{"id":42,"date":"2016-03-17T17:03:03","date_gmt":"2016-03-17T08:03:03","guid":{"rendered":"http:\/\/p-o.me\/b\/?p=42"},"modified":"2016-03-17T17:03:03","modified_gmt":"2016-03-17T08:03:03","slug":"42","status":"publish","type":"post","link":"https:\/\/p-0.me\/b\/p\/42\/","title":{"rendered":"tcpdump\u3067telnet\u306eID\u3068\u30d1\u30b9\u3092\u898b\u3066\u307f\u305f"},"content":{"rendered":"

n\u756a\u714e\u3058\u306e\u899a\u3048\u66f8\u304d
\n\u3053\u306e\u524d,\u60c5\u5831\u901a\u4fe1\u306e\u6388\u696d\u3067tcpdump\u306b\u3064\u3044\u3066\u89e6\u308c\u305f.
\n\u4f8b\u306e\u3054\u3068\u304f\u30b3\u30de\u30f3\u30c9\u3092\u30b3\u30d4\u30da\u3057\u3066\u51fa\u529b\u7d50\u679c\u3092\u7d19\u306b\u66f8\u304d\u5199\u3059\u4f5c\u696d\u3067,\u3088\u304f\u308f\u304b\u3089\u306a\u304b\u3063\u305f.
\n\u305d\u3053\u3067\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u52c9\u5f37\u3082\u517c\u306d\u3066,tcpdump\u3067telnet\u306eID\u3068\u30d1\u30b9\u3092\u773a\u3081\u3066\u307f\u308b\u3053\u3068\u306b\u3057\u305f.
\n\u3061\u306a\u307f\u306b,VPS\u306ftelnet\u3092\u53d7\u3051\u4ed8\u3051\u306a\u3044\u3088\u3046\u306b\u3057\u3066\u308b\u3057,\u8a2d\u5b9a\u5909\u3048\u308b\u306e\u3082\u3060\u308b\u3044\u306e\u3067,Raspberry Pi\u3092\u4f7f\u3046\u3053\u3068\u306b\u3057\u305f.
\n
\n\u6700\u521d\u306b,RPi\u306b\u306ftelnetd\u3068tcpdump\u304c\u5165\u3063\u3066\u3044\u306a\u3044\u306e\u3067,\u5165\u308c\u308b<\/p>\n

sudo apt-get install telnetd\nsudo apt-get install tcpdump<\/pre>\n
 
\n\u3053\u3053\u3067\u4e00\u65e6telnet\u3067\u63a5\u7d9a\u3067\u304d\u308b\u304b\u8a66\u3057\u3066\u307f\u308b.<\/p>\n
Raspbian GNU\/Linux 8\nraspberrypi login:<\/pre>\n
\u307f\u305f\u3044\u306a\u611f\u3058\u3067\u8868\u793a\u3055\u308c\u308b\u306f\u305a.
\ntelnet\u3092\u53d7\u3051\u4ed8\u3051\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u305f\u3089,tcpdump\u3067\u773a\u3081\u3066\u307f\u308b.<\/p>\n
$sudo tcpdump port telnet\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\nlistening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes\n03:21:20.454107 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [S], seq 1669263416, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0\n03:21:20.454298 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [S.], seq 597546784, ack 1669263417, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0\n03:21:20.461533 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [.], ack 1, win 256, length 0\n03:21:20.468970 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 1:16, ack 1, win 256, length 15\n03:21:20.469109 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [.], ack 16, win 457, length 0\n03:21:20.538984 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [P.], seq 1:13, ack 16, win 457, length 12\n03:21:20.543466 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 16:19, ack 13, win 256, length 3\n03:21:20.543766 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [P.], seq 13:25, ack 19, win 457, length 12\n03:21:20.546062 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 19:25, ack 25, win 256, length 6\n03:21:20.546627 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [P.], seq 25:31, ack 25, win 457, length 6\n03:21:20.548995 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 25:34, ack 31, win 256, length 9\n03:21:20.588044 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [.], ack 34, win 457, length 0\n03:21:20.593422 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 34:45, ack 31, win 256, length 11\n03:21:20.593623 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [.], ack 45, win 457, length 0\n03:21:20.595661 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [P.], seq 31:40, ack 45, win 457, length 9\n03:21:20.608170 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 45:48, ack 40, win 256, length 3\n03:21:20.609144 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [P.], seq 40:62, ack 48, win 457, length 22\n03:21:20.611931 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [P.], seq 48:54, ack 62, win 256, length 6\n03:21:20.648103 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [.], ack 54, win 457, length 0\n03:21:20.650131 IP 192.168.11.4.telnet > 192.168.11.3.2762: Flags [P.], seq 62:81, ack 54, win 457, length 19\n03:21:20.703336 IP 192.168.11.3.2762 > 192.168.11.4.telnet: Flags [.], ack 81, win 256, length 0<\/pre>\n
 
\n\u63a5\u7d9a\u3059\u308b\u3060\u3051\u3067\u3053\u306e\u304f\u3089\u3044\u6d41\u308c\u3066\u304f\u308b\u3068\u601d\u3046.\u6700\u521d\u306b3\u30a6\u30a7\u30a4\u30cf\u30f3\u30c9\u30b7\u30a7\u30a4\u30af\u3092\u884c\u3063\u3066,\u306a\u306b\u304b\u30c7\u30fc\u30bf\u304c\u6d41\u308c\u3066\u3044\u308b\u3053\u3068\u304c\u5206\u304b\u308b.
