一 、 编写客户端服务器脚本(python)
服务器端:
import socket
s=socket.socket() #创建socket对象
s.bind(('127.0.0.1',5566)) #ip地址和端口号
s.listen(5)
cs,address = s.accept() #cs是新的socket对象
print 'got connected from',address
#cs.send('done')
ra=cs.recv(512)
print ra
cs.close()
客户端:
import socket
s=socket.socket()
s.connect(('127.0.0.1',5566)) #与服务器程序ip地址和端口号相同
s.send('client')
#data=s.recv(512)
s.close()
#print 'the data received is',data
参考资料: http://blog.csdn.net/linda1000/article/details/11474881
关键字: send和recv方法 ; socket 套件
二、 wireshark抓包
Wireshark抓本机包,windows下,在命令行中输入以下语句:
route add 192.168.1.106 mask 255.255.255.255 192.168.1.1metric 1
其中,192.168.1.106是本机ip, 192.168.1.1是路由网关。其他都不变。
删除请求命令:add ---delete 后面metric1删除
参考资料:http://blog.csdn.net/neomc/article/details/6376891
三、lua 解析自定义协议
参考资料:用lua语言编写Wireshark插件解析自定义协议.doc(百度文库)
1.wireshark 安装目录下修改 init.lua
2.wireshark 安装目录下新增test.lua文档 内容如下:
#定义协议字段,解释器dissector
--requie "dll"
---自定义协议hstproto
hstproto = Proto("hstProto","My Protocol for hst user","My Self-defined Protocol")
--定义包头字段
local f_wPacketSize = ProtoField.uint16("wPacketSize", "PacketSize",base.DEC)
local f_wDstSessionID = ProtoField.uint16("wDstSessionID", "DstSessionID")
local f_bPacketType = ProtoField.uint8("bPacketType", "PacketType",base.DEC,{ [1] = "QueryRequest",[2] = "SESSIONACK", [3] = "SESSIONBYE", [4] = "SESSIONREREQ",[5] = "DATAACK",
[6] = "ACTIVE",[7] = "PING",[8] = "PINGREP",[0] = "DATA"},0xf0)
local f_bVersion = ProtoField.uint8("bVersion", "Version",base.DEC,Version,0x0f)
--定义req报文字段
local f_bSessionType = ProtoField.uint8("bSessionType", "SessionType",base.DEC,SessionType,0x0f)
local f_bSecurityCount = ProtoField.uint8("bSecurityCount", "SecurityCount",base.DEC,SecurityCount,0xf0)
local f_wApplictionID = ProtoField.uint16("wApplictionID", "ApplictionID")
local f_wSrcSessionID = ProtoField.uint16("wSrcSessionID", "SrcSessionID")
local f_bSecurityTypes = ProtoField.uint8("bSecurityTypes", "SecurityTypes")
--定义ACK报文字段
local f_bAck = ProtoField.uint8("bAck", "Ack",base.DEC,Ack,0x0f)
local f_bSecurityType = ProtoField.uint8("bSecurityType", "SecurityType",base.DEC,SecurityType,0xf0)
local f_wAckSeqnum = ProtoField.uint16("wAckSeqnum", "AckSeqnum")
--定义DATAACK报文字段
local f_bAckType = ProtoField.uint8("bAckType", "AckType",base.DEC,AckType,0x0f)
local f_bReserved = ProtoField.uint8("bReserved", "Reserved",base.DEC,Reserved,0xf0)
--定义ping/pingrep报文字段
local f_dwDestIP = ProtoField.uint32("dwDestIP", "DestIP")
local f_dwTimeStamp = ProtoField.uint32("dwTimeStamp", "TimeStamp")
--定义DATA报文
local f_wSeqnum = ProtoField.uint16("wSeqnum", "Seqnum")
local f_wData = ProtoField.bytes("wData", "Data")
--定义分区字段
local f_Header = ProtoField.bytes("f_Header","Message Header")
local f_body = ProtoField.bytes("f_body","Message Body")
---字段到添加协议中
hstproto.fields = { f_wPacketSize, f_wDstSessionID, f_bVersion, f_bPacketType,f_bSecurityTypes,f_bSessionType,f_bSecurityCount,f_bAck,f_bSecurityType,
f_wSrcSessionID,f_wApplictionID,f_wAckSeqnum,f_bAckType,f_bReserved,f_dwDestIP,f_dwTimeStamp,f_wSeqnum,f_wData}
---定义解析器
function hstproto.dissector(buffer,pinfo,tree)
pinfo.cols.protocol:set("hstProto")
pinfo.cols.info:set("This is hstProto data")
local buffer_len = buffer:len()
