In this question: https://serverfault.com/questions/173187/what-does-a-dns-request-look-like there is an example UDP packet that can be used to query a DNS server for the address of www.google.com.
I wrote a basic Python snippet:
from socket import *
s = socket(AF_INET, SOCK_DGRAM)
raw = "24 1a 01 00 00 01 00 00 00 00 00 00 03 77 77 77 06 67 6f 6f 67 6c 65 03 63 6f 6d 00 00 01 00 01"
hex = raw.split()
ints = [int(i, 16) for i in hex]
bytes = [chr(i) for i in ints]
packet = "".join(bytes)
s.sendto(packet, ("8.8.8.8", 53))
s.recvfrom(1024)
But nothing happens. I get no response. What am I doing wrong? Am I missing something? Shouldn't I receive an UDP packet on the same port with the answer to my query?
Related
I want to connect to a detector and receive image data. After working with Wireshark software, I realized that I should use protocol UDP. I wrote the following code in Python and got the data.
The received data sample is as follows:
import socket
UDP_IP = "1.1.1.1" #IP
UDP_PORT = 123 #port
sock = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
sock.bind((UDP_IP,UDP_PORT))
while True:
data, addr = sock.recvfrom(2048)
print("recived message: %s" % data)
Output:
data1 =b'\x83\xa4A\xd2\x01\x00\x00\x00\x12\x05\xf3\x04.\x04\xb7\x04#\x05Y\x04\x9f\x05\xf4\x046\x05\x89\x04\x1b\x08\x9b\x05^\x05\xb7\x04G\x05\x04\x04\xc7\x05\\\x05\xc8\x04$\x06:\x05\xf1\x05\x90\x06\x1f\x05w\x05\x8d\x05\x15\x05P\x06\x19\x05\x8a\x06e\x06\xfd\x05w\x06f\x05\x1f\x05!\x06\xed\x04\xb8\x06\xeb\x05\xd9\x05\x13\x06{\x05\x01\x07i\x07\xed\x07f\x08\x9c\x08\x80\x08\\\x08A\x08w\x08y\x089\x08<\x08\x11\x08m\x08\x1f\x08M\x07$\x08\xc5\x07\xe5\x08\xd9\x08q\x07\x7f\x08^\x08i\x08S\x08\xa7\x07.\t\x15\x08\x1d\x08\xae\x08\x8e\x07E\x08\xdc\x07\xf3\x061\t\xcd\x07\xe8\x08Y\x08\x00\x08\xb5\x08\xa3\x08\t\tt\x08q\x08w\t\r\t\xbd\x08p\x08\xfb\x08\xc5\x08_\x08\xe4\x07\n\x08/\x08\xf4\x07\xdc\x07#\x08\x99\x08\xf3\x07\xc5\x07Y\t\r\x08\xdd\x08\x91\x08\x91\x07\x91\x07?\x08\xd8\x08J\x08_\x08E\x08\xf9\x07\x1f\x08L\x08\xff\x07\xd7\x07M\x08<\x08\xdf\x08\x89\x075\tw\x08\x89\x08\x15\t......................
But I don't know how to decode the data. Wireshark itself does this. But I don't know how to decode with Python.
7c 10 c9 20 e3 31 da 55 aa 55 aa 01 08 00 45 00 05 dc 00 00 00 00 80 11 a9 97 c0 a8 05 15 c0 a8 05 14 15 be 15 be 05 c8 00 00
I use the following code, but it returns meaningless data.
data.decode("utf-16")
My first question is, how can I get from the primary data to the data that Wireshark decodes with Python?
And my second question is: How should I get from this data to the data I want, which are approximately numbers between 1000 and 10000? A number for each pixel, which is the sequence of received data, in the row and column of forming an image.
As I've posted about before, I am writing a MIDI parser in Python. I am encountering an error where my parser is getting stuck because it's trying to read an event called 2a, but such an event does not exist. below is an excerpt from the MIDI file in question:
5d7f 00b5 5d7f 00b6 5d7f 00b1 5d00 00b9
5d00 8356 9923 7f00 2a44 0192 367f 0091
237f 0099 4640 0092 2f7c 0099 3f53 0b3f
I have parsed the file by hand, and I am getting stuck in the same spot as my parser! The MIDI file plays, so I know it's valid, but I'm certain that I am reading the events wrong.
The Standard MIDI Files 1.0 specification says:
Running status is used: status bytes of MIDI channel messages may be omitted if the preceding event is a MIDI channel message with the same status. The first event in each MTrk chunk must specify status. Delta-time is not considered an event itself: it is an integral part of the syntax for an MTrk event. Notice that running status occurs across delta-times.
Your excerpt would be decoded as follows:
delta <- event ------->
time status parameters
----- ------ ----------
... 5d 7f
00 b5 5d 7f
00 b6 5d 7f
00 b1 5d 00
00 b9 5d 00
83 56 99 23 7f
00 2a 44
01 92 36 7f
00 91 23 7f
00 99 46 40
00 92 2f 7c
00 99 3f 53
0b 3f ...
I am trying to use f.write(struct.pack()) to write n bytes to a binary file but not quite sure how to do that? Any example or sample would be helpful.
