scapy.layers.http module

HTTP 1.0 layer.

Load using:

from scapy.layers.http import *

Or (console only):

>>> load_layer("http")

Note that this layer ISN’T loaded by default, as quite experimental for now.

To follow HTTP packets streams = group packets together to get the whole request/answer, use TCPSession as:

>>> sniff(session=TCPSession)  # Live on-the-flow session
>>> sniff(offline="./http_chunk.pcap", session=TCPSession)  # pcap

This will decode HTTP packets using Content_Length or chunks, and will also decompress the packets when needed. Note: on failure, decompression will be ignored.

You can turn auto-decompression/auto-compression off with:

>>> conf.contribs["http"]["auto_compression"] = False

(Defaults to True)

You can also turn auto-chunking/dechunking off with:

>>> conf.contribs["http"]["auto_chunk"] = False

(Defaults to True)

class scapy.layers.http.HTTP(_pkt, /)[source]

Bases: Packet

aliastypes
clsreq[source]

alias of HTTPRequest

clsresp[source]

alias of HTTPResponse

classmethod dispatch_hook(_pkt=None, *args, **kargs)[source]
fields_desc
guess_payload_class(payload)[source]

Decides if the payload is an HTTP Request or Response, or something else.

hdr = b'HTTP'
reqmethods = b'OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT'
show_indent = 0
classmethod tcp_reassemble(data, metadata, _)[source]
class scapy.layers.http.HTTPRequest(_pkt, /, *, Method=b'GET', Path=b'/', Http_Version=b'HTTP/1.1', A_IM=None, Accept=None, Accept_Charset=None, Accept_Datetime=None, Accept_Encoding=None, Accept_Language=None, Access_Control_Request_Headers=None, Access_Control_Request_Method=None, Authorization=None, Cache_Control=None, Connection=None, Content_Length=None, Content_MD5=None, Content_Type=None, Cookie=None, DNT=None, Date=None, Expect=None, Forwarded=None, From=None, Front_End_Https=None, HTTP2_Settings=None, Host=None, If_Match=None, If_Modified_Since=None, If_None_Match=None, If_Range=None, If_Unmodified_Since=None, Keep_Alive=None, Max_Forwards=None, Origin=None, Permanent=None, Pragma=None, Proxy_Authorization=None, Proxy_Connection=None, Range=None, Referer=None, Save_Data=None, TE=None, Upgrade=None, Upgrade_Insecure_Requests=None, User_Agent=None, Via=None, Warning=None, X_ATT_DeviceId=None, X_Correlation_ID=None, X_Csrf_Token=None, X_Forwarded_For=None, X_Forwarded_Host=None, X_Forwarded_Proto=None, X_Http_Method_Override=None, X_Request_ID=None, X_Requested_With=None, X_UIDH=None, X_Wap_Profile=None, Unknown_Headers=None)[source]

Bases: _HTTPContent

aliastypes
do_dissect(s)[source]

From the HTTP packet string, populate the scapy object

fields_desc
Display RFC-like schema
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             METHOD            |              PATH             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          HTTP VERSION         |              A IM             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             ACCEPT            |         ACCEPT CHARSET        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        ACCEPT DATETIME        |        ACCEPT ENCODING        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        ACCEPT LANGUAGE        | ACCESS CONTROL REQUEST HEADERS|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ACCESS CONTROL REQUEST METHOD |         AUTHORIZATION         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         CACHE CONTROL         |           CONNECTION          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         CONTENT LENGTH        |          CONTENT MD5          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          CONTENT TYPE         |             COOKIE            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              DNT              |              DATE             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             EXPECT            |           FORWARDED           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              FROM             |        FRONT END HTTPS        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         HTTP2 SETTINGS        |              HOST             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|            IF MATCH           |       IF MODIFIED SINCE       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         IF NONE MATCH         |            IF RANGE           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|      IF UNMODIFIED SINCE      |           KEEP ALIVE          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          MAX FORWARDS         |             ORIGIN            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           PERMANENT           |             PRAGMA            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|      PROXY AUTHORIZATION      |        PROXY CONNECTION       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             RANGE             |            REFERER            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           SAVE DATA           |               TE              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|            UPGRADE            |   UPGRADE INSECURE REQUESTS   |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           USER AGENT          |              VIA              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|            WARNING            |         X ATT DEVICEID        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        X CORRELATION ID       |          X CSRF TOKEN         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        X FORWARDED FOR        |        X FORWARDED HOST       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|       X FORWARDED PROTO       |     X HTTP METHOD OVERRIDE    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          X REQUEST ID         |        X REQUESTED WITH       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             X UIDH            |         X WAP PROFILE         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        UNKNOWN HEADERS        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                         Fig. HTTPRequest                         
HTTPRequest fields

