我使用scapy创建了一个新图层,我成功将新图层发送到另一台计算机并显示新图层。我的问题是,当我发送图层时,所有字段中的所有数据都出现在第一个字段中,并从另一个字段中删除。
import sys
i, o, e = sys.stdin, sys.stdout, sys.stderr
from scapy.all import *
sys.stdin, sys.stdout, sys.stderr = i, o, e
from scapy.packet import *
from scapy.fields import *
from scapy.layers.inet import UDP, IP
from scapy.layers.dns import DNS
from scapy.layers.l2 import Ether
class ID(Packet):
name = "ID secret Traffic"
fields_desc = [StrField("ID",""),StrField("LastName",""),StrField("FirstName",""),StrField("FatherName",""),
StrField("MomName",""),StrField("BdayLo",""),StrField("BdayHi",""),StrField("BirthLocation",""),
StrField("Gender",""),StrField("LocationOfIssuingID",""),StrField("Image","")]
bind_layers(UDP,ID,sport=217,dport=217)
bind_layers(ID,Raw,sport=217,dport=217)
bind_layers(UDP,Raw,sport=217,dport=217)
p = IP(dst='192.168.1.28')/UDP()/ID(ID='111111111',LastName="Kazo Cohen",FirstName="Omer",FatherName="Yaqqov",MomName="Irit",BdayLo="6121999",BdayHi="Kislev",BirthLocation="RamatGan",Gender="M",LocationOfIssuingID=" Tel Aviv",Image="fvvsgsgsfzfszvsfvfs")/Raw("KEEPALIVE")
p.show2()
send(p)
输出
###[ IP ]###
version = 4L
ihl = 5L
tos = 0x0
len = 120
id = 1
flags =
frag = 0L
ttl = 64
proto = udp
chksum = 0xf6e9
src = 192.168.1.30
dst = 192.168.1.28
\options \
###[ UDP ]###
sport = 217
dport = 217
len = 100
chksum = 0xf332
###[ ID secret Traffic ]###
ID = '111111111Kazo CohenOmerYaqqovIrit6121999KislevRamatGanM Tel AvivfvvsgsgsfzfszvsfvfsKEEPALIVE'
LastName = ''
FirstName = ''
FatherName= ''
MomName = ''
BdayLo = ''
BdayHi = ''
BirthLocation= ''
Gender = ''
LocationOfIssuingID= ''
Image = ''
答案 0 :(得分:1)
您的协议很奇怪:程序(Scapy或其他程序能够“谈论”您的协议)如何猜测ID字段只包含“111111111”,其余部分是用于下一个领域?
通常,你有一个已知的“字段结束”字符(一个空字节可以是一个例子),或一个固定长度(已知ID字段长度为9个字符),或者一个字段用于获取字符串的长度。
Scapy可以使用其中任何一个选项,第一种情况使用StrNullField或StrStopField,第二种情况使用StrFixedLenField,StrLenField使用FieldLenField为第三个。