ctfsolver.managers.manager_files_pcap

manager_files_pcap.py

This module provides the ManagerFilePcap class for handling and analyzing PCAP files using Scapy. It offers methods to open PCAP files, filter ICMP packets, extract TTL values, and search for specific text within packet payloads.

Classes:

ManagerFilePcap: Manages PCAP file operations and packet analysis.

Typical usage example:

manager = ManagerFilePcap() packets = manager.pcap_open(file=path_to_pcap) icmp_packets = manager.get_packets_icmp(packets) ttl_values = manager.get_packet_ttl(icmp_packets) found_text = manager.searching_text_in_packets(“flag”, packets)

Classes

ManagerFilePcap

ManagerFilePcap provides methods for handling and analyzing PCAP files using Scapy.

Module Contents

class ManagerFilePcap(*args, **kwargs)[source]

ManagerFilePcap provides methods for handling and analyzing PCAP files using Scapy. This class allows you to open PCAP files, filter packets by protocol (such as ICMP), extract specific packet attributes (like TTL), and search for text within packet payloads. .. attribute:: packets

List of packets loaded from a PCAP file.

type:

list[scapy.packet.Packet]

challenge_file[source]

Default file path for PCAP operations.

Type:

Path

initializing_all_ancestors(*args, **kwargs)[source]

Initializes all ancestors of the class.

pcap_open(file=None, save=False) list[scapy.packet.Packet] | None[source]

Opens a PCAP file and loads packets using Scapy.

Return type:

list[scapy.all.packet.Packet] | None

get_packets_icmp(packets=None) list[source]

Retrieves all ICMP packets from the loaded packets.

get_packet_ttl(packets=None) list[source]

Extracts the TTL values from the provided packets.

searching_text_in_packets(text, packets=None, display=False) str[source]

Searches for a specific text in packet payloads and optionally displays matching packets.

initializing_all_ancestors(*args, **kwargs)[source]
Description:

Initializes all the ancestors of the class Placeholder for overwrite

pcap_open(file=None, save=False)[source]
Description:

Open the pcap file with scapy and saves it in self.packets

Parameters:

  • file (Path, optional) – File to open. Defaults to None.

  • save (bool, optional) – Save the output. Defaults to False.

Return type:

list[scapy.all.packet.Packet] | None

get_packets_icmp(packets=None)[source]

Description: Get all the ICMP packets from the packets

Parameters:

packets (list, optional) – List of packets to search in. Defaults to None.

Returns:

List of ICMP packets

Return type:

list

get_packet_ttl(packets=None)[source]

Description: Get the TTL of all the ICMP packets

Parameters:

packets (list, optional) – List of packets to search in. Defaults to None.

Returns:

List of TTL of the ICMP packets

Return type:

list

searching_text_in_packets(text, packets=None, display=False)[source]

Description: Search for a text in the packets that have been opened with scapy

Parameters:

  • text (str) – Text to search in the packets

  • packets (list, optional) – List of packets to search in. Defaults to None.

  • display (bool, optional) – Display the packet if the text is found. Defaults to False.

Returns:

Text found in the packet if found

Return type:

str