Method

_HTTPHeaderField

b'GET'

Path

_HTTPHeaderField

b'/'

Http_Version

_HTTPHeaderField

b'HTTP/1.1'

A_IM

_HTTPHeaderField

None

Accept

_HTTPHeaderField

None

Accept_Charset

_HTTPHeaderField

None

Accept_Datetime

_HTTPHeaderField

None

Accept_Encoding

_HTTPHeaderField

None

Accept_Language

_HTTPHeaderField

None

Access_Control_Request_Headers

_HTTPHeaderField

None

Access_Control_Request_Method

_HTTPHeaderField

None

Authorization

_HTTPHeaderField

None

Cache_Control

_HTTPHeaderField

None

Connection

_HTTPHeaderField

None

Content_Length

_HTTPHeaderField

None

Content_MD5

_HTTPHeaderField

None

Content_Type

_HTTPHeaderField

None

Cookie

_HTTPHeaderField

None

DNT

_HTTPHeaderField

None

Date

_HTTPHeaderField

None

Expect

_HTTPHeaderField

None

Forwarded

_HTTPHeaderField

None

From

_HTTPHeaderField

None

Front_End_Https

_HTTPHeaderField

None

HTTP2_Settings

_HTTPHeaderField

None

Host

_HTTPHeaderField

None

If_Match

_HTTPHeaderField

None

If_Modified_Since

_HTTPHeaderField

None

If_None_Match

_HTTPHeaderField

None

If_Range

_HTTPHeaderField

None

If_Unmodified_Since

_HTTPHeaderField

None

Keep_Alive

_HTTPHeaderField

None

Max_Forwards

_HTTPHeaderField

None

Origin

_HTTPHeaderField

None

Permanent

_HTTPHeaderField

None

Pragma

_HTTPHeaderField

None

Proxy_Authorization

_HTTPHeaderField

None

Proxy_Connection

_HTTPHeaderField

None

Range

_HTTPHeaderField

None

Referer

_HTTPHeaderField

None

Save_Data

_HTTPHeaderField

None

TE

_HTTPHeaderField

None

Upgrade

_HTTPHeaderField

None

Upgrade_Insecure_Requests

_HTTPHeaderField

None

User_Agent

_HTTPHeaderField

None

Via

_HTTPHeaderField

None

Warning

_HTTPHeaderField

None

X_ATT_DeviceId

_HTTPHeaderField

None

X_Correlation_ID

_HTTPHeaderField

None

X_Csrf_Token

_HTTPHeaderField

None

X_Forwarded_For

_HTTPHeaderField

None

X_Forwarded_Host

_HTTPHeaderField

None

X_Forwarded_Proto

_HTTPHeaderField

None

X_Http_Method_Override

_HTTPHeaderField

None

X_Request_ID

_HTTPHeaderField

None

X_Requested_With

_HTTPHeaderField

None

X_UIDH

_HTTPHeaderField

None

X_Wap_Profile

_HTTPHeaderField

None

Unknown_Headers

_HTTPHeaderField

None

mysummary()[source]
class scapy.layers.http.HTTPResponse(_pkt, /, *, Http_Version=b'HTTP/1.1', Status_Code=b'200', Reason_Phrase=b'OK', Accept_Patch=None, Accept_Ranges=None, Access_Control_Allow_Credentials=None, Access_Control_Allow_Headers=None, Access_Control_Allow_Methods=None, Access_Control_Allow_Origin=None, Access_Control_Expose_Headers=None, Access_Control_Max_Age=None, Age=None, Allow=None, Alt_Svc=None, Cache_Control=None, Connection=None, Content_Disposition=None, Content_Encoding=None, Content_Language=None, Content_Length=None, Content_Location=None, Content_MD5=None, Content_Range=None, Content_Security_Policy=None, Content_Type=None, Date=None, Delta_Base=None, ETag=None, Expires=None, IM=None, Keep_Alive=None, Last_Modified=None, Link=None, Location=None, P3P=None, Permanent=None, Pragma=None, Proxy_Authenticate=None, Public_Key_Pins=None, Refresh=None, Retry_After=None, Server=None, Set_Cookie=None, Status=None, Strict_Transport_Security=None, Timing_Allow_Origin=None, Tk=None, Trailer=None, Transfer_Encoding=None, Upgrade=None, Vary=None, Via=None, WWW_Authenticate=None, Warning=None, X_Content_Duration=None, X_Content_Security_Policy=None, X_Content_Type_Options=None, X_Correlation_ID=None, X_Frame_Options=None, X_Powered_By=None, X_Request_ID=None, X_UA_Compatible=None, X_WebKit_CSP=None, X_XSS_Protection=None, Unknown_Headers=None)[source]

Bases: _HTTPContent

aliastypes
answers(other)[source]
do_dissect(s)[source]

From the HTTP packet string, populate the scapy object

fields_desc
Display RFC-like schema
