3

我正在尝试创建一些 scapy 图层并希望它们动态调整它们的大小。我使用以下代码:

class Foo(Packet):
name = "Testpacket"
fields_desc = [
         ByteField("length", None),
         ByteField("byte2", None),
         ByteField("byte3", None),
         ByteField("byte4", None),
         ByteField("byte5", None),
         ByteField("byte6", None),
         ByteField("byte7", None),
         ByteField("byte8", None),
         ByteField("byte9", None),
         ByteField("byte10", None),
         ByteField("byte11", None) 
         ]     

def post_build(self, p, pay): 
    if self.length is None: 
        if self.byte11 is not None: 
            x = 0xa 
        elif self.byte10 is not None: 
            x = 0x9 
        elif self.byte9 is not None: 
            x = 0x8 
        elif self.byte8 is not None: 
            x = 0x7 
        elif self.byte7 is not None: 
            x = 0x6 
        elif self.byte6 is not None: 
            x = 0x5 
        elif self.byte5 is not None: 
            x = 0x4 
        elif self.byte4 is not None: 
            x = 0x3 
        elif self.byte3 is not None: 
            x = 0x2 
        elif self.byte2 is not None: 
            x = 0x1 
            print "byte2 is set, x is %s"%(x,)
        else: 
            x = 0x0 
    p = p[:0] + struct.pack(">b", x)
    p += pay
    return p

当我在我的 scapy 解释器中执行以下操作时: >>> aa=Foo(); aa.byte2=0x14; aa.show2(); 我得到:

>>> aa=Foo(); aa.byte2=0x14; aa.show2(); aa.show();
###[ Testpacket ]###
  length= 1
  byte2= None
  byte3= None
  byte4= None
  byte5= None
  byte6= None
  byte7= None
  byte8= None
  byte9= None
  byte10= None
  byte11= None
###[ Testpacket ]###
  length= None
  byte2= 20
  byte3= None
  byte4= None
  byte5= None
  byte6= None
  byte7= None
  byte8= None
  byte9= None
  byte10= None
  byte11= None

现在,根据我的理解,show2() 应该计算数据包的长度等。在我的情况下,这应该设置长度字节 2。不幸的是,情况并非如此。知道我做错了什么吗?我已经搜索了几个小时的错误,但我没有想法:-S 任何建议都会受到欢迎。

最诚挚的问候

4

1 回答 1

2

马丁,你的理解是错误的.......show2()组装后计算数据包。 .show()不应该计算长度......例如,使用IP......

>>> from scapy.all import IP
>>> bar = IP(dst='4.2.2.2')/"Yo mama is ugly.  So ugly.  Aaahhhhhh my eyes"

.show2()……的结果

>>> bar.show2()
###[ IP ]###
  version   = 4L
  ihl       = 5L
  tos       = 0x0
  len       = 65
  id        = 1
  flags     =
  frag      = 0L
  ttl       = 64
  proto     = ip
  chksum    = 0x6b45
  src       = 10.109.61.6
  dst       = 4.2.2.2
  \options   \
###[ Raw ]###
     load      = 'Yo mama is ugly.  So ugly.  Aaahhhhhh my eyes'
>>>

...的结果.show()注意ihl,len并且chksumNone..

>>> bar.show()
###[ IP ]###
  version   = 4
  ihl       = None  <-------
  tos       = 0x0
  len       = None  <-------
  id        = 1
  flags     =
  frag      = 0
  ttl       = 64
  proto     = ip
  chksum    = None  <-------
  src       = 10.109.61.6
  dst       = 4.2.2.2
  \options   \
###[ Raw ]###
     load      = 'Yo mama is ugly.  So ugly.  Aaahhhhhh my eyes'
>>>
于 2011-07-01T12:55:14.583 回答