pyshark - 来自 TCP 数据包的数据
有没有办法使用 pyshark 获取 TCP 数据包的负载?
Is there anyway to get the payload of a TCP packet using pyshark?
我正在尝试比较多个 TCP 流中不同数据包的数据部分,但我找不到获取数据包数据的方法.pkt['tcp'].data 似乎不存在.
I am trying to compare the data sections of different packets across multiple TCP streams but I can't find a way to get at the data of the packet. pkt['tcp'].data does not seem to exist.
如果您使用的是 .pcap 文件,一旦您使用
If you are using a .pcap file, once you have read the file using
cap = pyshark.FileCapture('vox.pcap')
说,你想读取第二个数据包的数据,并且你确定存在这样的字段,请尝试:
and say, you want to read the data of the 2nd packet, and you are sure such a field exists, try:
pkt = cap[1]
print pkt.tcp.data
要查看可用于 pkt.tcp 的选项,请使用:
To see the options available for pkt.tcp, use:
dir(pkt.tcp)
它将返回 pkt.tcp 的所有可用选项
It will return all the available options for pkt.tcp