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          HTTP VERSION         |          STATUS CODE          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         REASON PHRASE         |          ACCEPT PATCH         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         ACCEPT RANGES         |ACCESS CONTROL ALLOW CREDENTIAL|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  ACCESS CONTROL ALLOW HEADERS |  ACCESS CONTROL ALLOW METHODS |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  ACCESS CONTROL ALLOW ORIGIN  | ACCESS CONTROL EXPOSE HEADERS |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     ACCESS CONTROL MAX AGE    |              AGE              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             ALLOW             |            ALT SVC            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         CACHE CONTROL         |           CONNECTION          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|      CONTENT DISPOSITION      |        CONTENT ENCODING       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        CONTENT LANGUAGE       |         CONTENT LENGTH        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        CONTENT LOCATION       |          CONTENT MD5          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         CONTENT RANGE         |    CONTENT SECURITY POLICY    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          CONTENT TYPE         |              DATE             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           DELTA BASE          |              ETAG             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|            EXPIRES            |               IM              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           KEEP ALIVE          |         LAST MODIFIED         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              LINK             |            LOCATION           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              P3P              |           PERMANENT           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|             PRAGMA            |       PROXY AUTHENTICATE      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        PUBLIC KEY PINS        |            REFRESH            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          RETRY AFTER          |             SERVER            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           SET COOKIE          |             STATUS            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   STRICT TRANSPORT SECURITY   |      TIMING ALLOW ORIGIN      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|               TK              |            TRAILER            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|       TRANSFER ENCODING       |            UPGRADE            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|              VARY             |              VIA              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        WWW AUTHENTICATE       |            WARNING            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|       X CONTENT DURATION      |   X CONTENT SECURITY POLICY   |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     X CONTENT TYPE OPTIONS    |        X CORRELATION ID       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        X FRAME OPTIONS        |          X POWERED BY         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          X REQUEST ID         |        X UA COMPATIBLE        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          X WEBKIT CSP         |        X XSS PROTECTION       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        UNKNOWN HEADERS        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                        Fig. HTTPResponse                         
HTTPResponse fields

Http_Version

_HTTPHeaderField

b'HTTP/1.1'

Status_Code

_HTTPHeaderField

b'200'

Reason_Phrase

_HTTPHeaderField

b'OK'

