scapy学习笔记（4）简单的sniffing 嗅探

小五义 2024-10-22 13:59:50 原文

转载请注明：@小五义：http://www.cnblogs/xiaowuyi

利用sniff命令进行简单的嗅探，可以抓到一些简单的包。当不指定接口时，将对每一个接口进行嗅探，当指定接口时，仅对该接口进行。

如；

>>> sniff(filter="icmp and host 61.135.169.125",count=)

结果：

<Sniffed: TCP:0 UDP:0 ICMP:0 Other:0>

再比如对ppp0端口的嗅探：

>>> sniff(iface="ppp0",prn=lambda x:x.summary())

此时浏览一下百度，结果如下：

IP / UDP 27.214.219.76:53144 > 122.225.83.67:http / Raw
IP / UDP / DNS Qry "suggestion.baidu.com."

IP / UDP / DNS Qry "suggestion.baidu.com."

IP / UDP / DNS Ans "suggestion.a.shifen.com."

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http S

IP / UDP / DNS Ans "suggestion.a.shifen.com."

IP / ICMP / IPerror / UDPerror / DNS Ans "suggestion.a.shifen.com."

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 SA

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http PA / Raw

IP / UDP 122.225.83.67:http > 27.214.219.76:53144 / Raw

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http PA / Raw

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http S

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 SA

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http PA / Raw

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 PA / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 A / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 61.135.169.125:http > 27.214.219.76:45639 PA / Raw

IP / TCP 27.214.219.76:45639 > 61.135.169.125:http A

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http S

IP / UDP / DNS Qry "t11.baidu.com."

IP / UDP / DNS Qry "t12.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http S

IP / UDP / DNS Ans "image.jomodns.com."

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http S

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http S

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http S

IP / UDP / DNS Ans "image.jomodns.com."

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http S

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 SA

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49797 SA

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49798 SA

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49799 SA

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http A

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 SA

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http A

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http PA / Raw

IP / TCP 119.188.9.118:http > 27.214.219.76:39103 SA

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http A

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 A

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 PA / Raw

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http A

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http PA / Raw

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http PA / Raw

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http PA / Raw

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http PA / Raw

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http PA / Raw

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http S

IP / UDP / DNS Qry "a.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / TCP 27.214.219.76:59062 > 119.188.9.40:http S

IP / TCP 27.214.219.76:59063 > 119.188.9.40:http S

IP / TCP 119.188.9.119:http > 27.214.219.76:49797 A

IP / TCP 119.188.9.119:http > 27.214.219.76:49797 PA / Raw

IP / TCP 27.214.219.76:49797 > 119.188.9.119:http A

IP / TCP 27.214.219.76:38867 > 61.135.169.105:http S

IP / TCP 119.188.9.119:http > 27.214.219.76:49798 A

IP / TCP 119.188.9.119:http > 27.214.219.76:49798 PA / Raw

IP / TCP 27.214.219.76:49798 > 119.188.9.119:http A

IP / TCP 119.188.9.119:http > 27.214.219.76:49799 A

IP / TCP 119.188.9.119:http > 27.214.219.76:49799 PA / Raw

IP / TCP 27.214.219.76:49799 > 119.188.9.119:http A

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http PA / Raw

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http S

IP / UDP / DNS Qry "api.share.baidu.com."

IP / TCP 119.188.9.118:http > 27.214.219.76:39103 A

IP / TCP 119.188.9.118:http > 27.214.219.76:39103 PA / Raw

IP / TCP 27.214.219.76:39103 > 119.188.9.118:http A

IP / UDP / DNS Ans "asp.e.shifen.com."

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 PA / Raw

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http S

IP / TCP 27.214.219.76:53606 > 123.125.114.38:http S

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http FA

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 SA

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http A

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http PA / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59062 SA

IP / TCP 27.214.219.76:59062 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59063 SA

IP / TCP 27.214.219.76:59063 > 119.188.9.40:http A

IP / TCP 61.135.169.105:http > 27.214.219.76:38867 SA

IP / TCP 27.214.219.76:38867 > 61.135.169.105:http A

IP / UDP / DNS Ans "api.share.n.shifen.com."

