Generate a quick and easy custom pcap file using Python

original article: http://www.codeproject.com/Tips/612847/Generate-a-quick-and-easy-custom-pcap-file-using-P

i did a little silly tricks to generate a double-link payload, and with increased timestamp. Tested under python3.3:

port = 9600#Custom Foo Protocol Packetmessage =  ('01 01 00 08'   #Foo Base Header            '01 02 00 00'   #Foo Message (31 Bytes)            '00 00 12 30'               '00 00 12 31'            '00 00 12 32'             '00 00 12 33'             '00 00 12 34'             'D7 CD EF'      #Foo flags            '00 00 12 35')     """----------------------------------------------------------------"""""" Do not edit below this line unless you know what you are doing """"""----------------------------------------------------------------"""import sysimport binascii#Global header for pcap 2.4pcap_global_header =   ('D4 C3 B2 A1'                           '02 00'         #File format major revision (i.e. pcap <2>.4)                          '04 00'         #File format minor revision (i.e. pcap 2.<4>)                           '00 00 00 00'                             '00 00 00 00'                             'FF FF 00 00'                             '01 00 00 00')#pcap packet header that must preface every packetpcap_packet_header =   ('AA 77 9F 47'                             '90 A2 04 00'                             'XX XX XX XX'   #Frame Size (little endian)                         'YY YY YY YY')  #Frame Size (little endian)eth_header =   ('00 00 00 00 00 00'     #Source Mac                    '00 00 00 00 00 00'     #Dest Mac                  '08 00')                #Protocol (0x0800 = IP)ip_header =    ('45'                    #IP version and header length (multiples of 4 bytes)                   '00'                                      'XX XX'                 #Length - will be calculated and replaced later                '00 00'                                   '40 00 40'                                '11'                    #Protocol (0x11 = UDP)                          'YY YY'                 #Checksum - will be calculated and replaced later                      '0A 0A 0A 01'           #Source IP (Default: 127.0.0.1)                         '14 14 14 01')          #Dest IP (Default: 127.0.0.1) ip_header_dl = ('45'                    #IP version and header length (multiples of 4 bytes)                   '00'                                      'XX XX'                 #Length - will be calculated and replaced later                '00 00'                                   '40 00 40'                                '11'                    #Protocol (0x11 = UDP)                          'YY YY'                 #Checksum - will be calculated and replaced later                      '14 14 14 01'           #Source IP (Default: 127.0.0.1)                         '0A 0A 0A 01')          #Dest IP (Default: 127.0.0.1) udp_header =   ('80 01'                                   'XX XX'                 #Port - will be replaced later                                   'YY YY'                 #Length - will be calculated and replaced later                        '00 00')                def getByteLength(str1):    return len(''.join(str1.split())) / 2def writeByteStringToFile(bytestring, filename):    bytelist = bytestring.split()     print(''.join(bytelist))    bytes = binascii.a2b_hex(''.join(bytelist))    bitout = open(filename, 'wb')    bitout.write(bytes)def generatePCAP(message,port,pcapfile):     udp = udp_header.replace('XX XX',"%04x"%port)    udp_len = getByteLength(message) + getByteLength(udp_header)    udp = udp.replace('YY YY',"%04x"%udp_len)    ip_len = udp_len + getByteLength(ip_header)    ip = ip_header.replace('XX XX',"%04x"%ip_len)    checksum = ip_checksum(ip.replace('YY YY','00 00'))    ip = ip.replace('YY YY',"%04x"%checksum)        # DL IP packet    ip_dl = ip_header_dl.replace('XX XX',"%04x"%ip_len)    checksum = ip_checksum(ip_dl.replace('YY YY','00 00'))    ip_dl = ip_dl.replace('YY YY',"%04x"%checksum)    pcap_len = ip_len + getByteLength(eth_header)    hex_str = "%08x"%pcap_len    reverse_hex_str = hex_str[6:] + hex_str[4:6] + hex_str[2:4] + hex_str[:2]    pcaph = pcap_packet_header.replace('XX XX XX XX',reverse_hex_str)    pcaph = pcaph.replace('YY YY YY YY',reverse_hex_str)    pcaph2 = pcaph.replace('90 A2 04 00','90 A3 04 00')    pcaph3 = pcaph.replace('90 A2 04 00','90 A4 04 00')    pcaph4 = pcaph.replace('90 A2 04 00','90 A5 04 00')    pcaph5 = pcaph.replace('90 A2 04 00','90 A6 04 00')    pcaph6 = pcaph.replace('90 A2 04 00','90 A7 04 00')    pcaph7 = pcaph.replace('90 A2 04 00','90 A8 04 00')    pcaph8 = pcaph.replace('90 A2 04 00','90 A9 04 00')    pcaph9 = pcaph.replace('90 A2 04 00','90 AA 04 00')    bytestring = pcap_global_header + \    pcaph + eth_header + ip + udp + message + \    pcaph2 + eth_header + ip_dl + udp + message + \    pcaph3 + eth_header + ip + udp + message + \    pcaph4 + eth_header + ip + udp + message + \    pcaph5 + eth_header + ip + udp + message + \    pcaph6 + eth_header + ip + udp + message + \    pcaph7 + eth_header + ip_dl + udp + message + \    pcaph8 + eth_header + ip + udp + message + \    pcaph9 + eth_header + ip_dl + udp + message    writeByteStringToFile(bytestring, pcapfile)#Splits the string into a list of tokens every n charactersdef splitN(str1,n):    return [str1[start:start+n] for start in range(0, len(str1), n)]#Calculates and returns the IP checksum based on the given IP Headerdef ip_checksum(iph):    #split into bytes        words = splitN(''.join(iph.split()),4)    csum = 0;    for word in words:        csum += int(word, base=16)    csum += (csum >> 16)    csum = csum & 0xFFFF ^ 0xFFFF    return csum"""------------------------------------------"""""" End of functions, execution starts here: """"""------------------------------------------"""#if len(sys.argv) < 2:#        print 'usage: pcapgen.py output_file'#        exit(0)generatePCAP(message,port,sys.argv[1])  

usage: python pcap_generator.py [outfile]