scapy.layers.http
HTTP 1.0 layer.
Load using:
from scapy.layers.http import *
Or (console only):
>>> load_layer("http")
Note that this layer ISN’T loaded by default, as quite experimental for now.
To follow HTTP packets streams = group packets together to get the
whole request/answer, use TCPSession as:
>>> sniff(session=TCPSession) # Live on-the-flow session
>>> sniff(offline="./http_chunk.pcap", session=TCPSession) # pcap
This will decode HTTP packets using Content_Length or chunks,
and will also decompress the packets when needed.
Note: on failure, decompression will be ignored.
You can turn auto-decompression/auto-compression off with:
>>> conf.contribs["http"]["auto_compression"] = False
(Defaults to True)
You can also turn auto-chunking/dechunking off with:
>>> conf.contribs["http"]["auto_chunk"] = False
(Defaults to True)
- class scapy.layers.http.HTTP(_pkt, /)[source]
Bases:
Packet- aliastypes
- clsreq[source]
alias of
HTTPRequest
- clsresp[source]
alias of
HTTPResponse
- fields_desc
- guess_payload_class(payload)[source]
Decides if the payload is an HTTP Request or Response, or something else.
- hdr = b'HTTP'
- reqmethods = b'OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT'
- show_indent = 0
- class scapy.layers.http.HTTPRequest(_pkt, /, *, Method=b'GET', Path=b'/', Http_Version=b'HTTP/1.1', A_IM=None, Accept=None, Accept_Charset=None, Accept_Datetime=None, Accept_Encoding=None, Accept_Language=None, Access_Control_Request_Headers=None, Access_Control_Request_Method=None, Authorization=None, Cache_Control=None, Connection=None, Content_Length=None, Content_MD5=None, Content_Type=None, Cookie=None, DNT=None, Date=None, Expect=None, Forwarded=None, From=None, Front_End_Https=None, HTTP2_Settings=None, Host=None, If_Match=None, If_Modified_Since=None, If_None_Match=None, If_Range=None, If_Unmodified_Since=None, Keep_Alive=None, Max_Forwards=None, Origin=None, Permanent=None, Pragma=None, Proxy_Authorization=None, Proxy_Connection=None, Range=None, Referer=None, Save_Data=None, TE=None, Upgrade=None, Upgrade_Insecure_Requests=None, User_Agent=None, Via=None, Warning=None, X_ATT_DeviceId=None, X_Correlation_ID=None, X_Csrf_Token=None, X_Forwarded_For=None, X_Forwarded_Host=None, X_Forwarded_Proto=None, X_Http_Method_Override=None, X_Request_ID=None, X_Requested_With=None, X_UIDH=None, X_Wap_Profile=None, Unknown_Headers=None)[source]
Bases:
_HTTPContent- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | METHOD | PATH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HTTP VERSION | A IM | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCEPT | ACCEPT CHARSET | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCEPT DATETIME | ACCEPT ENCODING | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCEPT LANGUAGE | ACCESS CONTROL REQUEST HEADERS| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCESS CONTROL REQUEST METHOD | AUTHORIZATION | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CACHE CONTROL | CONNECTION | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT LENGTH | CONTENT MD5 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT TYPE | COOKIE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DNT | DATE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | EXPECT | FORWARDED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FROM | FRONT END HTTPS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HTTP2 SETTINGS | HOST | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IF MATCH | IF MODIFIED SINCE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IF NONE MATCH | IF RANGE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IF UNMODIFIED SINCE | KEEP ALIVE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MAX FORWARDS | ORIGIN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PERMANENT | PRAGMA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PROXY AUTHORIZATION | PROXY CONNECTION | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RANGE | REFERER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SAVE DATA | TE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | UPGRADE | UPGRADE INSECURE REQUESTS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | USER AGENT | VIA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | WARNING | X ATT DEVICEID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X CORRELATION ID | X CSRF TOKEN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X FORWARDED FOR | X FORWARDED HOST | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X FORWARDED PROTO | X HTTP METHOD OVERRIDE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X REQUEST ID | X REQUESTED WITH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X UIDH | X WAP PROFILE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | UNKNOWN HEADERS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. HTTPRequestHTTPRequest fields Method
_HTTPHeaderFieldb'GET'Path
_HTTPHeaderFieldb'/'Http_Version
_HTTPHeaderFieldb'HTTP/1.1'A_IM
_HTTPHeaderFieldNoneAccept
_HTTPHeaderFieldNoneAccept_Charset
_HTTPHeaderFieldNoneAccept_Datetime
_HTTPHeaderFieldNoneAccept_Encoding
_HTTPHeaderFieldNoneAccept_Language
_HTTPHeaderFieldNoneAccess_Control_Request_Headers
_HTTPHeaderFieldNoneAccess_Control_Request_Method
_HTTPHeaderFieldNoneAuthorization
_HTTPHeaderFieldNoneCache_Control
_HTTPHeaderFieldNoneConnection
_HTTPHeaderFieldNoneContent_Length
_HTTPHeaderFieldNoneContent_MD5
_HTTPHeaderFieldNoneContent_Type
_HTTPHeaderFieldNoneCookie
_HTTPHeaderFieldNoneDNT
_HTTPHeaderFieldNoneDate
_HTTPHeaderFieldNoneExpect
_HTTPHeaderFieldNoneForwarded
_HTTPHeaderFieldNoneFrom
_HTTPHeaderFieldNoneFront_End_Https
_HTTPHeaderFieldNoneHTTP2_Settings
_HTTPHeaderFieldNoneHost
_HTTPHeaderFieldNoneIf_Match
_HTTPHeaderFieldNoneIf_Modified_Since
_HTTPHeaderFieldNoneIf_None_Match
_HTTPHeaderFieldNoneIf_Range
_HTTPHeaderFieldNoneIf_Unmodified_Since
_HTTPHeaderFieldNoneKeep_Alive
_HTTPHeaderFieldNoneMax_Forwards
_HTTPHeaderFieldNoneOrigin
_HTTPHeaderFieldNonePermanent
_HTTPHeaderFieldNonePragma
_HTTPHeaderFieldNoneProxy_Authorization
_HTTPHeaderFieldNoneProxy_Connection
_HTTPHeaderFieldNoneRange
_HTTPHeaderFieldNoneReferer
_HTTPHeaderFieldNoneSave_Data
_HTTPHeaderFieldNoneTE
_HTTPHeaderFieldNoneUpgrade
_HTTPHeaderFieldNoneUpgrade_Insecure_Requests
_HTTPHeaderFieldNoneUser_Agent
_HTTPHeaderFieldNoneVia
_HTTPHeaderFieldNoneWarning
_HTTPHeaderFieldNoneX_ATT_DeviceId
_HTTPHeaderFieldNoneX_Correlation_ID
_HTTPHeaderFieldNoneX_Csrf_Token
_HTTPHeaderFieldNoneX_Forwarded_For
_HTTPHeaderFieldNoneX_Forwarded_Host
_HTTPHeaderFieldNoneX_Forwarded_Proto
_HTTPHeaderFieldNoneX_Http_Method_Override
_HTTPHeaderFieldNoneX_Request_ID
_HTTPHeaderFieldNoneX_Requested_With
_HTTPHeaderFieldNoneX_UIDH
_HTTPHeaderFieldNoneX_Wap_Profile
_HTTPHeaderFieldNoneUnknown_Headers
_HTTPHeaderFieldNone
- class scapy.layers.http.HTTPResponse(_pkt, /, *, Http_Version=b'HTTP/1.1', Status_Code=b'200', Reason_Phrase=b'OK', Accept_Patch=None, Accept_Ranges=None, Access_Control_Allow_Credentials=None, Access_Control_Allow_Headers=None, Access_Control_Allow_Methods=None, Access_Control_Allow_Origin=None, Access_Control_Expose_Headers=None, Access_Control_Max_Age=None, Age=None, Allow=None, Alt_Svc=None, Cache_Control=None, Connection=None, Content_Disposition=None, Content_Encoding=None, Content_Language=None, Content_Length=None, Content_Location=None, Content_MD5=None, Content_Range=None, Content_Security_Policy=None, Content_Type=None, Date=None, Delta_Base=None, ETag=None, Expires=None, IM=None, Keep_Alive=None, Last_Modified=None, Link=None, Location=None, P3P=None, Permanent=None, Pragma=None, Proxy_Authenticate=None, Public_Key_Pins=None, Refresh=None, Retry_After=None, Server=None, Set_Cookie=None, Status=None, Strict_Transport_Security=None, Timing_Allow_Origin=None, Tk=None, Trailer=None, Transfer_Encoding=None, Upgrade=None, Vary=None, Via=None, WWW_Authenticate=None, Warning=None, X_Content_Duration=None, X_Content_Security_Policy=None, X_Content_Type_Options=None, X_Correlation_ID=None, X_Frame_Options=None, X_Powered_By=None, X_Request_ID=None, X_UA_Compatible=None, X_WebKit_CSP=None, X_XSS_Protection=None, Unknown_Headers=None)[source]