\n\u6d41\u308c\u308b\u30d1\u30b1\u30c3\u30c8\u306e\u4e2d\u8eab\u3092\u898b\u308b\u306b\u306f,-x\u3068-X\u30aa\u30d7\u30b7\u30e7\u30f3\u304c\u6709\u308b.\u4e21\u65b9\u3068\u308216\u9032\u6570\u3067\u4e2d\u8eab\u3092\u8868\u793a\u3059\u308b\u304c,-X\u306e\u65b9\u306f\u52a0\u3048\u3066ASCII\u5f62\u5f0f\u3067\u3082\u8868\u793a\u3057\u3066\u304f\u308c\u308b.<\/p>\n
$sudo tcpdump -x port telnet\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\nlistening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes\n03:28:02.304954 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [S], seq 531974383, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0\n0x0000: 4500 0034 0c8c 4000 8006 56e0 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 48ef 0000 0000\n0x0020: 8002 2000 4410 0000 0204 05b4 0103 0308\n0x0030: 0101 0402\n03:28:02.305145 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [S.], seq 4137030896, ack 531974384, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0\n0x0000: 4500 0034 0000 4000 4006 a36c c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 14f0 1fb5 48f0\n0x0020: 8012 7210 e669 0000 0204 05b4 0101 0402\n0x0030: 0103 0306\n03:28:02.309393 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [.], ack 1, win 256, length 0\n0x0000: 4500 0028 0c8d 4000 8006 56eb c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 48f0 f696 14f1\n0x0020: 5010 0100 984b 0000\n03:28:02.314903 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 1:16, ack 1, win 256, length 15\n0x0000: 4500 0037 0c8e 4000 8006 56db c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 48f0 f696 14f1\n0x0020: 5018 0100 623c 0000 fffb 18ff fd03 fffb\n0x0030: 03ff fd01 fffb 1f\n03:28:02.315054 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [.], ack 16, win 457, length 0\n0x0000: 4500 0028 1c8d 4000 4006 86eb c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 14f1 1fb5 48ff\n0x0020: 5010 01c9 9773 0000\n03:28:07.389841 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [P.], seq 1:13, ack 16, win 457, length 12\n0x0000: 4510 0034 1c8e 4000 4006 86ce c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 14f1 1fb5 48ff\n0x0020: 5018 01c9 601c 0000 fffd 18ff fd20 fffd\n0x0030: 23ff fd27\n03:28:07.393670 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 16:19, ack 13, win 256, length 3\n0x0000: 4500 002b 0c98 4000 8006 56dd c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 48ff f696 14fd\n0x0020: 5018 0100 7828 0000 fffc 20\n03:28:07.393892 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [P.], seq 13:25, ack 19, win 457, length 12\n0x0000: 4510 0034 1c8f 4000 4006 86cd c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 14fd 1fb5 4902\n0x0020: 5018 01c9 9736 0000 fffb 03ff fd03 fffb\n0x0030: 01ff fd1f\n03:28:07.396541 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 19:25, ack 25, win 256, length 6\n0x0000: 4500 002e 0c99 4000 8006 56d9 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 4902 f696 1509\n0x0020: 5018 0100 77ef 0000 fffc 23ff fc27\n03:28:07.396846 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [P.], seq 25:31, ack 25, win 457, length 6\n0x0000: 4510 002e 1c90 4000 4006 86d2 c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 1509 1fb5 4908\n0x0020: 5018 01c9 7f57 0000 fffa 1801 fff0\n03:28:07.399888 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 25:34, ack 31, win 256, length 9\n0x0000: 4500 0031 0c9a 4000 8006 56d5 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 4908 f696 150f\n0x0020: 5018 0100 1d09 0000 fffa 1f00 5400 17ff\n0x0030: f0\n03:28:07.438056 