Accept_Patch

_HTTPHeaderField

None

Accept_Ranges

_HTTPHeaderField

None

Access_Control_Allow_Credentials

_HTTPHeaderField

None

Access_Control_Allow_Headers

_HTTPHeaderField

None

Access_Control_Allow_Methods

_HTTPHeaderField

None

Access_Control_Allow_Origin

_HTTPHeaderField

None

Access_Control_Expose_Headers

_HTTPHeaderField

None

Access_Control_Max_Age

_HTTPHeaderField

None

Age

_HTTPHeaderField

None

Allow

_HTTPHeaderField

None

Alt_Svc

_HTTPHeaderField

None

Cache_Control

_HTTPHeaderField

None

Connection

_HTTPHeaderField

None

Content_Disposition

_HTTPHeaderField

None

Content_Encoding

_HTTPHeaderField

None

Content_Language

_HTTPHeaderField

None

Content_Length

_HTTPHeaderField

None

Content_Location

_HTTPHeaderField

None

Content_MD5

_HTTPHeaderField

None

Content_Range

_HTTPHeaderField

None

Content_Security_Policy

_HTTPHeaderField

None

Content_Type

_HTTPHeaderField

None

Date

_HTTPHeaderField

None

Delta_Base

_HTTPHeaderField

None

ETag

_HTTPHeaderField

None

Expires

_HTTPHeaderField

None

IM

_HTTPHeaderField

None

Keep_Alive

_HTTPHeaderField

None

Last_Modified

_HTTPHeaderField

None

Link

_HTTPHeaderField

None

Location

_HTTPHeaderField

None

P3P

_HTTPHeaderField

None

Permanent

_HTTPHeaderField

None

Pragma

_HTTPHeaderField

None

Proxy_Authenticate

_HTTPHeaderField

None

Public_Key_Pins

_HTTPHeaderField

None

Refresh

_HTTPHeaderField

None

Retry_After

_HTTPHeaderField

None

Server

_HTTPHeaderField

None

Set_Cookie

_HTTPHeaderField

None

Status

_HTTPHeaderField

None

Strict_Transport_Security

_HTTPHeaderField

None

Timing_Allow_Origin

_HTTPHeaderField

None

Tk

_HTTPHeaderField

None

Trailer

_HTTPHeaderField

None

Transfer_Encoding

_HTTPHeaderField

None

Upgrade

_HTTPHeaderField

None

Vary

_HTTPHeaderField

None

Via

_HTTPHeaderField

None

WWW_Authenticate

_HTTPHeaderField

None

Warning

_HTTPHeaderField

None

X_Content_Duration

_HTTPHeaderField

None

X_Content_Security_Policy

_HTTPHeaderField

None

X_Content_Type_Options

_HTTPHeaderField

None

X_Correlation_ID

_HTTPHeaderField

None

X_Frame_Options

_HTTPHeaderField

None

X_Powered_By

_HTTPHeaderField

None

X_Request_ID

_HTTPHeaderField

None

X_UA_Compatible

_HTTPHeaderField

None

X_WebKit_CSP

_HTTPHeaderField

None

X_XSS_Protection

_HTTPHeaderField

None

Unknown_Headers

_HTTPHeaderField

None

mysummary()[source]
class scapy.layers.http.HTTPS_Server(self, debug: int = 0, store: int = 0, **kargs: Any)[source]

Bases: HTTP_Server

HTTPS server automaton

This has the same arguments and attributes as HTTP_Server, with the addition of:

Parameters:
  • sslcontext – an optional SSLContext object. If used, cert and key are ignored.

  • cert – path to the certificate

  • key – path to the key

actions: Dict[str, List[_StateWrapper]] = {'allow_reauth': [], 'auth_eof': [], 'new_request': [], 'received_unauthenticated': [], 'should_authenticate': []}
breakpoints: Set[_StateWrapper]
conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [<function HTTP_Server.allow_reauth>], 'BEGIN': [<function HTTP_Server.should_authenticate>], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
eofs: Dict[str, _StateWrapper] = {'AUTH': <function HTTP_Server.auth_eof>}
initial_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]
intercepted_packet: None | Packet
interception_points: Set[_StateWrapper]
ioevents: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
ionames: List[str] = []
iosupersockets: List[SuperSocket] = []
listen_sock: SuperSocket | None
packets: PacketList
recv_conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [<function HTTP_Server.received_unauthenticated>], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': [<function HTTP_Server.new_request>]}
send_sock: SuperSocket | None
socketcls = None
states: Dict[str, _StateWrapper] = {'AUTH': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'AUTH_ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'BEGIN': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'CLOSED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SERVE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>}
stop_state: _StateWrapper | None = None
threadid: int | None
timeout: Dict[str, _TimerList] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
class scapy.layers.http.HTTP_AUTH_MECHS(value, names=<not given>, *values, module=None, qualname=None, type=None, start=1, boundary=None)[source]

