Scapy raw data manipulation

So this post is a little old, but I've come across it a dozen or so times trying to find the answer to a similar problem I'm having. I doubt OP has need for an answer anymore, but if anyone else is looking to do something similar...here you go!

I found the following code snippet somewhere in the deep, dark depths of google and it worked for my situation.

Hexdump(), show() and other methods of Scapy just output the packet to the terminal/console; they don't actually return a string or any other sort of object. So you need a way to intercept that data that it intends to write and put it in a variable to be manipulated.

NOTE: THIS IS PYTHON 3.X and SCAPY 3K

import io
import scapy

#generic scapy sniff
sniff(iface=interface,prn=parsePacket, filter=filter)

With the above sniff method, you're going to want to do the following.

def parsePacket(packet):

    outputPacket = '' 

    #setup
    qsave = sys.stdout
    q = io.StringIO() 

    #CAPTURES OUTPUT
    sys.stdout = q  

    #Text you're capturing
    packet.show()

    #restore original stdout
    sys.stdout = qsave

    #release output
    sout = q.getvalue()

    #Add to string (format if need be)
    outputPacket += sout + '\n'

    #Close IOStream
    q.close() 

    #return your packet
    return outputPacket

The string you return (outputPacket) can now be manipulated how you want.

Swap out .show() with whatever function you see fit.

P.S. Forgive me if this is a little rough from a Pythonic point of view...not a python dev by any stretch.