socket是网络编程中必要的模块,在我们日常运维中,我们也可以来实现我们一些功能,比如写一个不复杂的基于client/server架构的数据收集程序等,但今天我们不是讲如何网络编程,因为网络编程的概念太过庞大,这不是我们一篇文章能讲清楚的,希望往这方面发展的朋友我可以推荐你先把TCP/IP卷看看,建议至少要看3遍(这是我当时的的次数,如果有时间建议多看几遍),然后可以看下unix网络编程,好了,说远了,现在我们回到正题,看看如何用socket模块来扫描机器开放的端口,按惯例,先上代码:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
#!/usr/bin/env python import socket import subprocess import sys from datetime import datetime subprocess.call('clear', shell=True) remoteServer = raw_input("Enter a remote host to scan: ") remoteServerIP = socket.gethostbyname(remoteServer) print "-" * 60 print "Please wait, scanning remote host", remoteServerIP print "-" * 60 t1 = datetime.now() try: for port in range(1,1024): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) result = sock.connect_ex((remoteServerIP, port)) if result == 0: print "Port {0}: Open".format(port) sock.close() except KeyboardInterrupt: print "You pressed Ctrl+C" sys.exit() except socket.gaierror: print 'Hostname could not be resolved. Exiting' sys.exit() except socket.error: print "Couldn't connect to server" sys.exit() t2 = datetime.now() total = t2 - t1 print 'Scanning Completed in: ', total |
脚本解释,前几行导入必要的模块,这些模块都是之前我们介绍过的,不多说了,然后是让用户输入要扫描的机器,显示标题,try这部分是核心,socket.socket(socket.AF_INET, socket.SOCK_STREAM)中socket.AF_INET,表示网络地址族,socket.SOCK_STREAM表示是用TCP,sock.connect_ex()与connect(address, port)作用相同,但是成功返回0,失败返回errno的值,如果成功就打印到终端,脚本其余部分就是判断异常了,最后输入扫描该机器一共花费了多次时间,脚本结束。