今日又无聊~~~感觉浏览器检查太麻烦,于是乎想搞个抓包脚本监听本地网卡~~~~代码贴上,复制即可使用~不行那就装个包哦!嘿嘿
import os import dpkt import socket import datetime import uuid from scapy.sendrecv import sniff from scapy.utils import wrpcap def get_local_ip(): hostname = socket.gethostname() # 获取本机内网ip local_ips = socket.gethostbyname_ex(hostname)[-1] return local_ips def body_transfer(body): str_body = body.decode() body_ls = str_body.split("&") for item in body_ls: key_, value_ = item.split("=") print(" %s: %s"% (key_, value_)) def get_dpkt(): dpkt_ = sniff(count = 100) #这里是针对单网卡的机子,多网卡的可以在参数中指定网卡,例:iface=Qualcomm QCA9377 802.11ac Wireless Adapter _uuid = uuid.uuid1() filename = f"{_uuid}.pcap" wrpcap(filename, dpkt_) return filename def print_pcap(pcap): try: local_ips = get_local_ip() for timestamp, buf in pcap: eth = dpkt.ethernet.Ethernet(buf) #获得以太包,即数据链路层包 # print("ip layer:"+eth.data.__class__.__name__) #以太包的数据既是网络层包 # print("tcp layer:"+eth.data.data.__class__.__name__) #网络层包的数据既是传输层包 # print("http layer:" + eth.data.data.data.__class__.__name__) #传输层包的数据既是应用层包 # # print('Timestamp: ',str(datetime.datetime.utcfromtimestamp(timestamp))) #打印出包的抓取时间 if not isinstance(eth.data, dpkt.ip.IP): print('Non IP Packet type not supported %s' % eth.data.__class__.__name__) continue ip = eth.data src_ip = socket.inet_ntoa(ip.src) dst_ip = socket.inet_ntoa(ip.dst) do_not_fragment =bool(ip.off & dpkt.ip.IP_DF) more_fragments =bool(ip.off & dpkt.ip.IP_MF) fragment_offset = ip.off & dpkt.ip.IP_OFFMASK if isinstance(ip.data, dpkt.tcp.TCP): # Set the TCP data tcp = ip.data # Now see if we can parse the contents as a HTTP request # 看看是否可以将内容解析为HTTP请求 try: request = dpkt.http.Request(tcp.data) print('IP: %s -> %s (len=%d ttl=%d DF=%d MF=%d offset=%d)' % (src_ip + "(本机)" if src_ip in local_ips else src_ip, dst_ip, ip.len, ip.ttl, do_not_fragment, more_fragments,fragment_offset)) print("URL: %s" % request.headers.get("host") + request.uri) print("METHOD: %s" % request.method.upper()) print("Headers: ") for key, value in request.headers.items(): print(" %s: %s" %(key, value)) print("Body:") body_transfer(request.body) print("Data:") body_transfer(request.data) # print('HTTP request: %s ' % repr(request)) print() except (dpkt.dpkt.NeedData, dpkt.dpkt.UnpackError): continue # Pull out fragment information (flags and offset all packed into off field, so use bitmasks) except Exception as error: pass def main(): while True: filename = get_dpkt() with open(filename, "rb") as f: pcap = dpkt.pcap.Reader(f) print_pcap(pcap) os.remove(filename) if __name__ =='__main__': main()
实现输出:
IP: 192.168.8.4(本机) -> 101.226.211.223 (len=770 ttl=128 DF=1 MF=0 offset=0) URL: client.show.qq.com/cgi-bin/qqshow_user_props_info METHOD: POST Headers: accept: */* accept-language: zh-CN x-flash-version: 32,0,0,330 content-type: application/x-www-form-urlencoded content-length: 115 accept-encoding: gzip, deflate user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E) host: client.show.qq.com connection: Keep-Alive cache-control: no-cache cookie: pgv_pvid=3799000690; euin_cookie=640439D46CDC58665AB4F5F3B323373956EAFBBF9BF51FDF; ptcz=5d07117027510d320908125b0ef4126ddda91a6d014acaf2f052391f96270a23; pgv_pvi=2758768640; uin_cookie=207223216; RK=3QRly54pcL Body: senduin: 24350438 uin: 20722321 sVersion: 2014 ckey: B2A96E6CCA568A891AA2FEFF214DC03A73FC7D583079467F01117641FAD33BA9 Data:
客官点个赞呗~