风酥糖

fetasty

0%

scapy 简单使用

发表于 分类于 阅读次数: Valine:

Scapy 是一个强大的数据包处理工具,可以轻松的按照层次构建网络包, 比如这样

1
packet = Ether()/IP(dst="192.168.0.1")/TCP(dport=80)/b'data'

可以轻松的获取某一层的内容

1
2
3
4
5
6
7
8
if packet.haslayer(Ether):
    packet.getlayer(Ether).show()

if packet.haslayer(Raw):
    packet.getlayer(Raw).show()

packet.original # 包的原始二进制bytes
packet.getlayer(TCP).original # 获取包的TCP层的二进制bytes

可以读取 wireshark 的捕获文件

1
2
3
4
packets = rdpcap('wireshark_capture.pcap')
for packet in packets:
    # pass
packets[0].payload.show()

可以在第 2 层或者第 3 层发送数据包, 分别使用 sendp 或者 send

也可以使用 scapy 来重播 wireshark 捕获的包

1
pip install scapy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
from scapy.all import *
import socket

# 创建TCP服务器
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_socket.bind(('192.168.10.225', 8555))
server_socket.listen(1)

print("服务器已启动,等待客户端连接...")

# 接受客户端连接
client_socket, client_address = server_socket.accept()
print("客户端已连接:", client_address)

# 网口
select_iface = None

print('-' * 10)
for inter in conf.ifaces:
    iface: NetworkInterface = conf.ifaces[inter]
    print(iface.name, iface.network_name)
    if iface.name == '环回测试':
        select_iface = iface
        print(iface.ips)
        print('192.168.1.2' in iface.ips[4]) # 也可以以这个作为判断条件, 寻找正确的网口

# 读取pcap文件
packets: PacketList = rdpcap('225to121_targets.pcapng')

for packet in packets:
    p: Packet = packet
    if p.haslayer(Raw):
        # 重播数据包
        raw_layer = p.getlayer(Raw)
        sendp(raw_layer.original, inter=0.5, socket=client_socket)
        print(f"send: {raw_layer.original.hex()}")

# 关闭连接
client_socket.close()
server_socket.close()