Well, turns out that the code was doing exactly what it should have been doing, just not what I expected.
Consider the following:
sniffer = pcs.PcapConnector(options.interface)
rawPacket = sniffer.read()
etherPacket = ethernet(rawPacket)
print "RAW"
print ByteToHex(rawPacket)
print "Ether.bytes"
print ByteToHex(etherPacket.getbytes())
print "Ether.chain().bytes"
print ByteToHex(etherPacket.chain().bytes)
This results in the output:
RAW
00 21 29 A5 A9 3F 00 1B 63 06 82 B2 08 00 45 00 00 4A DD AA 40 00 40 06 54 A1 AC 10 00 0A 40 0C 1C 3C C8 5B 14 46 03 BC CB 8B 8B 23 09 EF 50 18 FF FF EE FD 00 00 2A 02 01 C4 00 1F 00 04 00 14 00 00 00 00 01 C0 00 00 00 00 00 00 00 00 00 01 08 6C 7A 61 62 61 64 61
Ether.bytes
00 21 29 A5 A9 3F 00 1B 63 06 82 B2 08 00
Ether.chain().bytes
00 21 29 A5 A9 3F 00 1B 63 06 82 B2 08 00 45 00 00 4A DD AA 40 00 40 06 54 A1 AC 10 00 0A 40 0C 1C 3C C8 5B 14 46 03 BC CB 8B 8B 23 09 EF 50 18 FF FF EE FD 00 00 2A 02 01 C4 00 1F 00 04 00 14 00 00 00 00 01 C0 00 00 00 00 00 00 00 00 00 01 08 6C 7A 61 62 61 64 61
Looks like the ".getBytes()" function only returns the bytes for that level (which is obviously useful with the Chain object). Read more...
No comments:
Post a Comment