python生成pcap文件
2017-10-09 00:00
295 查看
生成pcap文件结合packeth发送报文,生成Pcap的代码如下。
<pre>
port = 9600
#Custom Foo Protocol Packet
message = ('01 01 00 08' #Foo Base Header
'01 02 00 00' #Foo Message (31 Bytes)
'00 00 12 30'
'00 00 12 31'
'00 00 12 32'
'00 00 12 33'
'00 00 12 34'
'D7 CD EF' #Foo flags
'00 00 12 35')
"""----------------------------------------------------------------"""
""" Do not edit below this line unless you know what you are doing """
"""----------------------------------------------------------------"""
import sys
import binascii
#Global header for pcap 2.4
pcap_global_header = ('D4 C3 B2 A1'
'02 00' #File format major revision (i.e. pcap <2>.4)
'04 00' #File format minor revision (i.e. pcap 2.<4>)
'00 00 00 00'
'00 00 00 00'
'FF FF 00 00'
'01 00 00 00')
#pcap packet header that must preface every packet
pcap_packet_header = ('AA 77 9F 47'
'90 A2 04 00'
'XX XX XX XX' #Frame Size (little endian)
'YY YY YY YY') #Frame Size (little endian)
eth_header = ('00 00 00 00 00 00' #Source Mac
'00 00 00 00 00 00' #Dest Mac
'08 00') #Protocol (0x0800 = IP)
ip_header = ('45' #IP version and header length (multiples of 4 bytes)
'00'
'XX XX' #Length - will be calculated and replaced later
'00 00'
'40 00 40'
'11' #Protocol (0x11 = UDP)
'YY YY' #Checksum - will be calculated and replaced later
'7F 00 00 01' #Source IP (Default: 127.0.0.1)
'7F 00 00 01') #Dest IP (Default: 127.0.0.1)
udp_header = ('80 01'
'XX XX' #Port - will be replaced later
'YY YY' #Length - will be calculated and replaced later
'00 00')
def getByteLength(str1):
return len(''.join(str1.split())) / 2
def writeByteStringToFile(bytestring, filename):
bytelist = bytestring.split()
bytes = binascii.a2b_hex(''.join(bytelist))
bitout = open(filename, 'wb')
bitout.write(bytes)
def generatePCAP(message,port,pcapfile):
udp = udp_header.replace('XX XX',"%04x"%port)
udp_len = getByteLength(message) + getByteLength(udp_header)
udp = udp.replace('YY YY',"%04x"%udp_len)
ip_len = udp_len + getByteLength(ip_header)
ip = ip_header.replace('XX XX',"%04x"%ip_len)
checksum = ip_checksum(ip.replace('YY YY','00 00'))
ip = ip.replace('YY YY',"%04x"%checksum)
pcap_len = ip_len + getByteLength(eth_header)
hex_str = "%08x"%pcap_len
reverse_hex_str = hex_str[6:] + hex_str[4:6] + hex_str[2:4] + hex_str[:2]
pcaph = pcap_packet_header.replace('XX XX XX XX',reverse_hex_str)
pcaph = pcaph.replace('YY YY YY YY',reverse_hex_str)
bytestring = pcap_global_header + pcaph + eth_header + ip + udp + message
writeByteStringToFile(bytestring, pcapfile)
#Splits the string into a list of tokens every n characters
def splitN(str1,n):
return [str1[start:start+n] for start in range(0, len(str1), n)]
#Calculates and returns the IP checksum based on the given IP Header
def ip_checksum(iph):
#split into bytes
words = splitN(''.join(iph.split()),4)
csum = 0;
for word in words:
csum += int(word, base=16)
csum += (csum >> 16)
csum = csum & 0xFFFF ^ 0xFFFF
return csum
"""------------------------------------------"""
""" End of functions, execution starts here: """
"""------------------------------------------"""
if len(sys.argv) < 2:
print 'usage: pcapgen.py output_file'
exit(0)
generatePCAP(message,port,sys.argv[1])
</pre>
pcap文件格式
http://wiki.wireshark.org/Development/LibpcapFileFormat
<pre>
port = 9600
#Custom Foo Protocol Packet
message = ('01 01 00 08' #Foo Base Header
'01 02 00 00' #Foo Message (31 Bytes)
'00 00 12 30'
'00 00 12 31'
'00 00 12 32'
'00 00 12 33'
'00 00 12 34'
'D7 CD EF' #Foo flags
'00 00 12 35')
"""----------------------------------------------------------------"""
