Is it possible to configure Scapy to listen for network traffic and send a crafted packet once a packet with certain parameters is received? I mean for example Scapy listens network traffic on eth0 and in case an ICMP "echo request" packet from source IP 10.10.44.3 is received, Scapy sends an TCP SYN packet to port 34 to IP address 192.168.2.1 using 8.8.8.8 as a source. Is such setup possible with Scapy?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
Yes.
Using the sniff() function, you can provide a parameter to the stop_filter option.
>>> print sniff.__doc__
Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] +
L2ListenSocket args) -> list of packets
...clipped...
stop_filter: python function applied to each packet to determine
if we have to stop the capture after this packet
ex: stop_filter = lambda x: x.haslayer(TCP)
If the function returns 1, sniff will stop, and you can continue with whatever logic you wish.
