partial packets recieved with scapy and python

I am trying to sniff long packets, specifically http packets that contain html code.

this is the code I am using:

from scapy.all import *

f = open('outHTML.txt','wb')

def packet_callback(pkt):
 if pkt.haslayer(Raw) and pkt[Raw].load:
 if str(pkt[Raw].load).find("<html") != -1:
 f.write(bytes('n' + "=" * 50 + 'n', encoding = "utf8"))
 f.write(pkt[Raw].load)
 f.flush()

sniff(prn=packet_callback)

for some reason when I am sniffing, I don't get all of the code.
for example, I got this result:

HTTP/1.1 200 OK
Date: Tue, 13 Nov 2018 14:00:57 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Tue, 13 Nov 2018 14:00:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Contenet-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Set-Cookie: TS01b8cd54=019790ad781b859b67afd842e20f0cefeebdf19683a53ff0c282ad209e1bcd0e8d590944badeef97f3d54ed8ab8c7efc5614812de7b7daaddfa8ce09ddf390077f7d2652ce; Path=/; Domain=.rishuy.mot.gov.il
Transfer-Encoding: chunked

4000
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="he-il" lang="he-il" dir="rtl">
<head>


<meta http-equiv="X-UA-Compatible" content="IE=edge">


<meta name="viewport" content="width=device-width, initial-scale=1.0" />


<base href="http://rishuy.mot.gov.il/he/" />
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="keywords" content="רשיומט, רישוי קול, משרד הרישוי, רישוי נהיגה, רישוי כלי רכב" />
 <meta name="description" content="משרד התחבורה - רשות הרישוי" />
 <title>רשות הרישוי</title>
 <link href="/he/?format=feed&amp;type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
 <link href="/he/?format=feed&amp;type=atom" rel="alternate" t

followed by a lot of NUL bytes.

(in the website there is html code instead of those NUL bytes).

how do I get the rest of the code?

edited Nov 15 '18 at 6:21

asked Nov 13 '18 at 14:22

Goolmoos

446

Possible duplicate of sniffing long packets with Scapy and python 3

– Cukic0d
Nov 20 '18 at 22:17

add a comment |

I am trying to sniff long packets, specifically http packets that contain html code.

this is the code I am using:

from scapy.all import *

f = open('outHTML.txt','wb')

def packet_callback(pkt):
 if pkt.haslayer(Raw) and pkt[Raw].load:
 if str(pkt[Raw].load).find("<html") != -1:
 f.write(bytes('n' + "=" * 50 + 'n', encoding = "utf8"))
 f.write(pkt[Raw].load)
 f.flush()

sniff(prn=packet_callback)

for some reason when I am sniffing, I don't get all of the code.
for example, I got this result:

HTTP/1.1 200 OK
Date: Tue, 13 Nov 2018 14:00:57 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Tue, 13 Nov 2018 14:00:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Contenet-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Set-Cookie: TS01b8cd54=019790ad781b859b67afd842e20f0cefeebdf19683a53ff0c282ad209e1bcd0e8d590944badeef97f3d54ed8ab8c7efc5614812de7b7daaddfa8ce09ddf390077f7d2652ce; Path=/; Domain=.rishuy.mot.gov.il
Transfer-Encoding: chunked

4000
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="he-il" lang="he-il" dir="rtl">
<head>


<meta http-equiv="X-UA-Compatible" content="IE=edge">


<meta name="viewport" content="width=device-width, initial-scale=1.0" />


<base href="http://rishuy.mot.gov.il/he/" />
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="keywords" content="רשיומט, רישוי קול, משרד הרישוי, רישוי נהיגה, רישוי כלי רכב" />
 <meta name="description" content="משרד התחבורה - רשות הרישוי" />
 <title>רשות הרישוי</title>
 <link href="/he/?format=feed&amp;type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
 <link href="/he/?format=feed&amp;type=atom" rel="alternate" t

followed by a lot of NUL bytes.

(in the website there is html code instead of those NUL bytes).

how do I get the rest of the code?

edited Nov 15 '18 at 6:21

asked Nov 13 '18 at 14:22

Goolmoos

446

Possible duplicate of sniffing long packets with Scapy and python 3

– Cukic0d
Nov 20 '18 at 22:17

add a comment |

I am trying to sniff long packets, specifically http packets that contain html code.

this is the code I am using:

from scapy.all import *

f = open('outHTML.txt','wb')

def packet_callback(pkt):
 if pkt.haslayer(Raw) and pkt[Raw].load:
 if str(pkt[Raw].load).find("<html") != -1:
 f.write(bytes('n' + "=" * 50 + 'n', encoding = "utf8"))
 f.write(pkt[Raw].load)
 f.flush()

sniff(prn=packet_callback)

for some reason when I am sniffing, I don't get all of the code.
for example, I got this result:

