puge
/
pythonTest


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260
							import socket
import time

def replay_full_session():
    """完整回放新抓包中的所有通信（保持顺序和时间间隔）"""
    HOST = "47.108.151.236"
    PORT = 211
    
    # 从新抓包中提取的所有客户端发送的包（按时间顺序）
    packets = [
        # 14:23:27.392 - 握手
        bytes.fromhex(
            "04 da 00 00 54 00 00 00 08 00 00 00 26 00 00 00"
            "7b 00 43 00 34 00 35 00 46 00 44 00 33 00 33 00"
            "43 00 2d 00 37 00 39 00 30 00 46 00 2d 00 34 00"
            "34 00 45 00 41 00 2d 00 42 00 33 00 41 00 44 00"
            "2d 00 34 00 30 00 30 00 36 00 41 00 44 00 35 00"
            "31 00 36 00 38 00 37 00 37 00 7d 00"
        ),
        # 14:23:27.641 - id02
        bytes.fromhex(
            "03 da 00 00 18 00 00 00 03 00 00 00 00 00 00 00"
            "08 00 00 00 04 00 00 00 69 00 64 00 30 00 32 00"
        ),
        # 14:23:27.760 - 复杂联查
        bytes.fromhex(
            "02 da 00 00 72 03 00 00 03 00 00 00 00 00 00 00"
            "03 00 00 00 2e 01 00 00 03 00 00 00 01 00 00 00"
            "0b 00 00 00 ff ff 03 00 00 00 02 00 00 00 03 00"
            "00 00 00 00 00 08 40 00 00 9a 01 00 00 73 00 65"
            "00 6c 00 65 00 63 00 74 00 20 00 64 00 2e 00 6d"
            "00 64 00 6d 00 63 00 2c 00 62 00 2e 00 67 00 6b"
            "00 78 00 6d 00 2c 00 62 00 2e 00 6b 00 61 00 68"
            "00 61 00 6f 00 2c 00 63 00 2e 00 6e 00 61 00 6d"
            "00 65 00 2c 00 63 00 2e 00 6b 00 61 00 68 00 61"
            "00 6f 00 20 00 61 00 73 00 20 00 79 00 67 00 6b"
            "00 68 00 2c 00 61 00 2e 00 63 00 63 00 79 00 69"
            "00 64 00 2c 00 61 00 2e 00 64 00 6a 00 69 00 64"
            "00 2c 00 61 00 2e 00 73 00 68 00 72 00 2c 00 61"
            "00 2e 00 62 00 65 00 69 00 7a 00 68 00 75 00 2c"
            "00 61 00 2e 00 64 00 6a 00 6c 00 78 00 2c 00 61"
            "00 2e 00 72 00 69 00 71 00 69 00 2c 00 61 00 2e"
            "00 7a 00 73 00 6c 00 2c 00 61 00 2e 00 7a 00 6a"
            "00 65 00 2c 00 61 00 2e 00 77 00 66 00 6b 00 2c"
            "00 61 00 2e 00 7a 00 6b 00 6a 00 65 00 2c 00 61"
            "00 2e 00 73 00 72 00 2c 00 61 00 2e 00 63 00 7a"
            "00 6b 00 6a 00 73 00 2c 00 61 00 2e 00 64 00 78"
            "00 69 00 64 00 2c 00 61 00 2e 00 64 00 6a 00 6c"
            "00 78 00 2c 00 61 00 2e 00 6b 00 6d 00 6d 00 63"
            "00 20 00 66 00 72 00 6f 00 6d 00 20 00 79 00 77"
            "00 20 00 61 00 20 00 6a 00 6f 00 69 00 6e 00 20"
            "00 67 00 75 00 6b 00 65 00 20 00 62 00 20 00 6f"
            "00 6e 00 20 00 61 00 2e 00 64 00 78 00 69 00 64"
            "00 3d 00 62 00 2e 00 6b 00 61 00 68 00 61 00 6f"
            "00 20 00 6a 00 6f 00 69 00 6e 00 20 00 79 00 75"
            "00 61 00 6e 00 67 00 6f 00 6e 00 67 00 20 00 63"
            "00 20 00 6f 00 6e 00 20 00 61 00 2e 00 79 00 77"
            "00 79 00 69 00 64 00 3d 00 63 00 2e 00 6b 00 61"
            "00 68 00 61 00 6f 00 20 00 6a 00 6f 00 69 00 6e"
            "00 20 00 62 00 75 00 6d 00 65 00 6e 00 20 00 64"
            "00 20 00 6f 00 6e 00 20 00 72 00 69 00 67 00 68"
            "00 74 00 28 00 61 00 2e 00 64 00 6a 00 69 00 64"
            "00 2c 00 31 00 29 00 3d 00 64 00 2e 00 62 00 75"
            "00 6d 00 65 00 6e 00 69 00 64 00 20 00 77 00 68"
