def cons_HTTP(): print("in ", cons_HTTP.__name__, " #######") load_layer("http") req = HTTP()/HTTPRequest( Host=b'www.baidu.com', User_Agent=b'curl/7.64.1', Accept=b'*/*' ) a = TCP_client.tcplink(HTTP, "www.baidu.com", 80) answser = a.sr1(req, retry=3, timeout=1) ###maybe MISS response a.close() if answser is not None: print(answser.load) print() print()
def initial_setup(): from pathlib import Path conf.gr_mods_path = os.path.join(str(Path.home()), '.scapy-radio') if not os.path.exists(conf.gr_mods_path): os.makedirs(conf.gr_mods_path) atexit.register(gnuradio_exit, conf) conf.L2socket = GnuradioSocket conf.L3socket = GnuradioSocket conf.L2listen = GnuradioSocket for l in ["ZWave", "gnuradio", "dot15d4", "bluetooth4LE", "wmbus"]: main.load_layer(l) conf.gr_modulations = {} conf.gr_protocol_options = {} conf.gr_process = None build_modulations_dict()
def extract_url_from_pcap(input_f, output_file): st = time.time() print('process ... \'%s\'' % input_f, flush=True) # Step 1. read from pcap and do not return a list of packets try: load_layer("tls") # enable scapy can parse tls myreader = PcapReader( input_f ) # iterator, please use it to process large file, such as more than 4 GB except MemoryError as me: print('memory error ', me) return -1 except FileNotFoundError as fnfe: print('file not found ', fnfe) return -2 except: print('other exceptions') return -10 res_dict = {} while True: pkt = myreader.read_packet() if pkt is None: break cnt = 0 # step 1. parse "Ethernet" firstly if pkt.name == "Ethernet": if pkt.payload.name.upper() in ['IP', 'IPV4']: if pkt.payload.payload.name.upper() in ["TCP", "UDP"]: if pkt.payload.payload.payload.name.upper() in 'TLS' and "Client Hello" in \ pkt.payload.payload.payload.msg[0].name: five_tuple = pkt.payload.src + ':' + str( pkt.payload.payload.sport ) + '-' + pkt.payload.dst + ':' + str( pkt.payload.payload.dport ) + '-' + pkt.payload.payload.name.upper() try: if 'servernames' in pkt.payload.payload.payload.msg[ 0].ext[00].fields.keys(): url_str = pkt.payload.payload.payload.msg[ 0].ext[00].fields['servernames'][0].fields[ 'servername'] print('packet[0] info: "%s:%d-%s:%d-%s"+%s' % ( pkt.payload.src, pkt.payload.payload.sport, pkt.payload.dst, pkt.payload.payload.dport, pkt.payload.payload.name, url_str)) if url_str not in res_dict.keys(): res_dict[url_str] = [five_tuple] else: res_dict[url_str].append(five_tuple) print( f'\'{url_str}\' appears: {len(res_dict[url_str])} times' ) except TypeError as e: print(f'{five_tuple}') else: # step 2. if this pkt can not be recognized as "Ethernet", then try to parse it as (IP,IPv4) pkt = IP( pkt ) # without ethernet header, then try to parse it as (IP,IPv4) if pkt.payload.name.upper() in ["TCP", "UDP"]: if "Client Hello" in pkt.payload.payload.msg[0].name: five_tuple = pkt.payload.src + ':' + str( pkt.payload.payload.sport ) + '-' + pkt.payload.dst + ':' + str( pkt.payload.payload.dport ) + '-' + pkt.payload.payload.name.upper() url_str = pkt.payload.payload.msg[0].ext[00].fields[ 'servernames'][0].fields['servername'] print('packet[0] info: "%s:%d-%s:%d-%s"+%s' % (pkt.src, pkt.payload.sport, pkt.dst, pkt.payload.dport, pkt.payload.name, url_str)) if url_str not in res_dict.keys(): res_dict[url_str] = [five_tuple] else: res_dict[url_str].append(five_tuple) print( f'\'{url_str}\' appears: {len(res_dict[url_str])} times' ) save_to_file(output_file, input_f, res_dict)
try: conf.gr_process = subprocess.Popen(["env", "python2", conf.gr_modulations[layer]], preexec_fn=sigint_ignore, stdout=conf.gr_process_io['stdout'], stderr=conf.gr_process_io['stderr']) except OSError: return False return True def gnuradio_exit(c): if hasattr(c, "gr_process") and hasattr(c.gr_process, "kill"): c.gr_process.kill() if hasattr(c, "gr_process_io") and c.gr_process_io is dict: for k in c.gr_process_io.keys(): if c.gr_process_io[k] is file and not c.gr_process_io[k].closed: c.gr_process_io[k].close() c.gr_process_io[k] = None atexit.register(gnuradio_exit, conf) conf.L2socket = GnuradioSocket conf.L3socket = GnuradioSocket conf.L2listen = GnuradioSocket for l in ["ZWave", "gnuradio", "dot15d4", "bluetooth4LE", "wmbus"]: main.load_layer(l) conf.gr_modulations = {} conf.gr_process = None conf.gr_mods_path = os.path.join(os.path.expanduser("~"), ".scapy", "radio") if not os.path.exists(conf.gr_mods_path): os.makedirs(conf.gr_mods_path) build_modulations_dict()
