0

For a personnal project, I need to capture packets. I've done it on the port I put as an example in the code below that I tested. The application I'm interested in communicates on this port and as soon as it's on (and the program is running), I have a packet exchange. I tested by replacing prn by prn = lambda x: x.summary()

My issue is the following. I'd like to retrieve the contents of the RAW layer for packets that have it. A solution would be to make pkt[3]["RAW"].load() with 3 in index, but this doesn't work with count = 0, I want to retrieve packets continuously.

So my idea was to make a function that for each packet checks if it has a RAW layer. If it does, it displays its load field. However my code as it is doesn't work without index. I thought of a foreach loop but without success.

Do you have an idea how to proceed ? Here is what I have in the current state.

from scapy.all import *

def showData():
    if (x.haslayer("RAW")):
        #do a x[...]["RAW"].load()
       
pkt = sniff(count=0,filter = "tcp port 6800", prn = lambda x: x.showData())

Thanks in advance

Thelouras
  • 852
  • 1
  • 10
  • 30
Pampah
  • 1
  • 1
  • 1
    I don't even know where to start. "RAW" all caps doesn't exist, your `showData` call is wrong because it is not a function of a packet but a global one, count=0... what are you trying to do ?! Check the doc and the examples ! https://scapy.readthedocs.io/en/latest/usage.html – Cukic0d Sep 29 '20 at 11:36
  • It is "Raw" indeed. Here is an example of what I've got with one single packet using a x.show() : [link](https://i.gyazo.com/64e665ab87a79a3c2fee18506722748b.png) As the above screen shows, there is a field called `load`. What I would like is to display, for each packet, the content of the load field. All the packets I receive don't have this load field, that's why I wanted to filter them. On the other hand, why `count = 0`? Simply because I don't want to capture a defined number of packets. The doc does say that count = 0 captures continuously. Hoping that I have made it clearer – Pampah Sep 29 '20 at 12:07

0 Answers0