Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Specify timestamp on each packet in Scapy?

Tags:

python

scapy

With Scapy, when I create a packet and write it to a pcap file, it sets the timestamp of the packet to the current time.

This is my current usage. 1335494712.991895 being the time I created the packet:

>>> a = Ether()/IP(src='1.1.1.1',dst='2.2.2.2')/TCP(sport=1337,dport=31337)
>>> wrpcap('single-tcp-packet.pcap', a)

# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1335494712.991895 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0

How can I specify my own timestamp per packet?

I have seen timestamp mentioned in the docs for setting the TCP timestamp, but it doesn't seem to make a difference to the actual pcap timestamp.

like image 680
gak Avatar asked Apr 27 '12 02:04

gak

People also ask

What is TTL in scapy?

The technique is to send series of packets to the target with Time to Live (TTL) set in such a way that each router on the path will have to notify you of the death of the packet. The traceroute technique is based on the way the IP protocol is designed.

How do you sniff TCP packets with scapy?

Sniffing packets using scapy: To sniff the packets use the sniff() function. The sniff() function returns information about all the packets that has been sniffed. To see the summary of packet responses, use summary(). The sniff() function listens for an infinite period of time until the user interrupts.

Does scapy use libpcap?

Scapy runs natively on Linux, Windows, OSX and on most Unixes with libpcap (see scapy's installation page). The same code base now runs natively on both Python 2 and Python 3.

What is PDST in scapy?

pdst is where the ARP packet should go (target), psrc is the IP to update in the target's arp table, hwsrc is the MAC corresponding to psrc , to update in the target's arp table.

1 Answers

Ah! Found it.

Simply:

>>> a.time = 1234567890
>>> wrpcap('single-tcp-packet.pcap', a)

# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1234567890.000000 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0
like image 168
gak Avatar answered Sep 22 '22 17:09

gak
Sign in to Comment

Related questions

multiprocess or multithread? - parallelizing a simple computation for millions of iterations and storing the result in a single data structure
Python and MySQLdb: substitution of table resulting in syntax error
Use the folder name as a column in a text file
Whats are best practices and tools for profiling and performance testing python code? [duplicate]
a jinja variable for flask-app root directory
How can I use regular expression for unicode string in python?
numpy.ndarray enumeration over a proper subset of the dimensions?
Pythonic way to increment and assign ids from dictionary
pymssql and placeholders
PyOpenSSL convert certificate object to .pem file
Django ReportLab: using Drawing object to create PDF and return via Httpresponse
which should I use (for python-based sites)? sass, compass, switchcss...alternatives? [closed]
Dictionary As Table In Django Template
matplotlib contourf: get Z value under cursor
Can’t fix pyparsing error…
Clipping in Matplotlib. Why doesn't this work?
convert delimited string to hierarchical JSON in python
How to set up auto-deploy to AppEngine when pushing to Git Repository
What are site-packages in python and can you install/use them if you aren't root?
Matplotlib - grids and plotting color coded y values/data ranges

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!