scapy

问题 I just want to do - from scapy import * target = "42.42.42.42" packet = IP()/UDP() packet.dst = target del pak[IP].chksum del pak[TCP].chksum pak.show2() But "IP()" and "UDP()" are not defined. If I use scapy.all it hands me this; Traceback (most recent call last): File "C:\Python27\scapy_stuff.py", line 1, in <module> import scapy.all File "C:\Python25\Lib\site-packages\scapy\all.py", line 13, in <module> from arch import * File "C:\Python25\lib\site-packages\scapy\arch\__init__.py", line 75

问题 I am trying to craft and manipulate some http packets with scapy and python 3. I have been unable to get http layer support to work. I am using PyCharm for package management. I am on a Kali Linux virtual box. I have installed different version of scapy through PyCharm to no avail. from scapy.all import * explore(scapy.layers.http) I would expect the results shown in the documentation (https://scapy.readthedocs.io/en/latest/layers/http.html) but alas all I get is the following error message.

问题 I am extracting SSL/TLS certificate fields from serverhello packet using scapy-ssl_tls library which I installed using pip. The problem is, I'm not able to figure out a way to extract values from ASN1 encoded fields: sign_algo2: <ASN1_OID['.1.2.840.113549.1.1.11']> sa2_value: <ASN1_NULL[0L]> not_before: <ASN1_UTC_TIME['170321131500Z']> not_after: <ASN1_UTC_TIME['200321131500Z']> pubkey_algo: <ASN1_OID['.1.2.840.113549.1.1.1']> version: <ASN1_INTEGER[2L]> sn: <ASN1_INTEGER[6348220899422160075L

问题 I am trying to understand the difference between PacketListField and FieldListField. Can someone let me know how to use them when adding new protocols. I am also not clear about the StrLenField, FieldLenField and PacketLenField. I am trying to craft a BGP Update message so that I can understand how it works. I see this is how the BGPUpdate message has been defined. When I try to craft the BGP packet I am not sure how to pass the values for Withdrawn Routes field and also nlri field. I am also

问题 Really simple code that just fires one pcap (packet) using scapy, If I just want to do simple cgi-bin POSTS to myself to run a set of 10 easy tests why is this just kicking back as text (rather than a website). If I comment out the line sendp(a, iface="em1") Then the below code actually generates the website fine... but it won't actually send the packet, I imagine this is something with stdout.... suggestions are welcome! #!/usr/local/bin/python from scapy.all import * #import v6tester_main

问题 I've constructed a packet with scapy : a=IP(dst='192.168.0.1',proto=1)/'\x08\x00\xf7\xff\x00\x00\x00\x00' I run: send(a) Wireshark shows me that there is a ping request and ping response from 192.168.0.1 No warnings, all fields are correct But when I try: b=sr1(a) Then Scapy can't get an answer (Wireshark shows me again that there is request and reply) What can I do with it? 回答1: The problem is that scapy doesn't know how to recognize the response because you are honestly building an ICMP

问题 I am attempting to insert GRErouting layer in between GRE and IP using Scapy. The pcap I am reading contains a single packet stacked as follows: Ethernet/IPv4/GRE/IPv4/ICMP. What I see is that getLayer returns the current layer + its payload, which may include other layers, and that's not good for me. I would like to only get the current layer. When I do getLayer for each layer, and then write the entire array I get a strange pcap because of the additional payload that each layer has over it.

问题 I recently began to use the scapy library for Python 2.x I found there to be minimal documentation on the sniff() function. I began to play around with it and found that I can veiw TCP packets at a very low level. So far I have only found informational data. For example: Here is what I put in the scapy terminal: A = sniff(filter="tcp and host 216.58.193.78", count=2) This is a request to google.com asking for the homepage: <Ether dst=e8:de:27:55:17:f3 src=00:24:1d:20:a6:1b type=0x800 |<IP

问题 I'm testing the security infrastructure on my server, running an application that accepts UDP traffic on port 7777. In order to do that, I want to send UDP packets to query for information about the application, but using a spoofed IP source. Here is the packet I'm trying to send: https://i.stack.imgur.com/kmUPx.png I've tried doing this with scapy, but it looks like the packet is not received on the other side, where I have tcpdump listening for UDP packets on port 7777. This is the code I

问题 I'm missing something while setting eth_boundary option. >>> eth_boundary=14 >>> pkt=e/i >>> len(e) 14 >>> len(i) 20 >>> >>> pkt.show() ###[ Raw ]### load= '\x00\xa0\xa1\x12\xc2\xc1\x001H\xcd\xe8\x5c\x08\x00E\x00\x00\x11\x00\x01\x00\x00@\x00P\xe2\x11\x01\x01\x02\x14\x01\x01\x01' >>> pkt[eth_boundary:] Traceback (most recent call last): File "/usr/lib/python3.5/code.py", line 91, in runcode exec(code, self.locals) File "<console>", line 1, in <module> File "/home/regress/scapy/scapy/packet.py"