Develop a small sniffer tool from Python

The main goal of the Sniffer tool is to discover the surviving hosts in the target network based on UDP, because the UDP access process is less expensive.

Since many operating systems have a common denominator when dealing with the closure of UDP ports, we are using this commonality to determine if there are surviving hosts on this IP.

When we send a packet to a UDP interface that is closed on the host, if this interface returns an ICMP, it indicates that the target host is alive, and if there is no return, the target host does not exist.

　　

#coding = Utf-8ImportOSImportSocket#target host, subject to availabilityHost ="192.168.1.1""#create the original socket, and then bind on the public interfaceifOs.name = ="NT": Socket_protocol=socket. Ipproto_ipElse: Socket_protocol=socket. Ipproto_icmpsniffer=Socket.socket (Socket.af_inet,socket. Sock_raw,socket_protocol) Sniffer.bind ((host,0) )#set the IP header to be included in the captured I packetSniffer.setsockopt (socket. Ipproto_ip,socket. ip_hdrincl,1)#on the WinDOS platform, the IOCTL needs to be set to enable promiscuous modeifOs.name = ="NT": Sniffer.ioctl (socket. Sio_rcvall,socket. RCVALL_ON)#reading a single packetPrint(Sniffer.recvfrom (65565))#then turn off promiscuous modeifOs.name = ="NT": Sniffer.ioctl (socket. Sio_rcvall,socket. Rcvall_off)

IOCTL (Input/Output control): a way to communicate with a component in user isolation mode that communicates with the component in kernel mode.

Promiscuous mode: Refers to a machine capable of receiving all traffic through it, regardless of whether the destination address is him or not. It is available to administrators for Network Diagnostics, where we take advantage of its features.

Develop a small sniffer tool from Python