Last active
June 10, 2020 01:50
-
-
Save syakesaba/4f393eca540c33fc3100f1988a0692ce to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # encoding: utf-8 | |
| from scapy.packet import Packet | |
| import json | |
| class JsonPacket(Packet): | |
| name = "JsonPacket" | |
| fields_desc = [] | |
| json_valid_types = (dict,list,unicode,str,int,long,float,bool,None) | |
| #Override | |
| def build_done(self,pkt): | |
| return json.dumps(self._jsonize_packet(pkt), indent=4) | |
| def _jsonize_packet(self, pkt): | |
| layers = [layer for layer in self._walk_layers(pkt)] | |
| out = [] | |
| for layer in layers: | |
| layer_name = layer.name if layer.name else layer.__name__ | |
| out.append({layer_name:self._serialize_fields(layer,{})}) | |
| return out | |
| def _walk_layers(self, pkt): | |
| i=1 | |
| layer = self.getlayer(i) | |
| while layer: | |
| yield layer | |
| i += 1 | |
| layer = self.getlayer(i) | |
| def _serialize_fields(self, layer, serialized_fields={}): | |
| if hasattr(layer, "fields_desc"): | |
| for field in layer.fields_desc: | |
| self._extract_fields(layer, field, serialized_fields) | |
| return serialized_fields | |
| def _extract_fields(self, layer, field, extracted={}): | |
| value = layer.__getattr__(field.name) | |
| if type(value) in self.json_valid_types: | |
| extracted.update({field.name:value}) | |
| else: | |
| local_serialized = {} | |
| extracted.update({field.name:local_serialized}) | |
| self._serialize_fields(field, local_serialized) | |
| if __name__ == "__main__": | |
| from scapy.main import interact | |
| from scapy.all import * | |
| print(JsonPacket()/(IP(dst="8.8.8.8")/UDP(dport=53)/DNS()/DNSQR(qname="terra.es"))) | |
| interact(mydict=locals()) |
Author
how hard would this be to port to python3?
I keep getting this error and I believe it's related to the fact that python3 doesn't use unicode or long
File "/Applications/PyCharm.app/Contents/helpers/pydev/pydev_run_in_console.py", line 52, in run_file
[GCC 4.2.1 Compatible Clang 4.0.1 (tags/RELEASE_401/final)] on darwin
pydev_imports.execfile(file, globals, locals) # execute the script
File "/Applications/PyCharm.app/Contents/helpers/pydev/_pydev_imps/_pydev_execfile.py", line 18, in execfile
exec(compile(contents+"\n", file, 'exec'), glob, loc)
File "/Users/mschem/PycharmProjects/ML/test.py", line 4, in <module>
class JsonPacket(Packet):
File "/Users/mschem/PycharmProjects/ML/test.py", line 7, in JsonPacket
json_valid_types = (dict,list,unicode,str,int,long,float,bool,None)
NameError: name 'unicode' is not defined```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
[
{
"IP": {
"frag": 0,
"src": "163.44.169.235",
"proto": 17,
"tos": 0,
"dst": "8.8.8.8",
"chksum": {},
"len": {},
"options": [],
"version": 4,
"flags": 0,
"ihl": {},
"ttl": 64,
"id": 1
}
},
{
"UDP": {
"dport": 53,
"sport": 53,
"len": {},
"chksum": {}
}
},
{
"DNS": {
"aa": 0,
"qr": 0,
"an": {},
"nscount": 0,
"qdcount": 0,
"ns": {},
"tc": 0,
"rd": 0,
"arcount": 0,
"ar": {},
"opcode": 0,
"ra": 0,
"z": 0,
"rcode": 0,
"id": 0,
"ancount": 0,
"qd": {}
}
},
{
"DNS Question Record": {
"qclass": 1,
"qtype": 1,
"qname": "terra.es"
}
}
]