Scapy、Npcap、WinPcap 等库如何绕过 Window 对发送原始 TCP 数据包的限制?
[英]How do libraries like Scapy, Npcap, WinPcap, etc., get around Window's limitations on sending raw TCP packets?
问题描述
I learned the hard way that modern Windows machines do not permit sending TCP data over raw sockets after trying to perform the TCP handshake myself in Python. 
I learned the hard way that modern Windows machines do not permit sending TCP data over raw sockets after trying to perform the TCP handshake myself in Python. And yet Scapy, a Python library, is able to do it seemingly just fine.然而 Scapy,一个 Python 库,似乎可以做到这一点。 Other libraries, like Npcap and WinPcap, also seem to be able to send raw TCP data just fine on Windows.其他库,如 Npcap 和 WinPcap,似乎也能够在 Windows 上发送原始 TCP 数据。 How is this possible?这怎么可能? What are these libraries doing under the hood that enables them to bypass this limitation?这些库在幕后做了什么使他们能够绕过这个限制?
1 个解决方案
解决方案1
0 2022-09-17 18:05:57
WinPcap (the windows implementation of libpcap) says in their website: WinPcap(libpcap 的 windows 实现)在他们的网站上说:
WinPcap consists of a driver that extends the operating system to provide low-level network access and a library that is used to easily access low-level network layers.
So the answer to your question would be: in windows, the implementation of libpcap (which is what Scapy uses according to their site) uses a driver to get access to the low-level networking stuff所以你的问题的答案是:在 windows 中,libpcap 的实现(这是 Scapy 根据他们的站点使用的)使用驱动程序来访问低级网络的东西
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.