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [.], ack 34, win 457, length 0\n0x0000: 4510 0028 1c91 4000 4006 86d7 c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 150f 1fb5 4911\n0x0020: 5010 01c9 9743 0000\n03:28:07.440636 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 34:45, ack 31, win 256, length 11\n0x0000: 4500 0033 0c9b 4000 8006 56d2 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 4911 f696 150f\n0x0020: 5018 0100 4417 0000 fffa 1800 7874 6572\n0x0030: 6dff f0\n03:28:07.440847 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [.], ack 45, win 457, length 0\n0x0000: 4510 0028 1c92 4000 4006 86d6 c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 150f 1fb5 491c\n0x0020: 5010 01c9 9738 0000\n03:28:07.442968 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [P.], seq 31:40, ack 45, win 457, length 9\n0x0000: 4510 0031 1c93 4000 4006 86cc c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 150f 1fb5 491c\n0x0020: 5018 01c9 7926 0000 fffd 01ff fb05 fffd\n0x0030: 21\n03:28:07.458636 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 45:48, ack 40, win 256, length 3\n0x0000: 4500 002b 0c9c 4000 8006 56d9 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 491c f696 1518\n0x0020: 5018 0100 96f0 0000 fffc 01\n03:28:07.459764 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [P.], seq 40:62, ack 48, win 457, length 22\n0x0000: 4510 003e 1c94 4000 4006 86be c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 1518 1fb5 491f\n0x0020: 5018 01c9 6353 0000 5261 7370 6269 616e\n0x0030: 2047 4e55 2f4c 696e 7578 2038 0d0a\n03:28:07.463766 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [P.], seq 48:54, ack 62, win 256, length 6\n0x0000: 4500 002e 0c9d 4000 8006 56d5 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 491f f696 152e\n0x0020: 5018 0100 95b1 0000 fffe 05ff fc21\n03:28:07.498108 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [.], ack 54, win 457, length 0\n0x0000: 4510 0028 1c95 4000 4006 86d3 c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 152e 1fb5 4925\n0x0020: 5010 01c9 9710 0000\n03:28:07.502390 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [P.], seq 62:81, ack 54, win 457, length 19\n0x0000: 4510 003b 1c96 4000 4006 86bf c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 152e 1fb5 4925\n0x0020: 5018 01c9 97a7 0000 7261 7370 6265 7272\n0x0030: 7970 6920 6c6f 6769 6e3a 20\n03:28:07.557677 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [.], ack 81, win 256, length 0\n0x0000: 4500 0028 0c9e 4000 8006 56da c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 4925 f696 1541\n0x0020: 5010 0100 97c6 0000\n03:28:12.371239 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [F.], seq 54, ack 81, win 256, length 0\n0x0000: 4500 0028 0ca1 4000 8006 56d7 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 4925 f696 1541\n0x0020: 5011 0100 97c5 0000\n03:28:12.371997 IP 192.168.11.4.telnet > 192.168.11.3.2797: Flags [F.], seq 81, ack 55, win 457, length 0\n0x0000: 4510 0028 1c97 4000 4006 86d1 c0a8 0b04\n0x0010: c0a8 0b03 0017 0aed f696 1541 1fb5 4926\n0x0020: 5011 01c9 96fb 0000\n03:28:12.383117 IP 192.168.11.3.2797 > 192.168.11.4.telnet: Flags [.], ack 82, win 256, length 0\n0x0000: 4500 0028 0ca2 4000 8006 56d6 c0a8 0b03\n0x0010: c0a8 0b04 0aed 0017 1fb5 4926 f696 1542\n0x0020: 5010 0100 97c4 0000<\/pre>\n
 
\n\u6642\u523b03:28:07.459764\u306e0x0027\u4ee5\u964d\u306f5261 7370 6269 616e …\u3068\u306a\u3063\u3066\u304a\u308a,ASCII\u30b3\u30fc\u30c9\u8868<\/a>\u306b\u7167\u3089\u3057\u3066\u7f6e\u304d\u63db\u3048\u308b\u3068,Raspbian …\u3068\u306a\u308b.
