CTFHub 协议流量分析题目解答

v228fa4dd5533c3f7112e9de2877f76168b.png

  1. Data
import pyshark

# 打开存储的捕获文件
caps = pyshark.FileCapture('icmp_data.pcap', display_filter="icmp")

result = ''

for cap in caps:
    if(cap.ip.addr == '30.0.250.11'):
        hex_string = str(cap.icmp.data)[16:18]
        bytes_object = bytes.fromhex(hex_string) 
        ascii_String = bytes_object.decode("ASCII") 
        result+=ascii_String

print(result)
  1. Length
import pyshark

# 打开存储的捕获文件
caps = pyshark.FileCapture('icmp_len.pcap', display_filter="icmp")

result = ''

for cap in caps:
    if(cap.ip.addr == '30.0.250.11'):
        result+=chr(int(cap.icmp.data_len))

print(result)

  1. LengthBinary
import pyshark
import binascii

# 打开存储的捕获文件
caps = pyshark.FileCapture('icmp_len_binary.pcap',
                           display_filter="icmp && icmp.type == 8")

result = ''

for cap in caps:
    if(cap.icmp.data_len == '32'):
        result += '0'
    else:
        result += '1'

binary_string = result
result = binascii.unhexlify('%x' % int(binary_string, 2))

print(result)


标题:CTFHub 协议流量分析题目解答
作者:糖醋鱼
地址:https://expoli.tech/articles/2021/07/10/1625889662126.html

    评论
    0 评论
avatar

取消