Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to extract Raw of TCP packet using Scapy

Tags:

python

hex

extract

scapy

I use the sniff function of scapy module. My filter and prn function are doing a great job. But now, I would like to extract the Raw of the TCP packet and handle it using hexadecimal or binary format.

Here is the documentation of Packet Class in scapy.

How can I do that ?

I tried print packet[Raw] but it seems to be converted as ASCII or something like that. I want to keep it in hexadecimal or binary.

like image 377
Quentin Avatar asked Nov 27 '14 14:11

Quentin

People also ask

How do you sniff TCP packets with scapy?

Sniffing packets using scapy: To sniff the packets use the sniff() function. The sniff() function returns information about all the packets that has been sniffed. To see the summary of packet responses, use summary(). The sniff() function listens for an infinite period of time until the user interrupts.

What is raw scapy?

Scapy is a Python-based packet manipulation tool which has a number of useful features for those looking to perform raw TCP/IP requests and analysis.

How do I read a pcap file in scapy?

Reading a pcap file with Scapy, is commonly done by using rdpcap() . This function reads the whole file and load it up in memory, depending on the size of the file you're trying to read can take quite some memory. Two versions of a Script to do the same thing.

What is PDST in scapy?

pdst is where the ARP packet should go (target), psrc is the IP to update in the target's arp table, hwsrc is the MAC corresponding to psrc , to update in the target's arp table.

1 Answers

You can get the raw bytes of the packet using scapy.compat.raw1:

from scapy.all import raw
raw(packet)

The former is cross-version compatible, but if you are guaranteed to run with Python 3 and support for Python 2 is not needed, you can simply invoke bytes, which doesn't require an ad-hoc import statement (and is actually how scapy.compat.raw is implemented behind the scenes):

bytes(packet)

You can print the raw bytes of the packet in a readable format using scapy.compat.bytes_hex2:

from scapy.all import bytes_hex
print(bytes_hex(packet))

1scapy.compat.raw's implementation can be found here.
2scapy.compat.bytes_hex's implementation can be found here.

like image 101
Yoel Avatar answered Oct 04 '22 07:10

Yoel
Sign in to Comment

Related questions

scikit-learn roc_auc_score() returns accuracy values
Multivariate Taylor approximation in sympy
Ubuntu : Unable to correct problems, you have held broken packages
Converting a list of dicts to a Pandas dataframe
How can I call a sequence of functions until the return value meets some condition?
Selecting (subsetting) by multi index in pandas dataframe
Log-Log plot of pandas dataframe
Check that Python dicts have same shape and keys
How to sort a numpy array based on the values in a specific row?
Rpy2 error wac-a-mole: R_USER not defined
How to write a numpy array to a csv file?
python 3 print generator
Python generator how does it close a file handle when the for loop calling the generator returns suddenly?
pytest fixture is always returning a function
Why is 08 or 09 in Python invalid? [duplicate]
Iterations through pixels in an image are terribly slow with python (OpenCV)
ImportError: No module named clr when using CPython of python.org
Comma separator between JSON objects with json.dump
Does bottle handle requests with no concurrency?
HOWTO: Use reindent.py for dummies

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!