Search code examples
pythonpython-2.7httpsscapypacket-sniffers

Scapy HTTPS\TLS packets

I'm trying to use Scapy to sniff my HTTPS network packets. I've already installed scapy_ssl_tls:

Requirement already satisfied: scapy-ssl_tls in path\python36\lib\site-packages (2.0.0)
Requirement already satisfied: pycryptodomex>=3.4 in path\python36\lib\site-packages (from scapy-ssl_tls) (3.7.3)
Requirement already satisfied: scapy==2.4.* in path\python36\lib\site-packages (from scapy-ssl_tls) (2.4.2)
Requirement already satisfied: tinyec>=0.3.1 in path\python36\lib\site-packages (from scapy-ssl_tls) (0.3.1)

but when I try this snippet:

from scapy_ssl_tls.ssl_tls import TLS

I have this exception:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "path\Python36\lib\site-packages\scapy_ssl_tls\ssl_tls.py", line 8, in <module>
    from scapy.layers import x509
  File "path\Python36\lib\site-packages\scapy\layers\x509.py", line 31, in <module>
    class ASN1P_OID(ASN1_Packet):
  File "path\Python36\lib\site-packages\scapy\layers\x509.py", line 33, in ASN1P_OID
    ASN1_root = ASN1F_OID("oid", "0")
  File "path\Python36\lib\site-packages\scapy\asn1fields.py", line 55, in __init__
    self.default = self.ASN1_tag.asn1_object(default)
  File "path\Python36\lib\site-packages\scapy\asn1\asn1.py", line 120, in asn1_object
    return self._asn1_obj(val)
  File "path\Python36\lib\site-packages\scapy\asn1\asn1.py", line 403, in __init__
    val = conf.mib._oid(plain_str(val))
AttributeError: 'Conf' object has no attribute 'mib'

I've already tried using Python 2.7, and when I run the same command, the output is:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "path\Python27\lib\site-packages\scapy_ssl_tls\ssl_tls.py", line 7, in <module>
    from scapy.layers.inet import TCP, UDP
  File "path\Python27\lib\site-packages\scapy\layers\inet.py", line 14, in <module>
    from scapy.layers.l2 import *
  File "path\Python27\lib\site-packages\scapy\layers\l2.py", line 14, in <module>
    from scapy.ansmachine import *
  File "path\Python27\lib\site-packages\scapy\ansmachine.py", line 14, in <module>
    from sendrecv import send,sendp,sniff
  File "path\Python27\lib\site-packages\scapy\sendrecv.py", line 13, in <module>
    import arch
  File "path\Python27\lib\site-packages\scapy\arch\__init__.py", line 80, in <module>
    from windows import *
  File "path\Python27\lib\site-packages\scapy\arch\windows\__init__.py", line 17, in <module>
    from scapy.sendrecv import debug, srp1
ImportError: cannot import name debug

Can someone help me or can they suggest another way to sniff https packets from the network using scapy?

Solution
    • You can try using the built in Scapy TLA module, rather than Scapy-ssltls, via load_layer("tls")
    • make sure you’re running the latest Scapy version
    • install wireshark (where Scapy gets its manuf data from)