Wednesday, April 5, 2017

The scapy python module - part 001.

Today I will start with scapy python module.
This is a good python module to deal and interact with network packets.
[root@localhost mythcat]# pip install scapy
Collecting scapy
  Downloading scapy-2.3.3.tgz (1.4MB)
    100% |████████████████████████████████| 1.4MB 904kB/s 
Building wheels for collected packages: scapy
  Running setup.py bdist_wheel for scapy ... done
  Stored in directory: /root/.cache/pip/wheels/bd/cf/...
Installing collected packages: scapy
Successfully installed scapy-2.3.3
First test is to test is the echo of Layer 3 ICMP.
Use the super user shell to run this python script:
from scapy.all import *
dstip=raw_input("enter the ip address \n")
icmp=ICMP()
icmp.type=8
icmp.code=0
ip=IP()
ip.dst=dstip
p=sr1(ip/icmp,timeout=5, verbose=0)
if(p):
        print "Layer 3 is up"
else:
        print "Layer 3 status is down"
The next python script will about arp request:
from scapy.all import *
def arp_display(pkt):
    if pkt[ARP].op == 1: 
        return "Request: " + pkt[ARP].psrc + " is asking about " + pkt[ARP].pdst
    if pkt[ARP].op == 2: 
        return "*Response: " + pkt[ARP].hwsrc + " has address " + pkt[ARP].psrc
print sniff(prn=arp_display, filter="arp", store=0, count=10)
This will read the packages from source and destination and show me what ARP traffic my computer is seeing.

How to parse the OPML file.

For example: the Feedly (stylized as feedly) is a news aggregator application for various web browsers and mobile devices can let you to export and import the opml file.

What is XML?
The Extensible Markup Language (XML) is a markup language much like HTML or SGML. This is recommended by the World Wide Web Consortium and available as an open standard.

Today I will show you how to parse the opml file type with python 2.7 version and xml python module.
This is the source script:
from xml.etree import ElementTree
import sys

file_opml = sys.argv[1]
def extract_rss_urls_from_opml(filename):
    urls = []
    with open(filename, 'rt') as f:
        tree = ElementTree.parse(f)
    for node in tree.findall('.//outline'):
        url = node.attrib.get('xmlUrl')
        if url:
            urls.append(url)
    return urls
urls = extract_rss_urls_from_opml(file_opml)
print urls
The result is a list with all your rss links.