scapy --- package generator in python 网络包生成器

str(pkt)    组装数据包
hexdump(pkt)    十六进制转储
ls(pkt)     显示出字段值的列表
pkt.summary()   一行摘要
pkt.show()  针对数据包的展开试图
pkt.show2()     显示聚合的数据包（例如，计算好了校验和）
pkt.sprintf()   用数据包字段填充格式字符串
pkt.decode_payload_as()     改变payload的decode方式
pkt.psdump()    绘制一个解释说明的PostScript图表
pkt.pdfdump()   绘制一个解释说明的PDF
pkt.command()   返回可以生成数据包的Scapy命令

>>> sendp(Ether()/IP(dst="137.195.117.153", ttl=(1,10)), iface="eth1")
..........
Sent 10 packets.




>>> sendp("I'm roaming on Ethernet", iface="eth1", loop=1, inter=0.2)
..........................................................................................^C
Sent 90 packets.




>>> p=sr1(IP(dst="137.195.117.153")/ICMP()/"______")
.Begin emission:
....Finished to send 1 packets.
..*
Received 8 packets, got 1 answers, remaining 0 packets
>>> p
<IP  version=4L ihl=5L tos=0x0 len=34 id=2104 flags= frag=0L ttl=63 proto=icmp chksum=0x6838 src=137.195.117.153 dst=10.0.2.15 options=[] |<ICMP  type=echo-reply code=0 chksum=0xe1e1 id=0x0 seq=0x0 |<Raw  load='______' |<Padding  load='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' |>>>>
>>> p.show()

>>> sr1(IP(dst="137.195.117.153")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.blabla.com")))
Begin emission:
.........Finished to send 1 packets.
....*
Received 14 packets, got 1 answers, remaining 0 packets
<IP  version=4L ihl=5L tos=0xc0 len=60 id=2117 flags= frag=0L ttl=63 proto=icmp chksum=0x6751 src=137.195.117.153 dst=10.0.2.15 options=[] |<ICMP  type=dest-unreach code=port-unreachable chksum=0x8a36 unused=0 |<IPerror  version=4L ihl=5L tos=0x0 len=60 id=1 flags= frag=0L ttl=63 proto=udp chksum=0x7045 src=10.0.2.15 dst=137.195.117.153 options=[] |<UDPerror  sport=domain dport=domain len=40 chksum=0x7134 |<DNS  id=0 qr=0L opcode=QUERY aa=0L tc=0L rd=1L ra=0L z=0L rcode=ok |>>>>>
>>> ans=_
>>> ans.summary()
'IP / ICMP / IPerror / UDPerror / DNS Qry '


>>> sr(IP(dst="137.195.117.153")/TCP(dport=[21,22,23]))
Begin emission:
..............Finished to send 3 packets.
...**.*
Received 21 packets, got 3 answers, remaining 0 packets
(<Results: TCP:3 UDP:0 ICMP:0 Other:0>, <Unanswered: TCP:0 UDP:0 ICMP:0 Other:0>)
>>> ans,unans=_
>>> ans.summary()
IP / TCP 10.0.2.15:ftp_data > 137.195.117.153:ftp S ==> IP / TCP 137.195.117.153:ftp > 10.0.2.15:ftp_data RA / Padding
IP / TCP 10.0.2.15:ftp_data > 137.195.117.153:ssh S ==> IP / TCP 137.195.117.153:ssh > 10.0.2.15:ftp_data RA / Padding
IP / TCP 10.0.2.15:ftp_data > 137.195.117.153:telnet S ==> IP / TCP 137.195.117.153:telnet > 10.0.2.15:ftp_data RA / Padding
>>>


TCP trace route
>>> ans,unans=sr(IP(dst="137.195.117.153", ttl=(4,25),id=RandShort())/TCP(flags=0x2))
>>> for snd,rcv in ans:
...     print snd.ttl, rcv.src, isinstance(rcv.payload, TCP)
...
4 137.195.117.153 True
5 137.195.117.153 True
6 137.195.117.153 True