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http S

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 123.125.114.101:http > 27.214.219.76:37968 PA / Raw

IP / TCP 27.214.219.76:37968 > 123.125.114.101:http A

IP / TCP 61.135.185.194:http > 27.214.219.76:50355 SA

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http A

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http PA / Raw

IP / TCP 123.125.114.38:http > 27.214.219.76:53605 SA

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http A

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http PA / Raw

IP / TCP 123.125.114.38:http > 27.214.219.76:53606 SA

IP / TCP 27.214.219.76:53606 > 123.125.114.38:http A

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 A

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 PA / Raw

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http A

IP / TCP 61.135.169.105:http > 27.214.219.76:38864 PA / Raw

IP / TCP 27.214.219.76:38864 > 61.135.169.105:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 61.135.162.115:http > 27.214.219.76:47655 SA

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http A

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http PA / Raw

IP / TCP 60.55.35.47:http > 27.214.219.76:55193 FA

IP / TCP 27.214.219.76:55193 > 60.55.35.47:http A

IP / TCP 61.135.185.194:http > 27.214.219.76:50355 A

IP / TCP 61.135.185.194:http > 27.214.219.76:50355 PA / Raw

IP / TCP 27.214.219.76:50355 > 61.135.185.194:http A

IP / TCP 123.125.114.38:http > 27.214.219.76:53605 A

IP / TCP 123.125.114.38:http > 27.214.219.76:53605 PA / Raw

IP / TCP 27.214.219.76:53605 > 123.125.114.38:http A

IP / TCP 61.135.162.115:http > 27.214.219.76:47655 A

IP / TCP 61.135.162.115:http > 27.214.219.76:47655 PA / Raw

IP / TCP 27.214.219.76:47655 > 61.135.162.115:http A

IP / UDP / DNS Qry "sclick.baidu.com."

IP / UDP / DNS Qry "c.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / UDP / DNS Ans "s.a.shifen.com."

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http S

IP / UDP / DNS Ans "c.e.shifen.com."

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http S

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A / Raw

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

IP / TCP 27.214.219.76:56977 > 123.125.114.64:http S

IP / TCP 27.214.219.76:47157 > 123.125.115.95:http S

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 SA

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http A

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http PA / Raw

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 SA

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http A

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http PA / Raw

IP / TCP 123.125.114.64:http > 27.214.219.76:56977 SA

IP / TCP 27.214.219.76:56977 > 123.125.114.64:http A

IP / TCP 123.125.115.95:http > 27.214.219.76:47157 SA

IP / TCP 27.214.219.76:47157 > 123.125.115.95:http A

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 A

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 PA / Raw

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http A

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 FA

IP / TCP 27.214.219.76:47154 > 123.125.115.95:http FA

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 A

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 PA / Raw

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http A

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 FA

IP / TCP 27.214.219.76:56976 > 123.125.114.64:http FA

IP / UDP / DNS Qry "trust.baidu.com."

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http PA / Raw

IP / TCP 123.125.115.95:http > 27.214.219.76:47154 A

IP / UDP / DNS Ans "trust.e.shifen.com."

IP / TCP 123.125.114.64:http > 27.214.219.76:56976 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 A

IP / TCP 119.188.9.40:http > 27.214.219.76:59056 PA / Raw

IP / TCP 27.214.219.76:59056 > 119.188.9.40:http A

^C<Sniffed: TCP:208 UDP:20 ICMP:1 Other:0>

也要以用show()来显示：

>>> sniff(iface="ppp0",prn=lambda x:x.show())

部分结果：

###[ IP ]###
version= 4L

ihl= 5L

tos= 0x0

len= 40

id= 52068

flags= DF

frag= 0L

ttl= 64

proto= tcp

chksum= 0x8151

src= 27.214.219.76

dst= 61.135.185.112

\options\

###[ TCP ]###

sport= 59617

dport= http

seq= 3932617191L

ack= 411565738

dataofs= 5L

reserved= 0L

flags= FA

window= 182

chksum= 0xee34

urgptr= 0

options= {}

^C<Sniffed: TCP:1 UDP:0 ICMP:0 Other:0>

scapy学习笔记（4）简单的sniffing 嗅探的更多相关文章

JSP学习笔记(三):简单的Tomcat Web服务器
注意:每次对Tomcat配置文件进行修改后,必须重启Tomcat 在E盘的DATA文件夹中创建TomcatDemo文件夹,并将Tomcat安装路径下的webapps/ROOT中的WEB-INF文件夹复 ...
JAVA WEB学习笔记(三):简单的基于Tomcat的Web页面
注意:每次对Tomcat配置文件进行修改后,必须重启Tomcat 在E盘的DATA文件夹中创建TomcatDemo文件夹,并将Tomcat安装路径下的webapps/ROOT中的WEB-INF文件夹复 ...
Spark学习笔记0——简单了解和技术架构
目录 Spark学习笔记0--简单了解和技术架构什么是Spark 技术架构和软件栈 Spark Core Spark SQL Spark Streaming MLlib GraphX 集群管理器受 ...
Html学习笔记(二) 简单标签
标签的重点标签的用途标签在浏览器中的默认样式 <body>标签: 在网页上显示的内容 <p>标签: 添加段落 <hx>标签: 添加标题标签一共有6个,h1.h ...
Netty学习笔记(六) 简单的聊天室功能之WebSocket客户端开发实例
在之前的Netty相关学习笔记中,学习了如何去实现聊天室的服务段,这里我们来实现聊天室的客户端,聊天室的客户端使用的是Html5和WebSocket实现,下面我们继续学习. 创建客户端接着第五个笔记 ...
scapy学习笔记（3）发送包,SYN及TCP traceroute 扫描
转载请注明:@小五义:http://www.cnblogs/xiaowuyi 在安装完scapy(前两篇笔记有介绍)后,linux环境下,执行sudo scapy运行scapy. 一.简单的发送包 1 ...
scapy学习笔记（3）
转自:@小五义:http://www.cnblogs/xiaowuyi 在安装完scapy(前两篇笔记有介绍)后,linux环境下,执行sudo scapy运行scapy. 一.简单的发送包 1.se ...
Java设计模式学习笔记(二) 简单工厂模式
前言本篇是设计模式学习笔记的其中一篇文章,如对其他模式有兴趣,可从该地址查找设计模式学习笔记汇总地址正文开始... 1. 简介简单工厂模式不属于GoF23中设计模式之一,但在软件开发中应用也较为 ...
CSS学习笔记09 简单理解BFC
引子在讲BFC之前,先来看看一个例子 <!DOCTYPE html> <html lang="en"> <head> <meta cha ...

随机推荐

linux7 安装GitLab
1.安装Linux虚拟机-- 安装后配置a.停止防火墙# systemctl stop firewalld.service# systemctl disable firewalld.service# ...
php解释命令行的参数
php cli模式下,可以用$argc, $argv来读取所有的参数以及个数,如: ghostwu@ghostwu:~/php/php1/1$ cat go1 #!/usr/bin/php <? ...
PHP中类和对象的相关函数
class_exists 判断一个类是否存在,参数为一个名字! interface_exists 判断一个接口是否存在,参数也是为一个名字! method_exists 判断一个方法是否存在! 需要两 ...
eclipse导入web项目报错
主要是用svn Checkout一个web项目,然后导入eclipse中运行.正常情况应该是没什么问题的,但是有时候也会有点题.是看了别人的博客之后,确实解决了问题,就记录一下.因为很多坑,要自己掉过 ...
vs中nuget命令的用法
一.安装 1.安装指定版本类库install-package <程序包名> -version <版本号> ( 注意:-version <版本号> 可以 ...
nodejs设置NODE_ENV环境变量（2）
引的人家的,原文地址:http://sorex.cnblogs.com/p/6200940.html 环境变量环境变量是操作系统运行环境的一些参数.在开发环境或者部署环境中都需要使用到.本文讲述了使 ...
Swagger使用教程 SwashbuckleEx
一.前言自从之前写了一篇<Webapi文档描述-swagger优化>这篇文章后,欠了大家一篇使用文档的说明,现在给大家补上哈. 二.环境 .Net Framework 4.5 WebAp ...
转：stack
数据结构C#版笔记--堆栈(Stack) 堆栈(Stack)最明显的特征就是“先进后出”,本质上讲堆栈也是一种线性结构,符合线性结构的基本特点:即每个节点有且只有一个前驱节点和一个后续节点. 相对 ...
Python中则正则表达式
http://blog.csdn.net/carolzhang8406/article/details/6335072 http://www.iteedu.com/plang/python/pyred ...
【转】Java学习---集合框架那些事
[原文]https://www.toutiao.com/i6593220692525711885/ Arraylist 与 LinkedList 异同 1. 是否保证线程安全: ArrayList 和 ...