Python scapy.all.TCP Examples
The following are 30
code examples of scapy.all.TCP().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
scapy.all
, or try the search function
.
Example #1
Source File: test_pcap.py From beagle with MIT License | 8 votes |
def test_multiple_packets(): packets = [ # HTTP Packet Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=12345, dport=80) / HTTP() / HTTPRequest(Method="GET", Path="/foo", Host="https://google.com"), # DNS Packet Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / UDP(sport=80, dport=53) / DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")), # TCP Packet Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=80, dport=5355), ] events = list(packets_to_datasource_events(packets).events()) assert len(events) == 3 assert [e["event_type"] for e in events] == ["HTTPRequest", "DNS", "TCP"]
Example #2
Source File: test_pcap.py From beagle with MIT License | 7 votes |
def test_single_tcp_packet(): packets = [ Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=80, dport=5355) ] events = list(packets_to_datasource_events(packets).events()) assert len(events) == 1 assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab" assert events[0]["dst_mac"] == "12:12:12:12:12:12" assert events[0]["src_ip"] == "127.0.0.1" assert events[0]["dst_ip"] == "192.168.1.1" assert events[0]["sport"] == 80 assert events[0]["dport"] == 5355 assert events[0]["event_type"] == "TCP"
Example #3
Source File: test_pcap.py From beagle with MIT License | 7 votes |
def test_single_http_packet(): packets = [ Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=12345, dport=80) / HTTP() / HTTPRequest(Method="GET", Path="/foo", Host="https://google.com") ] events = list(packets_to_datasource_events(packets).events()) assert len(events) == 1 assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab" assert events[0]["dst_mac"] == "12:12:12:12:12:12" assert events[0]["src_ip"] == "127.0.0.1" assert events[0]["dst_ip"] == "192.168.1.1" assert events[0]["sport"] == 12345 assert events[0]["dport"] == 80 assert events[0]["http_method"] == "GET" assert events[0]["uri"] == "/foo" assert events[0]["http_dest"] == "https://google.com" assert events[0]["event_type"] == "HTTPRequest"
Example #4
Source File: metric.py From transperf with Apache License 2.0 | 6 votes |
def visit_packet(self, time, packet): if (IP not in packet and IPv6 not in packet) or TCP not in packet: return iph = packet[IP] if IP in packet else packet[IPv6] tcph = packet[TCP] if iph.src == self._rcv_ip: return port = tcph.sport if port not in self._packet_size: return # TODO(arjunroy) IPv4 = total len, IPv6 = payload len. Is it important? packet_len = packet.len if IP in packet else packet.plen sizes = self._packet_size[port] if packet_len in sizes: sizes[packet_len] += 1 else: sizes[packet_len] = 1
Example #5
Source File: packet_processor.py From iot-inspector-client with MIT License | 6 votes |
def _process_http_host(self, pkt, device_id, remote_ip): try: http_host = pkt[http.HTTPRequest].fields['Host'].decode('utf-8') except Exception as e: return device_port = pkt[sc.TCP].sport with self._host_state.lock: self._host_state \ .pending_dns_dict \ .setdefault( (device_id, http_host, 'http-host', device_port), set()) \ .add(remote_ip) utils.log('[UPLOAD] HTTP host:', http_host)
Example #6
Source File: packet_processor.py From iot-inspector-client with MIT License | 6 votes |
def _process_syn_scan(self, pkt): """ Receives SYN scan response from devices. """ src_mac = pkt[sc.Ether].src device_id = utils.get_device_id(src_mac, self._host_state) device_port = pkt[sc.TCP].sport with self._host_state.lock: port_list = self._host_state.pending_syn_scan_dict.setdefault(device_id, []) if device_port not in port_list: port_list.append(device_port) utils.log('[SYN Scan Debug] Device {} ({}): Port {}'.format( pkt[sc.IP].src, device_id, device_port ))
Example #7
Source File: cotopaxi_tester.py From cotopaxi with GNU General Public License v2.0 | 6 votes |