Bases:
_HTTPContent- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HTTP VERSION | STATUS CODE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | REASON PHRASE | ACCEPT PATCH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCEPT RANGES |ACCESS CONTROL ALLOW CREDENTIAL| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCESS CONTROL ALLOW HEADERS | ACCESS CONTROL ALLOW METHODS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCESS CONTROL ALLOW ORIGIN | ACCESS CONTROL EXPOSE HEADERS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ACCESS CONTROL MAX AGE | AGE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ALLOW | ALT SVC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CACHE CONTROL | CONNECTION | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT DISPOSITION | CONTENT ENCODING | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT LANGUAGE | CONTENT LENGTH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT LOCATION | CONTENT MD5 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT RANGE | CONTENT SECURITY POLICY | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CONTENT TYPE | DATE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DELTA BASE | ETAG | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | EXPIRES | IM | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | KEEP ALIVE | LAST MODIFIED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LINK | LOCATION | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | P3P | PERMANENT | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PRAGMA | PROXY AUTHENTICATE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PUBLIC KEY PINS | REFRESH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | RETRY AFTER | SERVER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SET COOKIE | STATUS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | STRICT TRANSPORT SECURITY | TIMING ALLOW ORIGIN | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TK | TRAILER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TRANSFER ENCODING | UPGRADE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | VARY | VIA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | WWW AUTHENTICATE | WARNING | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X CONTENT DURATION | X CONTENT SECURITY POLICY | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X CONTENT TYPE OPTIONS | X CORRELATION ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X FRAME OPTIONS | X POWERED BY | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X REQUEST ID | X UA COMPATIBLE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | X WEBKIT CSP | X XSS PROTECTION | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | UNKNOWN HEADERS | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. HTTPResponseHTTPResponse fields Http_Version
_HTTPHeaderFieldb'HTTP/1.1'Status_Code
_HTTPHeaderFieldb'200'Reason_Phrase
_HTTPHeaderFieldb'OK'Accept_Patch
_HTTPHeaderFieldNoneAccept_Ranges
_HTTPHeaderFieldNoneAccess_Control_Allow_Credentials
_HTTPHeaderFieldNoneAccess_Control_Allow_Headers
_HTTPHeaderFieldNoneAccess_Control_Allow_Methods
_HTTPHeaderFieldNoneAccess_Control_Allow_Origin
_HTTPHeaderFieldNoneAccess_Control_Expose_Headers
_HTTPHeaderFieldNoneAccess_Control_Max_Age
_HTTPHeaderFieldNoneAge
_HTTPHeaderFieldNoneAllow
_HTTPHeaderFieldNoneAlt_Svc
_HTTPHeaderFieldNoneCache_Control
_HTTPHeaderFieldNoneConnection
_HTTPHeaderFieldNoneContent_Disposition
_HTTPHeaderFieldNoneContent_Encoding
_HTTPHeaderFieldNoneContent_Language
_HTTPHeaderFieldNoneContent_Length
_HTTPHeaderFieldNoneContent_Location
_HTTPHeaderFieldNoneContent_MD5
_HTTPHeaderFieldNoneContent_Range
_HTTPHeaderFieldNoneContent_Security_Policy
_HTTPHeaderFieldNoneContent_Type
_HTTPHeaderFieldNoneDate
_HTTPHeaderFieldNoneDelta_Base
_HTTPHeaderFieldNoneETag
