pcap_generator
pcap_generator copied to clipboard
cslev
pcap_generator_from_csv.py doesn't read CSV file.
I have generated a csv file like;
...
timestamp=1701656602.133714,src_mac=a4:b5:70:e7:b8:63,dst_mac=2a:f4:dc:42:ed:ff,src_ip=168.128.208.41,dst_ip=www.kaspersky.no,src_port=22409,dst_port=443,protocol=tcp_syn
timestamp=1701656613.4261503,src_mac=4a:3a:0d:45:17:b1,dst_mac=c0:82:b9:9e:30:c1,src_ip=52.26.87.65,dst_ip=www.trendmicro.com,src_port=61334,dst_port=443,protocol=tcp_syn
timestamp=1701656724.1676538,src_mac=38:6a:bb:90:0e:93,dst_mac=00:f6:c9:da:c0:38,src_ip=96.210.177.68,dst_ip=https://c2.test.no,src_port=28604,dst_port=50,protocol=tcp_syn
timestamp=1701656932.5896902,src_mac=24:dd:32:8a:2a:5b,dst_mac=ce:4e:7a:9c:e3:85,src_ip=183.162.175.95,dst_ip=www.netflix.com,src_port=59098,dst_port=443,protocol=tcp_syn
timestamp=1701656985.0462897,src_mac=62:9b:2a:7c:5b:48,dst_mac=2e:71:12:52:fa:e6,src_ip=71.217.51.105,dst_ip=www.google.com,src_port=12693,dst_port=443,protocol=tcp_syn
timestamp=1701657020.1458871,src_mac=0a:ed:55:c1:07:ca,dst_mac=24:be:2d:09:37:d8,src_ip=169.181.137.66,dst_ip=www.youtube.com,src_port=50758,dst_port=443,protocol=tcp_syn
timestamp=1701657142.2442915,src_mac=a2:15:b4:80:a3:17,dst_mac=f2:02:03:4d:3d:9e,src_ip=8.185.162.169,dst_ip=www.amazon.com,src_port=7006,dst_port=443,protocol=tcp_syn
...
Attempting to use your pcap generator like; python3 pcap_generator_from_csv.py -i "../output.csv" -o "../test" results in the exact same pcap with 64 entries always being generated.
The script gives out the following output;
The following arguments were set:
Input file: <built-in function input>
Output file: ../test
Packetsizes: ['64']
PAYLOAD needed: True
Eth_type if undefined: ipv4
SRC MAC if undefined: 00:00:00:00:00:01
DST MAC if undefined: 00:00:00:00:00:02
SRC IP if undefined: 10.0.0.1
DST IP if undefined: 10.0.0.2
TTL if undefined: 64
SRC PORT if undefined: 1234
DST PORT if undefined: 80
VLAN if undefined: None
GTP_TEID if undefined None
TIMESTAMP if undefined:None
SRC IPv6 if undefined: 2603:c022:0001:52dd:dead:beef:abba:edda
DST IPv6 if undefined: 2405:0800:9030:1bd2:dead:beef:dead:beef
Protocol if undefined: udp
64
|-- Generating random headers: 100% [DONE]
### PCAP GENERATION ###
|-- Generating packets in all packet sizes required: 100% [DONE]
I'm not sure why the Input file is <built-in function input>, perhaps this is related to the issue?
Hi, I have tested your setting and even though I could not reproduce the same output, I actually reached errors.
The application is not prepared to do DNS queries for the domains you have set as dst_ip. Especially with having https:// and other pre- or suffixes.
Please ensure you use IP addresses in your input CSV file.
Ah I see. That's a problem for my use case as I'm attempt to synthesize some data for a ctf challenge 😅 Thanks for looking into this 😃
I am having the same problem not reading any .csv files even using your input.csv running python3 pcap_generator_from_csv.py -i input.csv -o results in the exact same pcap with 64 entries always being generated. The script gives out the following output;
PS C:\Users\user\Downloads> python3 pcap_generator_from_csv.py -i input.csv -o test.pcap
The following arguments were set:
Input file:
PCAP GENERATION
|-- Generating packets in all packet sizes required: 100% [DONE]
This would be great if it could generate a deauth handshake capture Pcap! I was able to get this to work partially running the args with except -k -l -m because I kept getting error it builds the pcaps but uses random IP4/6s instead of provided IPs in args in the command. Am I missing something I know this project is a bit aged but I to think this would be a awesome tool to create CTF challenges.
There is something very funky in your example. If I run this on my machine (btw. I developed and use this on Linux and you seem to use Windows - so that might be an issue), it still works.
