Python scapy.plist.PacketList() Examples
The following are 24
code examples of scapy.plist.PacketList().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
scapy.plist
, or try the search function
.
.
Example #1
| Source File: ecu.py From scapy with GNU General Public License v2.0 | 6 votes |
|
def _update_supported_responses(self, pkt):
self._unanswered_packets += PacketList([pkt])
answered, unanswered = self._unanswered_packets.sr()
for _, resp in answered:
ecu_resp = ECUResponse(session=self.current_session,
security_level=self.current_security_level,
responses=resp)
if ecu_resp not in self._supported_responses:
if self.verbose:
print("[+] ", repr(ecu_resp))
self._supported_responses.append(ecu_resp)
else:
if self.verbose:
print("[-] ", repr(ecu_resp))
self._unanswered_packets = unanswered
Example #2
| Source File: ecu.py From scapy with GNU General Public License v2.0 | 6 votes |
|
def __init__(self, init_session=None, init_security_level=None,
init_communication_control=None, logging=True, verbose=True,
store_supported_responses=True):
"""
Initialize an ECU object
:param init_session: An initial session
:param init_security_level: An initial security level
:param init_communication_control: An initial communication control
setting
:param logging: Turn logging on or off. Default is on.
:param verbose: Turn tracking on or off. Default is on.
:param store_supported_responses: Turn creation of supported responses
on or off. Default is on.
"""
self.state = ECU_State(
session=init_session or 1, security_level=init_security_level or 0,
communication_control=init_communication_control or 0)
self.verbose = verbose
self.logging = logging
self.store_supported_responses = store_supported_responses
self.log = defaultdict(list)
self._supported_responses = list()
self._unanswered_packets = PacketList()
Example #3
| Source File: ecu.py From scapy with GNU General Public License v2.0 | 6 votes |
|
def make_reply(self, req):
if self.supported_responses is not None:
for resp in self.supported_responses:
if not isinstance(resp, ECUResponse):
raise Scapy_Exception("Unsupported type for response. "
"Please use `ECUResponse` objects. ")
if not resp.in_correct_session(self.ecu_state.current_session):
continue
if not resp.has_security_access(
self.ecu_state.current_security_level):
continue
if not resp.answers(req):
continue
for r in resp.responses:
for layer in r.layers():
if hasattr(layer, "modifies_ecu_state"):
layer.modifies_ecu_state(r, self.ecu_state)
return resp.responses
return PacketList([self.basecls(b"\x7f" + bytes(req)[0:1] + b"\x10")])
Example #4
| Source File: netflow.py From scapy with GNU General Public License v2.0 | 6 votes |
|
def netflowv9_defragment(plist, verb=1):
"""Process all NetflowV9/10 Packets to match IDs of the DataFlowsets
with the Headers
params:
- plist: the list of mixed NetflowV9/10 packets.
- verb: verbose print (0/1)
"""
if not isinstance(plist, (PacketList, list)):
plist = [plist]
# We need the whole packet to be dissected to access field def in
# NetflowFlowsetV9 or NetflowOptionsFlowsetV9/10
definitions = {}
definitions_opts = {}
ignored = set()
# Iterate through initial list
for pkt in plist:
_netflowv9_defragment_packet(pkt,
definitions,
definitions_opts,
ignored)
if conf.verb >= 1 and ignored:
warning("Ignored templateIDs (missing): %s" % list(ignored))
return plist
Example #5
| Source File: utils.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def read_all(self, count=-1):
res = RawPcapNgReader.read_all(self, count)
from scapy import plist
return plist.PacketList(res, name=os.path.basename(self.filename))
Example #6
| Source File: ecu.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def __init__(self, session=1, security_level=0,
responses=Raw(b"\x7f\x10"),
answers=None):
"""
Initialize an ECUResponse capsule
:param session: Defines the session in which this response is valid.
A integer, a callable or any iterable object can be
provided.
:param security_level: Defines the security_level in which this
response is valid. A integer, a callable or any
iterable object can be provided.
:param responses: A Packet or a list of Packet objects. By default the
last packet is asked if it answers a incoming packet.
This allows to send for example
`requestCorrectlyReceived-ResponsePending` packets.
:param answers: Optional argument to provide a custom answer here:
`lambda resp, req: return resp.answers(req)`
This allows the modification of a response depending
on a request. Custom SecurityAccess mechanisms can
be implemented in this way or generic NegativeResponse
messages which answers to everything can be realized
in this way.
"""
self.__session = session \
if hasattr(session, "__iter__") or callable(session) else [session]
self.__security_level = security_level \
if hasattr(security_level, "__iter__") or callable(security_level)\
else [security_level]
if isinstance(responses, PacketList):
self.responses = responses
elif isinstance(responses, Packet):
self.responses = PacketList([responses])
elif hasattr(responses, "__iter__"):
self.responses = PacketList(responses)
else:
self.responses = PacketList([responses])
self.__custom_answers = answers
Example #7
| Source File: lltd.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def parse(self, plist):
"""Update the builder using the provided `plist`. `plist` can
be either a Packet() or a PacketList().
