使用 Scapy 提取 TCP 数据
Extracting TCP data with Scapy
我目前正在尝试使用 Scapy 提取 TCP 数据包(只是一个字母)的有效负载,但在处理前两个数据包后它一直给我一个 NoneType 异常。
from scapy.all import *
import base64
capture = rdpcap('Data.pcapng') # pcap file
output = open('output.bin','wb') # save dumped data to output.bin
for packet in capture:
# if packet is ICMP and type is 8 (echo request)
if packet[TCP].src == '172.16.139.128':
output.write(packet[TCP].payload) # write packet data to output.bin
异常:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 372, in __getattr__
fld, v = self.getfield_and_val(attr)
TypeError: cannot unpack non-iterable NoneType object
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "exploit.py", line 10, in <module>
if packet[TCP].src == '172.16.139.128':
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 374, in __getattr__
return self.payload.__getattr__(attr)
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 372, in __getattr__
fld, v = self.getfield_and_val(attr)
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 1600, in getfield_and_val
raise AttributeError(attr)
AttributeError: src
有谁知道这是什么原因造成的?它应该输出更多。
IP 源地址在 IP 负载中,而不是在 TCP 中。因此,错误。因此,如果您要检查数据包是否来自 172.16.139.128 并具有 TCP 负载,则适当的测试将是:
if IP in packet and packet[IP].src == '172.16.139.128' and TCP in packet:
output.write(packet[TCP].payload)
我目前正在尝试使用 Scapy 提取 TCP 数据包(只是一个字母)的有效负载,但在处理前两个数据包后它一直给我一个 NoneType 异常。
from scapy.all import *
import base64
capture = rdpcap('Data.pcapng') # pcap file
output = open('output.bin','wb') # save dumped data to output.bin
for packet in capture:
# if packet is ICMP and type is 8 (echo request)
if packet[TCP].src == '172.16.139.128':
output.write(packet[TCP].payload) # write packet data to output.bin
异常:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 372, in __getattr__
fld, v = self.getfield_and_val(attr)
TypeError: cannot unpack non-iterable NoneType object
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "exploit.py", line 10, in <module>
if packet[TCP].src == '172.16.139.128':
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 374, in __getattr__
return self.payload.__getattr__(attr)
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 372, in __getattr__
fld, v = self.getfield_and_val(attr)
File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/scapy/packet.py", line 1600, in getfield_and_val
raise AttributeError(attr)
AttributeError: src
有谁知道这是什么原因造成的?它应该输出更多。
IP 源地址在 IP 负载中,而不是在 TCP 中。因此,错误。因此,如果您要检查数据包是否来自 172.16.139.128 并具有 TCP 负载,则适当的测试将是:
if IP in packet and packet[IP].src == '172.16.139.128' and TCP in packet:
output.write(packet[TCP].payload)