本文整理汇总了Python中scapy.sendrecv.sr1方法的典型用法代码示例。如果您正苦于以下问题:Python sendrecv.sr1方法的具体用法?Python sendrecv.sr1怎么用?Python sendrecv.sr1使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类scapy.sendrecv的用法示例。
在下文中一共展示了sendrecv.sr1方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: checkMPTCPSupportViaRST
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def checkMPTCPSupportViaRST(port,target,timeout,localIP,MpCapAlreadyPassed=False):
MpCapPassed = MpCapAlreadyPassed
#TODO: Abstract this out more elegantly so i dont repeat code from elsewhere
if not MpCapPassed:
pkt = makeMPCapableSyn(localIP, port, target)
response=sr1(pkt,timeout=timeout)
if response and getMpOption(pkt.getlayer("TCP")) is not None:
MpCapPassed = True
if MpCapPassed:
pkt = makeJoinSyn(localIP, port, target)
response=sr1(pkt,timeout=timeout)
#TODO: Add checks for other types of response (such as ICMP)
#TODO: Make this clearer
#Check for the flag with a mask
print response.getlayer("TCP").flags
if (0x04 & response.getlayer("TCP").flags) == 0x04:
print "RST Test indicates MPTCP support"
return True
else:
print "RST Test indicates host doesn't understand MPTCP"
return False 示例2: dyndns_add
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def dyndns_add(nameserver, name, rdata, type="A", ttl=10):
"""Send a DNS add message to a nameserver for "name" to have a new "rdata"
dyndns_add(nameserver, name, rdata, type="A", ttl=10) -> result code (0=ok)
example: dyndns_add("ns1.toto.com", "dyn.toto.com", "127.0.0.1")
RFC2136
"""
zone = name[name.find(".") + 1:]
r = sr1(IP(dst=nameserver) / UDP() / DNS(opcode=5,
qd=[DNSQR(qname=zone, qtype="SOA")], # noqa: E501
ns=[DNSRR(rrname=name, type="A",
ttl=ttl, rdata=rdata)]),
verbose=0, timeout=5)
if r and r.haslayer(DNS):
return r.getlayer(DNS).rcode
else:
return -1 示例3: dyndns_del
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def dyndns_del(nameserver, name, type="ALL", ttl=10):
"""Send a DNS delete message to a nameserver for "name"
dyndns_del(nameserver, name, type="ANY", ttl=10) -> result code (0=ok)
example: dyndns_del("ns1.toto.com", "dyn.toto.com")
RFC2136
"""
zone = name[name.find(".") + 1:]
r = sr1(IP(dst=nameserver) / UDP() / DNS(opcode=5,
qd=[DNSQR(qname=zone, qtype="SOA")], # noqa: E501
ns=[DNSRR(rrname=name, type=type,
rclass="ANY", ttl=0, rdata="")]), # noqa: E501
verbose=0, timeout=5)
if r and r.haslayer(DNS):
return r.getlayer(DNS).rcode
else:
return -1 示例4: fragleak2
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def fragleak2(target, timeout=0.4, onlyasc=0, count=None):
found = {}
try:
while count is None or count:
if count is not None and isinstance(count, int):
count -= 1
pkt = IP(dst=target, options=b"\x00" * 40, proto=200)
pkt /= "XXXXYYYYYYYYYYYY"
p = sr1(pkt, timeout=timeout, verbose=0)
if not p:
continue
if conf.padding_layer in p:
leak = p[conf.padding_layer].load
if leak not in found:
found[leak] = None
linehexdump(leak, onlyasc=onlyasc)
except Exception:
pass 示例5: fragleak2
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def fragleak2(target, timeout=0.4, onlyasc=0):
found={}
try:
while 1:
p = sr1(IP(dst=target, options="\x00"*40, proto=200)/"XXXXYYYYYYYYYYYY",timeout=timeout,verbose=0)
if not p:
continue
if Padding in p:
leak = p[Padding].load
if leak not in found:
found[leak]=None
linehexdump(leak,onlyasc=onlyasc)
except:
pass 示例6: fragleak2
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def fragleak2(target, timeout=0.4, onlyasc=0):
found={}
try:
while 1:
p = sr1(IP(dst=target, options="\x00"*40, proto=200)/"XXXXYYYYYYYYYYYY",timeout=timeout,verbose=0)
if not p:
continue
if conf.padding_layer in p:
leak = p[conf.padding_layer].load
if leak not in found:
found[leak]=None
linehexdump(leak,onlyasc=onlyasc)
except:
pass 示例7: joinScan
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def joinScan(targetIPList,portList,localIP,reuseRandoms=False,timeout=None):
#TODO: Add return details
#TODO: Decide where this fits in the workflow, after an open TCP port maybe?
