Python如何解析RADIUS服务器数据包?
我正在尝试从RADIUS服务器解析UDP数据包,我尝试了不同的工具,包括Scapy、Pynids和pypcap。问题是一些RADIUS属性没有正确解码,其中一些是错误的。这可能是什么原因 这是我的密码:Python如何解析RADIUS服务器数据包?,python,udp,scapy,radius,Python,Udp,Scapy,Radius,我正在尝试从RADIUS服务器解析UDP数据包,我尝试了不同的工具,包括Scapy、Pynids和pypcap。问题是一些RADIUS属性没有正确解码,其中一些是错误的。这可能是什么原因 这是我的密码: from scapy.all import sniff, Radius packets = sniff(iface='eth0', filter='udp', count=5) packet = packets[0] print packet.show() 下面是我得到的输出的摘要: ##
from scapy.all import sniff, Radius
packets = sniff(iface='eth0', filter='udp', count=5)
packet = packets[0]
print packet.show()
###[ Ethernet ]###
dst = 94:57:a5:53:ab:70
src = d4:ca:6d:ae:a0:66
type = 0x800
###[ UDP ]###
sport = 38667
dport = radius
len = 205
chksum = 0x2bbd
###[ Radius ]###
code = Access-Request
id = 80
len = 197
authenticator= "T\xfb\x9c\t\x00 '\x14\xeb\x99\x84t\x9b\xb4\x83\x95"
\attributes\
|###[ Radius Attribute ]###
| type = Framed-Protocol
| len = 6
| value = '\x00\x00\x00\x01'
|###[ Radius Attribute ]###
| type = NAS-Port
| len = 6
| value = '\x00\xf6\xa7\xf9'
|###[ Radius Attribute ]###
| type = Called-Station-Id
| len = 8
| value = 'Dslam1'
|###[ Radius Attribute ]###
| type = 87
| len = 16
| value = 'ether1-Dslam 1'
|###[ Radius Attribute ]###
| type = Vendor-Specific
| len = 24
| value = '\x00\x00\x017\x0b\x12\x19\xfc4\xd01\xaf\x03\xd6\x0e!j\xa7H]\xdd;'
|###[ Radius Attribute ]###
| type = NAS-Identifier
| len = 15
| value = 'TEH-P'
对于未来的访问者,我就是这样解析数据包的 您需要在当前目录中创建一个字典文件,或者使用其中的一个示例,以便它能够正确解析您的数据类型
from pyrad.packet import Packet
from pyrad.dictionary import Dictionary
from scapy.all import sniff, Radius
def parse_packet(packet):
radius_packet = str(packet[Radius])
pkt = Packet(packet=radius_packet, dict=Dictionary("dictionary"))
for key, value in pkt.iteritems():
attr = pkt._DecodeKey(key)
value = pkt.__getitem__(attr)
print attr, value
sniff(iface='eth0', prn=parse_packet, filter="udp", store=0)
User-Name [u'12345678']
NAS-IP-Address ['192.168.*.*']
NAS-Port [15853417]
Service-Type ['Framed-User']
Framed-Protocol ['PPP']
Framed-IP-Address ['192.168.*.*']
Called-Station-Id [u'service4']
Calling-Station-Id [u'20:A7:5C:75:RA:TD']
NAS-Identifier [u'Test']
Acct-Status-Type ['Alive']
Acct-Delay-Time [0]
Acct-Input-Octets [1003335]
Acct-Output-Octets [15399190]
Acct-Session-Id [u'81c2332b']
Acct-Authentic ['RADIUS']
Acct-Session-Time [76321]
Acct-Input-Packets [15498]
Acct-Output-Packets [21247]
对于未来的访问者,我就是这样解析数据包的 您需要在当前目录中创建一个字典文件,或者使用其中的一个示例,以便它能够正确解析您的数据类型
from pyrad.packet import Packet
from pyrad.dictionary import Dictionary
from scapy.all import sniff, Radius
def parse_packet(packet):
radius_packet = str(packet[Radius])
pkt = Packet(packet=radius_packet, dict=Dictionary("dictionary"))
for key, value in pkt.iteritems():
attr = pkt._DecodeKey(key)
value = pkt.__getitem__(attr)
print attr, value
sniff(iface='eth0', prn=parse_packet, filter="udp", store=0)
User-Name [u'12345678']
NAS-IP-Address ['192.168.*.*']
NAS-Port [15853417]
Service-Type ['Framed-User']
Framed-Protocol ['PPP']
Framed-IP-Address ['192.168.*.*']
Called-Station-Id [u'service4']
Calling-Station-Id [u'20:A7:5C:75:RA:TD']
NAS-Identifier [u'Test']
Acct-Status-Type ['Alive']
Acct-Delay-Time [0]
Acct-Input-Octets [1003335]
Acct-Output-Octets [15399190]
Acct-Session-Id [u'81c2332b']
Acct-Authentic ['RADIUS']
Acct-Session-Time [76321]
Acct-Input-Packets [15498]
Acct-Output-Packets [21247]
这很有效,但我得到了编码数据,你知道如何解码吗?@PachinSV的值不是已经解码了吗?就像我包含的响应一样?我得到的值如下:80[b'\xac)bH\x9c4L\x04i\xb2\x8a\x9a~\xe0\x95']@PachinSV我想你需要更新你的字典文件,你可以在这里找到一个示例。这可能是具有特殊编码的特定于供应商的值。我得到一个错误:
索引器:未找到层[Radius]索引器:找不到层[Radius]