I have a python file that declares sets of packets to be sent through a system that modifies the payload and sends them back. A script imports the packets from the python file, sends and receives them and needs to be able to predict what the modified packets will look like when they come back.
My question is, how can I produce packets with modified payload from the list of packets read from the file?
The input file defines packets with variable length headers, something like:
payload_len = 50
pkts = (Ether()/IP()/Raw(payload_len*b'\x00'), \
Ether()/IP()/TCP()/Raw(payload_len*b'\x00'), \
Ether()/IP()/UDP()/Raw(payload_len*b'\x00')
The system that modifies the packets puts a four byte known tag (e.g. 0xdeadbeef) in the payload. It can put that tag either at the start or the end of the payload.
So the script needs to do something like the following for every packet in the list:
from packet_list import *
predict = pkts
predict[0].payload[0] = b'\xde'
predict[0].payload[1] = b'\xad'
predict[0].payload[2] = b'\xbe'
predict[0].payload[3] = b'\xef'
or
predict[2].payload[payload_len-4] = b'\xde'
predict[2].payload[payload_len-3] = b'\xad'
predict[2].payload[payload_len-2] = b'\xbe'
predict[2].payload[payload_len-1] = b'\xef'
You can use load in order to access Raw bytes:
for pkt in pkts:
payload = pkt.lastlayer()
payload.load = b"\xde\xad\xbe\xef" + payload.load[4:] # or payload.load[:-4] + b"\xde\xad\xbe\xef"