a code
1. Simulate the server code
import sys import socket import threading #Reply message, return as is def replyMessage(conn): while True: data = conn.recv(1024) conn.send(data) if data.decode().lower() == 'bye': break conn.close() def main(): sockScr = socket.socket (socket.AF_INET, socket.SOCK_STREAM) sockScr.bind(('', port)) sockScr.listen(200) while True: try: conn, addr = sockScr.accept() #Only allow specific hosts to access this server if addr[0] != onlyYou: conn.close() continue #Create and start the thread t = threading.Thread(target=replyMessage, args=(conn,)) t.start() except: print('error') if __name__ == '__main__': try: #Get command line parameters port = int(sys.argv[1]) onlyYou = sys.argv[2] main() except: print('Must give me a number as port')
2. Simulate proxy server code
import sys import socket import threading def middle(conn, addr): #Server-oriented Socket sockDst = socket.socket (socket.AF_INET, socket.SOCK_STREAM) sockDst.connect((ipServer,portServer)) while True: data = conn.recv(1024).decode() print('Received client message: '+data) if data == 'don't send to server': conn.send('The message has been filtered by the proxy server'.encode()) print('The message has been filtered') elif data.lower() == 'bye': print(str(addr)+'client closes connection') break else: sockDst.send(data.encode()) print('Forwarded server') data_fromServer = sockDst.recv(1024).decode() print('Received a message from the server: '+data_fromServer) if data_fromServer == '不要发给客户端': conn.send('该消息已被代理服务器修改'.encode()) print('消息已被篡改') else: conn.send(b'Server reply:'+data_fromServer.encode()) print('已转发服务器消息给客户端') conn.close() sockDst.close() def main(): sockScr = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sockScr.bind(('', portScr)) sockScr.listen(200) print('代理已启动') while True: try: conn, addr = sockScr.accept() t = threading.Thread(target=middle, args=(conn, addr)) t.start() print('新客户:'+str(addr)) except: pass if __name__ == '__main__': try: #(本机IP地址,portScr)<==>(ipServer,portServer) #代理服务器监听端口 portScr = int(sys.argv[1]) #服务器IP地址与端口号 ipServer = sys.argv[2] portServer = int(sys.argv[3]) main() except: print('Sth error')
3、模拟客户端代码
import sys import socket def main(): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect((ip, port)) while True: data = input('What do you want to ask:') sock.send(data.encode()) print(sock.recv(1024).decode()) if data.lower() == 'bye': break sock.close() if __name__ == '__main__': try: #代理服务器的IP地址和端口号 ip = sys.argv[1] port = int(sys.argv[2]) main() except: print('Sth error')
二 运行结果
三 运行说明
从结果可以看出,代理服务器代码能够对客户端和服务器之间的内容进行记录,也能够修改双方通信内容,这样实际存在潜在危险。只要代理服务想这样做,客户在网络上的通信就没有什么隐私可言了,因此如果涉及金钱交易,最好不要使用代理服务器。