【无标题】哈哈哈逗你玩的随便编一下2pyshar

hhhdnw

已于 2024-10-11 16:17:27 修改

阅读量759

点赞数 21

文章标签：笔记

于 2024-09-30 10:14:43 首次发布

本文链接：https://blog.csdn.net/hhhdnw/article/details/142650767

版权

import pyshark

tshark_path = ‘D:\wireshark\tshark.exe’
capture_cap = pyshark.FileCapture(tshark_path=tshark_path, input_file=‘00tmp.pcap’)

print(type(capture_cap))
print(capture_cap)
‘’’
<class ‘pyshark.capture.file_capture.FileCapture’>
<FileCapture 00tmp.pcap>
‘’’
for cap in capture_cap:
print(cap)
‘’’
Packet (Length: 54)
Layer ETH
: Destination: a8:6b:ad:77:10:c3
Address: a8:6b:ad:77:10:c3
… …0. … … … … = LG bit: Globally unique address (factory default)
… …0 … … … … = IG bit: Individual address (unicast)
Source: d8:6d:17:96:9b:1a
Type: IPv4 (0x0800)
Address: d8:6d:17:96:9b:1a
… …0. … … … … = LG bit: Globally unique address (factory default)
… …0 … … … … = IG bit: Individual address (unicast)
Layer IP
: 0100 … = Version: 4
… 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x60 (DSCP: CS3, ECN: Not-ECT)
0110 00… = Differentiated Services Codepoint: Class Selector 3 (24)
… …00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 40
Identification: 0x3d4b (15691)
Flags: 0x4000, Don’t fragment
0… … … … = Reserved bit: Not set
.1… … … … = Don’t fragment: Set
…0. … … … = More fragments: Not set
…0 0000 0000 0000 = Fragment offset: 0
Time to live: 49
Protocol: TCP (6)
Header checksum: 0xdb06 [validation disabled]
Header checksum status: Unverified
Source: 114.230.213.77
Destination: 100.125.132.109
Layer TCP
: Source Port: 443
Destination Port: 52486
Stream index: 0
TCP Segment Len: 0
Sequence number: 156 (relative sequence number)
Next sequence number: 156 (relative sequence number)
Acknowledgment number: 176 (relative ack number)
0101 … = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
000. … … = Reserved: Not set
…0 … … = Nonce: Not set
… 0… … = Congestion Window Reduced (CWR): Not set
… .0… … = ECN-Echo: Not set
… …0. … = Urgent: Not set
… …1 … = Acknowledgment: Set
… … 0… = Push: Not set
… … .0… = Reset: Not set
… … …0. = Syn: Not set
… … …0 = Fin: Not set
TCP Flags: \xc2\xb7\xc2\xb7\xc2\xb7\xc2\xb7\xc2\xb7\xc2\xb7\xc2\xb7A\xc2\xb7\xc2\xb7\xc2\xb7\xc2\xb7
Window size value: 283
Calculated window size: 283
Window size scaling factor: -1 (unknown)
Checksum: 0x25d9 [unverified]
Checksum Status: Unverified
Urgent pointer: 0
Timestamps
Time since first frame in this TCP stream: 0.823161000 seconds
Time since previous frame in this TCP stream: 0.072719000 seconds
‘’’
print(type(cap))
#<class ‘pyshark.packet.packet.Packet’>

print(‘---------------------’)

对第一个包结构遍历

print(capture_cap[0])
print(dir(capture_cap[0].tcp.flags))
print(str(capture_cap[0].tcp.flags.showname_value))

#----------------------------------------------------------------------------------------

#tshark_path = ‘D:\ENSP\wireshark\tshark.exe’
#capture = pyshark.LiveCapture(interface=‘WLAN’, tshark_path=tshark_path, output_file=‘001222.pcap’)
#interface 是网卡在windows系统的名称，输出文件
#capture.sniff(timeout=10,packet_count=100)#------》所有包获取后，对list才能操作
#capture.close()

#for packet in capture.sniff_continuously():#-----》每个包可获取
#输出每个数据包的协议信息
#print(packet.highest_layer)
#输出每个数据包的IP地址信息
#print(packet.ip)