Tuesday, December 30, 2014

Black Hat Python Chapter 3 Scripts

I have been reading Black Hat Python, ISBN:978-1-59327-590-7 by No Starch Press. It is an excellent book and well worth the time invested in looking at the scripts. However, for the scripts in Chapter 3 I ran into issues running on 64-bit systems. On both of my Ubuntu Linux and Mac it first complains about grabbing at least 32 bytes of the packet, then it errors out on the IP class.

After some troubleshooting, it seems that the c_ulong on 64-bit systems are now 8-bytes instead of 4-bytes. I couldn't find an email address or link to report this issue, so I am just posting on my blog in case others run into the same issue.

The scripts are available on the book's website, http://www.nostarch.com/blackhatpython/. Again, it is well worth the money and time for the book, in my opinion.

Line 28 to 42:

class IP(Structure):
    _fields_ = [
        ("ihl",           c_ubyte, 4),
        ("version",       c_ubyte, 4),
        ("tos",           c_ubyte),
        ("len",           c_ushort),
        ("id",            c_ushort),
        ("offset",        c_ushort),
        ("ttl",           c_ubyte),
        ("protocol_num",  c_ubyte),
        ("sum",           c_ushort),
        ("src",           c_uint32),
        ("dst",           c_uint32)

    while True:
        # read in a single packet
        raw_buffer = sniffer.recvfrom(65565)[0]
        # create an IP header from the first 20 bytes of the buffer
        ip_header = IP(raw_buffer[0:32])

No comments:

Post a Comment