使用Scapy时,ICMP Ping数据包未生成应答

2024-05-29 07:43:33 发布

您现在位置:Python中文网/ 问答频道 /正文
433 3

我最近开始探索斯卡比。真是个好工具!

我有个问题。。。当我使用Wireshark监视我的网卡,并使用标准ping安装从系统命令提示符执行常规ping时,Wireshark会弹出“ping请求”,然后“ping应答”指示它发送了应答。但当我在Scapy中手动操作时,它不会发送任何回复。。怎么会这样?我花了很多时间想弄清楚这一点,所以我真的希望有人能对我的这个问题有所了解。。。

这是我使用的代码:

>>> from scapy.all import IP, ICMP, send
>>> IP = IP(dst="127.0.0.1")
>>> Ping = ICMP()
>>> send(IP/Ping)

数据包已成功发送,Wireshark显示收到的Ping请求,但未显示它已发送回复。


Tags: 工具ipsend标准系统时间手动ping
2条回答
网友
1楼 · 编辑于 2024-05-29 07:43:33

试试这个

def ping(host, repeat=3):
    packet = IP(dst=host)/ICMP()
    for x in range(repeat):
        response = sr1(packet)
        response.show2()

你的回复存储不正确

网友
2楼 · 编辑于 2024-05-29 07:43:33

这是一个FAQ item

I can't ping 127.0.0.1. Scapy does not work with 127.0.0.1 or on the loopback interface

The loopback interface is a very special interface. Packets going through it are not really assembled and dissassembled. The kernel routes the packet to its destination while it is still stored an internal structure. What you see with tcpdump -i lo is only a fake to make you think everything is normal. The kernel is not aware of what Scapy is doing behind his back, so what you see on the loopback interface is also a fake. Except this one did not come from a local structure. Thus the kernel will never receive it.

In order to speak to local applications, you need to build your packets one layer upper, using a PF_INET/SOCK_RAW socket instead of a PF_PACKET/SOCK_RAW (or its equivalent on other systems that Linux) :

>>> conf.L3socket
<class __main__.L3PacketSocket at 0xb7bdf5fc>
>>> conf.L3socket=L3RawSocket
>>> sr1(IP(dst="127.0.0.1")/ICMP())
<IP  version=4L ihl=5L tos=0x0 len=28 id=40953 flags= frag=0L ttl=64 proto=ICMP chksum=0xdce5 src=127.0.0.1 dst=127.0.0.1 options='' |<ICMP  type=echo-reply code=0 chksum=0xffff id=0x0 seq=0x0 |>>

相关问题 更多 >

    编程相关推荐

    热门问题