\n\u307e\u3042,\u3053\u308c\u306f-X\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u3064\u3051\u308c\u3070\u3059\u3050\u306b\u5206\u304b\u308b.<\/p>\n
$sudo tcpdump -X port telnet\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\nlistening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes\n03:35:34.755716 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [S], seq 4255953184, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0\n0x0000: 4500 0034 0d69 4000 8006 5603 c0a8 0b03 E..4.i@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b120 0000 0000 .....P..........\n0x0020: 8002 2000 fd83 0000 0204 05b4 0103 0308 ................\n0x0030: 0101 0402 ....\n03:35:34.755912 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [S.], seq 3230103982, ack 4255953185, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0\n0x0000: 4500 0034 0000 4000 4006 a36c c0a8 0b04 E..4..@.@..l....\n0x0010: c0a8 0b03 0017 0b50 c087 79ae fdac b121 .......P..y....!\n0x0020: 8012 7210 712e 0000 0204 05b4 0101 0402 ..r.q...........\n0x0030: 0103 0306 ....\n03:35:34.766169 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [.], ack 1, win 256, length 0\n0x0000: 4500 0028 0d6a 4000 8006 560e c0a8 0b03 E..(.j@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b121 c087 79af .....P.....!..y.\n0x0020: 5010 0100 2310 0000 P...#...\n03:35:34.778246 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 1:16, ack 1, win 256, length 15\n0x0000: 4500 0037 0d6b 4000 8006 55fe c0a8 0b03 E..7.k@...U.....\n0x0010: c0a8 0b04 0b50 0017 fdac b121 c087 79af .....P.....!..y.\n0x0020: 5018 0100 ed00 0000 fffb 18ff fd03 fffb P...............\n0x0030: 03ff fd01 fffb 1f .......\n03:35:34.778391 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [.], ack 16, win 457, length 0\n0x0000: 4500 0028 c096 4000 4006 e2e1 c0a8 0b04 E..(..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79af fdac b130 .......P..y....0\n0x0020: 5010 01c9 2238 0000 P...\"8..\n03:35:34.843688 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [P.], seq 1:13, ack 16, win 457, length 12\n0x0000: 4510 0034 c097 4000 4006 e2c4 c0a8 0b04 E..4..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79af fdac b130 .......P..y....0\n0x0020: 5018 01c9 eae0 0000 fffd 18ff fd20 fffd P...............\n0x0030: 23ff fd27 #..'\n03:35:34.846555 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 16:19, ack 13, win 256, length 3\n0x0000: 4500 002b 0d6c 4000 8006 5609 c0a8 0b03 E..+.l@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b130 c087 79bb .....P.....0..y.\n0x0020: 5018 0100 02ed 0000 fffc 20 P..........\n03:35:34.846814 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [P.], seq 13:25, ack 19, win 457, length 12\n0x0000: 4510 0034 c098 4000 4006 e2c3 c0a8 0b04 E..4..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79bb fdac b133 .......P..y....3\n0x0020: 5018 01c9 21fb 0000 fffb 03ff fd03 fffb P...!...........\n0x0030: 01ff fd1f ....\n03:35:34.851692 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 19:25, ack 25, win 256, length 6\n0x0000: 4500 002e 0d6d 4000 8006 5605 c0a8 0b03 E....m@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b133 c087 79c7 .....P.....3..y.\n0x0020: 5018 0100 02b4 0000 fffc 23ff fc27 P.........#..'\n03:35:34.852048 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [P.], seq 25:31, ack 25, win 457, length 6\n0x0000: 4510 002e c099 4000 4006 e2c8 c0a8 0b04 E.....@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79c7 fdac b139 .......P..y....9\n0x0020: 5018 01c9 0a1c 0000 fffa 1801 fff0 P.............\n03:35:34.854451 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 25:34, ack 31, win 256, length 9\n0x0000: 4500 0031 0d6e 4000 8006 5601 c0a8 0b03 E..1.n@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b139 c087 79cd .....P.....9..y.\n0x0020: 5018 0100 a7cd 0000 fffa 1f00 5400 17ff P...........T...\n0x0030: f0 .\n03:35:34.888060 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [.], ack 34, win 457, length 0\n0x0000: 4510 0028 c09a 4000 4006 e2cd c0a8 0b04 E..(..