort(ULONG dwProcessesID,ULONG Handle,int NoCache,ULONG tcpudp)
{
 HANDLE hProc,DupHandle=NULL;
 USHORT openport;
 ULONG i=0;
 NTSTATUS status;
 TDI_CONNECTION_INFO    TdiConnInfo={0};
 TDI_CONNECTION_INFORMATION TdiConnInformation={0};
 ULONG dwRetu=0;   
 IO_STATUS_BLOCK    IoStatusBlock={0};
 CLIENT_ID id;
 OBJECT_ATTRIBUTES objatt = {0};
 POBJECT_NAME_INFORMATION ObjectName;
 char ObjectNameBuf[512];
 // char ObjectNameMBS[261];
 ULONG ReturnLen;
 ObjectName = (POBJECT_NAME_INFORMATION)ObjectNameBuf;
 ObjectName->Name.MaximumLength = 500;

 //DbgPrint("GetOpenPort/n");

 id.UniqueProcess = (HANDLE)dwProcessesID;
 id.UniqueThread = 0;
 //打开对方进程
 NtOpenProcess(&hProc,PROCESS_DUP_HANDLE,&objatt,&id);
 //复制句柄
 NtDuplicateObject(hProc,
  (HANDLE)Handle,
  (HANDLE)0xffffffff,
  &DupHandle,
  0,
  FALSE,
  2);
 //根据object的数据得到端口信息
 if(NoCache==0x2)
 {
  //取得句柄关联的对象的信息
  ZwQueryObject(DupHandle, ObjectNameInformation, ObjectName, sizeof(ObjectNameBuf), &ReturnLen);

  TdiConnInformation.RemoteAddressLength= 4;
  
  status = NtDeviceIoControlFile((HANDLE)DupHandle,  
   NULL,
   NULL,
   NULL,
   &IoStatusBlock,
   0x210012,  // Command code   0x120003
   &TdiConnInformation,
   sizeof(TdiConnInformation),
   &TdiConnInfo,
   sizeof(TdiConnInfo));

  //进行TDI查询,得到连接的相关信息
  if(status == 0)

  { 
   //端口值
   openport = ntohs((USHORT)TdiConnInfo.ReceivedTsdus);

   if(openport == 0)
    return;

   //先检测是不是已经记录了
   for(i=0;i<g_num;i++)
   {
    if(g_pid[i] == dwProcessesID && g_port[i] == openport)
     if(tcpudp >= TCPUDP_FLAG && g_tcpudp[i] >= TCPUDP_FLAG || tcpudp < TCPUDP_FLAG && g_tcpudp[i] < TCPUDP_FLAG)
      return;
   }
   //开始记录
   g_pid[i] = dwProcessesID;
   g_port[i] = openport;
   g_handle[i] = Handle;
   g_tcpudp[i] = tcpudp;
   g_num++;
   if (wcscmp(ObjectName->Name.Buffer, L"file://Device//Tcp") == 0||wcscmp(ObjectName->Name.Buffer, L"//Device//Tcp") == 0)
   { 
    //TCP
    g_tu[i] = 0;
   }
   if (wcscmp(ObjectName->Name.Buffer, L"file://Device//Udp") == 0||wcscmp(ObjectName->Name.Buffer, L"//Device//Udp") == 0)
   {
    //UDP
    g_tu[i] = 1;
   }
  }
 }
 if(NoCache==0x1)
 {
  ZwQueryObject(DupHandle, ObjectNameInformation, ObjectName, sizeof(ObjectNameBuf), &ReturnLen);

  //远程地址是3个字节数????
  TdiConnInformation.RemoteAddressLength= 3;
  
  status = NtDeviceIoControlFile((HANDLE)DupHandle,       
   NULL,
   NULL,
   NULL,
   &IoStatusBlock,
   0x210012,  // Command code
   &TdiConnInformation,
   sizeof(TdiConnInformation),
   &TdiConnInfo,
   sizeof(TdiConnInfo));                    
  //进行TDI查询,得到连接的相关信息
  if(status == 0)

