先用scapy抓包
from scapy.all import wrpcap, Ether, IP, UDP
packet = Ether() / IP(dst="1.2.3.4") / UDP(dport=123)
wrpcap('foo.pcap', [packet])
再用dpkt解析
# from: https://blog.csdn.net/javajiawei/article/details/100513267
import sys
import os
import dpkt
def checkIfHTTPRes(data): # 检查是否为HTTP协议
if len(data) < 4:
return False
if data[:4] == str.encode('HTTP'):
return True
return False
def httpPacketParser(http): # 分析流
if checkIfHTTPRes(http): # 检查是否为HTTP协议
try:
response = dpkt.http.Response(http) # 尝试以HTTP读取响应
print(response.status)
except Exception as e:
# print(e)
pass
# else:
# print("Not HTTP")
def tcpPacketParser(tcp): # 获取流
stream = tcp.data
if len(stream