標籤:bsp 成員 http .com target 資料包 程式 win32 hub
使用scapy、scapy_http就可以方便的對pcap包中的http資料包進行解析
scapy_http可以在https://github.com/invernizzi/scapy-http下載,該地址下也給出了簡單的樣本程式,按照此樣本程式我修改了一個輸出pcap包中http包的源目的地址、payload的小程式,如下所示:
其中,p為資料包,scapy_http將其分為:
Ethernet->TCP->RAW三個層次,
使用p.show()函數可以列印出如下結果:
###[ Ethernet ]###
dst = 02:00:00:00:00:39
src = 00:00:00:01:02:09
type = 0x800
###[ IP ]###
version = 4L
ihl = 5L
tos = 0x0
len = 1014
id = 7180
flags =
frag = 0L
ttl = 45
proto = tcp
chksum = 0xbbf9
src = 126.209.59.13
dst = 121.113.176.25
\options \
###[ Raw ]###
load = ‘.....‘
第一層是網路層,包含源、目的mac、ip協議號,第二層是tcp層,第三層包含連接埠號碼、http報文
其中每一層均為上一層的payload成員
在運行程式的過程中,如果提示dnet或pcap庫異常,需要到這裡下載並重新安裝相應的庫:
pcap http://files.cnblogs.com/Jerryshome/pcap-1.1.win32-py2.7.rar
dnet http://files.cnblogs.com/Jerryshome/dnet-1.12.win32-py2.7.rar
python解析pcap檔案中的http資料包
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
