问题描述
用scapy嗅探数据包时,我可以将它们保存为变量
When sniffing packets with scapy I can save them to a variable
sniffed = sniff(count=1)
现在我想通过操作查看包中的内容
Now I would like to see what's inside the packet by doing
print sniffed
或
print str(sniffed)
但这一切给了我类似以下的东西:
but all this gives me is something like the following:
������0� E4h@@����������� l��
这不是我所需要的.那么,如何将嗅探到的数据包转换为人类可读的Binary或字节数组或更有用的内容,以便可以看到其中的内容?我已经尝试过将struct.unpack(format, packet)与"!B"之类的格式一起使用,但这似乎不是正确的解决方案,因为数据包的长度可能超过一个字节,一个Short或一个Int.
which isn't quite what I need. So how can I convert a sniffed packet into human readable Binary, or an array of Bytes or something more useful so that I can see what's inside? I have already tried using struct.unpack(format, packet) with formats like "!B", but that does not seem to be the right solution, because the packet can be longer than one Byte or a Short or an Int.
我正在尝试的示例
>>> packet = sniff(count=1)[0]
>>> hexdump(packet)
0000 00 50 56 8E 00 0D 14 CC 20 16 E7 59 08 00 45 00 .PV..... ..Y..E.
0010 00 34 6B AB 40 00 40 06 C6 48 AC 11 8A E2 68 10 .4k.@[email protected].
0020 69 CC B5 47 00 50 E9 85 17 B0 BA EF 29 B2 80 10 i..G.P......)...
0030 01 DD 8D 58 00 00 01 01 08 0A 00 0E A2 C0 03 5D ...X...........]
0040 9D 1C
>>> packetByteArray = bytearray(repr(str(packet)))
>>> hex(packetByteArray[0])
'0x27'
>>>
但是在hexdump中,我可以看到第一个字节实际上是0x00而不是0x27
But in the hexdump I can see that the first Byte is actually 0x00 and not 0x27
推荐答案
您可能正在搜索时髦的Hexdump(pkt)或hexraw(pkt)或repr(str(pkt))用于字符串编码的输出.请注意,嗅探将返回一个列表,而不是单个pkt.
You are probably searching for scapy Hexdump(pkt) or hexraw(pkt) or repr(str(pkt)) for string encoded output. Note that sniff returns a list, not a single pkt.
如果要一个接一个地访问序列化的数据包字节,只需序列化str(pkt)层以获取python(字符/字节)字符串.
If you want to access serialized packet bytes one by one just serialize the layers str(pkt) to get a python (char/byte)-string.
for b in str(pkt):
print "char: %s ord/value: %d hex: %x"%(b,ord(b),ord(b))
这篇关于将嗅探的scapy数据包转换为字节的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!