scapy学习笔记（4）简单的sniffing 嗅探

小五义 2024-10-22 13:59:50 原文

转载请注明：@小五义：http://www.cnblogs/xiaowuyi

利用sniff命令进行简单的嗅探，可以抓到一些简单的包。当不指定接口时，将对每一个接口进行嗅探，当指定接口时，仅对该接口进行。

如；

>>> sniff(filter="icmp and host 61.135.169.125",count=)

结果：

<Sniffed: TCP:0 UDP:0 ICMP:0 Other:0>

再比如对ppp0端口的嗅探：

>>> sniff(iface="ppp0",prn=lambda x:x.summary())

此时浏览一下百度，结果如下：

IP / UDP 27.214.219.76:53144 > 122.225.83.67:http / Raw
IP / UDP / DNS Qry "suggestion.baidu.com."

IP / UDP / DNS Qry "suggestion.baidu.com."

IP / UDP / DNS Ans "suggestion.a.shifen.com."

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http S

IP / UDP / DNS Ans "suggestion.a.shifen.com."

IP / ICMP / IPerror / UDPerror / DNS Ans "suggestion.a.shifen.com."

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 SA

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http PA / Raw

IP / UDP 122.225.83.67:http > 27.214.219.76:53144 / Raw

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http PA / Raw

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http S

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 SA

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http PA / Raw

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 PA / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 PA / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http S

IP / UDP / DNS Qry "t11.baidu.com."

IP / UDP / DNS Qry "t12.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http S

IP / UDP / DNS Ans "image.jomodns.com."

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http S

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http S

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http S

IP / UDP / DNS Ans "image.jomodns.com."

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http S

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 SA

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49797 SA

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49798 SA

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49799 SA

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http A

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 SA

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http A

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http PA / Raw

IP / TCP 119.188.9.118:http > 27.214.219.76:39103 SA

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http A

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 A

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 PA / Raw

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http A

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http PA / Raw

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http PA / Raw

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http PA / Raw

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http PA / Raw

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http PA / Raw

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http S

IP / UDP / DNS Qry "a.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / TCP 27.214.219.76:59062 > 119.188.9.40:http S

IP / TCP 27.214.219.76:59063 > 119.188.9.40:http S

IP / TCP 119.188.9.119:http > 27.214.219.76:49797 A

IP / TCP 119.188.9.119:http > 27.214.219.76:49797 PA / Raw

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http A

IP / TCP 27.214.219.76:38867 > 61.135.169.105:http S

IP / TCP 119.188.9.119:http > 27.214.219.76:49798 A

IP / TCP 119.188.9.119:http > 27.214.219.76:49798 PA / Raw

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49799 A

IP / TCP 119.188.9.119:http > 27.214.219.76:49799 PA / Raw

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http A

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http PA / Raw

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http S

IP / UDP / DNS Qry "api.share.baidu.com."

IP / TCP 119.188.9.118:http > 27.214.219.76:39103 A

IP / TCP 119.188.9.118:http > 27.214.219.76:39103 PA / Raw

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http A

IP / UDP / DNS Ans "asp.e.shifen.com."

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 PA / Raw

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http S

IP / TCP 27.214.219.76:53606 > 123.125.114.38:http S

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http FA

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 SA

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http A

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http PA / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59062 SA

IP / TCP 27.214.219.76:59062 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59063 SA

IP / TCP 27.214.219.76:59063 > 119.188.9.40:http A

IP / TCP 61.135.169.105:http > 27.214.219.76:38867 SA

IP / TCP 27.214.219.76:38867 > 61.135.169.105:http A

IP / UDP / DNS Ans "api.share.n.shifen.com."

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http S

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 61.135.185.194:http > 27.214.219.76:50355 SA

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http A

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http PA / Raw

IP / TCP 123.125.114.38:http > 27.214.219.76:53605 SA

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http A

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http PA / Raw

IP / TCP 123.125.114.38:http > 27.214.219.76:53606 SA

IP / TCP 27.214.219.76:53606 > 123.125.114.38:http A

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 A

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 PA / Raw

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http A

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 PA / Raw

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 61.135.162.115:http > 27.214.219.76:47655 SA

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http A

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http PA / Raw

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 FA

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http A

IP / TCP 61.135.185.194:http > 27.214.219.76:50355 A

IP / TCP 61.135.185.194:http > 27.214.219.76:50355 PA / Raw

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http A

IP / TCP 123.125.114.38:http > 27.214.219.76:53605 A

IP / TCP 123.125.114.38:http > 27.214.219.76:53605 PA / Raw

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http A

IP / TCP 61.135.162.115:http > 27.214.219.76:47655 A

IP / TCP 61.135.162.115:http > 27.214.219.76:47655 PA / Raw

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http A

IP / UDP / DNS Qry "sclick.baidu.com."

IP / UDP / DNS Qry "c.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / UDP / DNS Ans "s.a.shifen.com."

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http S

IP / UDP / DNS Ans "c.e.shifen.com."

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http S

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 27.214.219.76:56977 > 123.125.114.64:http S

IP / TCP 27.214.219.76:47157 > 123.125.115.95:http S

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 SA

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http A

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http PA / Raw

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 SA

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http A

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http PA / Raw

IP / TCP 123.125.114.64:http > 27.214.219.76:56977 SA

IP / TCP 27.214.219.76:56977 > 123.125.114.64:http A

IP / TCP 123.125.115.95:http > 27.214.219.76:47157 SA

IP / TCP 27.214.219.76:47157 > 123.125.115.95:http A

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 A

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 PA / Raw

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http A

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 FA

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http FA

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 A

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 PA / Raw

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http A

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 FA

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http FA

IP / UDP / DNS Qry "trust.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 A

IP / UDP / DNS Ans "trust.e.shifen.com."