def sr1_file(test_params, test_filename, display_packet=False): """Read test message from given file, sends this message to server and parses response.""" with open(test_filename, "rb") as file_handle: test_packet = file_handle.read() if display_packet: # print("Protocol: {}".format(proto_mapping(test_params.protocol))) try: if test_params.protocol in PROTOCOL_TESTERS: out_packet = PROTOCOL_TESTERS[test_params.protocol].request_parser( test_packet ) out_packet.show() print_verbose(test_params, 60 * "-") except (TypeError, struct.error, RuntimeError, ValueError, Scapy_Exception): pass test_result = None if test_params.protocol in [Protocol.SSDP]: test_result = ssdp_send_query(test_params, test_packet) elif test_params.protocol in protocols_using(UDP): test_result = udp_sr1(test_params, test_packet) elif test_params.protocol in protocols_using(TCP): test_result = tcp_sr1(test_params, test_packet) return test_result
Example #8
Source File: urgent11_detector.py From urgent11-detector with GNU Affero General Public License v3.0 | 6 votes |
def detect(self, dst_port): with get_safe_src_port() as src_port: for _ in range(CFG_RETRANSMISSION_RATE): # We start by adding normal TCP Options tcp_options = [(TCP_OPTION_MSS, struct.pack('>H', 1460)), (TCP_OPTION_NOP, b''), # WNDSCL option with invalid length, # followed by a valid one: (TCP_OPTION_WNDSCL, b''), (TCP_OPTION_WNDSCL, b'\0')] pkt = IP(dst=self._target) / TCP(sport=src_port, dport=dst_port, flags=TCP_SYN_FLAG, options=tcp_options) response = sr1(pkt, verbose=False, timeout=CFG_PACKET_TIMEOUT) if response is not None: break if response is None: self.vxworks_score = 0 self.ipnet_score = 50 elif (validate_flags(response, TCP_RST_FLAG) and validate_ports(response, dst_port, src_port)): self.vxworks_score = 100 self.ipnet_score = 100 else: self.vxworks_score = -100 self.ipnet_score = -100
Example #9
Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 6 votes |
def proto_mapping_request(protocol): """Provide mapping of enum values to implementation classes.""" return { Protocol.ALL: IP, Protocol.UDP: UDP, Protocol.TCP: TCP, Protocol.CoAP: CoAP, Protocol.mDNS: DNS, Protocol.MQTT: MQTT, Protocol.DTLS: DTLS, Protocol.QUIC: UDP, Protocol.RTSP: HTTPRequest, Protocol.SSDP: HTTPRequest, Protocol.HTCPCP: HTTPRequest, Protocol.HTTP: HTTPRequest, }[protocol]
Example #10
Source File: urgent11_detector.py From urgent11-detector with GNU Affero General Public License v3.0 | 6 votes |
def detect(self, dst_port): # Establish a valid connection sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) with contextlib.closing(sock) as legitimate_connection: legitimate_connection.settimeout(CFG_PACKET_TIMEOUT) legitimate_connection.connect((self._target, dst_port)) _, src_port = legitimate_connection.getsockname() _, dst_port = legitimate_connection.getpeername() # DoS the connection using CVE-2019-12258 for _ in range(CFG_RETRANSMISSION_RATE): # Malformed tcp options tcp_options = [(TCP_OPTION_WNDSCL, b'')] pkt = IP(dst=self._target) / TCP(sport=src_port, dport=dst_port, seq=0x4141, ack=0x4141, flags='S', options=tcp_options) response = sr1(pkt, verbose=False, timeout=CFG_PACKET_TIMEOUT) if response is not None: break # Check whether we managed to exploit CVE-2019-12258 if response is None: self.vxworks_score = 0 self.ipnet_score = 0 elif (validate_flags(response, TCP_RST_FLAG) and validate_ports(response, dst_port, src_port)): self.vxworks_score = 100 self.ipnet_score = 100 self.vulnerable_cves = ['CVE-2019-12258'] else: self.vxworks_score = 0 self.ipnet_score = 0
Example #11
Source File: ebcLib.py From SMBetray with GNU General Public License v3.0 | 6 votes |
def __init__(self, client_ip = "", server_ip = "", client_port = 0, server_port = 0, protocol = "TCP", interface = ""): self.client_ip = client_ip self.server_ip = server_ip self.client_port = client_port self.server_port = server_port self.protocol = protocol.lower() self.interface = interface # This returns just the source address & port in a string format # so that it can be hashed and tied back to the connectionManager. # The protocol, source address, and port are the only shared pieces of information # that both the MiTMModule socket and nfqueue intercept have access to, so # nfqueue hashes this info together and uses that hash as the key in the # connectionMnaager. Once the MiTMModule recieves the intercepted connection, # it will hash the proto/source ip/port to pull back the whole Connection # object from the connectionManager - and thus - have the destination ip and port # to then behave like a fully transparent TCP/UDP MiTM server.