HTTP/1.1 200 OK
Date: Tue, 13 Nov 2018 14:00:57 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Tue, 13 Nov 2018 14:00:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Contenet-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Set-Cookie: TS01b8cd54=019790ad781b859b67afd842e20f0cefeebdf19683a53ff0c282ad209e1bcd0e8d590944badeef97f3d54ed8ab8c7efc5614812de7b7daaddfa8ce09ddf390077f7d2652ce; Path=/; Domain=.rishuy.mot.gov.il
Transfer-Encoding: chunked

4000
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="he-il" lang="he-il" dir="rtl">
<head>


<meta http-equiv="X-UA-Compatible" content="IE=edge">


<meta name="viewport" content="width=device-width, initial-scale=1.0" />


<base href="http://rishuy.mot.gov.il/he/" />
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="keywords" content="רשיומט, רישוי קול, משרד הרישוי, רישוי נהיגה, רישוי כלי רכב" />
 <meta name="description" content="משרד התחבורה - רשות הרישוי" />
 <title>רשות הרישוי</title>
 <link href="/he/?format=feed&amp;type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
 <link href="/he/?format=feed&amp;type=atom" rel="alternate" t

followed by a lot of NUL bytes.

(in the website there is html code instead of those NUL bytes).

how do I get the rest of the code?

edited Nov 15 '18 at 6:21

asked Nov 13 '18 at 14:22

Goolmoos

446

I am trying to sniff long packets, specifically http packets that contain html code.

this is the code I am using:

from scapy.all import *

f = open('outHTML.txt','wb')

def packet_callback(pkt):
 if pkt.haslayer(Raw) and pkt[Raw].load:
 if str(pkt[Raw].load).find("<html") != -1:
 f.write(bytes('n' + "=" * 50 + 'n', encoding = "utf8"))
 f.write(pkt[Raw].load)
 f.flush()

sniff(prn=packet_callback)

for some reason when I am sniffing, I don't get all of the code.
for example, I got this result:

HTTP/1.1 200 OK
Date: Tue, 13 Nov 2018 14:00:57 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Tue, 13 Nov 2018 14:00:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Contenet-Type-Options: nosniff
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Set-Cookie: TS01b8cd54=019790ad781b859b67afd842e20f0cefeebdf19683a53ff0c282ad209e1bcd0e8d590944badeef97f3d54ed8ab8c7efc5614812de7b7daaddfa8ce09ddf390077f7d2652ce; Path=/; Domain=.rishuy.mot.gov.il
Transfer-Encoding: chunked

4000
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="he-il" lang="he-il" dir="rtl">
<head>


<meta http-equiv="X-UA-Compatible" content="IE=edge">


<meta name="viewport" content="width=device-width, initial-scale=1.0" />


<base href="http://rishuy.mot.gov.il/he/" />
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="keywords" content="רשיומט, רישוי קול, משרד הרישוי, רישוי נהיגה, רישוי כלי רכב" />
 <meta name="description" content="משרד התחבורה - רשות הרישוי" />
 <title>רשות הרישוי</title>
 <link href="/he/?format=feed&amp;type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
 <link href="/he/?format=feed&amp;type=atom" rel="alternate" t

followed by a lot of NUL bytes.

(in the website there is html code instead of those NUL bytes).

how do I get the rest of the code?

python html python-3.x http scapy

edited Nov 15 '18 at 6:21

asked Nov 13 '18 at 14:22

Goolmoos

446

edited Nov 15 '18 at 6:21

asked Nov 13 '18 at 14:22

Goolmoos

446

edited Nov 15 '18 at 6:21

asked Nov 13 '18 at 14:22

Goolmoos

446

asked Nov 13 '18 at 14:22

Goolmoos

446

asked Nov 13 '18 at 14:22

Goolmoos

446

Possible duplicate of sniffing long packets with Scapy and python 3

– Cukic0d
Nov 20 '18 at 22:17

add a comment |

Possible duplicate of sniffing long packets with Scapy and python 3

– Cukic0d
Nov 20 '18 at 22:17

Possible duplicate of sniffing long packets with Scapy and python 3

– Cukic0d
Nov 20 '18 at 22:17

add a comment |

0

active

oldest

votes

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);

);

draft saved

draft discarded

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53283133%2fpartial-packets-recieved-with-scapy-and-python%23new-answer', 'question_page');

);

Post as a guest

Name

Required, but never shown

0

active

oldest

votes

0

active

oldest

votes

draft saved

draft discarded

Thanks for contributing an answer to Stack Overflow!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Odtnhj