Chinaunix首页 | 论坛 | 博客

抽刀断水writer15.blog.chinaunix.net

首页 |  博文目录 |  关于我

writer15

  • 博客访问: 167880
  • 博文数量: 36
  • 博客积分: 1466
  • 博客等级: 上尉
  • 技术积分: 380
  • 用 户 组: 普通用户
  • 注册时间: 2007-04-17 17:43
文章分类

全部博文(36)

推荐博文
相关博文
scapy笔记

分类: Windows平台

2016-12-01 10:04:25

writer15@MARXx64:Desktop$ sudo scapy 
INFO: Can't import python gnuplot wrapper . Won't be able to plot.
INFO: Can't import PyX. Won't be able to use psdump() or pdfdump().
WARNING: No route found for IPv6 destination :: (no default route?)
Welcome to Scapy (2.2.0)
>>> pkts=rdpcap('4.pcap')     #读取wireshark的数据包
>>> pkts.show()    #显示数据包摘要,共25个数据包
0000 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.204.1:netbios_ns / NBNSQueryRequest
0001 Ether / IP / UDP 192.168.204.1:netbios_ns > 192.168.204.135:netbios_ns / NBNSQueryRequest / Raw
0002 Ether / IP / UDP 192.168.204.1:netbios_dgm > 192.168.204.255:netbios_dgm / NBTDatagram / Raw
0003 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0004 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0005 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0006 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0007 Ether / IP / UDP 192.168.204.134:netbios_ns > 192.168.204.2:netbios_ns / NBNSQueryRequest / Raw
0008 Ether / IP / UDP 192.168.204.134:netbios_ns > 192.168.204.2:netbios_ns / NBNSQueryRequest / Raw
0009 Ether / IP / UDP 192.168.204.134:netbios_ns > 192.168.204.2:netbios_ns / NBNSQueryRequest / Raw
0010 Ether / IP / UDP 192.168.204.135:netbios_dgm > 192.168.204.255:netbios_dgm / NBTDatagram / Raw
0011 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.204.2:netbios_ns / NBNSQueryRequest / Raw
0012 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0013 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.204.2:netbios_ns / NBNSQueryRequest / Raw
0014 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.204.2:netbios_ns / NBNSQueryRequest / Raw
0015 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0016 Ether / IP / ICMP 192.168.204.135 > 192.168.2.46 echo-request 0 / Raw
0017 Ether / ARP who has 192.168.204.135 says 192.168.204.2
0018 Ether / ARP is at 00:0c:29:b4:79:56 says 192.168.204.135
0019 Ether / IP / ICMP 192.168.2.46 > 192.168.204.135 echo-reply 0 / Raw
0020 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.10.46:netbios_ns / NBNSQueryRequest
0021 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.10.46:netbios_ns / NBNSQueryRequest
0022 Ether / IP / UDP 192.168.204.135:netbios_ns > 192.168.10.46:netbios_ns / NBNSQueryRequest
0023 Ether / IPv6 / UDP fe80::6c5f:b095:43f:f0b4:dhcpv6_client > ff02::1:2:dhcpv6_server / DHCP6_Solicit / DHCP6OptElapsedTime / DHCP6OptClientId / DHCP6OptIA_NA / Raw
0024 Ether / IP / UDP 192.168.204.134:netbios_dgm > 192.168.204.255:netbios_dgm / NBTDatagram / Raw
>>> pkts[0].show()    #显示第一个数据包
###[ Ethernet ]###
  dst= 00:50:56:c0:00:08
  src= 00:0c:29:b4:79:56
  type= 0x800
###[ IP ]###
     version= 4L
     ihl= 5L
     tos= 0x0
     len= 78
     id= 382
     flags= 
     frag= 0L
     ttl= 64
     proto= udp
     chksum= 0x5f47
     src= 192.168.204.135
     dst= 192.168.204.1
     \options\
###[ UDP ]###
        sport= netbios_ns
        dport= netbios_ns
        len= 58
        chksum= 0x25c0
###[ NBNS query request ]###
           NAME_TRN_ID= 32916
           FLAGS= 0
           QDCOUNT= 1
           ANCOUNT= 0
           NSCOUNT= 0
           ARCOUNT= 0
           QUESTION_NAME= '*'
           SUFFIX= workstation
           NULL= 0
           QUESTION_TYPE= NBSTAT
           QUESTION_CLASS= INTERNET

>>> query=pkts[0][IP]    #发送数据包时,我们一般不构造[Ether]层,所以只提取IP层及以上的层。
>>> query.show()
###[ IP ]###
  version= 4L
  ihl= 5L
  tos= 0x0
  len= 78
  id= 382
  flags= 
  frag= 0L
  ttl= 64
  proto= udp
  chksum= 0x5f47
  src= 192.168.204.135
  dst= 192.168.204.1
  \options\
###[ UDP ]###
     sport= netbios_ns
     dport= netbios_ns
     len= 58
     chksum= 0x25c0
###[ NBNS query request ]###
        NAME_TRN_ID= 32916
        FLAGS= 0
        QDCOUNT= 1
        ANCOUNT= 0
        NSCOUNT= 0
        ARCOUNT= 0
        QUESTION_NAME= '*'
        SUFFIX= workstation
        NULL= 0
        QUESTION_TYPE= NBSTAT
        QUESTION_CLASS= INTERNET
>>> 
>>> query.src="192.168.204.136"    #修改数据包字段
>>> query.dst="192.168.204.1" 
>>> send(query)    #发送数据包




阅读(1170) | 评论(0) | 转发(0) |
0

上一篇:openwrt 14.07 R42625搭建pppoe-server笔记

下一篇:没有了

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6