Example #12
Source File: test_networkx.py From beagle with MIT License | 6 votes |
def test_from_datasources(): packets_1 = [ Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=12345, dport=80) / HTTP() / HTTPRequest(Method="GET", Path="/foo", Host="https://google.com") ] packets_2 = [ # HTTP Packet Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=12345, dport=80) / HTTP() / HTTPRequest(Method="GET", Path="/foo", Host="https://google.com"), # DNS Packet Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / UDP(sport=80, dport=53) / DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")), # TCP Packet Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=80, dport=5355), ] nx = NetworkX.from_datasources( [packets_to_datasource_events(packets) for packets in [packets_1, packets_2]] ) # Make the graph nx.graph() assert not nx.is_empty()
Example #13
Source File: send_tcp_packets.py From raw-packet with MIT License | 6 votes |
def get_syn_and_ack_numbers(request): global src_ip_address global response_sequence_number global response_acknowledgement_number global response_timestamp global response_payload_len if request.haslayer(TCP): response_sequence_number = request[TCP].seq response_acknowledgement_number = request[TCP].ack response_timestamp = request[TCP].time response_payload_len += len(request[TCP].payload) print(Base.c_success + "Response seq: " + str(response_sequence_number) + " ack: " + \) str(response_acknowledgement_number) + " timestamp: " + str(response_timestamp) + " len: " + \ str(len(request[TCP].payload))
Example #14
Source File: land.py From pina-colada with MIT License | 6 votes |
def launch(self): send(IP(src=self.get_value("target"), dst=self.get_value("target"))/TCP(sport=self.get_value("port"), dport=self.get_value("port")), count=self.get_value("size"))
Example #15
Source File: test_cotopaxi_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def test_protocols_using_pos(self): udp_protos = protocols_using(UDP) self.assertGreaterEqual(len(udp_protos), 4) self.assertTrue(Protocol.CoAP in udp_protos) self.assertTrue(Protocol.RTSP not in udp_protos) for proto in udp_protos: self.assertIsInstance(proto, Protocol) tcp_protos = protocols_using(TCP) self.assertGreaterEqual(len(tcp_protos), 4) for proto in tcp_protos: self.assertIsInstance(proto, Protocol) self.assertTrue(Protocol.RTSP in tcp_protos) self.assertTrue(Protocol.CoAP not in tcp_protos)
Example #16
Source File: carpa.py From circo with MIT License | 5 votes |
def pkt_callback(self, pkt): """ Proccess HTTP packets (direct) """ if pkt[IP].id >= 200 and pkt[IP].id < 300: self.pktlen = pkt[IP].id - 200 elif pkt[IP].id >= 300 and pkt[IP].id < 400: self.pkttotal = pkt[IP].id - 300 elif pkt[IP].id >= 500 and pkt[IP].id < 600: self.dic[pkt[IP].id - 500] = '{:04x}'.format(pkt[TCP].window) elif pkt[IP].id == 666: print(time.strftime("%Y-%m-%d %H:%M:%S ", time.gmtime()) + 'HTTP:' + pkt[IP].src + ':ALARM Case Open!') if len(self.dic) == self.pkttotal: odic = collections.OrderedDict(sorted(self.dic.items())) final = '' for value in odic.iteritems(): final = final + value[1] text = decrypt(final[:self.pktlen]) text = text.strip() hexip = text.split(',')[-1] text = text.replace(hexip, hextoip(hexip)) text = 'HTTP:' + pkt[IP].src + ':' + text printer(self.filed, text) self.dic = {} self.pkttotal = 200
Example #17
Source File: cotopaxi_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def protocol_enabled(protocol, proto_mask): """Check whether protocol is enabled for test using given protocol mask.""" if proto_mask == Protocol.ALL: return True if proto_mask == protocol: return True if proto_mask == Protocol.TCP and protocol in protocols_using(Protocol.TCP): return True if proto_mask == Protocol.UDP and protocol in protocols_using(Protocol.UDP): return True return False # Number of characters in line of separator
Example #18
Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def tcp_sr1(test_params, test_packet): """Send test message to server using TCP protocol and parses response.""" in_data = None connect_handler = None sent_time = test_params.report_sent_packet() sock_ip = {4: socket.AF_INET, 6: socket.AF_INET6} connect_args = { 4: (test_params.dst_endpoint.ip_addr, test_params.dst_endpoint.port), 6: (test_params.dst_endpoint.ip_addr, test_params.dst_endpoint.port, 0, 0), } try: connect_handler = socket.socket( sock_ip[test_params.ip_version], socket.SOCK_STREAM ) connect_handler.settimeout(test_params.timeout_sec) connect_handler.connect(connect_args[test_params.ip_version]) try: connect_handler.send(test_packet.encode(encoding="ascii")) except (AttributeError, UnicodeDecodeError): connect_handler.send(bytes(test_packet)) in_data = connect_handler.recv(INPUT_BUFFER_SIZE) if in_data: test_params.report_received_packet(sent_time) except (socket.timeout, socket.error) as exc: if test_params.verbose: print ("TCP exception: {}".format(exc)) finally: if connect_handler is not None: connect_handler.close() return in_data
