scapy

问题 I am working on a network tool that I write in python using scapy. As IDE I am using Pycharm. My Code works. So if I run it, everything works just as intended. My problem is that PyCharm is giving me some errors. It marks every use of IP , TCP , Ether , ... as Undefined Reference to ... The relevant parts of my Code look like this #!/usr/bin/env python from scapy.all import * ... ... syn = IP(src=src_ip, dst=dst_ip) / TCP(sport=src_port, dport=dst_port, seq=src_seq, flags="S") ... I tried

问题 I saw this code in github. I dont uderstand why packet.payload.proto == 17 is UDP and packet.payload.proto ==6 TCP. packets = scapy.all.rdpcap('data/dns.cap') for packet in packets: print('----------') print('src_mac: {0}'.format(packet.src)) print('dst_mac: {0}'.format(packet.dst)) ip = packet.payload print('src_ip: {0}'.format(ip.src)) print('dst_ip: {0}'.format(ip.dst)) if ip.proto == 17: udp = ip.payload print('udp_sport: {0}'.format(udp.sport)) print('udp_dport: {0}'.format(udp.dport))

问题 Import scapy version 2.4.0. I am only using version 2.4.0 for my project import scapy.all as scapy import sys by using IP address this function return related MAC address of the target def get_mac(ip): arp_request = scapy.ARP(pdst=ip) broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") arp_request_broadcast = broadcast/arp_request answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0] return answered_list[0][1].hwsrc def sniff(interface): scapy.sniff(iface=interface, store

问题 I have created forged destination unreachable ICMP with type 3 and code 4 (fragmentation needed and DF bit is set). My setup has Server, Client, and a switch between them. Ideally this ICMP gets generated by router/gateway but I'm generating this at client. I'm creating this ICMP using Scapy tool. Here is how I'm creating: ip = IP() icmp = ICMP() # IP Packet sent to client ip.dst = ip_server ip.src = ip_client ip.protocol = 1 #shows that ip header contains icmp as data # icmp type 3 + code 4

问题 I'm trying to match data packets with the ICMP time-exceeded packets they triggered. Therefore, I'm comparing 28-byte-long strings of each data packet (IP header + 8B of payload) with all (28-byte-long) ICMP payloads. I'm having problems when I'm sending duplicate TCP packets: >>> p1 <IP version=4L ihl=5L tos=0x0 len=60 id=0 flags=DF frag=0L ttl=1 proto=tcp chksum=0x7093 src=XXX dst=YYY options=[] |<TCP sport=10743 dport=37901 seq=2939035442L ack=2703569003L dataofs=10L reserved=0L flags=SA

问题 I was wondering if it was possible to send CTS frames in python3 with modules such as scapy. If not, how would I do it with the sockets module? Thanks in advance. 回答1: I can't say for scapy, but CTS frames and 802.11 in general seems to be too deep for the python socket module. This is OSI Level 2, while socket have limited capabilities below OSI Level 3. Some possible starting points are: People already tried to work with 802.11 via sockets. You may try to modify this code for Ethernet

问题 I don't know if this is possible but I am wondering? I am doing some internal pentesting and using Scapy and Netcat, and I created a TCP packet with the payload "testing". I want to get the payload content piped into Netcat's listening port, using this example code: test = IP(src="192.168.4.134")/TCP(dport=1234)/"testing" send(test) but all that ever prints is: . Sent 1 packets Which is what Scapy spits out after its sent the packet. I've been trying to figure out what I need to use in my

问题 I am adding a new protocol to Scapy and I am having difficulties with a concrete field. This field specifies the length of a package payload. The field can be 1, 2, 3 or 4 bytes long depending on the length of the payload. Additionally, it is encoded. The way I found to determine if the size of the field is 1, 2, 3 or 4 bytes, is taking the first byte of the value and if it is less than 127 the field is represented by 1 byte, if it is more than 127 and less than x it is represented by 2 bytes

问题 i wonder which hexdump() scapy uses, since i would like to modify it, but i simply cant find anything. what i DO find is: def hexdump(self, lfilter=None): for i in range(len(self.res)): p = self._elt2pkt(self.res[i]) if lfilter is not None and not lfilter(p): continue print "%s %s %s" % (conf.color_theme.id(i,"%04i"), p.sprintf("%.time%"), self._elt2sum(self.res[i])) hexdump(p) but that simply is an alternative for pkt.hexdump() , which does a pkt.summary() with a following hexdump(pkt) could

问题 I have a packet dump and want to inject a vlan tag (802.1q header) to the packets. How to do that? 回答1: To find the answer, I had a look at Scapy: Inserting a new layer and logging issues, which is really helpful, but contains some cruft. My solution for adding a layer, based on the referenced question (add-dot1q_pcap.py): import sys from scapy.all import rdpcap, wrpcap, NoPayload, Ether, Dot1Q # read all packets into buffer # WARNING works only for small files packets = [] for packet in