Scapy/Conversations: Difference between revisions

From charlesreid1

No edit summary
No edit summary
Line 1: Line 1:
=Conversations=
=Conversations=
==Scapy Built-In Conversation Analysis==


Scapy has a built-in conversations method. You'll need to build ImageMagick with X11: on the Mac, that's
Scapy has a built-in conversations method. You'll need to build ImageMagick with X11: on the Mac, that's
Line 10: Line 12:
Once we've done that, we can take a look at the existing method to print out a graph of all the conversations. This method is built into Scapy. We can utilize it to create our own conversations list, bypassing the graphing part and processing the information ourselves.
Once we've done that, we can take a look at the existing method to print out a graph of all the conversations. This method is built into Scapy. We can utilize it to create our own conversations list, bypassing the graphing part and processing the information ourselves.


<pre>
However, I have no idea whether the graphs look good, because even after the above steps I still can't get it to work.
    def conversations(self, getsrcdst=None,**kargs):
        """Graphes a conversations between sources and destinations and display it
        (using graphviz and imagemagick)
        getsrcdst: a function that takes an element of the list and return the source and dest
                  by defaults, return source and destination IP
        type: output type (svg, ps, gif, jpg, etc.), passed to dot's "-T" option
        target: filename or redirect. Defaults pipe to Imagemagick's display program
        prog: which graphviz program to use"""
        if getsrcdst is None:
            getsrcdst = lambda x:(x['IP'].src, x['IP'].dst)
        conv = {}
        for p in self.res:
            p = self._elt2pkt(p)
            try:
                c = getsrcdst(p)
            except:
                #XXX warning()
                continue
            conv[c] = conv.get(c,0)+1
        gr = 'digraph "conv" {\n'
        for s,d in conv:
            gr += '\t "%s" -> "%s"\n' % (s,d)
        gr += "}\n"       
        return do_graph(gr, **kargs)
</pre>




{{ScapyFlag}}
{{ScapyFlag}}

Revision as of 06:06, 26 January 2016

Conversations

Scapy Built-In Conversation Analysis

Scapy has a built-in conversations method. You'll need to build ImageMagick with X11: on the Mac, that's 

brew uninstall imagemagick
brew install imagemagick --with-x11

Once we've done that, we can take a look at the existing method to print out a graph of all the conversations. This method is built into Scapy. We can utilize it to create our own conversations list, bypassing the graphing part and processing the information ourselves.

However, I have no idea whether the graphs look good, because even after the above steps I still can't get it to work.





Defcon.png
scapy
a Python library for interfacing with network devices and analyzing packets from Python.


Scapy  · Category:Scapy

Building Wireless Utilities: Scapy/Airodump Clone  · Scapy/AP Scanner

Analyzing Conversations: Scapy/Conversations

Database: Scapy/Wifi Database

Category:Scapy  · Category:Python  · Category:Networking


Flags  · Template:ScapyFlag  · e




Retrieved from "https://charlesreid1.com/w/index.php?title=Scapy/Conversations&oldid=9180"