"""
if not isinstance(plist, PacketList):
plist = PacketList(plist)
for pkt in plist[LLTD]:
if LLTDQueryLargeTlv in pkt:
key = "%s:%s:%d" % (pkt.real_dst, pkt.real_src, pkt.seq)
self.types_offsets[key] = (pkt[LLTDQueryLargeTlv].type,
pkt[LLTDQueryLargeTlv].offset)
elif LLTDQueryLargeTlvResp in pkt:
try:
key = "%s:%s:%d" % (pkt.real_src, pkt.real_dst, pkt.seq)
content, offset = self.types_offsets[key]
except KeyError:
continue
loc = slice(offset, offset + pkt[LLTDQueryLargeTlvResp].len)
key = "%s > %s [%s]" % (
pkt.real_src, pkt.real_dst,
LLTDQueryLargeTlv.fields_desc[0].i2s.get(content, content),
)
data = self.data.setdefault(key, array("B"))
datalen = len(data)
if datalen < loc.stop:
data.extend(array("B", b"\x00" * (loc.stop - datalen)))
data[loc] = array("B", pkt[LLTDQueryLargeTlvResp].value)
Example #8
| Source File: can.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def read_all(self, count=-1):
"""return a list of all packets in the candump file
"""
res = []
while count != 0:
try:
p = self.read_packet()
if p is None:
continue
except EOFError:
break
count -= 1
res.append(p)
return PacketList(res, name=os.path.basename(self.filename))
Example #9
| Source File: sendrecv.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def __gen_send(s, x, inter=0, loop=0, count=None, verbose=None, realtime=None, return_packets=False, *args, **kargs): # noqa: E501
if isinstance(x, str):
x = conf.raw_layer(load=x)
if not isinstance(x, Gen):
x = SetGen(x)
if verbose is None:
verbose = conf.verb
n = 0
if count is not None:
loop = -count
elif not loop:
loop = -1
if return_packets:
sent_packets = PacketList()
try:
while loop:
dt0 = None
for p in x:
if realtime:
ct = time.time()
if dt0:
st = dt0 + float(p.time) - ct
if st > 0:
time.sleep(st)
else:
dt0 = ct - float(p.time)
s.send(p)
if return_packets:
sent_packets.append(p)
n += 1
if verbose:
os.write(1, b".")
time.sleep(inter)
if loop < 0:
loop += 1
except KeyboardInterrupt:
pass
if verbose:
print("\nSent %i packets." % n)
if return_packets:
return sent_packets
Example #10
| Source File: utils.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def read_all(self, count=-1):
res = RawPcapReader.read_all(self, count)
from scapy import plist
return plist.PacketList(res, name=os.path.basename(self.filename))
Example #11
| Source File: sessions.py From scapy with GNU General Public License v2.0 | 5 votes |
|
def toPacketList(self):
if self._supersession:
return PacketList(self._supersession.lst, "Sniffed")
else:
return PacketList(self.lst, "Sniffed")
Example #12
| Source File: __init__.py From arissploit with GNU General Public License v3.0 | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
Select interface to sniff by setting conf.iface. Use show_interfaces() to see interface names.
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
log_runtime.info('Sniffing on %s' % conf.iface)
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print(r)
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #13
| Source File: __init__.py From dash-hack with MIT License | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #14
| Source File: __init__.py From dash-hack with MIT License | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #15
| Source File: __init__.py From dash-hack with MIT License | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #16
| Source File: __init__.py From isip with MIT License | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #17
| Source File: __init__.py From POC-EXP with GNU General Public License v3.0 | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #18
| Source File: l2.py From scapy with GNU General Public License v2.0 | 4 votes |
|
def arpleak(target, plen=255, hwlen=255, **kargs):
"""Exploit ARP leak flaws, like NetBSD-SA2017-002.
