如何进入一个定制的地方

2024-06-11 10:43:49 发布

您现在位置:Python中文网/ 问答频道 /正文
1635 3

我想知道如何在Scapy中添加一个定制的解剖器。我使用的是python3.4和Scapy3,如果这对结果有任何影响的话。在

我上了一堂愚蠢的课分组显示2()命令正确呈现嵌套数据包。但是我不能访问新图层字段值。在

可怕的类和绑定层紧随其后。。。在

from scapy.all import *
#Create simple Class
class DUMBO(Packet):
    fields_desc = [
        ShortField('ears',0),
        ShortField('legs',0),
        ShortField('trunk',0)
    ]
#Inform TCP that ports 9898 are this protocol
bind_layers(TCP, DUMBO, sport=9898, dport=9898)

我做了一个这样的包

^{pr2}$

看看我用ls-yields创建的包

version    : BitField             = 4               (4)
ihl        : BitField             = None            (None)
tos        : XByteField           = 0               (0)
len        : ShortField           = None            (None)
id         : ShortField           = 1               (1)
flags      : FlagsField           = 0               (0)
frag       : BitField             = 0               (0)
ttl        : ByteField            = 64              (64)
proto      : ByteEnumField        = 6               (0)
chksum     : XShortField          = None            (None)
src        : Emph                 = '127.0.0.1'     (None)
dst        : Emph                 = '127.0.0.1'     ('127.0.0.1')
options    : PacketListField      = []              ([])
--
sport      : ShortEnumField       = 9898            (20)
dport      : ShortEnumField       = 9898            (80)
seq        : IntField             = 0               (0)
ack        : IntField             = 0               (0)
dataofs    : BitField             = None            (None)
reserved   : BitField             = 0               (0)
flags      : FlagsField           = 2               (2)
window     : ShortField           = 8192            (8192)
chksum     : XShortField          = None            (None)
urgptr     : ShortField           = 0               (0)
options    : TCPOptionsField      = {}              ({})
--
load       : StrField             = b'\x00\x02\x00\x04\x00\x01' (b'')

用Show2显示它看起来很好

pack.show2()


###[ IP ]###
  version   = 4
  ihl       = 5
  tos       = 0x0
  len       = 46
  id        = 1
  flags     = 
  frag      = 0
  ttl       = 64
  proto     = tcp
  chksum    = 0x7cc7
  src       = 127.0.0.1
  dst       = 127.0.0.1
  \options   \
###[ TCP ]###
     sport     = monkeycom
     dport     = monkeycom
     seq       = 0
     ack       = 0
     dataofs   = 5
     reserved  = 0
     flags     = S
     window    = 8192
     chksum    = 0x447f
     urgptr    = 0
     options   = []
###[ DUMBO ]###
        ears      = 2
        legs      = 4
        trunk     = 1

现在我想访问DUMBO层字段

但是 打包[小飞象]。耳朵

不正确-当数据包显示为打包展示()仍将有效负载作为原始负载。。。。在

我错过了什么??在


Tags: none数据包tcpoptionsflagstrunkx00bitfield
1条回答
网友
1楼 · 发布于 2024-06-11 10:43:49

好吧-这是我的解决方案。。。。在

    pack=IP()/TCP(sport=19898, dport=19898)/Raw(load=b'\x00\x02\x00\x04\x00\x01')

    #Cast this packet back
    pack=IP(bytes(pack))
    pack.show2()
    pack.show()
    if DUMBO in pack:
        print('Elephant in the house')
        print('Ears -> {}'.format(pack[DUMBO].ears))

如果有人能改进这一点,我很高兴看到解决办法。在

相关问题 更多 >

    编程相关推荐