从scapy数据包中获取信息字符串
[英]Get info string from scapy packet
问题描述
I am using scapy 2.3.1-dev non-interactively (ie as a library) in a tool I am building. 
我在我正在构建的工具中非交互式地使用scapy 2.3.1-dev(即作为库)。 I would like to get a string of human-readable information about a packet, such as you get from scapy.all.Packet.show() . 我想获得一个关于数据包的一系列人类可读信息,例如你从scapy.all.Packet.show()获得的信息。 I have tried using all three of the methods ( packet.show() , packet.show2() and packet.display() ) that provide the info, but none of these return anything, instead they print out the information that I want. 我已经尝试使用提供信息的所有三种方法( packet.show() , packet.show2()和packet.display() ),但这些方法都没有返回任何内容,而是打印出我想要的信息。
Also, the information returned by packet.__repr__() is not quite enough. 此外, packet.__repr__()返回的信息还不够。
Are there any functions/methods that would return the nicely-formatted text the same way that eg packet.show() prints them? 是否有任何函数/方法可以返回格式良好的文本,就像packet.show()打印它们一样? If not is there some way of capturing/intercepting the output of show() , before it gets printed to the console? 如果不是有某种方式捕获/拦截show()的输出,在它打印到控制台之前?
I am aware that I can do my own string formatting, using the info from packet.fields , but I am trying to avoid having to do that. 我知道我可以使用packet.fields的信息进行自己的字符串格式化,但我试图避免这样做。
2 个解决方案
解决方案1
7 2017-07-18 09:36:44
You can use show() method by show(dump=True) ,then it will return string to you. 您可以通过show(dump=True)使用show()方法,然后它将返回给您的字符串。 Why Do I Know that,cause I read the code of show() method. 为什么我知道,因为我读了show()方法的代码。
here is code: 这是代码:
def main():
packet = scapy.rdpcap('1.pcap')
for p in packet:
a = p.show(dump=True)
print type(a)
print a
exit(0)
解决方案2
6 已采纳 2015-04-17 18:21:40
One of the possible ways is to redirect output of the packet.show() function to the variable capture . 其中一种可能的方法是将packet.show()函数的输出重定向到变量capture 。 The following code provides an example: 以下代码提供了一个示例:
import sys
from StringIO import StringIO
from scapy.layers import inet
from scapy.all import *
#Create scapy packet
pack=inet.Ether()/inet.IP()/inet.TCP()
#Redirect output of print to variable 'capture'
capture = StringIO()
save_stdout = sys.stdout
sys.stdout = capture
pack.show()
sys.stdout = save_stdout
#capture.getvalue() is a string with the output of 'pack.show()'
print capture.getvalue()
#Verify that capture.getvalue() is a string
print isinstance(capture.getvalue(), basestring)
Output of the program is: 该计划的产出是:
###[ Ethernet ]###
dst = ff:ff:ff:ff:ff:ff
src = 00:00:00:00:00:00
type = 0x800
###[ IP ]###
version = 4
ihl = None
tos = 0x0
len = None
id = 1
flags =
frag = 0
ttl = 64
proto = tcp
chksum = None
src = 127.0.0.1
dst = 127.0.0.1
\options \
###[ TCP ]###
sport = ftp_data
dport = http
seq = 0
ack = 0
dataofs = None
reserved = 0
flags = S
window = 8192
chksum = None
urgptr = 0
options = {}
True
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.