Bases: Enum

BASIC = 'Basic'
NEGOTIATE = 'Negotiate'
NONE = 'NONE'
NTLM = 'NTLM'
class scapy.layers.http.HTTP_Client(mech=HTTP_AUTH_MECHS.NONE, verb=True, sslcontext=None, ssp=None, no_check_certificate=False)[source]

Bases: object

A basic HTTP client

Parameters:
  • mech – one of HTTP_AUTH_MECHS

  • ssl – whether to use HTTPS or not

  • ssp – the SSP object to use for binding

close()[source]
request(url, data=b'', timeout=5, follow_redirects=True, **headers)[source]

Perform a HTTP(s) request.

sr1(req, **kwargs)[source]
class scapy.layers.http.HTTP_Server(self, debug: int = 0, store: int = 0, **kargs: Any)[source]

Bases: Automaton

HTTP server automaton

Parameters:
  • ssp – the SSP to serve. If None, unauthenticated (or basic).

  • mech – the HTTP_AUTH_MECHS to use (default: NONE)

Other parameters:

Parameters:
  • BASIC_IDENTITIES – a dict that contains {“user”: “password”} for Basic authentication.

  • BASIC_REALM – the basic realm.

AUTH(*args: ATMT, **kargs: Any) NewStateRequested[source]
AUTH_ERROR(*args: ATMT, **kargs: Any) NewStateRequested[source]
BEGIN(*args: ATMT, **kargs: Any) NewStateRequested[source]
CLOSED(*args: ATMT, **kargs: Any) NewStateRequested[source]
ERROR(*args: ATMT, **kargs: Any) NewStateRequested[source]
SERVE(*args: ATMT, **kargs: Any) NewStateRequested[source]
actions: Dict[str, List[_StateWrapper]] = {'allow_reauth': [], 'auth_eof': [], 'new_request': [], 'received_unauthenticated': [], 'should_authenticate': []}
allow_reauth()[source]
answer(pkt)[source]

HTTP_server answer function.

Parameters:

pkt – a HTTPRequest packet

Returns:

a HTTPResponse packet

auth_eof()[source]
breakpoints: Set[_StateWrapper]
conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [<function HTTP_Server.allow_reauth>], 'BEGIN': [<function HTTP_Server.should_authenticate>], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
eofs: Dict[str, _StateWrapper] = {'AUTH': <function HTTP_Server.auth_eof>}
initial_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]
intercepted_packet: None | Packet
interception_points: Set[_StateWrapper]
ioevents: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
ionames: List[str] = []
iosupersockets: List[SuperSocket] = []
listen_sock: SuperSocket | None
new_request(pkt)[source]
packets: PacketList
pkt_cls[source]

alias of HTTP

received_unauthenticated(pkt)[source]
recv_conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [<function HTTP_Server.received_unauthenticated>], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': [<function HTTP_Server.new_request>]}
send(resp)[source]
send_sock: SuperSocket | None
should_authenticate()[source]
states: Dict[str, _StateWrapper] = {'AUTH': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'AUTH_ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'BEGIN': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'CLOSED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SERVE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>}
stop_state: _StateWrapper | None = None
threadid: int | None
timeout: Dict[str, _TimerList] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
vprint(s='')[source]

Verbose print (if enabled)

scapy.layers.http.http_request(host, path='/', port=None, timeout=3, display=False, tls=False, verbose=0, **headers)[source]

Util to perform an HTTP request.

Parameters:
  • host – the host to connect to

  • path – the path of the request (default /)

  • port – the port (default 80/443)

  • timeout – timeout before None is returned

  • display – display the result in the default browser (default False)

  • iface – interface to use. Changing this turns on “raw”

  • headers – any additional headers passed to the request

Returns:

the HTTPResponse packet