我想使用scapy發送IGMP數據包,具體是IGMP Leave,IGMP Membership Report。是否有可能這樣做?Python:使用Scapy發送IGMP數據包
UPDATE:
我能夠最終生成它們。必須做到以下幾點:
1),因爲它是在這裏說明,安裝Scapy的v.2.2.0(包括setup.py輕微改動): scapy's contrib is missing after installing scapy on both windows and fedora
2)您需要使用從貢獻包文件(未添加到scapy核心的功能):
import scapy.contrib.igmp
igmpPacket = scapy.contrib.igmp.IGMP()
是的,可以發送IGMP數據包。 Google搜索一下之後,我想出了一些有用的鏈接,可以幫助你在某個方向。 在github上存在一個IGMP和IGMPv3在scapy中的實現。這也是一個有趣的mailing list。此外,這個post還有一個與IGMP有關的其他有趣的東西。
謝謝你的幫助,我終於可以做到了。查看問題中的更新! – Konstantin
使用這種方法,你可以發送IGMP版本2(RFC2236)成員查詢消息,而不是IGMP版本3.
下面是完整的代碼和tcpdump的:
>>> from scapy.all import *
>>> import scapy.contrib.igmp
>>> p = IP(dst="62.22.14.4")/scapy.contrib.igmp.IGMP()
>>> send(p)
.
Sent 1 packets.
>>>
# tcpdump -ni cplane0 igmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on cplane0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:42:01.045618 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.045631 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.046470 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.046476 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.959331 IP 62.22.14.4 > 224.1.1.1: igmp v2 report 224.1.1.1
更新: 由於IGMPv3的正在建設中。這裏有一個方法來發送IGMP版本3成員查詢:
>>> from scapy.all import *
>>>
>>> class IGMP3(Packet):
... name = "IGMP3"
... fields_desc = [ ByteField("type", 0x11),
... ByteField("mrtime", 20),
... XShortField("chksum", None),
... IPField("gaddr", "0.0.0.0"),
... IntField("others", 0x0)]
... def post_build(self, p, pay):
... p += pay
... if self.chksum is None:
... ck = checksum(p)
... p = p[:2]+chr(ck>>8)+chr(ck&0xff)+p[4:]
... return p
...
>>> bind_layers(IP, IGMP3, frag=0, proto=2)
>>> p = IP(dst="62.21.20.21")/IGMP3()
>>> send(p)
.
Sent 1 packets.
>>>
# tcpdump -ni cplane0 igmp -v
tcpdump: listening on cplane0, link-type EN10MB (Ethernet), capture size 262144 bytes
17:24:35.013987 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014000 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014476 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014482 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.218208 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
62.21.20.21 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 239.1.1.1 is_ex, 0 source(s)]
也許這些鏈接是有用的:http://bb.secdev.org/scapy/src/0d201eca59df/scapy/contrib/igmpv3.py?at=默認 https://github.com/d1b/scapy/blob/master/scapy/contrib/igmp.py http://article.gmane.org/gmane.comp.security.scapy.general/666/match= igmp http://search.gmane.org/?query=igmp&group=gmane.comp.security.scapy.general –