_HTTPHeaderFieldNoneExpires
_HTTPHeaderFieldNoneIM
_HTTPHeaderFieldNoneKeep_Alive
_HTTPHeaderFieldNoneLast_Modified
_HTTPHeaderFieldNoneLink
_HTTPHeaderFieldNoneLocation
_HTTPHeaderFieldNoneP3P
_HTTPHeaderFieldNonePermanent
_HTTPHeaderFieldNonePragma
_HTTPHeaderFieldNoneProxy_Authenticate
_HTTPHeaderFieldNonePublic_Key_Pins
_HTTPHeaderFieldNoneRefresh
_HTTPHeaderFieldNoneRetry_After
_HTTPHeaderFieldNoneServer
_HTTPHeaderFieldNoneSet_Cookie
_HTTPHeaderFieldNoneStatus
_HTTPHeaderFieldNoneStrict_Transport_Security
_HTTPHeaderFieldNoneTiming_Allow_Origin
_HTTPHeaderFieldNoneTk
_HTTPHeaderFieldNoneTrailer
_HTTPHeaderFieldNoneTransfer_Encoding
_HTTPHeaderFieldNoneUpgrade
_HTTPHeaderFieldNoneVary
_HTTPHeaderFieldNoneVia
_HTTPHeaderFieldNoneWWW_Authenticate
_HTTPHeaderFieldNoneWarning
_HTTPHeaderFieldNoneX_Content_Duration
_HTTPHeaderFieldNoneX_Content_Security_Policy
_HTTPHeaderFieldNoneX_Content_Type_Options
_HTTPHeaderFieldNoneX_Correlation_ID
_HTTPHeaderFieldNoneX_Frame_Options
_HTTPHeaderFieldNoneX_Powered_By
_HTTPHeaderFieldNoneX_Request_ID
_HTTPHeaderFieldNoneX_UA_Compatible
_HTTPHeaderFieldNoneX_WebKit_CSP
_HTTPHeaderFieldNoneX_XSS_Protection
_HTTPHeaderFieldNoneUnknown_Headers
_HTTPHeaderFieldNone
- class scapy.layers.http.HTTPS_Server(self, debug: int = 0, store: int = 0, session: Any = None, **kargs: Any)[source]
Bases:
HTTP_ServerHTTPS server automaton
This has the same arguments and attributes as HTTP_Server, with the addition of:
- Parameters:
sslcontext – an optional SSLContext object. If used, key is ignored but cert can still be used for channel bindings.
cert – path to the certificate
key – path to the key
require_cbt – require Channel Bindings to be valid
- actions: Dict[str, List[_StateWrapper]] = {'allow_reauth': [], 'auth_eof': [], 'new_request': [], 'received_unauthenticated': [], 'serve_eof': [], 'should_authenticate': []}
- breakpoints: Set[_StateWrapper]
- conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [<function HTTP_Server.allow_reauth>], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
- eofs: Dict[str, _StateWrapper] = {'AUTH': <function HTTP_Server.auth_eof>, 'SERVE': <function HTTP_Server.serve_eof>}
- initial_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]
- interception_points: Set[_StateWrapper]
- ioevents: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
- ionames: List[str] = []
- iosupersockets: List[SuperSocket] = []
- listen_sock: SuperSocket | None
- packets: PacketList
- recv_conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [<function HTTP_Server.received_unauthenticated>], 'AUTH_ERROR': [], 'BEGIN': [<function HTTP_Server.should_authenticate>], 'CLOSED': [], 'ERROR': [], 'SERVE': [<function HTTP_Server.new_request>]}
- send_sock: SuperSocket | None
- socketcls = None
- states: Dict[str, _StateWrapper] = {'AUTH': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'AUTH_ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'BEGIN': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'CLOSED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SERVE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>}
- stop_state: _StateWrapper | None = None
- threadid: int | None
- timeout: Dict[str, _TimerList] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
- class scapy.layers.http.HTTP_AUTH_MECHS(*values)[source]
Bases:
Enum- BASIC = 'Basic'
- NEGOTIATE = 'Negotiate'
- NONE = 'NONE'
- NTLM = 'NTLM'
- class scapy.layers.http.HTTP_Client(mech=HTTP_AUTH_MECHS.NONE, verb=True, sslcontext=None, ssp=None, no_check_certificate=False, no_chan_bindings=False)[source]
Bases:
objectA basic HTTP client
- Parameters:
mech – one of HTTP_AUTH_MECHS
ssl – whether to use HTTPS or not
ssp – the SSP object to use for binding
no_check_certificate – with SSL, do not check the certificate
no_chan_bindings – force disable sending the channel bindings
- request(url, data=b'', timeout=5, follow_redirects=True, http_headers={}, **headers)[source]
Perform a HTTP(s) request.
