scapy

Altering packets on the fly with scapy as a MITM

╄→尐↘猪︶ㄣ 提交于 2019-12-07 16:10:53
问题 Assuming I managed to be in the middle of the communication between a client and a server (let's say that I open up a hotspot and cause the client to connect to the server only through my machine). How can I alter packets that my client sends and receives without interrupting my own communication with other services? There must be a way to route all of the packets the client both sends and is about to receive (before forwarding them to him) through my script. I think that the correct

DNSRR iteration

♀尐吖头ヾ 提交于 2019-12-07 05:29:53
问题 If I send a DNSQR for www.google.com using sr1 I get several DNSRR(s) in reply, such as (done using ans[DNSRR].show() ): ###[ DNS Resource Record ]### rrname= 'www.google.com.' type= A rclass= IN ttl= 294 rdlen= 4 rdata= '173.194.35.176' ###[ DNS Resource Record ]### rrname= 'www.google.com.' type= A rclass= IN ttl= 294 rdlen= 4 rdata= '173.194.35.178' ###[ DNS Resource Record ]### .... Is there a neat way to iterate over those DNSRR(s)? As is I use regex and the following code: def get_ip

Angle brackets in Python [duplicate]

↘锁芯ラ 提交于 2019-12-07 04:50:17
问题 This question already has answers here : Difference between __str__ and __repr__? (22 answers) Closed 3 years ago . I want to craft packets using scapy. When looking through the IP() class members I came across the following code idiom: 'fieldtype': { 'frag': <Field (IP,IPerror).frag>, 'src': <Field (IP,IPerror).src>, 'proto': <Field (IP,IPerror).proto>, 'tos': <Field (IP,IPerror).tos>, 'dst': <Field (IP,IPerror).dst>, 'chksum': <Field (IP,IPerror).chksum>, 'len': <Field (IP,IPerror).len>,

Scapy and rdpcap function

醉酒当歌 提交于 2019-12-07 02:30:15
问题 I'm using rdpcap function of Scapy to read a PCAP file. I also use the module described in a link to HTTP support in Scapy which is needed in my case, as I have to retrieve all the HTTP requests and responses and their related packets. I noticed that parsing a large PCAP file the rdpcap function takes too much time to read it. Is there a solution to read a pcap file faster? 回答1: Scapy has another method sniff which you can use to read the pcap files too: def method_filter_HTTP(pkt): #Your

How to pickle a scapy packet?

[亡魂溺海] 提交于 2019-12-06 18:55:22
问题 I need to pickle a scapy packet. Most of the time this works, but sometimes the pickler complains about a function object. As a rule of thumb: ARP packets pickle fine. Some UDP packets are problematic. 回答1: My solution (as inspired by the scapy mailing list) is as follows: class PicklablePacket: """A container for scapy packets that can be pickled (in contrast to scapy packets themselves).""" def __init__(self, pkt): self.contents = bytes(pkt) self.time = pkt.time def __call__(self): """Get

Scapy fails to send ipv6 packets

半城伤御伤魂 提交于 2019-12-06 14:03:16
Hello everyone i am new here so please be kind. I have been using scapy lately in order to send and recieve ipv6 packets to selected ipv6 enabled servers. The gist of the code is here: text = line[:-1] #destination=getIPv6Addr(line[:-1]) destination="2607:f1c0:1000:60e0:7992:97f7:61b2:2814" source="2001:630:d0:f105:5cfe:e988:421a:a7b7" syn = IPv6(dst=destination,src=source) / TCP(sport=555,dport=80,flags="S")#flag S is syn packet syn.show() syn_ack = sr1(syn,timeout=11) When i execute the code hoever this is what i get: Begin emission: Finished to send 1 packets. .................WARNING: No

SCAPY PYTHON - Get 802.11 DS Status

大憨熊 提交于 2019-12-06 14:00:59
问题 I'm trying to use SCAPY to create a sniffing program to demonstrate 802.11 device association[s] and roles within an 802.11 network. SCAPY has simple functions to identify Beacon frames, probe requests and probe responses. I'm trying to dig a bit deeper than that and do my own evaluation based upon the DS status to show all other traffic association[s]. What I cannot do it determine how to get the value of the DS status (00, 01,10,11). If determined, then I can handle the frame accordingly to

How can I edit a js file sent by the server before it gets to my browser?

*爱你&永不变心* 提交于 2019-12-06 11:07:41
During a normal browsing session I want to edit a specific javascript file before the browser receives since once it gets there it's impossible to edit. Is there are any tool for this? For what I need it I can't just save it and edit it on my disk. I'm ready to learn how to program it myself but if anyone can point out more or less what I have to do I'd be very grateful. I'd have to intercept the packets until I have the whole file while blocking the browser from receiving it any part of it, then edit it manually and forward it to the same port. I don't think I can do this by just using pcap,

How to sniff all packets on python when scapy and pypcap have serious loss?

时光毁灭记忆、已成空白 提交于 2019-12-06 09:56:54
问题 I tried to sniff packets on Win10 using python. However, i find a lot of packets are actually dropped by scapy. For example, I download a file of 2 MB from ftp, the wiresharks captures nearly 2000 packets and the scapy only captures 500. I have tried pypcap and the result is almost the same, more than half of the packets are dropped, especially on downloading. Is there a solution to avoid such loss and make scapy perform the same as wireshark, or there is no library on python capable of

scapy: error sending packets

那年仲夏 提交于 2019-12-06 08:59:48
I am new to scapy and I am following some online tutorial, but I am stuck at this problem. I am able to send packets through a wired connection but when I try this with wireless, I face this error. I tried searching google but it was of no help. I hope to find a solution. Thanks in advance. I am using windows 8.1, python 2.7 >>> p=IP(dst="192.168.1.1")/ICMP() >>> sr1(p) Begin emission: ERROR: --- Error sending packets Traceback (most recent call last): File "c:\Python27\lib\site-packages\scapy\arch\windows\__init__.py", line 374, in sndrcv pks.send(p) File "c:\Python27\lib\site-packages\scapy
订阅 scapy