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79cd fdac b142 .......P..y....B\n0x0020: 5010 01c9 2208 0000 P...\"...\n03:35:34.891448 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 34:45, ack 31, win 256, length 11\n0x0000: 4500 0033 0d6f 4000 8006 55fe c0a8 0b03 E..3.o@...U.....\n0x0010: c0a8 0b04 0b50 0017 fdac b142 c087 79cd .....P.....B..y.\n0x0020: 5018 0100 cedb 0000 fffa 1800 7874 6572 P...........xter\n0x0030: 6dff f0 m..\n03:35:34.891791 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [.], ack 45, win 457, length 0\n0x0000: 4510 0028 c09b 4000 4006 e2cc c0a8 0b04 E..(..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79cd fdac b14d .......P..y....M\n0x0020: 5010 01c9 21fd 0000 P...!...\n03:35:34.893855 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [P.], seq 31:40, ack 45, win 457, length 9\n0x0000: 4510 0031 c09c 4000 4006 e2c2 c0a8 0b04 E..1..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79cd fdac b14d .......P..y....M\n0x0020: 5018 01c9 03eb 0000 fffd 01ff fb05 fffd P...............\n0x0030: 21 !\n03:35:34.908283 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 45:48, ack 40, win 256, length 3\n0x0000: 4500 002b 0d70 4000 8006 5605 c0a8 0b03 E..+.p@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b14d c087 79d6 .....P.....M..y.\n0x0020: 5018 0100 21b5 0000 fffc 01 P...!......\n03:35:34.909219 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [P.], seq 40:62, ack 48, win 457, length 22\n0x0000: 4510 003e c09d 4000 4006 e2b4 c0a8 0b04 E..>..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79d6 fdac b150 .......P..y....P\n0x0020: 5018 01c9 ee17 0000 5261 7370 6269 616e P.......Raspbian\n0x0030: 2047 4e55 2f4c 696e 7578 2038 0d0a .GNU\/Linux.8..\n03:35:34.915839 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [P.], seq 48:54, ack 62, win 256, length 6\n0x0000: 4500 002e 0d71 4000 8006 5601 c0a8 0b03 E....q@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b150 c087 79ec .....P.....P..y.\n0x0020: 5018 0100 2076 0000 fffe 05ff fc21 P....v.......!\n03:35:34.948193 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [.], ack 54, win 457, length 0\n0x0000: 4510 0028 c09e 4000 4006 e2c9 c0a8 0b04 E..(..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79ec fdac b156 .......P..y....V\n0x0020: 5010 01c9 21d5 0000 P...!...\n03:35:34.951224 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [P.], seq 62:81, ack 54, win 457, length 19\n0x0000: 4510 003b c09f 4000 4006 e2b5 c0a8 0b04 E..;..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79ec fdac b156 .......P..y....V\n0x0020: 5018 01c9 226c 0000 7261 7370 6265 7272 P...\"l..raspberr\n0x0030: 7970 6920 6c6f 6769 6e3a 20 ypi.login:.\n03:35:35.001057 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [.], ack 81, win 256, length 0\n0x0000: 4500 0028 0d72 4000 8006 5606 c0a8 0b03 E..(.r@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b156 c087 79ff .....P.....V..y.\n0x0020: 5010 0100 228b 0000 P...\"...\n03:35:48.239635 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [F.], seq 54, ack 81, win 256, length 0\n0x0000: 4500 0028 0d77 4000 8006 5601 c0a8 0b03 E..(.w@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b156 c087 79ff .....P.....V..y.\n0x0020: 5011 0100 228a 0000 P...\"...\n03:35:48.240381 IP 192.168.11.4.telnet > 192.168.11.3.2896: Flags [F.], seq 81, ack 55, win 457, length 0\n0x0000: 4510 0028 c0a0 4000 4006 e2c7 c0a8 0b04 E..(..@.@.......\n0x0010: c0a8 0b03 0017 0b50 c087 79ff fdac b157 .......P..y....W\n0x0020: 5011 01c9 21c0 0000 P...!...\n03:35:48.252929 IP 192.168.11.3.2896 > 192.168.11.4.telnet: Flags [.], ack 82, win 256, length 0\n0x0000: 4500 0028 0d78 4000 8006 5600 c0a8 0b03 E..(.x@...V.....\n0x0010: c0a8 0b04 0b50 0017 fdac b157 c087 7a00 .....P.....W..z.\n0x0020: 5010 0100 2289 0000 P...\"...\n<\/pre>\n
 
\n\u6642\u523b03:35:34.909219\u3067Raspbian\u3068\u304b\u8868\u793a\u3055\u308c\u308b.<\/span>
\n\u3067,-x\u3082-X\u3082\u30d8\u30c3\u30c0\u90e8\u5206\u542b\u3081\u3066\u5168\u90e816\u9032\u8868\u793a\u3057\u3066\u304f\u308c\u308b\u3093\u3060\u3051\u3069,\u4eca\u56de\u306f\u30c7\u30fc\u30bf\u3060\u3051\u304c\u898b\u305f\u3044.
