Example of python reading and modifying pcap packet

Train of thought

Using scapy library, we can do a lot of things on the basis of this library. python reads pcap packet network 1 to find 1.

Will read out the pcap package change a name, and then write back, this is not OK

The function written back is: scapy. wrpcap ('filename', list)

The first parameter is filename, the second parameter is an list, and the list for storing the message

Sample code

#coding=utf8
import scapy.all as scapy
from scapy.layers import http
import random
#p Is 1 Heap data , All kinds of data on the upper layers 


charset = 'QWER.;[]?|%123445TYUerty!@#$%^&*()-uiopadDFGHJKLZXCVBNMqwfghjklzcvbnm,6789=+'  # The character set is here , You can change it at will 

def string_change(str_data):       # Replace by character set 1 Attack strings of equal length 
  str_response = ''
  for i in range(len(str_data)):
    index = random.randint(0,len(charset)-1) #  Random whole interval 
    str_response+=charset[index]
  print str_response
  return str_response


#  Extract pacp All packages in the file , Rewrite path Field is then written to the new pcap,tcp Streams are saved 
list_a = []
if __name__ == '__main__':
  count = 0      # Used to record repeatedly generated sample data 
  port = 0
  packeges = scapy.rdpcap('/home/seen/ Desktop /http.pcap')
  while(count!=1):
    # Attack traffic with confusion 
    for p in packeges:       # When copying the stream again, you need to modify the port or something , It hasn't been done here yet 
      temp = p
      if temp.haslayer("HTTPRequest"):
        temp["HTTPRequest"].Path = string_change(temp["HTTPRequest"].Path)
        list_a.append(temp)
      else:
        list_a.append(temp)
    count = count + 1
  scapy.wrpcap('/home/seen/ Desktop /test_1to0.pcap',list_a)