local myProtoTree = tree:add(hstproto, buffer(0, buffer_len), "Following is fsmeeting Data")
---------- 分离通用包头-----------
local offset = 0
local myHeadTree = myProtoTree:add("Message Header")
myHeadTree:add(f_wPacketSize, buffer(offset,2))
local PacketSize = buffer(offset,2):int()
offset = offset + 2
myHeadTree:add_le(f_wDstSessionID, buffer(offset,2))
offset = offset + 2
myHeadTree:add_le(f_bPacketType, buffer(offset,1))
local bPacketType = buffer(offset,1):bitfield(0,4)
myHeadTree:add_le(f_bVersion, buffer(offset,1))
offset = offset + 1
-------------分离协议报文------------
local myBodyTree = myProtoTree:add("Message Body")
--解析req报文
if bPacketType == 1 then
myBodyTree:add_le(f_bSessionType, buffer(offset,1))
myBodyTree:add_le(f_bSecurityCount, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wApplictionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_bSecurityTypes, buffer(offset,buffer_len-offset))
pinfo.cols.info:set("This is hstProto data:SESSIONREQ")
--解析ACK报文
elseif bPacketType == 2 then
myBodyTree:add_le(f_bAck, buffer(offset,1))
myBodyTree:add_le(f_bSecurityType, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2))
--offset = offset + 2
pinfo.cols.info:set("This is hstProto data:SESSIONACK")
--解析REREQ报文
elseif bPacketType == 4 then
myBodyTree:add_le(f_bSessionType, buffer(offset,1))
myBodyTree:add_le(f_bSecurityType, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wApplictionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wSrcSessionID, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2))
--offset = offset + 2
pinfo.cols.info:set("This is hstProto data:SESSIONREREQ")
--解析DATAACK报文
elseif bPacketType == 5 then
myBodyTree:add_le(f_bAckType, buffer(offset,1))
myBodyTree:add_le(f_bReserved, buffer(offset,1))
offset = offset + 1
myBodyTree:add_le(f_wAckSeqnum, buffer(offset,2))
--offset = offset + 2
pinfo.cols.info:set("This is hstProto data:SESSIONDATAACK")
--解析ping报文
elseif bPacketType == 7 then
myBodyTree:add_le(f_dwDestIP, buffer(offset,4))
offset = offset + 4
myBodyTree:add_le(f_dwTimeStamp, buffer(offset,4))
--offset = offset + 4
pinfo.cols.info:set("This is hstProto data:SESSIONPING")
--解析pingrep报文
elseif bPacketType == 8 then
myBodyTree:add_le(f_dwDestIP, buffer(offset,4))
offset = offset + 4
myBodyTree:add_le(f_dwTimeStamp, buffer(offset,4))
--offset = offset + 4
pinfo.cols.info:set("This is hstProto data:SESSIONPINGREQ")
--解析bye报文
elseif bPacketType == 3 then
pinfo.cols.info:set("This is hstProto data:SESSIONBYE")
--解析Active报文
elseif bPacketType == 6 then
pinfo.cols.info:set("This is hstProto data:SESSIONACTIVE")
--解析data报文
elseif (bPacketType == 0 and buffer_len == PacketSize) then
pinfo.cols.info:set("This is hstProto data:SESSIONDATARELIABLE")
myBodyTree:add_le(f_wSeqnum, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wData,buffer(offset,buffer_len-offset))
elseif (bPacketType == 0 and pinfo.len < PacketSize) then
pinfo.cols.info:set("This is hstProto data:SESSIONDATARELIABLE segement")
myBodyTree:add_le(f_wSeqnum, buffer(offset,2))
offset = offset + 2
myBodyTree:add_le(f_wData,buffer(offset,buffer_len-offset))
end
end
local tcp_port_table = DissectorTable.get("tcp.port")
local my_port = 1089
tcp_port_table:add(my_port, hstproto)