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

^C<Sniffed: TCP:208 UDP:20 ICMP:1 Other:0>

也要以用show()来显示：

>>> sniff(iface="ppp0",prn=lambda x:x.show())

部分结果：

###[ IP ]###
version= 4L

ihl= 5L

tos= 0x0

len= 40

id= 52068

flags= DF

frag= 0L

ttl= 64

proto= tcp

chksum= 0x8151

src= 27.214.219.76

dst= 61.135.185.112

\options\

###[ TCP ]###

sport= 59617

dport= http

seq= 3932617191L

ack= 411565738

dataofs= 5L

reserved= 0L

flags= FA

window= 182

chksum= 0xee34

urgptr= 0

options= {}

^C<Sniffed: TCP:1 UDP:0 ICMP:0 Other:0>

scapy学习笔记（4）简单的sniffing 嗅探的更多相关文章

JSP学习笔记(三):简单的Tomcat Web服务器
注意:每次对Tomcat配置文件进行修改后,必须重启Tomcat 在E盘的DATA文件夹中创建TomcatDemo文件夹,并将Tomcat安装路径下的webapps/ROOT中的WEB-INF文件夹复 ...
JAVA WEB学习笔记(三):简单的基于Tomcat的Web页面
注意:每次对Tomcat配置文件进行修改后,必须重启Tomcat 在E盘的DATA文件夹中创建TomcatDemo文件夹,并将Tomcat安装路径下的webapps/ROOT中的WEB-INF文件夹复 ...
Spark学习笔记0——简单了解和技术架构
目录 Spark学习笔记0--简单了解和技术架构什么是Spark 技术架构和软件栈 Spark Core Spark SQL Spark Streaming MLlib GraphX 集群管理器受 ...
Html学习笔记(二) 简单标签
标签的重点标签的用途标签在浏览器中的默认样式 <body>标签: 在网页上显示的内容 <p>标签: 添加段落 <hx>标签: 添加标题标签一共有6个,h1.h ...
Netty学习笔记(六) 简单的聊天室功能之WebSocket客户端开发实例
在之前的Netty相关学习笔记中,学习了如何去实现聊天室的服务段,这里我们来实现聊天室的客户端,聊天室的客户端使用的是Html5和WebSocket实现,下面我们继续学习. 创建客户端接着第五个笔记 ...
scapy学习笔记（3）发送包,SYN及TCP traceroute 扫描
转载请注明:@小五义:http://www.cnblogs/xiaowuyi 在安装完scapy(前两篇笔记有介绍)后,linux环境下,执行sudo scapy运行scapy. 一.简单的发送包 1 ...
scapy学习笔记（3）
转自:@小五义:http://www.cnblogs/xiaowuyi 在安装完scapy(前两篇笔记有介绍)后,linux环境下,执行sudo scapy运行scapy. 一.简单的发送包 1.se ...
Java设计模式学习笔记(二) 简单工厂模式
前言本篇是设计模式学习笔记的其中一篇文章,如对其他模式有兴趣,可从该地址查找设计模式学习笔记汇总地址正文开始... 1. 简介简单工厂模式不属于GoF23中设计模式之一,但在软件开发中应用也较为 ...
CSS学习笔记09 简单理解BFC
引子在讲BFC之前,先来看看一个例子 <!DOCTYPE html> <html lang="en"> <head> <meta cha ...

随机推荐

华中农业大学第五届程序设计大赛网络同步赛-L
L．Happiness Chicken brother is very happy today, because he attained N pieces of biscuits whose tast ...
HDU2859(KB12-Q DP)
Phalanx Time Limit: 10000/5000 MS (Java/Others) Memory Limit: 32768/32768 K (Java/Others)Total Su ...
Code Signal_练习题_depositProfit
You have deposited a specific amount of money into your bank account. Each year your balance increas ...
Code Signal_练习题_Circle of Numbers
Consider integer numbers from 0 to n - 1 written down along the circle in such a way that the distan ...
MySql处理函数
Lower(name) 转换为小写 Upper(name)转换为大写 Substr(name,length,index):从index开始截取length个字符串 Length(name) 获取长度 ...
css 常用的几种垂直居中（包括图片）
我知道现在有非常多的水平垂直居中的写法,我就写一些我自己常用的方法,同时说明一下优缺点 <div class="wrapper"> <div class=&quo ...
8.什么是模块，模块的导入，__name__
相关内容: 什么是模块模块的导入模块的导入自模块的导入同级目录导入不同级目录导入目录内导入目录外目录外导入目录内 __name__ 首发时间:2018-02-04 15:23 修改: 2 ...
CSS样式----css样式表和选择器（图文详解）
本文最初于2015-10-03发表于博客园,并在GitHub上持续更新前端的系列文章.欢迎在GitHub上关注我,一起入门和进阶前端. 本文主要内容 CSS概述 CSS和HTML结合的三种方式:行内样 ...
c#考勤统计
现在项目需求,需要从多张表中获取数据,组装到一个实体对象中,并通过计算统计出每个员工的考勤记录.(全凭自己思考做的,不足的地方希望各位大神指正!毕竟自己能力有限,思考不全) 考勤统计列表: 明细列表: ...
MariaDB数据表操作实例
1. MariaDB 数据库操作实例 MariaDB>create database class; //创建class数据库 MariaDB>use class; MariaDB>c ...