Example #19
Source File: amqp_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def transport_protocol(): """Provide Scapy class of transport protocol used by this tester (usually TCP or UDP).""" return TCP
Example #20
Source File: htcpcp_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def transport_protocol(): """Provide Scapy class of transport protocol used by this tester (usually TCP or UDP).""" return TCP
Example #21
Source File: http_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def transport_protocol(): """Provide Scapy class of transport protocol used by this tester (usually TCP or UDP).""" return TCP
Example #22
Source File: metric.py From transperf with Apache License 2.0 | 5 votes |
def visit_packet(self, time, packet): """Generate statistics for each port. See the outparser.Visitor interface. """ if (IP not in packet and IPv6 not in packet) or TCP not in packet: return iph = packet[IP] if IP in packet else packet[IPv6] tcph = packet[TCP] if iph.src == self._rcv_ip: return port = tcph.sport if port not in self._stats: return max_seq = self._max_seq[port] if IP in packet: data_len = iph.len - 4 * iph.ihl - 4 * tcph.dataofs else: if iph.nh != 6: LOG.info('IPv6 pachet has extension headers, skipping.') return data_len = iph.plen - 4 * tcph.dataofs next_seq = tcp.add_seq(tcph.seq, data_len - 1) if max_seq == -1 or tcp.after(tcph.seq, max_seq): self._max_seq[port] = next_seq is_retx = 0 else: is_retx = 1 tx, retx = self._stats[port] self._stats[port] = (tx + data_len, retx + is_retx * data_len)
Example #23
Source File: mqtt_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def transport_protocol(): """Provide Scapy class of transport protocol used by this tester (usually TCP or UDP).""" return TCP
Example #24
Source File: rtsp_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def transport_protocol(): """Provide Scapy class of transport protocol used by this tester (usually TCP or UDP).""" return TCP
Example #25
Source File: port_scan_scapy.py From Mastering-Python-for-Networking-and-Security with MIT License | 5 votes |
def main(): for x in xrange(0, 80): analyze_port("domain", x) print "[*] Ports openned:" for x in OPEN_PORTS: print " - %s/TCP" % x
Example #26
Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def get_random_high_port(): """Return random value for private (ephemeral or high) TCP or UDP port.""" return random.randint(NET_MIN_HIGH_PORT, NET_MAX_PORT)
Example #27
Source File: metric.py From transperf with Apache License 2.0 | 5 votes |
def visit_packet(self, time, packet): if (IP not in packet and IPv6 not in packet) or TCP not in packet: return iph = packet[IP] if IP in packet else packet[IPv6] tcph = packet[TCP] if iph.src == self._rcv_ip: self._handle_rcv(time, tcph) else: self._handle_snd(time, tcph)
Example #28
Source File: scraps.py From Naumachia with MIT License | 5 votes |
def process(self, pkt): if all(layer in pkt for layer in (scapy.Ether, scapy.IP, scapy.TCP)): logger.debug(pkt.sprintf("[%Ether.src%]%IP.src%:%TCP.sport% > [%Ether.dst%]%IP.dst%:%TCP.dport% %TCP.flags%")) if pkt[scapy.Ether].dst == str(net.ifhwaddr(self.iface)) and pkt[scapy.TCP].flags == 2: self.bindaddr, self.bindport = pkt[scapy.IP].dst, pkt[scapy.TCP].dport if self._thread is None or not self._thread.is_alive(): self._thread = threading.Thread(target=self.intercept) self._thread.start()
Example #29
Source File: test_protocol_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
def test_tester_protocol_pos(self): protocol = self.tester.transport_protocol() self.assertTrue(protocol in [None, TCP, UDP])
Example #30
Source File: 18_5_modify_ip_in_a_packet.py From Python-Network-Programming with MIT License | 5 votes |
def send_packet(protocol=None, src_ip=None, src_port=None, flags=None, dst_ip=None, dst_port=None, iface=None): """Modify and send an IP packet.""" if protocol == 'tcp': packet = IP(src=src_ip, dst=dst_ip)/TCP(flags=flags, sport=src_port, dport=dst_port) elif protocol == 'udp': if flags: raise Exception(" Flags are not supported for udp") packet = IP(src=src_ip, dst=dst_ip)/UDP(sport=src_port, dport=dst_port) else: raise Exception("Unknown protocol %s" % protocol) send(packet, iface=iface)