""" Do not edit below this line unless you know what you are doing """
"""----------------------------------------------------------------"""
import sys
import binascii
#Global header for pcap 2.4
pcap_global_header = ('D4 C3 B2 A1'
'02 00' #File format major revision (i.e. pcap <2>.4)
'04 00' #File format minor revision (i.e. pcap 2.<4>)
'00 00 00 00'
'00 00 00 00'
'FF FF 00 00'
'01 00 00 00')
#pcap packet header that must preface every packet
pcap_packet_header = ('AA 77 9F 47'
'90 A2 04 00'
'XX XX XX XX' #Frame Size (little endian)
'YY YY YY YY') #Frame Size (little endian)
eth_header = ('00 00 00 00 00 00' #Source Mac
'00 00 00 00 00 00' #Dest Mac
'08 00') #Protocol (0x0800 = IP)
ip_header = ('45' #IP version and header length (multiples of 4 bytes)
'00'
'XX XX' #Length - will be calculated and replaced later
'00 00'
'40 00 40'
'11' #Protocol (0x11 = UDP)
'YY YY' #Checksum - will be calculated and replaced later
'7F 00 00 01' #Source IP (Default: 127.0.0.1)
'7F 00 00 01') #Dest IP (Default: 127.0.0.1)
udp_header = ('80 01'
'XX XX' #Port - will be replaced later
'YY YY' #Length - will be calculated and replaced later
'00 00')
def getByteLength(str1):
return len(''.join(str1.split())) / 2
def writeByteStringToFile(bytestring, filename):
bytelist = bytestring.split()
bytes = binascii.a2b_hex(''.join(bytelist))
bitout = open(filename, 'wb')
bitout.write(bytes)
def generatePCAP(message,port,pcapfile):
udp = udp_header.replace('XX XX',"%04x"%port)
udp_len = getByteLength(message) + getByteLength(udp_header)
udp = udp.replace('YY YY',"%04x"%udp_len)
ip_len = udp_len + getByteLength(ip_header)
ip = ip_header.replace('XX XX',"%04x"%ip_len)
checksum = ip_checksum(ip.replace('YY YY','00 00'))
ip = ip.replace('YY YY',"%04x"%checksum)
pcap_len = ip_len + getByteLength(eth_header)
hex_str = "%08x"%pcap_len
reverse_hex_str = hex_str[6:] + hex_str[4:6] + hex_str[2:4] + hex_str[:2]
pcaph = pcap_packet_header.replace('XX XX XX XX',reverse_hex_str)
pcaph = pcaph.replace('YY YY YY YY',reverse_hex_str)
bytestring = pcap_global_header + pcaph + eth_header + ip + udp + message
writeByteStringToFile(bytestring, pcapfile)
#Splits the string into a list of tokens every n characters
def splitN(str1,n):
return [str1[start:start+n] for start in range(0, len(str1), n)]
#Calculates and returns the IP checksum based on the given IP Header
def ip_checksum(iph):
#split into bytes
words = splitN(''.join(iph.split()),4)
csum = 0;
for word in words:
csum += int(word, base=16)
csum += (csum >> 16)
csum = csum & 0xFFFF ^ 0xFFFF
return csum
"""------------------------------------------"""
""" End of functions, execution starts here: """
"""------------------------------------------"""
if len(sys.argv) < 2:
print 'usage: pcapgen.py output_file'
exit(0)
generatePCAP(message,port,sys.argv[1])
</pre>
pcap文件格式
http://wiki.wireshark.org/Development/LibpcapFileFormat
相关文章推荐
- python通过配置文件生成日志
- python脚本生成exe可执行文件
- python中lxml模块生成xml文件
- Python什么情况下会生成pyc文件?
- python打包生成的exe文件运行时提示缺少模块的解决方法
- 生成随机测验文件-用Python自动化无聊的东西-chapter8
- Caffe学习笔记(二):使用Python生成caffe所需的lmdb文件和txt列表清单文件
- Caffe——python接口学习(2):生成solver文件
- 在Python的Django框架中生成CSV文件的方法
- Python生成gexf文件并导入gephi做网络图分析
- 如何用pyinstaller将需要传参数的Python文件生成exe文件
- python处理文本文件并生成指定格式的文件
- 使用一个pcap包生成kml文件
- python学习笔记6—文件操作来生成船只侧面图像的描述文件
- caffe的python接口学习(5):生成deploy文件
- Python中生成(写入数据到)Excel文件
- 随机生成10个含有1万个qq邮箱的文件(Python)
- 使用py2exe对Python文件进行封装生成exe文件
- 使用pyinstaller工具打包python项目代码生成exe文件
- 利用python操作android的xml资源文件,让其按照中文自动生成对应中文首字母加起来的名字,并且根据中文在java类里面替代对应的中文