Fatal编程技术网
  • python/
  • 用scapy中的函数解码Python更新列表值

用scapy中的函数解码Python更新列表值

python

用scapy中的函数解码Python更新列表值,python,scapy,rtp,Python,Scapy,Rtp,我在使用scapy中的一个函数 RTP(pl[0]['UDP'].有效负载)。时间戳 这是可行的,在本例中,返回2983999523 我想将此值设置为0 RTP(pl[0]['UDP'].payload)。时间戳=0 这不管用。。。我假设这与我如何使用函数设置列表值有关?这可能吗 有什么想法吗?RTP()是一个函数,它可能返回一个具有参数时间戳的类。理论上,这应该可以改变该参数: foo = RTP(pl[0]['UDP'].payload) foo.timesamp > 298

我在使用scapy中的一个函数

RTP(pl[0]['UDP'].有效负载)。时间戳

这是可行的,在本例中,返回2983999523

我想将此值设置为0

RTP(pl[0]['UDP'].payload)。时间戳=0

这不管用。。。我假设这与我如何使用函数设置列表值有关?这可能吗

有什么想法吗?

RTP()
是一个函数,它可能返回一个具有参数
时间戳的类。理论上,这应该可以改变该参数:


foo = RTP(pl[0]['UDP'].payload)
foo.timesamp
    > 2983999523
foo.timestamp = 0
foo.timesamp
    > 0


我不知道这在这种情况下是否有用,因为我不知道您试图用
timestamp=0
做什么,但也许您可以根据自己的目的调整它

编辑-要扩展该功能,请执行以下操作:


def RTP2(obj):
    result = RPT(obj)
    result.timestamp = 0
    return result



我真的不明白scapython库是如何处理层的

发布我的操作RTP标题的完整代码,因为它需要大量的尝试和错误以及非常小的信息来排序。。。这是一个黑客,但它的工作,可能会帮助别人


### Python 2.7 Script by Neil Bernard neil@themoog.org
## This script is for editing RTP header information in PCAP files to manipulate RTP timestamp and SSRC
## for testing hardware transport stream devices and testing SMPTE 2022-2 handling

## There is some error checking for scapy network layers but try to keep capture as clean as possible
## also try to keep captures under 260Mb for performance, can take a good 20mins on an intel i7 / 16GB ram

#### Basic Scapy Tutorial

# *https://www.youtube.com/watch?v=ADDYo6CgeQY

#### Scapy cheat sheet

# https://blogs.sans.org/pen-testing/files/2016/04/ScapyCheatSheet_v0.2.pdf

#### Scapy RTP Library https://fossies.org/linux/scapy/scapy/layers/rtp.py

# import scapy
from scapy.all import rdpcap
from scapy.all import wrpcap
from scapy.all import RTP
from scapy.all import *

infile = "test_rtp.pcap"
outfile = "modified_" + infile
dest_port = 2000 # usefull to make sure you only action packets that are RTP

# load packet capture
print "Loading Packet Capture Keep <200Mb - Might take a few mins....."
pl = rdpcap(infile)
print "Loading complete!"

# print number of packets
print(len(pl))
# # print rtp timestamp
# print(RTP(pl[0][UDP].payload).timestamp)
numberofpckts = len(pl)

print numberofpckts

for pkt in range(numberofpckts):

    # You cant use the [RTP] layer on a list index so you have to put it in a
    # variable first. Also need to make sure its a UDP packet with .haslayer(UDP):
    # https://stackoverflow.com/questions/48763072/scapy-getting-trailer-field-in-the-dissector

    if pl[pkt].haslayer(UDP):
        packet = pl[pkt][UDP]

    else:
        print "Probably Not a UDP / RTP Packet# {0}".format(pkt)


    # You need to do the line below to force RTP detection and manipulation
    # https://stackoverflow.com/questions/44724186/decode-rtp-over-udp-with-scapy

    if pl[pkt].haslayer(UDP):
        if packet["UDP"].dport==2000: # Make sure its actually RTP
            packet["UDP"].payload = RTP(packet["Raw"].load)

        #### un-commment and change lines below to manipulate headers

            # packet[RTP].version = 0
            # packet[RTP].padding = 0
            # packet[RTP].extension = 0
            # packet[RTP].numsync = 0
            # packet[RTP].marker = 0
            # packet[RTP].payload_type = 0
            # packet[RTP].sequence = 0

            # packet[RTP].timestamp = 0

            packet[RTP].sourcesync = 0
            # packet[RTP].sync = 0

            ### Calculate UDP Checksum or they will now be wrong!

            #https://scapy.readthedocs.io/en/latest/functions.html

            checksum_scapy_original = packet[UDP].chksum

            # set up and calculate some stuff

            packet[UDP].chksum = None ## Need to set chksum to None before starting recalc
            packetchk = IP(raw(packet))  # Build packet (automatically done when sending)
            checksum_scapy = packet[UDP].chksum
            packet_raw = raw(packetchk)
            udp_raw = packet_raw[20:]
            # in4_chksum is used to automatically build a pseudo-header
            chksum = in4_chksum(socket.IPPROTO_UDP, packetchk[IP], udp_raw)  # For more infos, call "help(in4_chksum)"

            # Set the new checksum in the packet

            packet[UDP].chksum = checksum_scapy # <<<< Make sure you use the variable in checksum_scapy

            # needed below to test layers before printing newts/newsourcesync etc to console

            if pl[pkt].haslayer(UDP):
                newts = RTP(pl[pkt][UDP].payload).timestamp
                newsourcesync = RTP(pl[pkt][UDP].payload).sourcesync

            else:
                newts = 999
                newsourcesync = 999

            print("Changing packet {0} of {3} to new timestamp {1} SSRC {2} Old UDP chksum {4} >> New UDP chksum ???").format(pkt+1,newts,newsourcesync,numberofpckts,hex(checksum_scapy_original))

        else:
            print "Probably Not a UDP / RTP Packet# {0}".format(pkt)

# Write out new capture file
wrpcap(outfile, pl)


尼尔·伯纳德的Python 2.7脚本neil@themoog.org
##此脚本用于编辑PCAP文件中的RTP头信息,以操作RTP时间戳和SSRC
##用于测试硬件传输流设备和测试SMPTE 2022-2处理
##对scapy网络层进行一些错误检查,但请尽可能保持捕获干净
##另外,为了提高性能,请尽量将捕获保持在260Mb以下,在intel i7/16GB ram上可能需要20分钟
####基本Scapy教程
# *https://www.youtube.com/watch?v=ADDYo6CgeQY
####Scapy备忘单
# https://blogs.sans.org/pen-testing/files/2016/04/ScapyCheatSheet_v0.2.pdf
####scapyrtp库https://fossies.org/linux/scapy/scapy/layers/rtp.py
#进口服装
从scapy.all导入rdpcap
从scapy.all导入wrpcap
从scapy.all导入RTP
从斯卡皮来的,都是进口货*
infle=“test\u rtp.pcap”
outfile=“修改的”+填充
dest_port=2000#用于确保只使用RTP操作数据包
#负载包捕获
打印“加载数据包捕获保持>新建UDP chksum?”)。格式(pkt+1、newts、newsourcesync、numberofpckts、十六进制(校验和(原始))
其他:
打印“可能不是UDP/RTP数据包#{0}”。格式(pkt)
#写出新的捕获文件
wrpcap(输出文件,pl)
谢谢你,伙计。。。我是超级分层的,所以我想我需要再考虑一下。。。。但基本上我试图替换函数返回到RTP数据包中的值。。。我想我需要扩展这个函数?啊,我明白了。我用函数的扩展更新了答案。谢谢,我不确定我是否完全理解。。。。。但是我要玩一玩。
RTP2(pl[0]['UDP'].payload)
只返回与'RTP(pl[0]['UDP'].payload)相同的对象,但时间戳设置为0