本文整理汇总了Python中scapy.all.rdpcap方法的典型用法代码示例。如果您正苦于以下问题:Python all.rdpcap方法的具体用法?Python all.rdpcap怎么用?Python all.rdpcap使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类scapy.all的用法示例。
在下文中一共展示了all.rdpcap方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __init__
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def __init__(self, pcapfile, scapy_pkts=None, tshark_pkts=None):
"""Initialization method of the class.
Parameters
----------
pcapfile : str
Path to a previously captured pcap.
scapy_pkts : :obj:`PacketList`
List of packets generated by Scapy.
tshark_pkts : :obj:`FileCapture`
List of packets generated by Pyshark.
"""
if scapy_pkts:
self._scapy_pkts = scapy_pkts
else:
self._scapy_pkts = rdpcap(pcapfile)
if tshark_pkts:
self._tshark_pkts = tshark_pkts
else:
self._tshark_pkts = FileCapture(pcapfile)
self._i = -1 示例2: parse
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def parse(self):
try:
from scapy.all import rdpcap
except ImportError:
raise ImportError('scapy is not installed, please install it by running: '
'pip install scapy') from None
local_file = os.path.join(self.local_dir,
os.path.basename(self.pcap_file))
# Make sure it is not of size 0
if os.path.isfile(local_file) and os.stat(local_file).st_size:
return rdpcap(local_file) 示例3: setUp
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def setUp(self):
self.records = []
self.pkts = (p for p in rdpcap(env_local_file('RSA_WITH_AES_128_CBC_SHA.pcap')) if p.haslayer(tls.SSL))
for p in (pkt for pkt in self.pkts):
self.records += p.records
unittest.TestCase.setUp(self) 示例4: _sniff_check
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def _sniff_check(self):
while True:
try:
assert isfile(RawDnsResolver.tshark_pcap_filename), 'Tshark pcap file not found!'
packets = rdpcap(RawDnsResolver.tshark_pcap_filename)
for packet in packets:
self._parse_packet(packet)
except ValueError:
pass
except AssertionError:
pass
sleep(1)
# endregion
# region Stop tshark 示例5: _sniff_stop
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def _sniff_stop(self):
while self.base.get_process_pid('tshark') != -1:
kill(self.base.get_process_pid('tshark'), SIGTERM)
sleep(1)
try:
packets = rdpcap(RawDnsResolver.tshark_pcap_filename)
for packet in packets:
self._parse_packet(packet)
except ValueError:
pass
# endregion
# region Send DNS queries to IPv4 NS server 示例6: get_wep_data_count
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def get_wep_data_count(self):
wep_packets = None
try:
wep_packets = rdpcap(self.log_path)
except Exception as e:
print "[-] Error reading pcap file:", str(e)
return
n_data_packets = 0
for p in wep_packets:
if Dot11WEP in p:
if p.iv is not None and p.iv != '':
n_data_packets += 1
return n_data_packets 示例7: upload
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def upload():
filepath = app.config['UPLOAD_FOLDER']
upload = Upload()
if request.method == 'GET':
return render_template('./upload/upload.html')
elif request.method == 'POST':
pcap = upload.pcap.data
if upload.validate_on_submit():
pcapname = pcap.filename
if allowed_file(pcapname):
name1 = random_name()
name2 = get_filetype(pcapname)
global PCAP_NAME, PCAPS
PCAP_NAME = name1 + name2
try:
pcap.save(os.path.join(filepath, PCAP_NAME))
PCAPS = rdpcap(os.path.join(filepath, PCAP_NAME))
os.system('rm -rf ' + filepath + '*')
flash('恭喜你,上传成功!')
return render_template('./upload/upload.html')
except Exception as e:
flash('上传错误,错误信息:' +str(e))
return render_template('./upload/upload.html')
else:
flash('上传失败,请上传允许的数据包格式!')
return render_template('./upload/upload.html')
else:
return render_template('./upload/upload.html')
#-------------------------------------------数据分析-------------------------- 示例8: is_valid_handshake_capture
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def is_valid_handshake_capture(handshake_path):
"""
Check if valid handshake capture is found
:param handshake_path: file path of handshake
:type handshake_path: str
:return: None
:rtype: None
"""
pkts = rdpcap(handshake_path)
eapols = []
# get all the KEY type EAPOLs
for pkt in pkts:
# pkt is Dot11 and is not retried frame
if pkt.haslayer(dot11.Dot11) and not pkt.FCfield & (1 << 3):
# pkt is EAPOL and KEY type
if pkt.haslayer(EAPOL) and pkt[EAPOL].type == 3:
eapols.append(pkt)
num_of_frames = len(eapols)
for index in range(num_of_frames):
if num_of_frames - index > 3:
ap_bssid = eapols[index].addr2
# from AP to STA
msg1 = eapols[index]
# from STA to AP
msg2 = eapols[index + 1]
# from AP to STA
msg3 = eapols[index + 2]
# from STA to AP
msg4 = eapols[index + 3]
if msg1.addr2 == ap_bssid and\
msg3.addr2 == ap_bssid and\
msg2.addr1 == ap_bssid and\
msg4.addr1 == ap_bssid:
logger.info("Get valid handshake frames")
return True
else:
break
logger.info("No valid handshake frames exists")
return False 示例9: flooder
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def flooder(self, n, filename):
print('Reading pcap file.')