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2017-002.txt.asc
"""
# We want explicit packets
pkts_iface = {}
for pkt in ARP(pdst=target):
# We have to do some of Scapy's work since we mess with
# important values
iface = conf.route.route(pkt.pdst)[0]
psrc = get_if_addr(iface)
hwsrc = get_if_hwaddr(iface)
pkt.plen = plen
pkt.hwlen = hwlen
if plen == 4:
pkt.psrc = psrc
else:
pkt.psrc = inet_aton(psrc)[:plen]
pkt.pdst = inet_aton(pkt.pdst)[:plen]
if hwlen == 6:
pkt.hwsrc = hwsrc
else:
pkt.hwsrc = mac2str(hwsrc)[:hwlen]
pkts_iface.setdefault(iface, []).append(
Ether(src=hwsrc, dst=ETHER_BROADCAST) / pkt
)
ans, unans = SndRcvList(), PacketList(name="Unanswered")
for iface, pkts in viewitems(pkts_iface):
ans_new, unans_new = srp(pkts, iface=iface, filter="arp", **kargs)
ans += ans_new
unans += unans_new
ans.listname = "Results"
unans.listname = "Unanswered"
for _, rcv in ans:
if ARP not in rcv:
continue
rcv = rcv[ARP]
psrc = rcv.get_field('psrc').i2m(rcv, rcv.psrc)
if plen > 4 and len(psrc) > 4:
print("psrc")
hexdump(psrc[4:])
print()
hwsrc = rcv.get_field('hwsrc').i2m(rcv, rcv.hwsrc)
if hwlen > 6 and len(hwsrc) > 6:
print("hwsrc")
hexdump(hwsrc[6:])
print()
return ans, unans
Example #19
| Source File: automaton.py From scapy with GNU General Public License v2.0 | 4 votes |
|
def _do_control(self, ready, *args, **kargs):
with self.started:
self.threadid = threading.currentThread().ident
# Update default parameters
a = args + self.init_args[len(args):]
k = self.init_kargs.copy()
k.update(kargs)
self.parse_args(*a, **k)
# Start the automaton
self.state = self.initial_states[0](self)
self.send_sock = self.send_sock_class(**self.socket_kargs)
self.listen_sock = self.recv_sock_class(**self.socket_kargs)
self.packets = PacketList(name="session[%s]" % self.__class__.__name__) # noqa: E501
singlestep = True
iterator = self._do_iter()
self.debug(3, "Starting control thread [tid=%i]" % self.threadid)
# Sync threads
ready.set()
try:
while True:
c = self.cmdin.recv()
self.debug(5, "Received command %s" % c.type)
if c.type == _ATMT_Command.RUN:
singlestep = False
elif c.type == _ATMT_Command.NEXT:
singlestep = True
elif c.type == _ATMT_Command.FREEZE:
continue
elif c.type == _ATMT_Command.STOP:
break
while True:
state = next(iterator)
if isinstance(state, self.CommandMessage):
break
elif isinstance(state, self.Breakpoint):
c = Message(type=_ATMT_Command.BREAKPOINT, state=state) # noqa: E501
self.cmdout.send(c)
break
if singlestep:
c = Message(type=_ATMT_Command.SINGLESTEP, state=state) # noqa: E501
self.cmdout.send(c)
break
except (StopIteration, RuntimeError):
c = Message(type=_ATMT_Command.END,
result=self.final_state_output)
self.cmdout.send(c)
except Exception as e:
exc_info = sys.exc_info()
self.debug(3, "Transferring exception from tid=%i:\n%s" % (self.threadid, traceback.format_exception(*exc_info))) # noqa: E501
m = Message(type=_ATMT_Command.EXCEPTION, exception=e, exc_info=exc_info) # noqa: E501
self.cmdout.send(m)
self.debug(3, "Stopping control thread (tid=%i)" % self.threadid)
self.threadid = None
Example #20
| Source File: __init__.py From mptcp-abuse with GNU General Public License v2.0 | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #21
| Source File: __init__.py From CVE-2016-6366 with MIT License | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print >> console, r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #22
| Source File: utils.py From pyDot11 with GNU General Public License v2.0 | 4 votes |
|
def crypt2plain(self, pcapFile, encType, key):
"""Converts an encrypted stream to unencrypted stream
Returns the unencrypted stream input as a scapy PacketList object
Future plans involve offering a yield parameter so that pcapList,
instead returns as a generated object; should save memory this way.
Does not have the capability to diff between multiple keys encTypes
Possible workaround for this is taking the try and using except,
creating a return to let the user know which objs to retry on
For now, skipping.
"""
## Use the generator of PcapReader for memory purposes
pObj = PcapReader(pcapFile)
pcapList = []
## Deal with WEP
if encType == 'WEP':
for i in pObj:
try:
pkt, iv = pyDot11.wepDecrypt(i, key)
except:
pkt = i
pcapList.append(pkt)
## Return the stream like a normal Scapy PacketList
return PacketList(res = pcapList)
Example #23
| Source File: __init__.py From smod-1 with GNU General Public License v2.0 | 4 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
Example #24
| Source File: __init__.py From CyberScan with GNU General Public License v3.0 | 3 votes |
|
def sniff(count=0, store=1, offline=None, prn = None, lfilter=None, L2socket=None, timeout=None, *arg, **karg):
"""Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + L2ListenSocket args) -> list of packets
count: number of packets to capture. 0 means infinity
store: wether to store sniffed packets or discard them
prn: function to apply to each packet. If something is returned,
it is displayed. Ex:
ex: prn = lambda x: x.summary()
lfilter: python function applied to each packet to determine
if further action may be done
ex: lfilter = lambda x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them
timeout: stop sniffing after a given time (default: None)
L2socket: use the provided L2socket
"""
c = 0
if offline is None:
if L2socket is None:
L2socket = conf.L2listen
s = L2socket(type=ETH_P_ALL, *arg, **karg)
else:
s = PcapReader(offline)
lst = []
if timeout is not None:
stoptime = time.time()+timeout
remain = None
while 1:
try:
if timeout is not None:
remain = stoptime-time.time()
if remain <= 0:
break
try:
p = s.recv(MTU)
except PcapTimeoutElapsed:
continue
if p is None:
break
if lfilter and not lfilter(p):
continue
if store:
lst.append(p)
c += 1
if prn:
r = prn(p)
if r is not None:
print r
if count > 0 and c >= count:
break
except KeyboardInterrupt:
break
s.close()
return plist.PacketList(lst,"Sniffed")
