问题描述

是否可以将 Scapy 配置为侦听网络流量并在收到具有特定参数的数据包后发送精心制作的数据包?我的意思是，例如 Scapy 侦听 eth0 上的网络流量，如果收到来自源 IP 10.10.44.3 的 ICMP回显请求"数据包，Scapy 将使用 8.8.8.8 作为 IP 地址 192.168.2.1 的 TCP SYN 数据包发送到端口 34 到 IP 地址 192.168.2.1来源.Scapy 可以进行这种设置吗?

是.

使用 sniff() 函数，您可以为 stop_filter 选项提供一个参数.

如果函数返回 1，嗅探将停止，您可以继续执行您希望的任何逻辑.

Is it possible to configure Scapy to listen for network traffic and send a crafted packet once a packet with certain parameters is received? I mean for example Scapy listens network traffic on eth0 and in case an ICMP "echo request" packet from source IP 10.10.44.3 is received, Scapy sends an TCP SYN packet to port 34 to IP address 192.168.2.1 using 8.8.8.8 as a source. Is such setup possible with Scapy?

Yes.

Using the sniff() function, you can provide a parameter to the stop_filter option.

>>> print sniff.__doc__
Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] +
      L2ListenSocket args) -> list of packets

...clipped...

stop_filter: python function applied to each packet to determine
             if we have to stop the capture after this packet
             ex: stop_filter = lambda x: x.haslayer(TCP)

If the function returns 1, sniff will stop, and you can continue with whatever logic you wish.

这篇关于配置 Scapy 侦听特定数据包，一旦收到数据包，就发送特定数据包的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！