- Parameters:
url – the full URL to connect to. e.g. https://google.com/test
data – the data to send as payload
follow_redirects – if True, request() will follow 302 return codes
http_headers – if specified, overwrites the HTTP headers (except Host and Path).
headers – any additional HTTPRequest parameter to add. e.g. Method=”POST”
- class scapy.layers.http.HTTP_Server(self, debug: int = 0, store: int = 0, session: Any = None, **kargs: Any)[source]
Bases:
AutomatonHTTP server automaton
- Parameters:
ssp – the SSP to serve. If None, unauthenticated (or basic).
mech – the HTTP_AUTH_MECHS to use (default: NONE)
require_cbt – require Channel Bindings to be valid (default: False)
cbt_cert – the path to the certificate used for channel bindings. Useful if behind a reverse proxy. (default: None)
Other parameters:
- Parameters:
BASIC_IDENTITIES – a dict that contains {“user”: “password”} for Basic authentication.
BASIC_REALM – the basic realm.
- AUTH(*args: ATMT, **kargs: Any) NewStateRequested[source]
- AUTH_ERROR(*args: ATMT, **kargs: Any) NewStateRequested[source]
- BEGIN(*args: ATMT, **kargs: Any) NewStateRequested[source]
- CLOSED(*args: ATMT, **kargs: Any) NewStateRequested[source]
- ERROR(*args: ATMT, **kargs: Any) NewStateRequested[source]
- SERVE(*args: ATMT, **kargs: Any) NewStateRequested[source]
- actions: Dict[str, List[_StateWrapper]] = {'allow_reauth': [], 'auth_eof': [], 'new_request': [], 'received_unauthenticated': [], 'serve_eof': [], 'should_authenticate': []}
- answer(pkt)[source]
HTTP_server answer function.
- Parameters:
pkt – a HTTPRequest packet
- Returns:
a HTTPResponse packet
- breakpoints: Set[_StateWrapper]
- conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [<function HTTP_Server.allow_reauth>], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
- eofs: Dict[str, _StateWrapper] = {'AUTH': <function HTTP_Server.auth_eof>, 'SERVE': <function HTTP_Server.serve_eof>}
- initial_states: List[_StateWrapper] = [<function ATMT.state.<locals>.deco.<locals>._state_wrapper>]
- interception_points: Set[_StateWrapper]
- ioevents: Dict[str, List[_StateWrapper]] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
- ionames: List[str] = []
- iosupersockets: List[SuperSocket] = []
- listen_sock: SuperSocket | None
- packets: PacketList
- recv_conditions: Dict[str, List[_StateWrapper]] = {'AUTH': [<function HTTP_Server.received_unauthenticated>], 'AUTH_ERROR': [], 'BEGIN': [<function HTTP_Server.should_authenticate>], 'CLOSED': [], 'ERROR': [], 'SERVE': [<function HTTP_Server.new_request>]}
- send_sock: SuperSocket | None
- states: Dict[str, _StateWrapper] = {'AUTH': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'AUTH_ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'BEGIN': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'CLOSED': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'ERROR': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>, 'SERVE': <function ATMT.state.<locals>.deco.<locals>._state_wrapper>}
- stop_state: _StateWrapper | None = None
- threadid: int | None
- timeout: Dict[str, _TimerList] = {'AUTH': [], 'AUTH_ERROR': [], 'BEGIN': [], 'CLOSED': [], 'ERROR': [], 'SERVE': []}
- scapy.layers.http.http_request(host, path='/', port=None, timeout=3, display=False, tls=False, verbose=0, **headers)[source]
Util to perform an HTTP request.
- Parameters:
host – the host to connect to
path – the path of the request (default /)
port – the port (default 80/443)
timeout – timeout before None is returned
display – display the result in the default browser (default False)
iface – interface to use. Changing this turns on “raw”
headers – any additional headers passed to the request
- Returns:
the HTTPResponse packet