What I realized though is that for some reason, in your case the app does not print out the input file properly; at least from your copy-pasted output. There is nothing shown as the Input file. However, it should be able to run without an input file :as:
My output is like this (with Python 3.10.12):
↳ ♻ $ python3 pcap_generator_from_csv.py -i input.csv -o /tmp/asd
The following arguments were set:
Input file: input.csv
Output file: /tmp/asd
Packetsizes: ['64']
PAYLOAD needed: True
Eth_type if undefined: ipv4
SRC MAC if undefined: 00:00:00:00:00:01
DST MAC if undefined: 00:00:00:00:00:02
SRC IP if undefined: 10.0.0.1
DST IP if undefined: 10.0.0.2
TTL if undefined: 64
SRC PORT if undefined: 1234
DST PORT if undefined: 80
VLAN if undefined: None
GTP_TEID if undefined None
TIMESTAMP if undefined:None
SRC IPv6 if undefined: 2603:c022:0001:52dd:dead:beef:abba:edda
DST IPv6 if undefined: 2405:0800:9030:1bd2:dead:beef:dead:beef
Protocol if undefined: udp
### PROCESSING INPUT FILE ###
|-- Parsing input .CSV file: 100% [DONE]
### PCAP GENERATION ###
|-- Generating packets in all packet sizes required: 100% [DONE]
Hello, I'm facing the same problem.
In this case, input2.csv is your suggested file and asd is my testing output file:
#this is a comment
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, dst_port=22
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, dst_port=8192,vlan=10
src_mac=20:00:00:00:00:01,dst_mac=20:00:00:00:00:02, vlan=1000
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, dst_port=22
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ip=10.0.0.1, dst_ip=10.0.0.2, src_port=12312, dst_port=514, ether_type=ipv4, protocol=tcp_syn
#ext_src_ip=192.168.1.20, ext_dst_ip=192.168.1.1, gtp=255, src_ip=10.0.0.1, dst_ip=10.0.0.2, src_port=2048, dst_port=4096
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ipv6=2603:abba:abba:acdc:dead:beef:dead:beef, dst_ipv6=2400:abba:edda:acdc:dbf3:52a8:2cb7:b38e, src_port=11771, dst_port=123,ether_type=ipv6,protocol=tcp_syn,payload_needed=false
src_mac=00:00:00:00:00:01,dst_mac=00:00:00:00:00:02, src_ipv6=2603:abba:abba:acdc:dead:beef:dead:beef, dst_ipv6=2400:abba:edda:acdc:dbf3:52a8:2cb7:b38e,dst_port=534,ether_type=ipv6,protocol=udp
Your script is not capturing the input file and its attributes.
Even if I force it in your code with a workaround, forcing the input variable to have my desired file as input:
It captures the filename, ...
... but the generated PCAP file is still a set of random IPs:
The same thing happens for another input file with the workaround commented:
In this case,
asd2 will be my output
If I replay the generated PCAP, the same thing happens:
Am I missing something?
OS settings: Ubuntu 22.04.4 LTS (jammy) and Python 3.11.5
So, I figured it out. There were two little problems:
- After looking at @cslev previous answers, I noticed at the end there was a different output print than mine:
This lead me to the function readFile printing statement, and the main condition at the end was random generation by default:
To fix that, force the argument -R to 0 so the script reads your file. By doing that, you don't even have to force the input variable to have the path of your file.
- Besides that, the variable
inputfiledoes not exist. Just replace it byinput:
We both these changes, you should be able to run it like a charm.
Note: Don't forget the -Rargument being set to 0, so it reads your file:
Hi, it turned out that I haven't had the latest branch on my machine...yikes. My student has provided that random generation part and I didn't vet it through. Indeed, the handling of it was not appropriate. I repaired the code, and revised the input argument handling.
Thanks for pointing out the issue. @arielgoes, I won't accept your pull request as I modified the code at other parts too. But I do appreciate y'all guys for taking the trouble and use and resolve the problem of my app :)
Thanks
Hi, it turned out that I haven't had the latest branch on my machine...yikes. My student has provided that random generation part and I didn't vet it through. Indeed, the handling of it was not appropriate. I repaired the code, and revised the input argument handling.
Thanks for pointing out the issue. @arielgoes, I won't accept your pull request as I modified the code at other parts too. But I do appreciate y'all guys for taking the trouble and use and resolve the problem of my app :)
Thanks
I'm glad you could fix it @cslev. No problem, it was a minor problem, and we can use it again :)
One more thing, do you mind to update the readme and comment about the -R argument. Because we still must say -R 0so the script correctly read the -i input filename.