Question

我正在尝试创建一些scapy图层，并希望它们能够在运行中调整它们的大小。我使用以下代码：

class Foo(Packet):
name = "Testpacket"
fields_desc = [
         ByteField("length", None),
         ByteField("byte2", None),
         ByteField("byte3", None),
         ByteField("byte4", None),
         ByteField("byte5", None),
         ByteField("byte6", None),
         ByteField("byte7", None),
         ByteField("byte8", None),
         ByteField("byte9", None),
         ByteField("byte10", None),
         ByteField("byte11", None) 
         ]     

def post_build(self, p, pay): 
    if self.length is None: 
        if self.byte11 is not None: 
            x = 0xa 
        elif self.byte10 is not None: 
            x = 0x9 
        elif self.byte9 is not None: 
            x = 0x8 
        elif self.byte8 is not None: 
            x = 0x7 
        elif self.byte7 is not None: 
            x = 0x6 
        elif self.byte6 is not None: 
            x = 0x5 
        elif self.byte5 is not None: 
            x = 0x4 
        elif self.byte4 is not None: 
            x = 0x3 
        elif self.byte3 is not None: 
            x = 0x2 
        elif self.byte2 is not None: 
            x = 0x1 
            print "byte2 is set, x is %s"%(x,)
        else: 
            x = 0x0 
    p = p[:0] + struct.pack(">b", x)
    p += pay
    return p

当我在我的scapy解释器中执行以下操作时： >>> aa=Foo(); aa.byte2=0x14; aa.show2(); 我明白了：

>>> aa=Foo(); aa.byte2=0x14; aa.show2(); aa.show();
###[ Testpacket ]###
  length= 1
  byte2= None
  byte3= None
  byte4= None
  byte5= None
  byte6= None
  byte7= None
  byte8= None
  byte9= None
  byte10= None
  byte11= None
###[ Testpacket ]###
  length= None
  byte2= 20
  byte3= None
  byte4= None
  byte5= None
  byte6= None
  byte7= None
  byte8= None
  byte9= None
  byte10= None
  byte11= None

现在，根据我的理解，show2（）应该计算数据包的长度等。在我的例子中，这应该设置长度和 byte2。不幸的是，事实并非如此。知道我做错了什么吗？我现在一直在搜索这个bug几个小时，而且我没有想法： - 任何建议都会受到欢迎。

最诚挚的问候

Answer 1

Martin，你的理解是错误的...... .show2()在汇编后计算数据包。 .show()不应计算长度...例如，使用IP ...

>>> from scapy.all import IP
>>> bar = IP(dst='4.2.2.2')/"Yo mama is ugly.  So ugly.  Aaahhhhhh my eyes"

.show2() ...

的结果

>>> bar.show2()
###[ IP ]###
  version   = 4L
  ihl       = 5L
  tos       = 0x0
  len       = 65
  id        = 1
  flags     =
  frag      = 0L
  ttl       = 64
  proto     = ip
  chksum    = 0x6b45
  src       = 10.109.61.6
  dst       = 4.2.2.2
  \options   \
###[ Raw ]###
     load      = 'Yo mama is ugly.  So ugly.  Aaahhhhhh my eyes'
>>>

.show()的结果......请注意ihl，len和chksum为None ..

>>> bar.show()
###[ IP ]###
  version   = 4
  ihl       = None  <-------
  tos       = 0x0
  len       = None  <-------
  id        = 1
  flags     =
  frag      = 0
  ttl       = 64
  proto     = ip
  chksum    = None  <-------
  src       = 10.109.61.6
  dst       = 4.2.2.2
  \options   \
###[ Raw ]###
     load      = 'Yo mama is ugly.  So ugly.  Aaahhhhhh my eyes'
>>>

Scapy show2（）包问题

1 个答案: