[python] 使用nmap搜索主机及端口号：寻找宿舍路由

prologue

明明设置好了端口映射，但出来却发现无法远程连接宿舍的电脑，怀疑是路由器WAN网口地址变动

idea

很神奇的是原ip能ping通，不过也可能是被分配给其他宿舍，尝试了telnet，无果。上网搜索发现了netcat，又看到了nmap，似乎更合适

solution

安装好nmap，计划是先扫描主机，再扫描在线主机的23389端口

手动来肯定不现实，先是想到用subprocess：

import subprocess
import re


def scan_ip(net='172.17.174.0/24'):
  ret = subprocess.Popen(
    f'nmap -sP {net}',
    shell=True,
    stdin=subprocess.PIPE,
    stdout=subprocess.PIPE,
    stderr=subprocess.STDOUT,
    cwd='D:/Software/Web/Nmap',
    encoding='gbk',
  )
  # a = subprocess.run('nmap 10.132.4.190', shell=True, cwd='D:/Software/Web/Nmap')

  pattern = re.compile(r'^Nmap scan report for (\d+\.\d+\.\d+\.\d+)')
  ip_list = []
  for s in ret.stdout.readlines():
    m = pattern.match(s)
    if m is None:
      continue
    ip_list.append(m.groups()[0])
  return ip_list


def scan_port(ip, port=23389):
  ret = subprocess.Popen(
    f'nmap {ip} -p {port}',
    shell=True,
    stdin=subprocess.PIPE,
    stdout=subprocess.PIPE,
    stderr=subprocess.STDOUT,
    cwd='D:/Software/Web/Nmap',
    encoding='gbk',
  )


# ip_list = scan_ip('10.132.4.0/24')
ip_list = scan_ip()
print(ip_list)

突然想到说不定会有nmap的库，一搜还真有：pip install python-nmap，这下代码简洁多了：

import nmap

nm = nmap.PortScanner(('D:/Software/Web/Nmap/nmap', ))
PORT = 3389
nm.scan('10.132.4.0/24', str(PORT))
print(nm.command_line())
for host in nm.all_hosts():
  t = nm[host]['tcp'][PORT]
  print(f'{host}:{PORT} {t["state"]}@{t["reason"]}')

把原ip网段拿去检测，发现原ip就有23389，很可能没变，但一直显示 filtered，no-response 难道是防火墙？在命令行上直接操作也是差不多的结果：

nmap -sP 扫描网段筛选在线主机

nmap 扫描端口

epilogue

结果浪费一下午还是没能连上电脑，回宿舍。
补：结果是路由器的端口映射没写好，改完再扫就显示open了