如何使用Scapy在保存的PCAP文件中读取TCP协议数据?
读取PCAP文件
from scapy.all import *
logfile = rdpcap('./Pcap/112400.pcap')
print(logfile)
我正在尝试使用Scapy输出
pcap: TCP:0 UDP:0 ICMP:0 Other:313
时,当我在Wireshark中打开同一文件时,我可以在协议列TCP下看到&在以下数据存在的信息列中,
`309 14:48:49.054000 2409:4040:f11:6385::fca:8000 2405:200:1601:c6e2:49:40:6:206 TCP [TCP Keep-Alive ACK] 59275 → 1883 [ACK] Seq=329 Ack=9 Win=23032 Len=0
存在如何使用SCAPY PLZ指南捕获此信息?
I am trying to read a Pcap file using scapy
from scapy.all import *
logfile = rdpcap('./Pcap/112400.pcap')
print(logfile)
output
pcap: TCP:0 UDP:0 ICMP:0 Other:313
Now when I open the same file in wireshark I can see under protocol column TCP is present & under info column below data is present
`309 14:48:49.054000 2409:4040:f11:6385::fca:8000 2405:200:1601:c6e2:49:40:6:206 TCP [TCP Keep-Alive ACK] 59275 → 1883 [ACK] Seq=329 Ack=9 Win=23032 Len=0
How can I capture this info using scapy plz guide ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您想要的是创建一个列表,您可以在其中进一步处理单个数据包。
Scapy具有许多内置的功能。
scapy配方
希望它对和好运有助于和好运。
如果您有混合的协议,那么这可能有助于过滤您的AR寻找内容,并进一步用作如何访问数据包详细信息的示例。
It may be that what you want is to create a list where you can further process the individual packets.
Scapy has alot of capabilities built in. Odds are whatever you are trying to do its built in.
Scapy recipes
Hope it helps and best of luck.
If you have mixed protocols then this may help with filtering what you ar looking for and further serve as an example of how to access packet details.