  {
   openport = ntohs((USHORT)TdiConnInfo.ReceivedTsdus);

   if(openport == 0)
    return;

   for(i=0;i<g_num;i++)  
   {
    if(g_pid[i] == dwProcessesID && g_port[i] == openport)
     if(tcpudp >= TCPUDP_FLAG && g_tcpudp[i] >= TCPUDP_FLAG || tcpudp < TCPUDP_FLAG && g_tcpudp[i] < TCPUDP_FLAG)
      return;
   }

   g_pid[i] = dwProcessesID;
   g_port[i] = openport;
   g_handle[i] = Handle;
   g_tcpudp[i] = tcpudp;
   g_num++;
   if (wcscmp(ObjectName->Name.Buffer, L"file://Device//Tcp") == 0||wcscmp(ObjectName->Name.Buffer, L"//Device//Tcp") == 0)
   {
    g_tu[i] = 0;
   }
   if (wcscmp(ObjectName->Name.Buffer, L"file://Device//Udp") == 0||wcscmp(ObjectName->Name.Buffer, L"//Device//Udp") == 0)
   {
    g_tu[i] = 1;
   }
  }
 }
}

void Start(ULONG pBuffer)
{
 ULONG i;
 //头4个字节是所有的句柄的数目UNONG 32位
 //从第5个字节开始就是结构体了
 PSYSTEM_HANDLE_INFORMATION pProcesses = (PSYSTEM_HANDLE_INFORMATION)(pBuffer+4);
 ULONG nocache;
 ULONG tcpudp;
 PEPROCESS epro;
 char *p;
 ULONG uMajorVersion;
 ULONG uMinorVersion;
 ULONG uBuildNumber;
 ULONG uOsVer;

 DbgPrint("Start11/n");


 PsGetVersion(&uMajorVersion, &uMinorVersion, &uBuildNumber, NULL);
 if(uMajorVersion == 5)
 {
  if(uMinorVersion == 0)
  {
   DbgPrint("2k/n");
   uOsVer = 0;//2k
  }
  else if(uMinorVersion == 1)
  {
   uOsVer = 1;//xp
   DbgPrint("xp/n");
  }
  else if(uMinorVersion == 2)
  {
   uOsVer = 2;//2k3
   DbgPrint("2k3/n");
  }
  else
  {
   uOsVer = 3;//nt
   DbgPrint("NT/n");
  }
 }else if(uMajorVersion == 6)
 {
  uOsVer = 4;//WIN7
 }  else
 {
  uOsVer = 99;
  DbgPrint("Unknow OS/n");
 }

 for (i=0;i<((ULONG)(*(ULONG*)pBuffer));i++)
 {
  //2000 xp 2003 三种操作系统
  if(pProcesses[i].ObjectTypeNumber == WIN2K_SOCKET_FLAG
   || pProcesses[i].ObjectTypeNumber == WINXP_SOCKET_FLAG
   || pProcesses[i].ObjectTypeNumber == WIN2K3_SOCKET_FLAG)
  {           
   //得到SYSTEM_HANDLE_INFORMATION.object的相关数据
   //这里要密切注意内存情况,一不小心就蓝屏。因为句柄经常变化,有些可能已经被销毁了
   nocache = (ULONG)pProcesses[i].Object;
   if(!MmIsAddressValid((VOID*)nocache))
    continue;
   nocache = (ULONG)(*((ULONG*)(nocache)+4));

   tcpudp = (ULONG)(*((ULONG*)(pProcesses[i].Object)+1));
   if(!MmIsAddressValid((VOID*)tcpudp))
    continue;
   tcpudp = (ULONG)(*((ULONG*)(tcpudp)+1));


   if(nocache == 2 || nocache == 1)
   {
    //当noncache和tcpudp有效时候我们便开始解析
    //nocache是PTE里面的结构
    GetOpenPort(pProcesses[i].ProcessID,pProcesses[i].Handle,nocache,tcpudp);
   }
  }
 }

 for(i=0;i<g_num;i++)   {
  //根据PID得到进程名
  PsLookupProcessByProcessId(g_pid[i],&epro);

  if(uOsVer == 0)
  { //2k中进程名在EPROCESS结构中的位置
   p = (char*)epro + WIN2K_EPROCESS_NAMEOFFSET;
   //DbgPrint("2k/n");
  }
  if(uOsVer == 1)
  { //xp中进程名在EPROCESS结构中的位置
   p = (char*)epro + WINXP_EPROCESS_NAMEOFFSET;
   //DbgPrint("xp/n");
  }
  if(uOsVer == 2)
  { //2k3中进程名在EPROCESS结构中的位置
   p = (char*)epro + WIN2K3_EPROCESS_NAMEOFFSET;
   //DbgPrint("2k3/n");
  }
  if(uOsVer == 3)
  {
   p = (char*)epro + WIN2K_EPROCESS_NAMEOFFSET; //NT
   //DbgPrint("nt/n");
  }

  if(uOsVer == 4)
  {
   p = (char*)epro + WIN7_EPPROCESS_NAMEOFFSET; //NT
   //DbgPrint("nt/n");
  }

  if(uOsVer == 99)
  {
   //DbgPrint("Unknow OS/n");
   break;
  }

  if(g_tu[i] == 0)
   DbgPrint("TCP:/tProcName=%s/tPID=%d/tport=%d/t%d/n",p,g_pid[i],g_port[i],g_tcpudp[i]);
  if(g_tu[i] == 1)
   DbgPrint("UDP:/tProcName=%s/tPID=%d/tport=%d/t%d/n",p,g_pid[i],g_port[i],g_tcpudp[i]);

