scapy

问题 I'm trying to specify a new packet format using scapy . In the packet there is a list of items, and items consist of "grouped fields". By "grouped fields" I mean a sub-sequence of fields of different types. The only way of making "grouped fields" that I know of in scapy is by using Packet class and using FieldLenField / PacketListField to reference the length of the sequence and the type of list members. Is that the way to go? Something that looks like this: from scapy.packet import Packet

问题 In Scapy, I want to compare a number of header fields between any two packets a and b . This list of fields is predefined, say: fieldsToCompare = ['tos', 'id', 'len', 'proto'] #IP header Normally I would do it individually: if a[IP].tos == b[IP].tos: ... do stuff... Is there any way to access those packet fields from a list of strings including what each one of them is called? Like: for field in fieldsToCompare: if a[IP].field == b[IP].field: ... do stuff... 回答1: You can use getattr(). These

问题 I'm trying to run a python script that involves scapy but I can't seem to get it to run. I keep getting this error ImportError: No module named pcapy The script I'm trying to run is: from scapy.all import * def arp_display(pkt): if pkt[ARP].op == 1: #who-has (request) if pkt[ARP].psrc == '0.0.0.0': # ARP Probe print "ARP Probe from: " + pkt[ARP].hwsrc print sniff(prn=arp_display, filter="arp", store=0, count=10) I've installed XCode, XQuartz, Python, and Scapy using macports Please let me

问题 I'm trying to run a python script that involves scapy but I can't seem to get it to run. I keep getting this error ImportError: No module named pcapy The script I'm trying to run is: from scapy.all import * def arp_display(pkt): if pkt[ARP].op == 1: #who-has (request) if pkt[ARP].psrc == '0.0.0.0': # ARP Probe print "ARP Probe from: " + pkt[ARP].hwsrc print sniff(prn=arp_display, filter="arp", store=0, count=10) I've installed XCode, XQuartz, Python, and Scapy using macports Please let me

问题 I'm trying to run a python script that involves scapy but I can't seem to get it to run. I keep getting this error ImportError: No module named pcapy The script I'm trying to run is: from scapy.all import * def arp_display(pkt): if pkt[ARP].op == 1: #who-has (request) if pkt[ARP].psrc == '0.0.0.0': # ARP Probe print "ARP Probe from: " + pkt[ARP].hwsrc print sniff(prn=arp_display, filter="arp", store=0, count=10) I've installed XCode, XQuartz, Python, and Scapy using macports Please let me

问题 I'm injecting ICMP "Fragmentation needed, DF bit set" into the server and ideally server should start sending packets with the size mentioned in the field 'next-hop MTU' in ICMP. But this is not working. Here is the server code: #!/usr/bin/env python import socket # Import socket module import time import os range= [1,2,3,4,5,6,7,8,9] s = socket.socket() # Create a socket object host = '192.168.0.17' # Get local machine name port = 12349 # Reserve a port for your service. s.setsockopt(socket

问题 I'm trying to get RSSI or signal strength from WiFi packets. I want also RSSI from 'WiFi probe requests' (when somebody is searching for a WiFi hotspots). I managed to see it from kismet logs but that was only to make sure it is possible - I don't want to use kismet all the time. For 'full time scanning' I'm using scapy. Does anybody know where can I find the RSSI or signal strength (in dBm) from the packets sniffed with scapy? I don't know how is the whole packet built - and there are a lot

问题 I want to sniff ssh connection to any pc on my network. I have scapy on my router and I would like to get a sniff result whenever someone connect to any of my pc in my network using ssh. This what I did by I have no result. #!/usr/bin/python from scapy.all import * def sniffSSHRequest(): sniff(iface='eth0', filter="tcp and host 192.168.1.2 and port 22", count=1) sniffSSHRequest() Note that all my pc can ping the router and they can also ping each other. The question is why don't I get a sniff

问题 I installed scapy via MacPorts as recommended here in the official scapy documentation: http://www.secdev.org/projects/scapy/doc/installation.html#mac-os-x It works just fine when I run scapy from the command-line. However now I can't seem to import scapy into the Python interpreter or in a python script, here's the error. Python 2.7.3 (default, Jan 31 2013, 22:54:33) [GCC 4.2.1 Compatible Apple Clang 4.1 ((tags/Apple/clang-421.11.66))] on darwin Type "help", "copyright", "credits" or

问题 When sniffing packets with scapy I can save them to a variable sniffed = sniff(count=1) Now I would like to see what's inside the packet by doing print sniffed or print str(sniffed) but all this gives me is something like the following: ������0� E4h@@����������� l�� which isn't quite what I need. So how can I convert a sniffed packet into human readable Binary, or an array of Bytes or something more useful so that I can see what's inside? I have already tried using struct.unpack(format,