python scapy学习笔记
- 2020 年 1 月 9 日
- 笔记
1. ubuntu下安装gnuplot 转自:http://blog.163.com/gz_ricky/blog/static/182049118201362501316961/
2.安装PyX sudo pip install pyx==0.12.1 3.安装scapy pip install scapy 二.SCAPY 参考文档 http://www.secdev.org/projects/scapy/doc/usage.html 主要函数: send,sendp, sr,sr1 , sniff, rdpcap, make_table, sr(IP(dst="192.168.1.1")/TCP(sport=RandShort(),dport=[440,441,442,443],flags="S")) ans,unans = sr(IP(dst=["192.168.1.1","yahoo.com","slashdot.org"])/TCP(dport=[22,80,443],flags="S")) ans.summay, ans.filter, a=rdpcap("/spare/captures/isakmp.cap") sniff(iface="wifi0", filter='icmp and host 1.1.1.1',prn=lambda x: x.summary()) #x.show pkts = sniff(prn=lambda x:x.sprintf("{IP:%IP.src% -> %IP.dst%n}{Raw:%Raw.load%n}")) p = sniff(iface="wifi0", filter='tcp and host 1.1.1.1',count=1) p.show() p[0] p[0].src , p[0].dst,
sniff 如何抓取vlan:
>>> conf.use_pcap = True #步骤1 >>> import scapy.arch.pcapdnet #步骤2 >>> conf.L2listen <L2pcapListenSocket: read packets at layer 2 using libpcap> #确认此处为libpcap >>> p = sniff(iface='eth0',count=2,filter='udp',timeout=10) WARNING: __del__: don't know how to close the file descriptor. Bugs ahead ! Please report this bug. #报错原因未知 >>> >>> p[0] #结果如下,抓到vlan 100 <Ether dst=00:d0:f8:00:00:01 src=00:d0:f8:00:00:02 type=0x8100 |<Dot1Q prio=3L id=0L vlan=100L type=0x800 |<IP version=4L ihl=5L tos=0x42 len=136 id=0 flags= frag=0L ttl=64 proto=udp chksum=0xf712 src=192.168.1.102 dst=192.1.1.1 options=[] |<UDP sport=12 dport=457 len=116 chksum=0xff87 |<Raw load='x00p8xbcPx00x00x003cx00x00x00x00x00x00x00x00xbex08x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00' |>>>>>
