forked from Lingerhk/hacking_script
-
Notifications
You must be signed in to change notification settings - Fork 0
/
read_write_pacp.py
67 lines (57 loc) · 1.49 KB
/
read_write_pacp.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/usr/bin/env python
# coding=utf-8
#
# A simple script to reading and
# writing PACP Dump File using EthDecoder.
#
import sys
import getopt
import pcapy
from impacket.ImpactDecoder import EthDecoder
from impacket.ImpactPacket import IP
dev = 'eth0'
decoder = EthDecoder()
input_file = None
dump_file = 'sniffer.pcap'
def write_packet(hdr,data):
print decoder.decode(data)
dumper.dump(hdr,data)
def read_packet(hdr,data):
ether = decoder.decode(data)
if ether.get_ether_type() == IP.ethertype:
iphdr = ether.child()
tcphdr = iphdr.child()
print iphdr.get_ip_src() + ':' + \
str(tcphdr.get_th_sport()) + \
' -> ' + iphdr.get_ip_dst() + ':' + \
str(tcphdr.get_th_dport())
def usage():
print sys.argv[0] + """
-i <dev>
-r <input_file>
-w <output_file>"""
sys.exit(1)
# Parse parameter
try:
cmd_opts = 'i:r:w:'
opts, args = getopt.getopt(sys.argv[1:], cmd_opts)
except getopt.GetoptError:
usage()
for opt in opts:
if opt[0] == '-w':
dump_file = opt[1]
elif opt[0] == '-i':
dev = opt[1]
elif opt[0] == '-r':
input_file = opt[1]
else:
usage()
# Start sniffing and write packet to a pacp dump file
if input_file == None:
pcap = pcapy.open_live(dev, 1024, 0, 100)
dumper = pcap.dump_open(dump_file)
pcap.loop(0, write_packet)
# Read a pacp dump file and print it
else:
pcap = pcapy.open_offline(input_file)
pcap.loop(0, read_packet)