[python] 使用nmap搜索主机及端口号:寻找宿舍路由
prologue
明明设置好了端口映射,但出来却发现无法远程连接宿舍的电脑,怀疑是路由器WAN网口地址变动
idea
很神奇的是原ip能ping通,不过也可能是被分配给其他宿舍,尝试了telnet,无果。上网搜索发现了netcat,又看到了nmap,似乎更合适
solution
安装好nmap,计划是先扫描主机,再扫描在线主机的23389端口
手动来肯定不现实,先是想到用subprocess:
import subprocess
import re
def scan_ip(net='172.17.174.0/24'):
ret = subprocess.Popen(
f'nmap -sP {net}',
shell=True,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
cwd='D:/Software/Web/Nmap',
encoding='gbk',
)
# a = subprocess.run('nmap 10.132.4.190', shell=True, cwd='D:/Software/Web/Nmap')
pattern = re.compile(r'^Nmap scan report for (\d+\.\d+\.\d+\.\d+)')
ip_list = []
for s in ret.stdout.readlines():
m = pattern.match(s)
if m is None:
continue
ip_list.append(m.groups()[0])
return ip_list
def scan_port(ip, port=23389):
ret = subprocess.Popen(
f'nmap {ip} -p {port}',
shell=True,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
cwd='D:/Software/Web/Nmap',
encoding='gbk',
)
# ip_list = scan_ip('10.132.4.0/24')
ip_list = scan_ip()
print(ip_list)
突然想到说不定会有nmap的库,一搜还真有:pip install python-nmap
,这下代码简洁多了:
import nmap
nm = nmap.PortScanner(('D:/Software/Web/Nmap/nmap', ))
PORT = 3389
nm.scan('10.132.4.0/24', str(PORT))
print(nm.command_line())
for host in nm.all_hosts():
t = nm[host]['tcp'][PORT]
print(f'{host}:{PORT} {t["state"]}@{t["reason"]}')
把原ip网段拿去检测,发现原ip就有23389,很可能没变,但一直显示 filtered,no-response 难道是防火墙?在命令行上直接操作也是差不多的结果:
nmap -sP 扫描网段筛选在线主机
nmap 扫描端口
epilogue
结果浪费一下午还是没能连上电脑,回宿舍。
补:结果是路由器的端口映射没写好,改完再扫就显示open了