根据官网嗅探示例,在使用指令
sniff(iface="eth1", prn=lambda x: x.show())
时报如下错误
Traceback (most recent call last):
File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 891, in dev_from_name
return next(iface for iface in six.itervalues(self)
StopIteration
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "D:\Python37\lib\site-packages\scapy\sendrecv.py", line 836, in sniff
*arg, **karg)] = iface
File "D:\Python37\lib\site-packages\scapy\arch\pcapdnet.py", line 461, in __init__
self.ins = open_pcap(iface, MTU, self.promisc, 100, monitor=monitor) # noqa: E501
File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 997, in open_pcap
iface_pcap_name = pcapname(iface)
File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 966, in pcapname
return IFACES.dev_from_name(dev).pcap_name
File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 894, in dev_from_name
raise ValueError("Unknown network interface %r" % name)
ValueError: Unknown network interface 'eth1'
显然没有找到网络接口,解决方法如下:
利用Scapy的ifaces指令获取已安装接口列表
>>> ifaces
INDEX IFACE IP MAC
11 Intel(R) Ethernet Connection (2) I219-LM 10.38.1.212 30:9C:23:4E:B5:E4
13 VMware Virtual Ethernet Adapter for VMnet1 169.254.167.220 00:50:56:C0:00:01
14 VMware Virtual Ethernet Adapter for VMnet8 169.254.80.64 00:50:56:C0:00:08
17 Sangfor SSL VPN CS Support System VNIC 00:FF:BE:C5:70:D9
此时嗅探第一个以太网接口,指令为
>>> sniff(iface = IFACES.dev_from_index(11),prn=lambda x:x.show())
嗅探结果如下
###[ Ethernet ]###
dst = 33:33:ff:00:00:01
src = 48:4d:7e:ec:11:dd
type = 0x86dd
###[ IPv6 ]###
version = 6
tc = 0
fl = 0
plen = 32
nh = ICMPv6
hlim = 255
src = fd13:a37e:84eb:0:8d39:9ab4:3d6:7222
dst = ff02::1:ff00:1
###[ ICMPv6 Neighbor Discovery - Neighbor Solicitation ]###
type = Neighbor Solicitation
code = 0
cksum = 0xb7a3
res = 0
tgt = fd13:a37e:84eb::1
###[ ICMPv6 Neighbor Discovery Option - Source Link-Layer Address ]###
type = 1
len = 1
lladdr = 48:4d:7e:ec:11:dd
###[ 802.3 ]###
dst = 01:80:c2:00:00:00
src = 08:c0:21:85:3f:90
len = 105
###[ LLC ]###
dsap = 0x42
ssap = 0x42
ctrl = 3
###[ Spanning Tree Protocol ]###
proto = 0
version = 3
bpdutype = 2
bpduflags = 124
rootid = 32768
rootmac = 08:c0:21:85:3f:90
pathcost = 0
bridgeid = 32768
bridgemac = 08:c0:21:85:3f:90
portid = 32770
age = 0.0
maxage = 20.0
hellotime = 2.0
fwddelay = 15.0
.
.
.
.
.
.