            "00 65 00 72 00 65 00 20 00 73 00 75 00 62 00 73"
            "00 74 00 72 00 69 00 6e 00 67 00 28 00 61 00 2e"
            "00 64 00 6a 00 69 00 64 00 2c 00 31 00 30 00 2c"
            "00 31 00 29 00 3d 00 27 00 4c 00 27 00 20 00 61"
            "00 6e 00 64 00 20 00 61 00 2e 00 72 00 69 00 71"
            "00 69 00 20 00 62 00 65 00 74 00 77 00 65 00 65"
            "00 6e 00 20 00 27 00 32 00 30 00 32 00 36 00 2d"
            "00 30 00 36 00 2d 00 30 00 38 00 27 00 20 00 61"
            "00 6e 00 64 00 20 00 27 00 32 00 30 00 32 00 36"
            "00 2d 00 30 00 36 00 2d 00 30 00 38 00 27 00 20"
            "00 61 00 6e 00 64 00 20 00 72 00 69 00 67 00 68"
            "00 74 00 28 00 61 00 2e 00 64 00 6a 00 69 00 64"
            "00 2c 00 31 00 29 00 3d 00 27 00 41 00 27 00 20"
            "00 6f 00 72 00 64 00 65 00 72 00 20 00 62 00 79"
            "00 20 00 61 00 2e 00 72 00 69 00 71 00 69 00 20"
            "00 64 00 65 00 73 00 63 00 2c 00 61 00 2e 00 64"
            "00 6a 00 69 00 64 00 20 00 64 00 65 00 73 00 63"
            "00 03 00 00 00 63 00 00 00"
        ),
        # 14:23:29.643 - yuangang 查询
        bytes.fromhex(
            "02 da 00 00 b2 00 00 00 03 00 00 00 00 00 00 00"
            "03 00 00 00 2e 01 00 00 03 00 00 00 01 00 00 00"
            "0b 00 00 00 ff ff 03 00 00 00 02 00 00 00 03 00"
            "00 00 00 00 00 08 00 00 00 3a 00 00 00 73 00 65"
            "00 6c 00 65 00 63 00 74 00 20 00 64 00 69 00 73"
            "00 74 00 69 00 6e 00 63 00 74 00 20 00 6e 00 61"
            "00 6d 00 65 00 20 00 66 00 72 00 6f 00 6d 00 20"
            "00 79 00 75 00 61 00 6e 00 67 00 6f 00 6e 00 67"
            "00 20 00 77 00 68 00 65 00 72 00 65 00 20 00 79"
            "00 78 00 62 00 6a 00 3d 00 30 00 20 00 6f 00 72"
            "00 64 00 65 00 72 00 20 00 62 00 79 00 20 00 31"
            "00 03 00 00 00 63 00 00 00"
        ),
        # 14:23:29.871 - bumen 查询
        bytes.fromhex(
            "02 da 00 00 80 00 00 00 03 00 00 00 00 00 00 00"
            "03 00 00 00 2e 01 00 00 03 00 00 00 01 00 00 00"
            "0b 00 00 00 ff ff 03 00 00 00 02 00 00 00 03 00"
            "00 00 00 00 00 08 40 00 00 21 00 00 00 73 00 65"
            "00 6c 00 65 00 63 00 74 00 20 00 6d 00 64 00 6d"
            "00 63 00 20 00 66 00 72 00 6f 00 6d 00 20 00 62"
            "00 75 00 6d 00 65 00 6e 00 20 00 6f 00 72 00 64"
            "00 65 00 72 00 20 00 62 00 79 00 20 00 31 00 03"
            "00 00 00 63 00 00 00"
        ),
        # 14:23:30.112 - pinpai 查询
        bytes.fromhex(
            "02 da 00 00 bc 00 00 00 03 00 00 00 00 00 00 00"
            "03 00 00 00 2e 01 00 00 03 00 00 00 01 00 00 00"
            "0b 00 00 00 ff ff 03 00 00 00 02 00 00 00 03 00"
            "00 00 00 00 00 08 40 00 00 3f 00 00 00 73 00 65"
            "00 6c 00 65 00 63 00 74 00 20 00 64 00 69 00 73"
            "00 74 00 69 00 6e 00 63 00 74 00 20 00 70 00 69"
            "00 6e 00 70 00 61 00 69 00 20 00 66 00 72 00 6f"
            "00 6d 00 20 00 71 00 69 00 61 00 6e 00 7a 00 68"
            "00 75 00 69 00 5f 00 6a 00 70 00 20 00 77 00 68"
            "00 65 00 72 00 65 00 20 00 79 00 78 00 62 00 6a"
            "00 3d 00 30 00 20 00 6f 00 72 00 64 00 65 00 72"
            "00 20 00 62 00 79 00 20 00 31 00 03 00 00 00 63"
            "00 00 00"
        ),
    ]
    
