如何提取 Scapy 中的原始负载?
How extract out the raw load in Scapy?
有什么方法可以提取通过原始套接字解析的 Scapy 原始负载吗?我可以通过指定 ip[scapy.IP] 和 ip[scapy.TCP] 而不是原始负载来提取 TCP 和 IP header。
当我尝试通过指定 ip[raw.load] 提取原始负载时,它给我一个错误,提示未找到原始层。
This is an image of the raw load that I want to extract out
import sys
import socket
from scapy.all import *
#from scapy import all as scapy
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
while 1:
packet = s.recvfrom(2000);
packet = packet[0]
ip = IP(packet)
print(ip.show())
#print(str(ip[IP]))
#print(ip[scapy.IP].src)
#print(ip[scapy.Raw].load)
我可以使用这段代码在 Scapy TCP header 中提取源端口号。
import sys
import socket
from scapy.all import *
#from scapy import all as scapy
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
while 1:
packet = s.recvfrom(2000);
packet = packet[0]
ip = IP(packet)
print(ip[TCP].sport)
这是我的做法。注释代表您的代码。我还写了如何使用 scapy 的套接字完成它(跨平台,例如 SOCK_RAW 不适用于 Windows)
from scapy.all import *
# import socket
#s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
s = conf.L3Socket(filter=“tcp”)
# The use of `filter=“tcp”` requires libpcap.
# If you want to do it without it, you can also not set it and use `if TCP in packet:`
while True:
#packet = s.recvfrom(2000);
#packet = packet[0]
#packet = IP(packet)
packet = s.recv()
# You don’t have a Raw in every received packet !
if Raw in packet:
load = packet[Raw].load
有什么方法可以提取通过原始套接字解析的 Scapy 原始负载吗?我可以通过指定 ip[scapy.IP] 和 ip[scapy.TCP] 而不是原始负载来提取 TCP 和 IP header。
当我尝试通过指定 ip[raw.load] 提取原始负载时,它给我一个错误,提示未找到原始层。
This is an image of the raw load that I want to extract out
import sys
import socket
from scapy.all import *
#from scapy import all as scapy
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
while 1:
packet = s.recvfrom(2000);
packet = packet[0]
ip = IP(packet)
print(ip.show())
#print(str(ip[IP]))
#print(ip[scapy.IP].src)
#print(ip[scapy.Raw].load)
我可以使用这段代码在 Scapy TCP header 中提取源端口号。
import sys
import socket
from scapy.all import *
#from scapy import all as scapy
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
while 1:
packet = s.recvfrom(2000);
packet = packet[0]
ip = IP(packet)
print(ip[TCP].sport)
这是我的做法。注释代表您的代码。我还写了如何使用 scapy 的套接字完成它(跨平台,例如 SOCK_RAW 不适用于 Windows)
from scapy.all import *
# import socket
#s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
s = conf.L3Socket(filter=“tcp”)
# The use of `filter=“tcp”` requires libpcap.
# If you want to do it without it, you can also not set it and use `if TCP in packet:`
while True:
#packet = s.recvfrom(2000);
#packet = packet[0]
#packet = IP(packet)
packet = s.recv()
# You don’t have a Raw in every received packet !
if Raw in packet:
load = packet[Raw].load