You don't really explain your exact problem or what you tried and which error messages you encountered:
The solution should look something like:
with open("filename", "wb") as fout:
fout.write(struct.pack(format, data, ...))
If you explain what data exactly you want to dump, then I can elaborate on the solution
If your data is just a hex string, then you do not need struct, you just use decode.
Please refer to SO question hexadecimal string to byte array in python
example for python 2.7:
hex_str = "414243444500ff"
bytestring = hex_str.decode("hex")
with open("filename", "wb") as fout:
fout.write(bytestring)
The below worked for me:
reserved = "Reserved_48_Bytes"
f.write(struct.pack("48s", reserved))
Output:
hexdump -C output.bin
00000030 52 65 73 65 72 76 65 64 5f 34 38 5f 42 79 74 65 |Reserved_48_Byte|
00000040 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |s...............|
00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
I came across the following example of creating an Internet Checksum:
Take the example IP header 45 00 00 54 41 e0 40 00 40 01 00 00 0a 00 00 04 0a 00 00 05:
Adding the fields together yields the two’s complement sum 01 1b 3e.
Then, to convert it to one’s complement, the carry-over bits are added to the first 16-bits: 1b 3e + 01 = 1b 3f.
Finally, the one’s complement of the sum is taken, resulting to the checksum value e4c0.
I was wondering how the IP header is added together to get 01 1b 3e?
Split your IP header into 16-bit parts.
45 00
00 54
41 e0
40 00
40 01
00 00
0a 00
00 04
0a 00
00 05
The sum is 01 1b 3e. You might want to look at how packet header checksums are being calculated here https://en.m.wikipedia.org/wiki/IPv4_header_checksum.
The IP header is added together with carry in hexadecimal numbers of 4 digits.
i.e. the first 3 numbers that are added are 0x4500 + 0x0054 + 0x41e0 +...
I am writing a program to parse a WAV file header and print the information to the screen. Before writing the program i am doing some research
hexdump -n 48 sound_file_8000hz.wav
00000000 52 49 46 46 bc af 01 00 57 41 56 45 66 6d 74 20 |RIFF....WAVEfmt |
00000010 10 00 00 00 01 00 01 00 >40 1f 00 00< 40 1f 00 00 |........#...#...|
00000020 01 00 08 00 64 61 74 61 98 af 01 00 81 80 81 80 |....data........|
hexdump -n 48 sound_file_44100hz.wav
00000000 52 49 46 46 c4 ea 1a 00 57 41 56 45 66 6d 74 20 |RIFF....WAVEfmt |
00000010 10 00 00 00 01 00 02 00 >44 ac 00 00< 10 b1 02 00 |........D.......|
00000020 04 00 10 00 64 61 74 61 a0 ea 1a 00 00 00 00 00 |....data........|
The part between > and < in both files are the sample rate.
How does "40 1f 00 00" translate to 8000Hz and "44 ac 00 00" to 44100Hz? Information like number of channels and audio format can be read directly from the dump. I found a Python
script called WavHeader that parses the sample rate correctly in both files. This is the core of the script:
bufHeader = fileIn.read(38)
# Verify that the correct identifiers are present
if (bufHeader[0:4] != "RIFF") or \
(bufHeader[12:16] != "fmt "):
logging.debug("Input file not a standard WAV file")
return
# endif
stHeaderFields = {'ChunkSize' : 0, 'Format' : '',
'Subchunk1Size' : 0, 'AudioFormat' : 0,
'NumChannels' : 0, 'SampleRate' : 0,
'ByteRate' : 0, 'BlockAlign' : 0,
'BitsPerSample' : 0, 'Filename': ''}
# Parse fields
stHeaderFields['ChunkSize'] = struct.unpack('<L', bufHeader[4:8])[0]
stHeaderFields['Format'] = bufHeader[8:12]
stHeaderFields['Subchunk1Size'] = struct.unpack('<L', bufHeader[16:20])[0]
stHeaderFields['AudioFormat'] = struct.unpack('<H', bufHeader[20:22])[0]
stHeaderFields['NumChannels'] = struct.unpack('<H', bufHeader[22:24])[0]
stHeaderFields['SampleRate'] = struct.unpack('<L', bufHeader[24:28])[0]
stHeaderFields['ByteRate'] = struct.unpack('<L', bufHeader[28:32])[0]
stHeaderFields['BlockAlign'] = struct.unpack('<H', bufHeader[32:34])[0]
stHeaderFields['BitsPerSample'] = struct.unpack('<H', bufHeader[34:36])[0]
I do not understand how this can extract the corret sample rates, when i cannot using hexdump?
I am using information about the WAV file format from this page:
https://ccrma.stanford.edu/courses/422/projects/WaveFormat/
The "40 1F 00 00" bytes equate to an integer whose hexadecimal value is 00001F40 (remember that the integers are stored in a WAVE file in the little endian format). A value of 00001F40 in hexadecimal equates to a decimal value of 8000.
Similarly, the "44 AC 00 00" bytes equate to an integer whose hexadecimal value is 0000AC44. A value of 0000AC44 in hexadecimal equates to a decimal value of 44100.
They're little-endian.
>>> 0x00001f40
8000
>>> 0x0000ac44
44100