1. 首頁
  2. 問答
  3. Python如何解析RADIUS服務器數據包?

Python如何解析RADIUS服務器數據包?

2016-11-24 320 views
0

我試圖從RADIUS服務器解析UDP數據包,我試過不同的工具,包括Scapy,Pynids和pypcap。問題是一些半徑屬性沒有正確解碼,其中一些是。這可能是什麼原因?Python如何解析RADIUS服務器數據包?

這裏是我的代碼:

from scapy.all import sniff, Radius 

packets = sniff(iface='eth0', filter='udp', count=5) 
packet = packets[0] 

print packet.show()

而這裏的輸出我得到的總結:

###[ Ethernet ]### 
    dst  = 94:57:a5:53:ab:70 
    src  = d4:ca:6d:ae:a0:66 
    type  = 0x800 
###[ UDP ]### 
    sport  = 38667 
    dport  = radius 
    len  = 205 
    chksum = 0x2bbd 
###[ Radius ]### 
    code  = Access-Request 
    id  = 80 
    len  = 197 
    authenticator= "T\xfb\x9c\t\x00 '\x14\xeb\x99\x84t\x9b\xb4\x83\x95" 
    \attributes\ 
    |###[ Radius Attribute ]### 
    | type  = Framed-Protocol 
    | len  = 6 
    | value  = '\x00\x00\x00\x01' 
    |###[ Radius Attribute ]### 
    | type  = NAS-Port 
    | len  = 6 
    | value  = '\x00\xf6\xa7\xf9' 
    |###[ Radius Attribute ]### 
    | type  = Called-Station-Id 
    | len  = 8 
    | value  = 'Dslam1' 
    |###[ Radius Attribute ]### 
    | type  = 87 
    | len  = 16 
    | value  = 'ether1-Dslam 1' 
    |###[ Radius Attribute ]### 
    | type  = Vendor-Specific 
    | len  = 24 
    | value  = '\x00\x00\x017\x0b\x12\x19\xfc4\xd01\xaf\x03\xd6\x0e!j\xa7H]\xdd;' 
    |###[ Radius Attribute ]### 
    | type  = NAS-Identifier 
    | len  = 15 
    | value  = 'TEH-P'

來源

2016-11-24 Mohammad Amin

回答

1

對於未來的參觀者,這是我如何設法解析數據包。

您需要在當前目錄中創建一個字典文件或使用here的示例,以便它可以正確解析您的數據類型。

from pyrad.packet import Packet 
from pyrad.dictionary import Dictionary 

from scapy.all import sniff, Radius 

def parse_packet(packet): 
    radius_packet = str(packet[Radius]) 
    pkt = Packet(packet=radius_packet, dict=Dictionary("dictionary")) 

    for key, value in pkt.iteritems(): 
     attr = pkt._DecodeKey(key) 
     value = pkt.__getitem__(attr) 
     print attr, value 

sniff(iface='eth0', prn=parse_packet, filter="udp", store=0)

這是一個響應樣本我:

User-Name [u'12345678'] 
NAS-IP-Address ['192.168.*.*'] 
NAS-Port [15853417] 
Service-Type ['Framed-User'] 
Framed-Protocol ['PPP'] 
Framed-IP-Address ['192.168.*.*'] 
Called-Station-Id [u'service4'] 
Calling-Station-Id [u'20:A7:5C:75:RA:TD'] 
NAS-Identifier [u'Test'] 
Acct-Status-Type ['Alive'] 
Acct-Delay-Time [0] 
Acct-Input-Octets [1003335] 
Acct-Output-Octets [15399190] 
Acct-Session-Id [u'81c2332b'] 
Acct-Authentic ['RADIUS'] 
Acct-Session-Time [76321] 
Acct-Input-Packets [15498] 
Acct-Output-Packets [21247]

來源

2016-11-27 10:30:38

+0

這個工作,但我得到的編碼數據,你知道如何將其解碼? – PachinSV

+0

@PachinSV是不是已解碼的值?就像我包括的迴應一樣? –

+0

我得到這樣的值:80 [b'\ xac'bH \ x9c4L \ x04i \ xb2 \ x8a \ x9a〜\ xe0 \ x95'] – PachinSV

相關問題

 相關問題