i have used libpcap/pcapy packet sniffing investigating using raw sockets instead don't have depend on pcapy. using following code sniff incoming tcp packets:
this works fine, have dependency on impacket library. i'm not familiar networking , packet structures - there way can decode these packets pure python code? if attempt print raw packet before passing ipdecoder, messes terminal. i'm assuming binary data or something?code:#!/usr/bin/python select import select import socket impacket import impactdecoder class sniffer(object): def __init__(self): proto = socket.getprotobyname('tcp') sock = socket.socket(socket.af_inet, socket.sock_raw, proto) sock.setsockopt(socket.ipproto_ip, socket.ip_hdrincl, 1) self.sockets = [sock] self.decoder = impactdecoder.ipdecoder() self.start() def start(self): """start main loop""" while len(self.sockets) > 0: recv = select(self.sockets, [], [], 30)[0] # 30 sec timeout if len(recv) > 0: sck = recv[0] packet = sck.recvfrom(4096)[0] if len(packet) == 0: # socket closed remotely self.sockets.remove(sck) sck.close() else: # packet received - decode packet = self.decoder.decode(packet) print packet
problem resolved looking @ source of impactdecoder.py , impactpacket.py.
Forum The Ubuntu Forum Community Ubuntu Specialised Support Development & Programming Programming Talk [SOLVED] [python] decoding raw TCP packets
Ubuntu
Comments
Post a Comment