 }

 return;
}
//

NTSTATUS
 DriverEntry(IN PDRIVER_OBJECT DriverObject,
 IN PUNICODE_STRING RegistryPath)
{
 ULONG pbuf;

 DbgPrint("DriverEntry/n");

 DriverObject->DriverUnload = DriverUnload;

 pbuf = GetHandleList();
 Start(pbuf);

 return STATUS_SUCCESS;
}


void DriverUnload(IN PDRIVER_OBJECT pDriverObject)
{
 NTSTATUS            status;
 //ResumeDestFunction();
 if(pDriverObject->DeviceObject != NULL)
 {
  IoDeleteDevice( pDriverObject->DeviceObject );
 }

 DbgPrint("DriverUnload/n");
}

 

 

 

 

 

 

 

 

 

iihacker_cat
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
uhdd.sys源码
03-03
XMGR RDISK and UIDE DOS Device Drivers 1 Description XMGR RDISK and UIDE are a group of DOS device drivers for a PC system with an 80386+ CPU and using MS DOS V5 0+ or equivalent XMGR is a ...
hook小结
03-24 2450
 我们安全爱好者,都接触过Rootkit,它对我们入侵后的保护提供了强大的支持。现今比较流行的Rootkit有Hxdef,NtRootkit和AFX Rootkit,而且Hxdef和AFX Rootkit还提供了源代码,对我们的学习提供了很大的方便。这些Rootkit都是使用HOOK技术实现的,欺骗的是用户,而不是操作系统。使用HOOK开发Rootkit是比较简单的,虽然现在也有很多其他的技术,但
port/connection hiding
04-26 1400
By: akcom  after reading HolyFathers article on rootkits, i wrote a hook to hide connections. Ive noticed a few people saying that the already available ones are buggy, so heres my hook (in C++,
linux 解决端口占用
Nick Na
04-12 384
// 查找端口 netstat -tln netstat -tln | grep 8080netstat -anp //显示系统端口使用情况// 查看进程id lsof -i :8080// 结束进程 kill -9 进程id Netstat 命令用于显示各种网络相关信息,如网络连接,路由表,接口状态 (Interface Statistics),masquerade 连接,多播成员 (Multi
h5+分享到微信、朋友圈代码示例
热门推荐
m0_38073829的博客
06-29 4万+
h5微信分享
Identify and stop the process that‘s listening on port 8090 or configure this application to listen
qq_43408367的博客
09-07 836
老项目升级,按文档在五台机器组成的集群上重新部署,三台部署完毕,两台报错,查了log,有点懵逼,没启动成功。。。。16:58:46.740 [restartedMain] INFO sys-user - [shutdownAsyncManager,31] - ====关闭后台任务任务线程池====17:28:25.693 [Thread-14] INFO sys-user - [shutdownAsyncManager,31] - ====关闭后台任务任务线程池====
sys.excepthook
qq_40666620的博客
01-19 1292
之前有一篇文章来讲异常作为层序高层与底层交互的结构: 使用异常作为结构的一个例子 但是我们在python中进行实践的时候, 代码总是不够优美, 我想大多数人和我一样, 准备这样写 try: method_one() method_two() method_xxx() except Exception as e: process() 实际上python给我们准备了足够优美的方法:sys.excepthook def my_exception_hook((type, value, trace_back
Windows wmic命令之process进程管理
yetugeng的专栏
12-20 1万+
之前使用的是linux,对于进程管理特别方便,相较之下,windows的命令行管理进程就不是那么如意,随研究了一番wmic,记录如下,基本就是根据帮助文档来试验的。 wmic命令总览 C:\Users\Administrator>wmic /? WMIC 已弃用。 [全局开关] <命令> 可以使用以下全局开关: /NAMESPACE 别名在其上操作...
Erlang open_port极度影响性能的因素
Sunface撩技术
06-07 3031
Erlang的port相当于系统的IO,打开了Erlang世界通往外界的通道,可以很方便的执行外部程序。 但是open_port的性能对整个系统来讲非常的重要,我就带领大家看看open_port影响性能的因素。 首先看下open_port的文档: {spawn, Command} Starts an external program. Command is the name of the
rust构建actix-web出现error: failed to run custom build command for `miniz-sys v0.1.11`
独自登高楼 望断天涯路
04-10 5008
问题描述 在初次使用actix-web时就遇到个大坑,cargo build或者cargo run时 报错 error: failed to run custom build command for `miniz-sys v0.1.11` process didn't exit successfully: `/Users/apple/Documents/mydream/rust/my-actix-...
( ap6181_sina33m_sc3817r验证通过_20170710_1608没有外层目录.7z
