-1

I am a new beginner in scapy. I would like to know how could I get the domain name in each trace. When I try to print(packet[DNS].qd.qname), it will always show b'f1tata-b.pc.bitgravity.com.'. How do I remove all the b''? When doing [2:] it will always remove the content inside but not outside.

wovano
  • 4,543
  • 5
  • 22
  • 49
Nicolas Pellerin
  • 30
  • 5
  • Does this answer your question? [Print without b' prefix for bytes in Python 3](https://stackoverflow.com/questions/16748083/print-without-b-prefix-for-bytes-in-python-3) – wovano Nov 13 '22 at 07:29

1 Answers1

0

the b means bytes, explanation here

your address is just not a string, you can do to decode it using utf-8:

addr = addr.decode("utf-8")

I didn't get the second part of your question:

I would like to know how do you get a domain that has a id associated?

FuriousBird
  • 1
  • 3
  • 1
    "decode("utf-8") " It may yield the proper result, yet nothing says the DNS uses UTF8, quite the contrary. The application has to handle that itself: either it has an hostname (such as for A/AAAA records) which is defined to be ASCII letters digits or hyphens so `.decode("ascii")` would be enough, or it has a domain name in the DNS sense (so for CNAME/TXT records for example) in which case the name is really a set of bytes, there is nothing inside the DNS that tells how it should be decoded, only the application know that. Domain names using not ASCII (aka IDNs) are converted using Punycode. – Patrick Mevzek Nov 08 '22 at 21:13