Scapy嗅探报错

版权声明：本文为博主原创文章，未经博主允许不得转载。 https://blog.csdn.net/buside/article/details/88576433

根据官网嗅探示例，在使用指令

sniff(iface="eth1", prn=lambda x: x.show())

时报如下错误

Traceback (most recent call last):
  File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 891, in dev_from_name
    return next(iface for iface in six.itervalues(self)
StopIteration

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "D:\Python37\lib\site-packages\scapy\sendrecv.py", line 836, in sniff
    *arg, **karg)] = iface
  File "D:\Python37\lib\site-packages\scapy\arch\pcapdnet.py", line 461, in __init__
    self.ins = open_pcap(iface, MTU, self.promisc, 100, monitor=monitor)  # noqa: E501
  File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 997, in open_pcap
    iface_pcap_name = pcapname(iface)
  File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 966, in pcapname
    return IFACES.dev_from_name(dev).pcap_name
  File "D:\Python37\lib\site-packages\scapy\arch\windows\__init__.py", line 894, in dev_from_name
    raise ValueError("Unknown network interface %r" % name)
ValueError: Unknown network interface 'eth1'

显然没有找到网络接口，解决方法如下：

利用Scapy的ifaces指令获取已安装接口列表

>>> ifaces
INDEX  IFACE                                       IP               MAC
11     Intel(R) Ethernet Connection (2) I219-LM    10.38.1.212      30:9C:23:4E:B5:E4
13     VMware Virtual Ethernet Adapter for VMnet1  169.254.167.220  00:50:56:C0:00:01
14     VMware Virtual Ethernet Adapter for VMnet8  169.254.80.64    00:50:56:C0:00:08
17     Sangfor SSL VPN CS Support System VNIC                       00:FF:BE:C5:70:D9

此时嗅探第一个以太网接口，指令为

>>> sniff(iface = IFACES.dev_from_index(11),prn=lambda x:x.show())

嗅探结果如下

###[ Ethernet ]###
  dst       = 33:33:ff:00:00:01
  src       = 48:4d:7e:ec:11:dd
  type      = 0x86dd
###[ IPv6 ]###
     version   = 6
     tc        = 0
     fl        = 0
     plen      = 32
     nh        = ICMPv6
     hlim      = 255
     src       = fd13:a37e:84eb:0:8d39:9ab4:3d6:7222
     dst       = ff02::1:ff00:1
###[ ICMPv6 Neighbor Discovery - Neighbor Solicitation ]###
        type      = Neighbor Solicitation
        code      = 0
        cksum     = 0xb7a3
        res       = 0
        tgt       = fd13:a37e:84eb::1
###[ ICMPv6 Neighbor Discovery Option - Source Link-Layer Address ]###
           type      = 1
           len       = 1
           lladdr    = 48:4d:7e:ec:11:dd

###[ 802.3 ]###
  dst       = 01:80:c2:00:00:00
  src       = 08:c0:21:85:3f:90
  len       = 105
###[ LLC ]###
     dsap      = 0x42
     ssap      = 0x42
     ctrl      = 3
###[ Spanning Tree Protocol ]###
        proto     = 0
        version   = 3
        bpdutype  = 2
        bpduflags = 124
        rootid    = 32768
        rootmac   = 08:c0:21:85:3f:90
        pathcost  = 0
        bridgeid  = 32768
        bridgemac = 08:c0:21:85:3f:90
        portid    = 32770
        age       = 0.0
        maxage    = 20.0
        hellotime = 2.0
        fwddelay  = 15.0
.
.
.
.
.
.