\n\u306a\u306e\u3067,python\u3067\u8efd\u304f\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u66f8\u3044\u3066\u6574\u5f62\u3057\u3066\u307f\u308b.\u5165\u529b\u306f-x\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u4f7f\u3063\u305f\u6642\u306e\u7d50\u679c\u306b\u3059\u308b.
\n\u66f8\u3044\u305f\u30b9\u30af\u30ea\u30d7\u30c8\u306f\u4ee5\u4e0b.
\n <\/p>\n
#!\/usr\/bin\/python\nimport sys\nimport re\nlength=0\ndata=[]\nfor line in iter(sys.stdin.readline, \"\"):\n        line=line.replace(\"\\n\",\"\")\n        if not line:\n                continue\n        if line[0]!='\\t':\n                if length!=0:\n                        data=data[len(data)-length:]\n                        for c in data:\n                                c=int(c,16)\n                                if 0x00<c and c<0x80:\n                                        sys.stdout.write(chr(c))\n                        data=[]\n                length=int(re.search(r'\\d+$',line).group(0))\n        else:\n                line=line.split(':')[1]\n                line=line.replace(\" \",\"\")\n                data+=[line[i:i+2] for i in range(0,len(line),2)]<\/pre>\n
\u7c21\u5358\u306b\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u8aac\u660e.
\n\u3053\u306e\u30d7\u30ed\u30b0\u30e9\u30e0\u306ftcpdump -x \u306e\u7d50\u679c\u3092\u53d7\u3051\u53d6\u3063\u3066\u30c7\u30fc\u30bf\u90e8\u5206\u306e\u307f\u3092ASCII\u3067\u8868\u793a\u3059\u308b(unicode\u3068\u304b\u306f\u7121\u7406).
\nlength\u306f\u30c7\u30fc\u30bf\u90e8\u306e\u9577\u3055,data\u306f\u30d1\u30b1\u30c3\u30c8\u5168\u4f53\u304b\u30c7\u30fc\u30bf\u90e8.
\n8\u884c\u76ee\u3067sys.stdin\u3092\u4f7f\u308f\u305aiter(sys.stdin.readline, “”)\u3068\u3057\u3066\u3044\u308b\u306e\u306f,\u5165\u529b\u3092\u30d0\u30c3\u30d5\u30a1\u30ea\u30f3\u30b0\u3057\u306a\u3044\u305f\u3081.
\n\u30d0\u30c3\u30d5\u30a1\u306b\u6e9c\u3081\u308b\u3068\u51e6\u7406\u304c\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u306b\u3067\u304d\u306a\u3044\u306e\u3067,\u5165\u529b\u306b\u3064\u3044\u3066\u306fiter()\u3092\u4f7f\u7528\u3057,\u51fa\u529b\u306b\u3064\u3044\u3066\u306fpython\u306e-u\u30aa\u30d7\u30b7\u30e7\u30f3\u3067\u5bfe\u5fdc\u3059\u308b.
\n12\u884c\u76ee\u306eif\u6587\u4ee5\u4e0b\u306f\u6642\u523b\u306e\u884c\u306e\u51e6\u7406.
