Page MenuHomePhabricator
Paste P13050

TCP flags combinations for Turnilo's map
ActivePublic
Actions

Authored by faidon on Oct 22 2020, 11:06 AM.
Tags
Referenced Files
F32411034: TCP flags combinations for Turnilo's map
Oct 22 2020, 1:13 PM
F32410891: TCP flags combinations for Turnilo's map
Oct 22 2020, 11:06 AM
Subscribers
None
import ctypes
class TCPFlags_bitfield(ctypes.BigEndianStructure):
flags = ("CWR", "ECE", "URG", "ACK", "PSH", "RST", "SYN", "FIN")
_fields_ = [(flag, ctypes.c_uint8, 1) for flag in flags]
class TCPFlags(ctypes.Union):
_anonymous_ = ("bit",)
_fields_ = [("bit", TCPFlags_bitfield), ("u8", ctypes.c_uint8)]
def convert_int_to_flagstr(flagint):
flags = TCPFlags()
flags.u8 = flagint
active = [f for f, _, _ in flags.bit._fields_ if getattr(flags, f)]
return "+".join(active)
# flags as seen in the wild from Turnilo
flags_seen = (
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 40, 42, 43, 44, 45, 48,
49, 50, 51, 52, 54, 56, 57, 58, 59,
)
for i in sorted(flags_seen):
print(f'"{i}": "{convert_int_to_flagstr(i)}"')
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL