一 、 编写客户端服务器脚本(python)
服务器端:
import socket
s=socket.socket() #创建socket对象
s.bind(('127.0.0.1',5566)) #ip地址和端口号
s.listen(5)
cs,address = s.accept() #cs是新的socket对象
print 'got connected from',address
#cs.send('done')
ra=cs.recv(512)
print ra
cs.close()
客户端:
import socket
s=socket.socket()
s.connect(('127.0.0.1',5566)) #与服务器程序ip地址和端口号相同
s.send('client')
#data=s.recv(512)
s.close()
#print 'the data received is',data
参考资料: http://blog.csdn.net/linda1000/article/details/11474881
关键字: send和recv方法 ; socket 套件
二、 wireshark抓包
Wireshark抓本机包,windows下,在命令行中输入以下语句:
route add 192.168.1.106 mask 255.255.255.255 192.168.1.1metric 1
其中,192.168.1.106是本机ip, 192.168.1.1是路由网关。其他都不变。
删除请求命令:add ---delete 后面metric1删除
参考资料:http://blog.csdn.net/neomc/article/details/6376891
三、lua 解析自定义协议
参考资料:用lua语言编写Wireshark插件解析自定义协议.doc(百度文库)
1.wireshark 安装目录下修改 init.lua
2.wireshark 安装目录下新增test.lua文档 内容如下:
#定义协议字段,解释器dissector --requie "dll" ---自定义协议hstproto hstproto = Proto("hstProto","My Protocol for hst user","My Self-defined Protocol") --定义包头字段 local f_wPacketSize = ProtoField.uint16("wPacketSize", "PacketSize",base.DEC) local f_wDstSessionID = ProtoField.uint16("wDstSessionID", "DstSessionID") local f_bPacketType = ProtoField.uint8("bPacketType", "PacketType",base.DEC,{ [1] = "QueryRequest",[2] = "SESSIONACK", [3] = "SESSIONBYE", [4] = "SESSIONREREQ",[5] = "DATAACK", [6] = "ACTIVE",[7] = "PING",[8] = "PINGREP",[0] = "DATA"},0xf0) local f_bVersion = ProtoField.uint8("bVersion", "Version",base.DEC,Version,0x0f) --定义req报文字段 local f_bSessionType = ProtoField.uint8("bSessionType", "SessionType",base.DEC,SessionType,0x0f) local f_bSecurityCount = ProtoField.uint8("bSecurityCount", "SecurityCount",base.DEC,SecurityCount,0xf0) local f_wApplictionID = ProtoField.uint16("wApplictionID", "ApplictionID") local f_wSrcSessionID = ProtoField.uint16("wSrcSessionID", "SrcSessionID") local f_bSecurityTypes = ProtoField.uint8("bSecurityTypes", "SecurityTypes") --定义ACK报文字段 local f_bAck = ProtoField.uint8("bAck", "Ack",base.DEC,Ack,0x0f) local f_bSecurityType = ProtoField.uint8("bSecurityType", "SecurityType",base.DEC,SecurityType,0xf0) local f_wAckSeqnum = ProtoField.uint16("wAckSeqnum", "AckSeqnum") --定义DATAACK报文字段 local f_bAckType = ProtoField.uint8("bAckType", "AckType",base.DEC,AckType,0x0f) local f_bReserved = ProtoField.uint8("bReserved", "Reserved",base.DEC,Reserved,0xf0) --定义ping/pingrep报文字段 local f_dwDestIP = ProtoField.uint32("dwDestIP", "DestIP") local f_dwTimeStamp = ProtoField.uint32("dwTimeStamp", "TimeStamp") --定义DATA报文 local f_wSeqnum = ProtoField.uint16("wSeqnum", "Seqnum") local f_wData = ProtoField.bytes("wData", "Data") --定义分区字段 local f_Header = ProtoField.bytes("f_Header","Message Header") local f_body = ProtoField.bytes("f_body","Message Body") ---字段到添加协议中 hstproto.fields = { f_wPacketSize, f_wDstSessionID, f_bVersion, f_bPacketType,f_bSecurityTypes,f_bSessionType,f_bSecurityCount,f_bAck,f_bSecurityType, f_wSrcSessionID,f_wApplictionID,f_wAckSeqnum,f_bAckType,f_bReserved,f_dwDestIP,f_dwTimeStamp,f_wSeqnum,f_wData} ---定义解析器 function hstproto.dissector(buffer,pinfo,tree) pinfo.cols.protocol:set("hstProto") pinfo.cols.info:set("This is hstProto data") local buffer_len = buffer:len() local myProtoTree = tree:add(hstproto, buffer(0, buffer_len), "Following is fsmeeting Data") ---------- 分离通用包头----------- local offset = 0 local myHeadTree = myProtoTree:add("Message Header") myHeadTree:add(f_wPacketSize, buffer(offset,2)) local PacketSize = buffer(offset,2):int() offset = offset + 2 myHeadTree:add_le(f_wDstSessionID, buffer(offset,2)) offset = offset + 2 myHeadTree:add_le(f_bPacketType, buffer(offset,1)) local bPacketType = buffer(offset,1):bitfield(0,4) myHeadTree:add_le(f_bVersion, buffer(offset,1)) offset = offset + 1 -------------分离协议报文------------ local myBodyTree = myProtoTree:add("Message Body") --解析req报文 if bPacketType == 1 then myBodyTree:add_le(f_bSessionType, buffer(offset,1)) myBodyTree:add_le(f_bSecurityCount, buffer(offset,1)) offset = offset + 1 myBodyTree:add_le(f_wApplictionID, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_bSecurityTypes, buffer(offset,buffer_len-offset)) pinfo.cols.info:set("This is hstProto data:SESSIONREQ") --解析ACK报文 elseif bPacketType == 2 then myBodyTree:add_le(f_bAck, buffer(offset,1)) myBodyTree:add_le(f_bSecurityType, buffer(offset,1)) offset = offset + 1 myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2)) --offset = offset + 2 pinfo.cols.info:set("This is hstProto data:SESSIONACK") --解析REREQ报文 elseif bPacketType == 4 then myBodyTree:add_le(f_bSessionType, buffer(offset,1)) myBodyTree:add_le(f_bSecurityType, buffer(offset,1)) offset = offset + 1 myBodyTree:add_le(f_wApplictionID, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2)) --offset = offset + 2 pinfo.cols.info:set("This is hstProto data:SESSIONREREQ") --解析DATAACK报文 elseif bPacketType == 5 then myBodyTree:add_le(f_bAckType, buffer(offset,1)) myBodyTree:add_le(f_bReserved, buffer(offset,1)) offset = offset + 1 myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2)) --offset = offset + 2 pinfo.cols.info:set("This is hstProto data:SESSIONDATAACK") --解析ping报文 elseif bPacketType == 7 then myBodyTree:add_le(f_dwDestIP, buffer(offset,4)) offset = offset + 4 myBodyTree:add_le(f_dwTimeStamp, buffer(offset,4)) --offset = offset + 4 pinfo.cols.info:set("This is hstProto data:SESSIONPING") --解析pingrep报文 elseif bPacketType == 8 then myBodyTree:add_le(f_dwDestIP, buffer(offset,4)) offset = offset + 4 myBodyTree:add_le(f_dwTimeStamp, buffer(offset,4)) --offset = offset + 4 pinfo.cols.info:set("This is hstProto data:SESSIONPINGREQ") --解析bye报文 elseif bPacketType == 3 then pinfo.cols.info:set("This is hstProto data:SESSIONBYE") --解析Active报文 elseif bPacketType == 6 then pinfo.cols.info:set("This is hstProto data:SESSIONACTIVE") --解析data报文 elseif (bPacketType == 0 and buffer_len == PacketSize) then pinfo.cols.info:set("This is hstProto data:SESSIONDATARELIABLE") myBodyTree:add_le(f_wSeqnum, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_wData,buffer(offset,buffer_len-offset)) elseif (bPacketType == 0 and pinfo.len < PacketSize) then pinfo.cols.info:set("This is hstProto data:SESSIONDATARELIABLE segement") myBodyTree:add_le(f_wSeqnum, buffer(offset,2)) offset = offset + 2 myBodyTree:add_le(f_wData,buffer(offset,buffer_len-offset)) end end local tcp_port_table = DissectorTable.get("tcp.port") local my_port = 1089 tcp_port_table:add(my_port, hstproto)
