scapy是什么？

Question

我找到了一个执行DNS请求的代码。除了这部分外，我几乎了解所有内容：qd=DNSQR(qname="www.facebook.com")。有人能告诉我这是什么意思吗？

这里是整个代码：

my_packet = sr1(IP(dst="8.8.8.8")/UDP(dport = 53)/DNS(rd=1,qd=DNSQR(qname=URL))) 

Answer 1

让我们打开源代码：

class DNSQR(Packet): 
    name = "DNS Question Record" 
    fields_desc = [ DNSStrField("qname",""), 
        ShortEnumField("qtype", 1, dnsqtypes), 
        ShortEnumField("qclass", 1, dnsclasses) ] 

其中ShortEnumField和DNSStrField定义是这样的：

class ShortEnumField(EnumField): 
    def __init__(self, name, default, enum): 
     EnumField.__init__(self, name, default, enum, "H") 

class DNSStrField(StrField): 
    def i2m(self, pkt, x): 
     x = x.split(".") 
     x = map(lambda y: chr(len(y))+y, x) 
     x = "".join(x) 
     if x[-1] != "\x00": 
      x += "\x00" 
     return x 
    def getfield(self, pkt, s): 
     n = "" 
     while 1: 
      l = ord(s[0]) 
      s = s[1:] 
      if not l: 
       break 
      if l & 0xc0: 
       raise Exception("DNS message can't be compressed at this point!") 
      else: 
       n += s[:l]+"." 
       s = s[l:] 
     return s, n 

因此，它是一个将所有这些信息打包成一个元素的方法。

也让我们来看看什么是DNS，什么是qd：

class DNS(Packet): 
    name = "DNS" 
    fields_desc = [ ShortField("id",0), 
        BitField("qr",0, 1), 
        BitEnumField("opcode", 0, 4, {0:"QUERY",1:"IQUERY",2:"STATUS"}), 
        BitField("aa", 0, 1), 
        BitField("tc", 0, 1), 
        BitField("rd", 0, 1), 
        BitField("ra", 0 ,1), 
        BitField("z", 0, 3), 
        BitEnumField("rcode", 0, 4, {0:"ok", 1:"format-error", 2:"server-failure", 3:"name-error", 4:"not-implemented", 5:"refused"}), 
        DNSRRCountField("qdcount", None, "qd"), 
        DNSRRCountField("ancount", None, "an"), 
        DNSRRCountField("nscount", None, "ns"), 
        DNSRRCountField("arcount", None, "ar"), 
        DNSQRField("qd", "qdcount"), 
        DNSRRField("an", "ancount"), 
        DNSRRField("ns", "nscount"), 
        DNSRRField("ar", "arcount",0) ]