-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcreate_test_pcap.py
More file actions
executable file
·92 lines (76 loc) · 2.95 KB
/
create_test_pcap.py
File metadata and controls
executable file
·92 lines (76 loc) · 2.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!/usr/bin/env python3
"""
创建一个简单的测试PCAP文件
需要安装scapy:
python3 -m venv .venv
source .venv/bin/activate
pip install scapy
注意:如果scapy未安装,请使用C++版本的create_minimal_pcap程序
"""
import sys
def check_scapy():
"""检查scapy是否可用"""
try:
from scapy.all import Ether, IP, IPv6, TCP, UDP, ICMP, ARP, DNS, DNSQR, wrpcap
return True, (Ether, IP, IPv6, TCP, UDP, ICMP, ARP, DNS, DNSQR, wrpcap)
except ImportError:
return False, None
def create_test_pcap():
"""创建一个包含几个测试数据包的PCAP文件"""
scapy_available, scapy_modules = check_scapy()
if not scapy_available:
print("错误:需要安装scapy库")
print("请运行:")
print("python3 -m venv .venv")
print("source .venv/bin/activate")
print("pip install scapy")
print("")
print("替代方案:使用C++版本创建测试文件")
print("g++ -o create_minimal_pcap create_minimal_pcap.cpp")
print("./create_minimal_pcap")
return None
# 解包scapy模块
Ether, IP, IPv6, TCP, UDP, ICMP, ARP, DNS, DNSQR, wrpcap = scapy_modules
packets = []
# 创建一些测试数据包
# 1. HTTP请求包
pkt1 = Ether(dst="00:11:22:33:44:55", src="aa:bb:cc:dd:ee:ff") / \
IP(src="192.168.1.100", dst="93.184.216.34") / \
TCP(sport=12345, dport=80, flags="S") / \
"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n"
packets.append(pkt1)
# 2. DNS查询包
pkt2 = Ether(dst="00:11:22:33:44:55", src="aa:bb:cc:dd:ee:ff") / \
IP(src="192.168.1.100", dst="8.8.8.8") / \
UDP(sport=54321, dport=53) / \
DNS(rd=1, qd=DNSQR(qname="example.com"))
packets.append(pkt2)
# 3. ICMP ping包
pkt3 = Ether(dst="00:11:22:33:44:55", src="aa:bb:cc:dd:ee:ff") / \
IP(src="192.168.1.100", dst="8.8.8.8") / \
ICMP(type=8, code=0) / \
"Hello World"
packets.append(pkt3)
# 4. IPv6包
pkt4 = Ether(dst="00:11:22:33:44:55", src="aa:bb:cc:dd:ee:ff") / \
IPv6(src="2001:db8::1", dst="2001:db8::2") / \
TCP(sport=8080, dport=443, flags="A") / \
"IPv6 test data"
packets.append(pkt4)
# 5. ARP包(没有IP地址)
pkt5 = Ether(dst="ff:ff:ff:ff:ff:ff", src="aa:bb:cc:dd:ee:ff") / \
ARP(op=1, hwsrc="aa:bb:cc:dd:ee:ff", psrc="192.168.1.100",
hwdst="00:00:00:00:00:00", pdst="192.168.1.1")
packets.append(pkt5)
# 写入PCAP文件
output_file = "test_packets.pcap"
wrpcap(output_file, packets)
print(f"测试PCAP文件已创建: {output_file}")
print(f"包含 {len(packets)} 个数据包")
# 显示包的基本信息
print("\n数据包概览:")
for i, pkt in enumerate(packets, 1):
print(f"{i}. {pkt.summary()}")
return output_file
if __name__ == "__main__":
create_test_pcap()