pkgs = rdpcap(filename)
for i in range(n):
print('Sending %s packets.' % (len(pkgs)))
sendpfast(pkgs)
print('Done, part %s of %s' % ((i + 1), n)) 示例10: test01_main_responses
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def test01_main_responses(self):
if isfile(self.tshark_pcap_filename):
remove(self.tshark_pcap_filename)
find_spoof_packet: bool = False
arp_spoof: ArpSpoof = ArpSpoof(network_interface=self.variables.your.network_interface)
self.thread_manager.add_task(arp_spoof.start, self.variables.router.ipv4_address,
self.variables.target.ipv4_address, self.variables.target.mac_address,
False, False, False, False, False)
command = self.variables.tshark_executable + \
' -i "' + self.variables.your.network_interface + \
'" -f "ether src ' + self.variables.your.mac_address + \
' and ether dst ' + self.variables.target.mac_address + \
' and arp" -B 65535 -w "' + self.tshark_pcap_filename + '"'
if self.base.get_platform().startswith('Darwin'):
Popen([command], shell=True, stdout=PIPE, stderr=STDOUT)
else:
Popen(command, shell=True, stdout=PIPE, stderr=STDOUT)
sleep(5)
self.thread_manager.close()
if self.base.get_platform().startswith('Windows'):
self.base.kill_process_by_name(process_name='tshark.exe')
else:
self.base.kill_process_by_name(process_name='tshark')
self.assertTrue(isfile(self.tshark_pcap_filename))
try:
packets = rdpcap(self.tshark_pcap_filename)
for packet in packets:
if packet.haslayer(ARP):
arp_packet = packet[ARP]
self.base.print_info('ARP opcode: ', str(arp_packet.op))
self.base.print_info('ARP sender MAC: ', arp_packet.hwsrc)
self.base.print_info('ARP target MAC: ', arp_packet.hwdst)
self.base.print_info('ARP sender IP: ', arp_packet.psrc)
self.base.print_info('ARP target IP: ', arp_packet.pdst)
if arp_packet.hwsrc == self.variables.your.mac_address and \
arp_packet.hwdst == self.variables.target.mac_address and \
arp_packet.psrc == self.variables.router.ipv4_address and \
arp_packet.pdst == self.variables.target.ipv4_address and \
arp_packet.op == 2:
find_spoof_packet = True
break
except ValueError:
pass
except FileNotFoundError:
pass
if isfile(self.tshark_pcap_filename):
remove(self.tshark_pcap_filename)
self.assertTrue(find_spoof_packet) 示例11: test02_main_requests
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def test02_main_requests(self):
find_spoof_packet: bool = False
arp_spoof: ArpSpoof = ArpSpoof(network_interface=self.variables.your.network_interface)
self.thread_manager.add_task(arp_spoof.start, self.variables.router.ipv4_address,
self.variables.target.ipv4_address, self.variables.target.mac_address,
False, False, False, True, False)
command = self.variables.tshark_executable + \
' -i "' + self.variables.your.network_interface + \
'" -f "ether src ' + self.variables.your.mac_address + \
' and ether dst ' + self.variables.target.mac_address + \
' and arp" -B 65535 -w "' + self.tshark_pcap_filename + '"'
if self.base.get_platform().startswith('Darwin'):
Popen([command], shell=True, stdout=PIPE, stderr=STDOUT)
else:
Popen(command, shell=True, stdout=PIPE, stderr=STDOUT)
sleep(5)
self.thread_manager.close()
if self.base.get_platform().startswith('Windows'):
self.base.kill_process_by_name(process_name='tshark.exe')
else:
self.base.kill_process_by_name(process_name='tshark')
self.assertTrue(isfile(self.tshark_pcap_filename))
try:
packets = rdpcap(self.tshark_pcap_filename)
for packet in packets:
if packet.haslayer(ARP):
arp_packet = packet[ARP]
self.base.print_info('ARP opcode: ', str(arp_packet.op))
self.base.print_info('ARP sender MAC: ', arp_packet.hwsrc)
self.base.print_info('ARP target MAC: ', arp_packet.hwdst)
self.base.print_info('ARP sender IP: ', arp_packet.psrc)
self.base.print_info('ARP target IP: ', arp_packet.pdst)
if arp_packet.hwsrc == self.variables.your.mac_address and \
arp_packet.hwdst == '00:00:00:00:00:00' and \
arp_packet.psrc == self.variables.router.ipv4_address and \
arp_packet.op == 1:
find_spoof_packet = True
break
except ValueError:
pass
except FileNotFoundError:
pass
if isfile(self.tshark_pcap_filename):
remove(self.tshark_pcap_filename)