>>> lsc()  # list TCP 路由追踪和其他高级函数

>>> ans,unans=sr(IP(dst='137.195.117.153', ttl=(1,6))/TCP())
.Begin emission:
.........................**Finished to send 6 packets.
*..**....*
Received 38 packets, got 6 answers, remaining 0 packets
>>> ans.make_table( lambda (s,r): (s.dst, s.ttl, r.src))
  137.195.117.153
1 10.0.2.2
2 137.195.117.153
3 137.195.117.153

>>> ans,unans=sr(IP(dst='137.195.117.153')/TCP(dport=[22,33,.Begin emission:
..........Finished to send 3 packets.
..**..*
Received 18 packets, got 3 answers, remaining 0 packets
>>> ans.make_table(lambda (s,r): (s.dst, s.dport, r.sprintf("%IP.id%")))
   137.195.117.153
22 2382
33 2384

>>> conf.route
Network         Netmask         Gateway         Iface           Output IP
127.0.0.0       255.0.0.0       0.0.0.0         lo              127.0.0.1
0.0.0.0         0.0.0.0         10.0.2.2        eth1            10.0.2.15
10.0.2.0        255.255.255.0   0.0.0.0         eth1            10.0.2.15
192.168.56.0    255.255.255.0   0.0.0.0         eth0            192.168.56.101
>>> conf.route.delt(net='0.0.0.0/0',gw='10.0.2.2')
>>> conf.route.add(net='0.0.0.0/0',gw='10.0.2.1')
>>> conf.route.add(host='192.168.1.1',gw='192.168.2.1')
>>> conf.route
Network         Netmask         Gateway         Iface           Output IP
127.0.0.0       255.0.0.0       0.0.0.0         lo              127.0.0.1
10.0.2.0        255.255.255.0   0.0.0.0         eth1            10.0.2.15
192.168.56.0    255.255.255.0   0.0.0.0         eth0            192.168.56.101
0.0.0.0         0.0.0.0         10.0.2.1        eth1            10.0.2.15
192.168.1.1     255.255.255.255 192.168.2.1     eth1            10.0.2.15
>>> conf.route.resync()
>>> conf.route
Network         Netmask         Gateway         Iface           Output IP
127.0.0.0       255.0.0.0       0.0.0.0         lo              127.0.0.1
0.0.0.0         0.0.0.0         10.0.2.2        eth1            10.0.2.15
10.0.2.0        255.255.255.0   0.0.0.0         eth1            10.0.2.15
192.168.56.0    255.255.255.0   0.0.0.0         eth0            192.168.56.101

>>> traceroute(['www.google.co.uk', 'www.baidu.com’, 'www.altavista.com'], maxttl=20)
Begin emission:
***********************************Finished to send 60 packets.
*************************
Received 60 packets, got 60 answers, remaining 0 packets
   103.235.46.39:tcp80 216.58.201.35:tcp80 217.12.15.96:tcp80
1  10.0.2.2        11  10.0.2.2        11  10.0.2.2        11
2  103.235.46.39   SA  216.58.201.35   SA  217.12.15.96    SA
3  103.235.46.39   SA  216.58.201.35   SA  217.12.15.96    SA
[...]
(<Traceroute: TCP:57 UDP:0 ICMP:3 Other:0>, <Unanswered: TCP:0 UDP:0 ICMP:0 Other:0>)
>>> result,unans=_
>>> result.show()
   103.235.46.39:tcp80 216.58.201.35:tcp80 217.12.15.96:tcp80
1  10.0.2.2        11  10.0.2.2        11  10.0.2.2        11
2  103.235.46.39   SA  216.58.201.35   SA  217.12.15.96    SA
[…]
>>> result.filter(lambda x: Padding in x[1])
<filtered Traceroute: TCP:57 UDP:0 ICMP:0 Other:0>

>>> ans,unans = sr(IP(dst = '137.195.117.153')/TCP(dport=[33,80],flags='A'))
.Begin emission:
.........Finished to send 2 packets.
....**
Received 16 packets, got 2 answers, remaining 0 packets
>>> for s,r in ans:
...     if s[TCP].dport == r[TCP].sport:
...         print str(s[TCP].dport) + " is unfiltered"
...
33 is unfiltered
80 is unfiltered
>>> for s in unans:
...     print str(s[TCP].dport) + " is filtered"