# This file is part of Scapy # See http://www.secdev.org/projects/scapy for more information # Copyright (C) Philippe Biondi <*****@*****.**> # This program is published under a GPLv2 license """ All layers. Configurable with conf.load_layers. """ from __future__ import absolute_import from scapy.config import conf from scapy.error import log_loading from scapy.main import load_layer import logging import scapy.modules.six as six ignored = list(six.moves.builtins.__dict__) + ["sys"] log = logging.getLogger("scapy.loading") __all__ = [] for _l in conf.load_layers: log_loading.debug("Loading layer %s" % _l) try: load_layer(_l, globals_dict=globals(), symb_list=__all__) except Exception as e: log.warning("can't import layer %s: %s", _l, e) del _l
# time.sleep(.5) conf.gr_process = subprocess.Popen(["python2", conf.gr_modulations[layer][mode], "-c", str(ch)], env=env) time.sleep(5) except OSError: return False return True def gnuradio_exit(c): if hasattr(c, "gr_process") and hasattr(c.gr_process, "kill"): c.gr_process.kill() if hasattr(c, "gr_process_io") and c.gr_process_io is dict: for k in c.gr_process_io.keys(): if os.path.isfile(c.gr_process_io[k]) and not c.gr_process_io[k].closed: c.gr_process_io[k].close() c.gr_process_io[k] = None atexit.register(gnuradio_exit, conf) conf.L2socket = GnuradioSocket conf.L3socket = GnuradioSocket conf.L2listen = GnuradioSocket for l in ["ZWave", "gnuradio", "dot15d4", "bluetooth4LE", "wmbus"]: main.load_layer(l) conf.gr_modulations = {} conf.gr_modulation_options = {} conf.gr_process = None conf.gr_mods_path = os.path.join(os.getcwd(), "util", ".scapy") if not os.path.exists(conf.gr_mods_path): os.makedirs(conf.gr_mods_path)
# This file is part of Scapy # See http://www.secdev.org/projects/scapy for more information # Copyright (C) Philippe Biondi <*****@*****.**> # This program is published under a GPLv2 license """ All layers. Configurable with conf.load_layers. """ from __future__ import absolute_import from scapy.config import conf from scapy.error import log_loading from scapy.main import load_layer import logging import importlib import scapy.modules.six as six ignored = list(six.moves.builtins.__dict__) + ["sys"] log = logging.getLogger("scapy.loading") __all__ = [] for _l in conf.load_layers: log_loading.debug("Loading layer %s" % _l) try: load_layer(_l, globals_dict=globals(), symb_list=__all__) except Exception as e: log.warning("can't import layer %s: %s", _l, e) del _l
# """ Default imports required for setup of CAN interfaces """ import os import subprocess import sys from platform import python_implementation from scapy.main import load_layer, load_contrib from scapy.config import conf from scapy.error import log_runtime, Scapy_Exception import scapy.libs.six as six from scapy.consts import LINUX load_layer("can", globals_dict=globals()) conf.contribs['CAN']['swap-bytes'] = False # ############################################################################ # """ Define interface names for automotive tests """ # ############################################################################ iface0 = "vcan0" iface1 = "vcan1" try: _root = os.geteuid() == 0 except AttributeError: _root = False _not_pypy = "pypy" not in python_implementation().lower() _socket_can_support = False
#!/usr/bin/python3 import numpy as np from scapy.layers.inet import TCP, IP from scapy.main import load_layer from scapy.sendrecv import sniff from sklearn import metrics load_layer("ip") load_layer("tls") def scale(len): if (len > 1504): len = 1504 return (int(len / 64)) maxlen = int(math.ceil(1504 / 64)) chains = {} def newchain(): c = [0 for x in range(maxlen)] return (c) def updatechain(who, slot): # print("Update "+who+" @ "+str(slot)) if (not (who in chains)):