我无法解决这个问题声明任何人都可以帮忙 Q)使用wireshark捕获要发送到服务器的数据包并编写客户端程序以使用wireshark pcap文件并向服务器播放相同的数据包并将请求/响应转储到另一个文件中。
现在,我知道如何使用 pcap 文件捕获数据包,但我在连接服务器时遇到问题,请任何人提供使用 Python Scapy 和 pyshark 库的完整解决方案。
import pyshark
from scapy.all import *
import time
def read_pcap(file):
cap = pyshark.FileCapture(file)
packets = []
for packet in cap:
packets.append(packet)
return packets
def replay_packets(packets, server_ip, server_port):
responses = []
for packet in packets:
try:
# Convert PyShark packet to Scapy packet
scapy_pkt = IP(raw(packet.get_raw_packet()))
# Change destination IP and port to the server
scapy_pkt[IP].dst = server_ip
scapy_pkt[UDP].dport = server_port
# Send packet and capture response
response = sr1(scapy_pkt, timeout=2)
responses.append(response)
# Wait a bit between packets to mimic real traffic
time.sleep(0.1)
except Exception as e:
print(f"Error processing packet: {e}")
return responses
def dump_to_file(requests, responses, file):
with open(file, 'w') as f:
for req, resp in zip(requests, responses):
f.write(f"Request: {req}\nResponse: {resp}\n\n")
def main():
input_pcap_file = 'current.pcap'
output_file = 'output.txt'
server_ip = '123.56.8.0'
server_port = 80
packets = read_pcap(input_pcap_file)
requests = [packet.get_raw_packet() for packet in packets]
responses = replay_packets(packets, server_ip, server_port)
dump_to_file(requests, responses, output_file)
print("Finished processing packets.")
if __name__ == "__main__":
main()
这是我的代码,其中“current.pcap”是要使用的 pcap 文件,我猜我在连接到服务器时遇到问题。
听起来你想用 tcpreplay。 它可以让您捕获任意 tcpdump/wireshark *.pcap 文件, 并稍后重播这些数据包。
或者,您可能想编写一个消耗 pcap 文件,对其进行轻微调整,然后写入 过滤内容到另一个 pcap 文件,然后可以重播。