How to use the scapy.compat.orb function in scapy
To help you get started, we’ve selected a few scapy examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
secdev / scapy / scapy / layers / dns.py View on Github 
def dns_encode(x, check_built=False):
"""Encodes a bytes string into the DNS format
:param x: the string
:param check_built: detect already-built strings and ignore them
:returns: the encoded bytes string
"""
if not x or x == b".":
return b"\x00"
if check_built and b"." not in x and (
orb(x[-1]) == 0 or (orb(x[-2]) & 0xc0) == 0xc0
):
# The value has already been processed. Do not process it again
return x
# Truncate chunks that cannot be encoded (more than 63 bytes..)
x = b"".join(chb(len(y)) + y for y in (k[:63] for k in x.split(b".")))
if x[-1:] != b"\x00":
x += b"\x00"
return xdef BER_id_enc(n):
if n < 256:
# low-tag-number
return chb(n)
else:
# high-tag-number
s = BER_num_enc(n)
tag = orb(s[0]) # first byte, as an int
tag &= 0x07 # reset every bit from 8 to 4
tag <<= 5 # move back the info bits on top
tag |= 0x1f # pad with 1s every bit from 5 to 1
return chb(tag) + s[1:]def m2i(self, pkt, x):
opt = []
while x:
onum = orb(x[0])
if onum == 0:
opt.append(("EOL", None))
x = x[1:]
break
if onum == 1:
opt.append(("NOP", None))
x = x[1:]
continue
olen = orb(x[1])
if olen < 2:
warning("Malformed TCP option (announced length is %i)" % olen)
olen = 2
oval = x[2:olen]
if onum in TCPOptions[0]:
oname, ofmt = TCPOptions[0][onum]
if onum == 5: # SAckelse:
decryption_success = True
# Excerpt below better corresponds to TLS 1.1 IV definition,
# but the result is the same as with TLS 1.2 anyway.
# This leading *IV* has been decrypted by _tls_decrypt with a
# random IV, hence it does not correspond to anything.
# What actually matters is that we got the first encrypted block # noqa: E501
# in order to decrypt the second block (first data block).
# if version >= 0x0302:
# block_size = self.tls_session.rcs.cipher.block_size
# iv, pfrag = pfrag[:block_size], pfrag[block_size:]
# l = struct.unpack('!H', hdr[3:5])[0]
# hdr = hdr[:3] + struct.pack('!H', l-block_size)
# Extract padding ('pad' actually includes the trailing padlen)
padlen = orb(pfrag[-1]) + 1
mfrag, pad = pfrag[:-padlen], pfrag[-padlen:]
self.padlen = padlen
# Extract MAC
tmp_len = self.tls_session.rcs.mac_len
if tmp_len != 0:
cfrag, mac = mfrag[:-tmp_len], mfrag[-tmp_len:]
else:
cfrag, mac = mfrag, b""
# Verify integrity
chdr = hdr[:3] + struct.pack('!H', len(cfrag))
is_mac_ok = self._tls_hmac_verify(chdr, cfrag, mac)
if not is_mac_ok:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: record integrity check failed [%s]", pkt_info) # noqa: E501def getfield(self, pkt, s):
lst = []
length = 0
if self.length_from is not None:
length = self.length_from(pkt)
ret = ""
remain = s
if length is not None:
remain, ret = s[:length], s[length:]
while remain:
#
# Get the path attribute flags
flags = orb(remain[0])
attr_len = 0
if has_extended_length(flags):
attr_len = struct.unpack("!H", remain[2:4])[0]
current = remain[:4 + attr_len]
remain = remain[4 + attr_len:]
else:
attr_len = orb(remain[2])
current = remain[:3 + attr_len]
remain = remain[3 + attr_len:]
packet = self.m2i(pkt, current)
lst.append(packet)
return remain + ret, lstdef sane(x):
r = ""
for i in x:
j = orb(i)
if (j < 32) or (j >= 127):
r += "."
else:
r += chr(j)
return r# Set ifaceid to a binary form
ifaceid = inet_pton(socket.AF_INET6, "::" + ifaceid)[8:16]
except Exception:
return None
if ifaceid[3:5] != b'\xff\xfe': # Check for burned-in MAC address
return None
# Unpacking and converting first byte of faceid to MAC address equivalent
first = struct.unpack("B", ifaceid[:1])[0]
ulbit = 2 * [1, '-', 0][first & 0x02]
first = struct.pack("B", ((first & 0xFD) | ulbit))
# Split into two vars to remove the \xff\xfe bytes
oui = first + ifaceid[1:3]
end = ifaceid[5:]
# Convert and reconstruct into a MAC Address
mac_bytes = ["%.02x" % orb(x) for x in list(oui + end)]
return ":".join(mac_bytes)def dispatch_hook(cls, _pkt=None, *_, **kargs):
code = None
if _pkt:
code = orb(_pkt[0])
elif "code" in kargs:
code = kargs["code"]
if isinstance(code, six.string_types):
code = cls.fields_desc[0].s2i[code]
if code in (1, 2):
return PPP_CHAP_ChallengeResponse
return clsdef do_dec(cls, s, context=None, safe=False):
l, s, t = cls.check_type_check_len(s)
x = 0
if s:
if orb(s[0]) & 0x80: # negative int
x = -1
for c in s:
x <<= 8
x |= orb(c)
return cls.asn1_object(x), tverbose: displays information during scan
If received packet is a FlowControl
and not in noise_ids
append it to id_list
"""
if packet.flags and packet.flags != "extended":
return
if noise_ids is not None and packet.identifier in noise_ids:
return
try:
index = 1 if extended else 0
isotp_pci = orb(packet.data[index]) >> 4
isotp_fc = orb(packet.data[index]) & 0x0f
if isotp_pci == 3 and 0 <= isotp_fc <= 2:
if verbose:
print("[+] Found flow-control frame from identifier 0x%03x"
" when testing identifier 0x%03x" %
(packet.identifier, id_value))
if isinstance(id_list, dict):
id_list[id_value] = (packet, packet.identifier)
elif isinstance(id_list, list):
id_list.append(id_value)
else:
raise TypeError("Unknown type of id_list")
else:
noise_ids.append(packet.identifier)
except Exception as e:
print("[!] Unknown message Exception: %s on packet: %s" %
(e, repr(packet)))scapy
Scapy: interactive packet manipulation tool
Package Health Score
83 / 100Popular scapy functions
- scapy.all.IP
- scapy.automaton.ATMT.state
- scapy.compat.orb
- scapy.config.conf
- scapy.error.warning
- scapy.fields.BitField
- scapy.fields.ByteEnumField
- scapy.fields.ByteField
- scapy.fields.FieldLenField
- scapy.fields.IntField
- scapy.fields.ShortEnumField
- scapy.fields.ShortField
- scapy.fields.StrFixedLenField
- scapy.fields.XByteField
- scapy.layers.inet.IP
- scapy.layers.inet.UDP
- scapy.layers.l2.Ether
- scapy.packet.bind_layers
- scapy.packet.Packet
- scapy.packet.Raw