/usr/local/bin/tcpdump -r apr_02_test_1.pcapng ip6 reading from file apr_02_test_1.pcapng, link-type LINUX_SLL (Linux cooked v1), snapshot length 262144 15:47:04.863880 IP6 fe80::6c47:112:824f:3dfe > ff02::1:ff4f:3dfe: HBH ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::1:ff4f:3dfe, length 24
scapy/utils.py", line 2138, in tcpdump linktype = rd.linktype 'PcapNgReader' object has no attribute 'linktype'
Hello, I am on a Ubuntu 18.04.5 LTS (source) and I using scapy to send ICMP packets with a custom payload to a destination IP (also an Ubuntu system).
The source has two interfaces: eth0 and eth1.
I want to send layer 3 packets from both the interfaces eth0 and eth1. Likewise I use send() function.
I am also using tcpdump to check whether the packets are sent to the interface (iface parameter) mentioned in the function.
sniff(filter='icmp', iface=['eth0', 'eth1'], prn=lambda x: x.show())
iface_b = create_string_buffer(network_name(iface).encode("utf8")) AttributeError: 'list' object has no attribute 'encode'
Hello everyone! Just a quick question regarding https://github.com/secdev/scapy/blob/dcd54d59c94b83632b74e268e8b14026cbcd67c8/scapy/contrib/http2.py#L2672
parse_txt_hdrs' type hints clearly state that this metod has a string as input, but the first thing that it does is embed the string in a BytesIO object, which requires bytes as an input, is this a leftover from a previous version of the code or rather a typo? Thanks in advance
Is there a trick to insert one bye in front of Packet?
Conceptually this kind of operation is needed. I am developing a trick to resolve the 'max_val' thing I mentioned above.
new_packet = b'\x02' + old_packet
I tried this way. It seems working
new_packet = Packet(max_val.to_bytes(1, 'big') + raw(old_packet))
I found a strange thing in packet print.
It seems there are extra backslashes. I am not sure which one is correct.
Packet type is
IP / TCP 126.96.36.199:42219 > 188.8.131.52:ssh PA / Raw
Raw after TCP in Old Version (Released version, my old log record)
###[ Raw ]### load = '\x0f*E\x12\x83^\x86\xfca\xa9....
Raw after TCP in New Version (GIT version)
###[ Raw ]### load = '\x0f*E\x12\\x83^\\x86\\xfca\\xa9....