\n\u30c7\u30fc\u30bf\u304c\u6709\u308c\u3070\u305d\u308c\u3092ASCII\u3067\u51fa\u529b\u3057,\u305d\u306e\u5f8c\u30c7\u30fc\u30bf\u90e8\u306e\u9577\u3055\u3092length\u306b\u5165\u308c\u308b.
\n\u3061\u306a\u307f\u306b,python\u306e\u51fa\u529b\u3067\u306fprint \u304c\u6539\u884c\u3042\u308a,print ,\u304c\u7a7a\u767d\u3042\u308a\u306b\u306a\u308b\u306e\u3067,\u3053\u3053\u3067\u306fsys.stdout.write()\u3092\u4f7f\u3063\u3066\u3044\u308b.
\n21\u884c\u76ee\u306eelse\u4ee5\u4e0b\u306f\u30c7\u30fc\u30bf\u3092\u6e9c\u3081\u308b\u51e6\u7406\u306b\u306a\u3063\u3066\u3044\u308b.
\n\u5b9f\u969b\u306b\u52d5\u304b\u3057\u3066\u307f\u308b.
\n\u7247\u65b9\u306e\u30bf\u30fc\u30df\u30ca\u30eb\u3067tcpdump\u3092\u5b9f\u884c\u3057\u305f\u5f8c,\u3082\u3046\u7247\u65b9\u306e\u30bf\u30fc\u30df\u30ca\u30eb\u3067telnet\u63a5\u7d9a\u3092\u3059\u308b.
\n\u3061\u306a\u307f\u306b,tcpdump\u3067\u306f-l\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u4ed8\u3051\u308b\u3053\u3068\u3067\u30d0\u30c3\u30d5\u30a1\u30ea\u30f3\u30b0\u3092\u7121\u52b9\u306b\u3057\u3066,\u30d1\u30a4\u30d7\u306e\u5411\u3053\u3046\u306b\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u3067\u30c7\u30fc\u30bf\u3092\u9001\u308b\u3053\u3068\u304c\u3067\u304d\u308b.<\/p>\n
$sudo tcpdump -x -l port telnet | python -u .\/dump.py\ntcpdump: verbose output suppressed, use -v or -vv for full protocol decode\nlistening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes\n#' #'Txterm!Raspbian GNU\/Linux 8\n!raspberrypi login: tteessttiidd\nPassword: testpass\nLogin incorrect\nraspberrypi login:<\/pre>\n
 
\n\u30ad\u30fc\u30dc\u30fc\u30c9\u304b\u3089\u306e\u5165\u529b\u306ftestid\u3068testpass.
\nid\u3067\u6587\u5b57\u306e\u91cd\u8907\u304c\u3042\u308b\u306e\u306f\u30a8\u30b3\u30fc\u30d0\u30c3\u30af\u304c\u3042\u308b\u304b\u3089.
\n\u3053\u308c\u3067,telnet\u3067\u3084\u308a\u3068\u308a\u3059\u308b\u30c7\u30fc\u30bf\u304c\u898b\u308c\u305f.
\n\u7d42\u4e86.<\/p>\n","protected":false},"excerpt":{"rendered":"
n\u756a\u714e\u3058\u306e\u899a\u3048\u66f8\u304d \u3053\u306e\u524d,\u60c5\u5831\u901a\u4fe1\u306e\u6388\u696d\u3067tcpdump\u306b\u3064\u3044\u3066\u89e6\u308c\u305f. \u4f8b\u306e\u3054\u3068\u304f\u30b3\u30de\u30f3\u30c9\u3092\u30b3\u30d4\u30da\u3057\u3066\u51fa\u529b\u7d50\u679c\u3092\u7d19\u306b\u66f8\u304d\u5199\u3059\u4f5c\u696d\u3067,\u3088\u304f\u308f\u304b\u3089\u306a\u304b\u3063\u305f. \u305d\u3053\u3067\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u52c9\u5f37\u3082\u517c\u306d\u3066,tcpdump\u3067telnet […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-42","post","type-post","status-publish","format-standard","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/posts\/42","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/comments?post=42"}],"version-history":[{"count":0,"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/posts\/42\/revisions"}],"wp:attachment":[{"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/media?parent=42"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/categories?post=42"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/p-0.me\/b\/wp-json\/wp\/v2\/tags?post=42"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}