-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.py
More file actions
65 lines (48 loc) · 1.78 KB
/
Copy pathmain.py
File metadata and controls
65 lines (48 loc) · 1.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
from scapy.all import sniff, wrpcap, TCP, IP, DNS
from scapy.layers.http import HTTPRequest, HTTPResponse
from collections import defaultdict
# wre are going to store the packets for later use
packets = []
nb_packtes = defaultdict(int)
def manage_packet(pk):
packets.append(pk)
nb_packtes[pk.summary()] += 1
print(pk.summary())
#tcp
if pk.haslayer(TCP):
tcp_layer = pk.getlayer(TCP)
print(f"[*] Source Port: {tcp_layer.sport}")
print(f"[*] Destination Port: {tcp_layer.dport}")
print(f"[*] TCP Flags: {tcp_layer.flags}")
#IP
if pk.haslayer(IP):
ip_layer = pk.getlayer(IP)
print(f"[*] Source IP: {ip_layer.src}")
print(f"[*] Destination IP: {ip_layer.dst}")
#http
if pk.haslayer(HTTPRequest):
http_layer = pk.getlayer(HTTPRequest)
print(f"[*] HTTP Method: {http_layer.Method}")
print(f"[*] HTTP Host: {http_layer.Host}")
print(f"[*] HTTP Path: {http_layer.Path}")
#dns
if pk.haslayer(DNS):
dns_layer = pk.getlayer(DNS)
print(f"[*] DNS Qname: {dns_layer.qd.qname}")
def analyse(interface, filter=None):
print("[*] Sniffing on %s" % interface)
sniff(prn=manage_packet, store=False, count=0, iface=interface, filter=filter)
print("[*] Done capturing packets")
print(f"[*] Final Packet Counts: {nb_packtes}")
#saving packtes in a file
def save_packets(file):
wrpcap(file, packets)
print(f"[*] Packets saved in {file}")
if __name__ == "__main__" :
interface = None
filter = None
try:
analyse(interface, filter)
except Exception as e:
print("[*] Sniffing stopped. Saving packets to file...")
save_packets("captured_packets.pcap")