07-10
# See the License for the specific language governing permissions and # limitations under the License. # -include hardware/broadcom/wlan/bcmdhd/config/config-bcm.mk WIFI_DRIVER_FW_PATH_STA := "/...
nodehttp:许多服务的HTTPS基础
03-30
安装: npm i sys-nodehttp用法: ... join ( __dirname , 'public' ) ,port : process . env . PORT || 8080 ,address : '0.0.0.0' ,} ) ;server . get ( '/api' , ( req , res ) => {res . send ( 'Hello world!' )
python3.6.5参考手册 chm
04-15
Changes to the Development Process New Issue Tracker: Roundup New Documentation Format: reStructuredText Using Sphinx PEP 343: The ‘with’ statement Writing Context Managers The contextlib module ...
种类齐全的调试与反调试,来自GitHub
12-06
- Sleep and check if time was accelerated (GetTickCount) - SetTimer (Standard Windows Timers) - timeSetEvent (Multimedia Timers) - WaitForSingleObject -> WaitForSingleObjectEx -> NtWaitForSingleObject...
Heroku报错 Web process failed to bind to $PORT within 60 seconds of launch
轻夏的博客
03-30 824
错误描述 如果设置的端口号小于1000就会报错没有权限 2022-03-29T10:23:16.651636+00:00 heroku[web.1]: State changed from crashed to starting 2022-03-29T10:23:28.994173+00:00 heroku[web.1]: Starting process with command `python /code/server3.py` 2022-03-29T10:23:30.091143+00:00 app[
windbg,in win7 ,donot output news,by default
nethm的专栏
12-16 238
Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Session Manager/Debug Print Filter] "DEFAULT"=dword:0000000f保存为  .reg文件。 运行 即可 ,如果不行可以重新启动
node-v0.10.13-sunos-x86.tar.gz
最新发布
05-16
Node.js,简称Node,是一个开源且跨平台的JavaScript运行时环境,它允许在浏览器外运行JavaScript代码。Node.js于2009年由Ryan Dahl创立,旨在创建高性能的Web服务器和网络应用程序。它基于Google Chrome的V8 JavaScript引擎,可以在Windows、Linux、Unix、Mac OS X等操作系统上运行。 Node.js的特点之一是事件驱动和非阻塞I/O模型,这使得它非常适合处理大量并发连接,从而在构建实时应用程序如在线游戏、聊天应用以及实时通讯服务时表现卓越。此外,Node.js使用了模块化的架构,通过npm(Node package manager,Node包管理器),社区成员可以共享和复用代码,极大地促进了Node.js生态系统的发展和扩张。 Node.js不仅用于服务器端开发。随着技术的发展,它也被用于构建工具链、开发桌面应用程序、物联网设备等。Node.js能够处理文件系统、操作数据库、处理网络请求等,因此,开发者可以用JavaScript编写全栈应用程序,这一点大大提高了开发效率和便捷性。 在实践中,许多大型企业和组织已经采用Node.js作为其Web应用程序的开发平台,如Netflix、PayPal和Walmart等。它们利用Node.js提高了应用性能,简化了开发流程,并且能更快地响应市场需求。
def attack(P_num,ip,port): import sys import os import time import socket import random # Code Time from datetime import datetime now = datetime.now() hour = now.hour minute = now.minute day = now.day month = now.month year = now.year sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sent=0 while True: sock.sendto(bytes, (ip, port)) sent = sent + 1 port = port + 1 print("%s Proccess Sent %s packet to %s throught port:%s" % (P_num,sent, ip, port)) if port == 65534: port = 1 if __name__ == '__main__': import os from multiprocessing import Process ip = input("IP Target : ") port = int(input("Port : ")) num=input("并行数 :") list=[] for i in range(int(num)): p=Process(target=attack,args=(i,ip,port)) list.append(p) for i in list: i.start() for i in list: i.join()
02-28
这是一个Python函数,用于进行攻击。...在函数中,导入了一些必要的Python库,包括"sys"、"os"、"time"和"socket"等。同时,还导入了"random"库,用于生成随机数。 该函数的具体实现需要看更多代码。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值