# -*- coding: utf-8 -*-
import binascii, struct
import socket
import time
from threading import Thread
'''
windows OID
1.3.6.1.2.1.25.2.3.1.6.1 [ObjectIdentifier] //硬盘
1.3.6.1.2.1.25.2.3.1.6.2 [ObjectIdentifier] //硬盘
1.3.6.1.2.1.25.2.3.1.6.3 [ObjectIdentifier] //硬盘
1.3.6.1.2.1.25.2.3.1.6.4 [ObjectIdentifier] //硬盘
1.3.6.1.2.1.25.2.3.1.6.5 [ObjectIdentifier] //光盘
1.3.6.1.2.1.25.2.3.1.6.6 [ObjectIdentifier] //光盘
1.3.6.1.2.1.25.2.3.1.6.7 [ObjectIdentifier] //虚拟内存
1.3.6.1.2.1.25.2.3.1.6.8 [ObjectIdentifier] //物理内存
OID号不固定,当只有一块硬盘,一个光驱时,物理内存占用OID为1.2.5(2.1占用一般0,不是真实硬盘,不知道是什么意思,真正硬盘占用从2.2开始)
'''
#a 是一个真实的请求内容,def test_parse()函数可以将他解析出来,并打印出密码,请求类型,请求ID,OID对象
a = '''0x30, 0x82, 0x01, 0x09, 0x02, 0x01, 0x01, 0x04,
0x06, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0xa0,
0x81, 0xfb, 0x02, 0x04, 0x4a, 0xbb, 0x2b, 0xac,
0x02, 0x01, 0x00, 0x02, 0x01, 0x00, 0x30, 0x81,
0xec, 0x30, 0x0d, 0x06, 0x09, 0x2b, 0x06, 0x01,
0x02, 0x01, 0x19, 0x02, 0x02, 0x00, 0x05, 0x00,
0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x02,
0x01, 0x19, 0x03, 0x03, 0x01, 0x02, 0x01, 0x05,
0x00, 0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06, 0x01,
0x02, 0x01, 0x19, 0x02, 0x03, 0x01, 0x05, 0x01,
0x05, 0x00, 0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06,
0x01, 0x02, 0x01, 0x19, 0x02, 0x03, 0x01, 0x05,
0x02, 0x05, 0x00, 0x30, 0x0f, 0x06, 0x0b, 0x2b,
0x06, 0x01, 0x02, 0x01, 0x19, 0x02, 0x03, 0x01,
0x05, 0x03, 0x05, 0x00, 0x30, 0x0f, 0x06, 0x0b,
0x2b, 0x06, 0x01, 0x02, 0x01, 0x19, 0x02, 0x03,
0x01, 0x05, 0x04, 0x05, 0x00, 0x30, 0x0f, 0x06,
0x0b, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x19, 0x02,
0x03, 0x01, 0x06, 0x01, 0x05, 0x00, 0x30, 0x0f,
0x06, 0x0b, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x19,
0x02, 0x03, 0x01, 0x06, 0x02, 0x05, 0x00, 0x30,
0x0f, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x02, 0x01,
0x19, 0x02, 0x03, 0x01, 0x06, 0x03, 0x05, 0x00,
0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x02,
0x01, 0x19, 0x02, 0x03, 0x01, 0x06, 0x04, 0x05,
0x00, 0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06, 0x01,
0x02, 0x01, 0x19, 0x02, 0x03, 0x01, 0x06, 0x05,
0x05, 0x00, 0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06,
0x01, 0x02, 0x01, 0x19, 0x02, 0x03, 0x01, 0x06,
0x06, 0x05, 0x00, 0x30, 0x0f, 0x06, 0x0b, 0x2b,
0x06, 0x01, 0x02, 0x01, 0x19, 0x02, 0x03, 0x01,
0x06, 0x07, 0x05, 0x00, 0x30, 0x0f, 0x06, 0x0b,
0x2b, 0x06, 0x01, 0x02, 0x01, 0x19, 0x02, 0x03,
0x01, 0x06, 0x08, 0x05, 0x00'''
class snmpReqParse:
struct_type = {0x02:'INTEGER_TYPE',
0x30:'SQUENCE_TYPE',
0x04:'OCTET_TYPE',
0X05:'NULL_TYPE',
0x06:'OBJID_TYPE',
0xa0:'GET_REQ_TYPE',
0xa5:'GET_BULKREQ_TYPE',
0Xa2:'RESPONSE_TYPE'}
def __init__(self, request):
self.request = request
self.objidList = []
self.requestID = None
self.getReqType = 0xa0
self.publicPasswd = ''
self.parse()
def parse(self):
currentPos = self.parse_header1()
if not currentPos:
print "parse SNMP header failed!"
return
currentPos = self.parse_header2(currentPos)
if not currentPos:
print "parse SNMP header failed!"
return
self.parse_obj(currentPos)
def parse_obj(self, pos):
#开始解析obj对象了
currentPos = pos
stype = struct.unpack('B', self.request[currentPos:currentPos+1])[0]
currentPos += 1
currentPos = self.struct_parse(currentPos)[0]
while len(self.request[currentPos:]) != 0:
stype = struct.unpack('B', self.request[currentPos:currentPos+1])[0]
currentPos += 1
currentPos = self.struct_parse(currentPos)[0]
stype = struct.unpack('B', self.request[currentPos:currentPos+1])[0]
if stype != 0x06:
print "wrong type coding, must be 0x06"
break
currentPos += 1
currentPos, stringLen = self.struct_parse(currentPos)
objid = struct.unpack(stringLen*'B', self.request[currentPos:currentPos+stringLen])
objid1stStr = str(divmod(objid[0], 40)[0]) + '.' + str(divmod(objid[0], 40)[1])
#当obj中每一段中有值大于127时,则后面一个数应该和前面一个数拼起来,例如0x8F和0X65,应该是0x8F*128+65
templist = []
temp1 = 0
for i in objid[1:]:
if not temp1:
if i |
QQ群⑧:
窥视卡
雷达卡
发表于 2018-10-21 11:03:00
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