Example of python reading and modifying pcap packet
- 2021-07-24 11:32:54
- OfStack
Train of thought
Using scapy library, we can do a lot of things on the basis of this library. python reads pcap packet network 1 to find 1.
Will read out the pcap package change a name, and then write back, this is not OK
The function written back is: scapy. wrpcap ('filename', list)
The first parameter is filename, the second parameter is an list, and the list for storing the message
Sample code
#coding=utf8
import scapy.all as scapy
from scapy.layers import http
import random
#p Is 1 Heap data , All kinds of data on the upper layers
charset = 'QWER.;[]?|%123445TYUerty!@#$%^&*()-uiopadDFGHJKLZXCVBNMqwfghjklzcvbnm,6789=+' # The character set is here , You can change it at will
def string_change(str_data): # Replace by character set 1 Attack strings of equal length
str_response = ''
for i in range(len(str_data)):
index = random.randint(0,len(charset)-1) # Random whole interval
str_response+=charset[index]
print str_response
return str_response
# Extract pacp All packages in the file , Rewrite path Field is then written to the new pcap,tcp Streams are saved
list_a = []
if __name__ == '__main__':
count = 0 # Used to record repeatedly generated sample data
port = 0
packeges = scapy.rdpcap('/home/seen/ Desktop /http.pcap')
while(count!=1):
# Attack traffic with confusion
for p in packeges: # When copying the stream again, you need to modify the port or something , It hasn't been done here yet
temp = p
if temp.haslayer("HTTPRequest"):
temp["HTTPRequest"].Path = string_change(temp["HTTPRequest"].Path)
list_a.append(temp)
else:
list_a.append(temp)
count = count + 1
scapy.wrpcap('/home/seen/ Desktop /test_1to0.pcap',list_a)