CTFHub 协议流量分析题目解答
- Data
import pyshark
# 打开存储的捕获文件
caps = pyshark.FileCapture('icmp_data.pcap', display_filter="icmp")
result = ''
for cap in caps:
if(cap.ip.addr == '30.0.250.11'):
hex_string = str(cap.icmp.data)[16:18]
bytes_object = bytes.fromhex(hex_string)
ascii_String = bytes_object.decode("ASCII")
result+=ascii_String
print(result)
- Length
import pyshark
# 打开存储的捕获文件
caps = pyshark.FileCapture('icmp_len.pcap', display_filter="icmp")
result = ''
for cap in caps:
if(cap.ip.addr == '30.0.250.11'):
result+=chr(int(cap.icmp.data_len))
print(result)
- LengthBinary
import pyshark
import binascii
# 打开存储的捕获文件
caps = pyshark.FileCapture('icmp_len_binary.pcap',
display_filter="icmp && icmp.type == 8")
result = ''
for cap in caps:
if(cap.icmp.data_len == '32'):
result += '0'
else:
result += '1'
binary_string = result
result = binascii.unhexlify('%x' % int(binary_string, 2))
print(result)

0 评论