@guedou del() the late evaluated field or setting its value to None indeed works.
But, if I’m new to the protocol, how to know which field is late evaluated thus it should be deleted after assignment?
@guedou Got it, thanks!
So, for one new protocol, how to know which field is late evaluated thus it should be deleted after assignment?
post_build, some fields are change in
i2m, I went through the
fields.pyand listed them:
[LenField, FCSField, PacketLenField, StrFixedLenField, StrLenField, _XStrLenField, FieldLenField, LenField, BitFixedLenField, BitFieldLenField, MultiFlagsField, _IPPrefixFieldBase, _ScalingField]
:point_up: Edit: Hi everybody, I'm trying to manipulate a 1.3 TLS session with scapy. My test setup uses 3 containers and the mitm container is sniffing the packets. My goal right now is to create a new verify message which is created in the handshake.py (line 1194).
How do i handle the TLS Connection in scapy and how can i create a new verify message?
This is some of my code so far: https://pastebin.com/BkD82cXy
for (pkt_data, pkt_metadata,) in RawPcapReader(file_name):
from scapy.all import * for (pkt_data, pkt_metadata,) in RawPcapReader("dump.pcap"): pass `
Traceback (most recent call last): File "sample.py", line 3, in <module> for (pkt_data, pkt_metadata,) in RawPcapReader("dump.pcap"): ValueError: too many values to unpack (expected 2)
This is how I loop now, but the change doesn't reflect when I write that
last = None counter = 0 while True: layer = pkt.getlayer(counter) if layer is None: break if isinstance(layer, scapy.contrib.diameter.AVPNV_StrLenField): if layer.name == 'AVP Public-Identity': orig = layer.val.decode('us-ascii') repl = _generate_replacement(orig) layer.val = repl.encode('us-ascii') counter = counter + 1
pktto a file.