#TODO: Decide how we want to handle the return values from this
raise NotImplementedError
#The option to reuse random numbers for "increased speed"
if reuseRandoms:
sourceAddr = localIP
sport = randintb(16)
initSeq = randintb(32)
if timeout is None: timeout=5
for targetIP in targetIPList:
for port in portList:
#First send a packet and see if we get a TCP response
pkt = makeMPCapableSyn(localIP,port,targetIP)
response=sr1(pkt,timeout=timeout)
if response is not None:
#if we do then send an invalid MPTCP join and see if we get a RST
pkt = makeJoinSyn(sourceAddr, port, targetIP)
response2=sr1(pkt,timeout=timeout)
#If we get a RST then we know this host supports MPTCP
if response2 is None:
print "Target supports MPTCP but is being shifty"
#If we get a normal TCP reply we know it doesn't
else:
mpopt = getMpOption(pkt.getlayer("TCP"))
if mpopt is None:
print "We have a normal TCP packet here"
else:
print "This header contains the following MPTCP options:",
for mpo in mpopt:
print mpo.name
#If we get an MPACK then the host is HORRIBLY broken somehow
else:
#If we don't then this is just a vanilla TCP
print "The host seems down?" 示例8: snmpwalk
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def snmpwalk(dst, oid="1", community="public"):
try:
while True:
r = sr1(IP(dst=dst) / UDP(sport=RandShort()) / SNMP(community=community, PDU=SNMPnext(varbindlist=[SNMPvarbind(oid=oid)])), timeout=2, chainCC=1, verbose=0, retry=2) # noqa: E501
if r is None:
print("No answers")
break
if ICMP in r:
print(repr(r))
break
print("%-40s: %r" % (r[SNMPvarbind].oid.val, r[SNMPvarbind].value))
oid = r[SNMPvarbind].oid
except KeyboardInterrupt:
pass 示例9: defaultScan
# 需要导入模块: from scapy import sendrecv [as 别名]
# 或者: from scapy.sendrecv import sr1 [as 别名]
def defaultScan(targetIPList,portList,localIP=None,checkHostUp=True,reuseRandoms=False,timeout=None):
#The option to reuse random numbers for "increased speed"
if reuseRandoms:
sourcAddr = localIP
sport = randintb(16)
initSeq = randintb(32)
if timeout is None: timeout=5
#Form of results
# results = {"targetIP":
# [{"porta","ResponseType"},
# {"porta","ResponseType"},
# {"porta","ResponseType"}
# ]
# }
results = {}
for targetIP in targetIPList:
print "Testing:", targetIP,
localIP = localIP if localIP else get_local_ip_address(targetIP)
gatewayIP = Route().route(str(targetIP))[2]
if checkHostUp and gatewayIP == '0.0.0.0':
print "... on local network...",
arpadd = getmacbyip(str(targetIP))
if arpadd == None:
print " not got MAC, skipping"
continue
if arpadd == "ff:ff:ff:ff:ff:ff":
print "This appears to be localhost?"
else:
print " at ARP:", arpadd
else:
print "Via", gatewayIP, " Not on local network"
for port in portList:
pkt = makeMPCapableSyn(localIP,port,targetIP)
response=sr1(pkt,timeout=timeout)
if response is None:
pass
#print "No pkt received from ", targetIP,":", port
else:
processedResponse = processResponsePacketSimple(response,targetIP,localIP,port,timeout)
if targetIP in results:
if processedResponse is not None: results[targetIP].append(processedResponse)
else:
if processedResponse is not None: results[targetIP] = [processedResponse]
#if True or port % 100 == 0:
# print "\n\tChecking port: ", port
return results