我正在尝试从pcap文件中读取目标IP的列表,问题是当我运行while循环时出现此错误
Traceback (most recent call last):
File "/root/PycharmProjects/pcap/pcap.py", line 10, in <module>
print(pcap[4]['IP'].show())
File "/root/venv/pcap/lib/python3.7/site-packages/scapy/packet.py", line 1171, in __getitem__
raise IndexError("Layer [%s] not found" % lname)
IndexError: Layer ['IP'] not found
[当我检查Wireshark时,我发现该错误是由于vmware的请求而出现的,因为我是在Kali虚拟机上编写此代码的。这是我的代码
from scapy.all import *
from nmap import *
from collections import OrderedDict
scanner = nmap.PortScanner()
pcap = rdpcap('/root/Downloads/nakerah.pcap')
ip_list = []
x = 0
while x < 4:
host_ip = pcap[x]['IP'].dst
ip_list.append(host_ip)
final_list = list(OrderedDict.fromkeys(ip_list))
x += 1
print(final_list)
错误会告诉您确切的信息。
IndexError:找不到图层['IP']
您的数据包捕获中的一个数据包中不包含IP层。您需要在访问IP层之前检查它是否存在。例如,ARP数据包将没有IP层,并且会破坏您的代码。
使用wireshark的样本捕获中的pcap,我们可以通过检查IP层是否存在]来获得目标IP。
# print_ips.py from scapy.all import rdpcap ip_list = [] pkts = rdpcap('allen_test.pcap') # Limit analysis to 20 packets for brevity twenty_pkts = pkts[:20] for packet in twenty_packets: # This check is what you are missing if 'IP' in packet: dest_ip = packet['IP'].dst ip_list.append(dest_ip) print("Out of", len(twenty_packets), "packets,", len(ip_list), "were IP packets.") print("Dest IPs", ip_list)
在shell中运行,我们得到
$ python print_ips.py
WARNING: DNS decompression loop detected
Out of 20 packets, 7 were IP packets.
Dest IPs ['172.19.255.255', '172.19.255.255', '172.19.255.255', '172.19.255.255', '224.0.0.9', '172.19.0.240', '172.19.0.240']