    # 抓包中的时间间隔（秒）
    intervals = [
        0,          # 第一个包
        0.249,      # 27.392 -> 27.641
        0.119,      # 27.641 -> 27.760
        1.883,      # 27.760 -> 29.643
        0.228,      # 29.643 -> 29.871
        0.241,      # 29.871 -> 30.112
    ]
    
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.settimeout(30)
    
    all_responses = []
    
    try:
        sock.connect((HOST, PORT))
        print("[+] 连接成功")
        
        for i, packet in enumerate(packets):
            print(f"\n[包 {i+1}] 发送 {len(packet)} 字节")
            sock.send(packet)
            
            # 接收响应
            try:
                # 对于查询包，可能需要接收更多数据
                if i >= 2:  # 查询包
                    total = b''
                    sock.settimeout(10)
                    while True:
                        try:
                            chunk = sock.recv(65536)
                            if not chunk:
                                break
                            total += chunk
                            print(f"    收到 {len(chunk)} 字节，累计 {len(total)}")
                            if len(chunk) < 65536:
                                time.sleep(0.5)
                                break
                        except socket.timeout:
                            break
                    if total:
                        all_responses.append((i, total))
                        print(f"    [✓] 总响应: {len(total)} 字节")
                        # 保存响应
                        with open(f"response_{i+1}.bin", "wb") as f:
                            f.write(total)
                        parse_response(total, i+1)
                else:
                    # 握手和id02的响应
                    resp = sock.recv(1024)
                    print(f"    响应: {resp.hex()}")
                    all_responses.append((i, resp))
            except socket.timeout:
                print(f"    响应超时")
            
            # 按抓包时间间隔等待
            if i < len(intervals) - 1:
                time.sleep(intervals[i + 1])
        
        print("\n" + "="*60)
        print("所有响应接收完成")
        print("="*60)
        
    except Exception as e:
        print(f"错误: {e}")
        import traceback
        traceback.print_exc()
    finally:
        sock.close()

def parse_response(data, packet_num):
    """解析响应数据"""
    print(f"\n--- 解析包 {packet_num} 的响应 ---")
    
    if len(data) < 8:
        return
    
    # 检查响应命令
    cmd = data[0:2]
    length = int.from_bytes(data[4:8], 'little')
    print(f"命令: {cmd.hex()}, 长度: {length}")
    
    # 查找 0x03 开头的字符串
    results = []
    i = 0
    while i < len(data) - 2:
        if data[i] == 0x03:
            str_len = data[i + 1]
            if i + 2 + str_len <= len(data):
                str_data = data[i + 2:i + 2 + str_len]
                try:
                    # 尝试 GBK
                    text = str_data.decode('gbk', errors='ignore')
                    if text.strip() and len(text) > 1:
                        results.append(text)
                except:
                    try:
                        text = str_data.decode('utf-8', errors='ignore')
                        if text.strip() and len(text) > 1:
                            results.append(text)
                    except:
                        pass
                i += 2 + str_len
            else:
                i += 1
        else:
            i += 1
    
    if results:
        print(f"\n找到 {len(results)} 条记录:")
        for i, text in enumerate(results[:30], 1):
            print(f"  {i}. {text}")
        
        with open(f"parsed_{packet_num}.txt", "w", encoding="utf-8") as f:
            f.write('\n'.join(results))
    else:
        # 尝试 UTF-16LE
        try:
            text = data.decode('utf-16le', errors='ignore')
            lines = [line.strip() for line in text.split('\x00') if len(line.strip()) > 2]
            if lines:
                print(f"\nUTF-16LE 解码找到 {len(lines)} 行:")
                for i, line in enumerate(lines[:30], 1):
                    print(f"  {i}. {line[:100]}")
                with open(f"parsed_utf16_{packet_num}.txt", "w", encoding="utf-8") as f:
                    f.write('\n'.join(lines))
        except:
            pass

if __name__ == "__main__":
    replay_full_session()