self.assertTrue(find_spoof_packet) 示例12: main
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def main():
pcap_path = "test/files/test_session.pcap"
client_ip = "192.168.38.1"
mitm_ip = "192.168.38.1"
server_ip = "192.168.38.129"
output_path = "test/files/out/out.pyrdp"
logging.basicConfig(level=logging.CRITICAL)
logging.getLogger("scapy").setLevel(logging.ERROR)
packets = rdpcap(pcap_path)
test_mitm = TestMITM(output_path)
for packet in packets:
# The packets start with a Wireshark exported PDU structure
source, destination, destination_port, data = parseExportedPdu(packet)
test_mitm.setTimeStamp(float(packet.time))
if source == client_ip and destination == mitm_ip and destination_port == 3389:
test_mitm.recvFromClient(data)
elif source == server_ip and destination == mitm_ip:
test_mitm.recvFromServer(data)
elif source == mitm_ip and destination == client_ip and destination_port != 3389:
test_mitm.sendToClient(data)
elif source == mitm_ip and destination == server_ip:
test_mitm.sendToServer(data)
else:
assert False
test_mitm.tcp.recordConnectionClose()
assert test_mitm.builtIOChannel, "PyRDP did not build IO Channel."
assert test_mitm.builtCliprdrChannel, "PyRDP did not build the Clipboard Channel."
assert test_mitm.builtRDPDRChannel, "PyRDP did not build the RDPDR Channel."
logging.info("Channel building assertions PASSED")
for key, value in test_mitm.clipboardObserver.expectedClipboardData.items():
assert value, f"Expected to receive {key} in a clipboardPDU but the clipboard observer did not receive it."
logging.info("Clipboard content assertions PASSED")
expectedLeftMouseClicks = 20
actualLeftMouseClicks = test_mitm.inputObserver.leftMouseClicks
expectedRightMouseClicks = 3
actualRightMouseClicks = test_mitm.inputObserver.rightMouseClicks
expectedMouseWheelClicks = 0
actualMouseWheelClicks = test_mitm.inputObserver.mouseWheelClicks
assert actualLeftMouseClicks == expectedLeftMouseClicks, f"Wrong number of left mouse clicks registered. Expected {expectedLeftMouseClicks}, got {actualLeftMouseClicks}"
assert actualRightMouseClicks == expectedRightMouseClicks, f"Wrong number of right mouse clicks registered. Expected {expectedRightMouseClicks}, got {actualRightMouseClicks}"
assert actualMouseWheelClicks == expectedMouseWheelClicks, f"Wrong number of mouse wheel clicks registered. Expected {expectedMouseWheelClicks}, got {actualMouseWheelClicks}"
logging.info("Mouse clicks assertions PASSED")
assert "arrrray" in test_mitm.state.inputBuffer, f"'arrrray' not found in the MITM state input buffer, but was typed during the session. Input buffer: '{test_mitm.state.inputBuffer}'"
logging.info("Keyboard typing assertion PASSED") 示例13: get_packet
# 需要导入模块: from scapy import all [as 别名]
# 或者: from scapy.all import rdpcap [as 别名]
def get_packet(self, packet):
"""
Process the Dot11 packets and verifiy it is a valid
eapol frames in a 80211 fourway handshake
:param self: Handshakeverify object
:param packet: A scapy.layers.RadioTap object
:type self: Handshakeverify
:type packet: scapy.layers.RadioTap
:return: empty list
:rtype: list
..note: In this extension we don't need to send the packets
to the extension manager.
"""
# append the capture of user first:
if self._is_first and self._data.args.handshake_capture:
pkts = rdpcap(self._data.args.handshake_capture)
for pkt in pkts:
if self.is_valid_handshake_frame(pkt):
self._eapols.append(pkt)
self._is_first = False
# check if verification is done
if self._is_done != DONE:
# append to list if this is the key frame
if self.is_valid_handshake_frame(packet):
self._eapols.append(packet)
num_of_frames = len(self._eapols)
for index in range(num_of_frames):
if num_of_frames - index > 3 and index + 3 <= len(self._eapols):
ap_bssid = self._data.target_ap_bssid
# from AP to STA
msg1 = self._eapols[index]
# from STA to AP
msg2 = self._eapols[index + 1]
# from AP to STA
msg3 = self._eapols[index + 2]
# from STA to AP
msg4 = self._eapols[index + 3]
if msg1.addr2 == ap_bssid and\
msg3.addr2 == ap_bssid and\
msg2.addr1 == ap_bssid and\
msg4.addr1 == ap_bssid:
self._is_captured = True
else:
break
return self._packets_to_send