SHOW:
|
|
- or go back to the newest paste.
| 1 | from socket import * | |
| 2 | import struct | |
| 3 | import sys | |
| 4 | import re | |
| 5 | ||
| 6 | # receive a datagram | |
| 7 | def receiveData(s): | |
| 8 | data = '' | |
| 9 | try: | |
| 10 | data = s.recvfrom(65565) | |
| 11 | except timeout: | |
| 12 | data = '' | |
| 13 | except: | |
| 14 | print "An error happened: " | |
| 15 | sys.exc_info() | |
| 16 | return data[0] | |
| 17 | ||
| 18 | # get Type of Service: 8 bits | |
| 19 | def getTOS(data): | |
| 20 | precedence = {0: "Routine", 1: "Priority", 2: "Immediate", 3: "Flash", 4: "Flash override", 5: "CRITIC/ECP",
| |
| 21 | 6: "Internetwork control", 7: "Network control"} | |
| 22 | delay = {0: "Normal delay", 1: "Low delay"}
| |
| 23 | throughput = {0: "Normal throughput", 1: "High throughput"}
| |
| 24 | reliability = {0: "Normal reliability", 1: "High reliability"}
| |
| 25 | cost = {0: "Normal monetary cost", 1: "Minimize monetary cost"}
| |
| 26 | ||
| 27 | # get the 3rd bit and shift right | |
| 28 | D = data & 0x10 | |
| 29 | D >>= 4 | |
| 30 | # get the 4th bit and shift right | |
| 31 | T = data & 0x8 | |
| 32 | T >>= 3 | |
| 33 | # get the 5th bit and shift right | |
| 34 | R = data & 0x4 | |
| 35 | R >>= 2 | |
| 36 | # get the 6th bit and shift right | |
| 37 | M = data & 0x2 | |
| 38 | M >>= 1 | |
| 39 | # the 7th bit is empty and shouldn't be analyzed | |
| 40 | ||
| 41 | tabs = '\n\t\t\t' | |
| 42 | TOS = precedence[data >> 5] + tabs + delay[D] + tabs + throughput[T] + tabs + \ | |
| 43 | reliability[R] + tabs + cost[M] | |
| 44 | return TOS | |
| 45 | ||
| 46 | # get Flags: 3 bits | |
| 47 | def getFlags(data): | |
| 48 | flagR = {0: "0 - Reserved bit"}
| |
| 49 | flagDF = {0: "0 - Fragment if necessary", 1: "1 - Do not fragment"}
| |
| 50 | flagMF = {0: "0 - Last fragment", 1: "1 - More fragments"}
| |
| 51 | ||
| 52 | # get the 1st bit and shift right | |
| 53 | R = data & 0x8000 | |
| 54 | R >>= 15 | |
| 55 | # get the 2nd bit and shift right | |
| 56 | DF = data & 0x4000 | |
| 57 | DF >>= 14 | |
| 58 | # get the 3rd bit and shift right | |
| 59 | MF = data & 0x2000 | |
| 60 | MF >>= 13 | |
| 61 | ||
| 62 | tabs = '\n\t\t\t' | |
| 63 | flags = flagR[R] + tabs + flagDF[DF] + tabs + flagMF[MF] | |
| 64 | return flags | |
| 65 | ||
| 66 | # get protocol: 8 bits | |
| 67 | def getProtocol(protocolNr): | |
| 68 | protocolFile = open('Protocol.txt', 'r')
| |
| 69 | protocolData = protocolFile.read() | |
| 70 | protocol = re.findall(r'\n' + str(protocolNr) + ' (?:.)+\n', protocolData) | |
| 71 | if protocol: | |
| 72 | protocol = protocol[0] | |
| 73 | protocol = protocol.replace("\n", "")
| |
| 74 | protocol = protocol.replace(str(protocolNr), "") | |
| 75 | protocol = protocol.lstrip() | |
| 76 | return protocol | |
| 77 | ||
| 78 | else: | |
| 79 | return 'No such protocol.' | |
| 80 | ||
| 81 | # the public network interface | |
| 82 | HOST = gethostbyname(gethostname()) | |
| 83 | ||
| 84 | # create a raw socket and bind it to the public interface | |
| 85 | s = socket(AF_INET, SOCK_RAW, IPPROTO_IP) | |
| 86 | s.bind((HOST, 0)) | |
| 87 | ||
| 88 | # Include IP headers | |
| 89 | s.setsockopt(IPPROTO_IP, IP_HDRINCL, 1) | |
| 90 | s.ioctl(SIO_RCVALL, RCVALL_ON) | |
| 91 | data = receiveData(s) | |
| 92 | ||
| 93 | # get the IP header (the first 20 bytes) and unpack them | |
| 94 | # B - unsigned char (1) | |
| 95 | # H - unsigned short (2) | |
| 96 | # s - string | |
| 97 | unpackedData = struct.unpack('!BBHHHBBH4s4s' , data[:20])
| |
| 98 | ||
| 99 | version_IHL = unpackedData[0] | |
| 100 | version = version_IHL >> 4 # version of the IP | |
| 101 | IHL = version_IHL & 0xF # internet header length | |
| 102 | TOS = unpackedData[1] # type of service | |
| 103 | totalLength = unpackedData[2] | |
| 104 | ID = unpackedData[3] # identification | |
| 105 | flags = unpackedData[4] | |
| 106 | fragmentOffset = unpackedData[4] & 0x1FFF | |
| 107 | TTL = unpackedData[5] # time to live | |
| 108 | protocolNr = unpackedData[6] | |
| 109 | checksum = unpackedData[7] | |
| 110 | sourceAddress = inet_ntoa(unpackedData[8]) | |
| 111 | destinationAddress = inet_ntoa(unpackedData[9]) | |
| 112 | ||
| 113 | ||
| 114 | print "An IP packet with the size %i was captured." % (unpackedData[2]) | |
| 115 | print "Raw data: " + data | |
| 116 | print "\nParsed data" | |
| 117 | print "Version:\t\t" + str(version) | |
| 118 | print "Header Length:\t\t" + str(IHL*4) + " bytes" | |
| 119 | print "Type of Service:\t" + getTOS(TOS) | |
| 120 | print "Length:\t\t\t" + str(totalLength) | |
| 121 | print "ID:\t\t\t" + str(hex(ID)) + " (" + str(ID) + ")"
| |
| 122 | print "Flags:\t\t\t" + getFlags(flags) | |
| 123 | print "Fragment offset:\t" + str(fragmentOffset) | |
| 124 | print "TTL:\t\t\t" + str(TTL) | |
| 125 | print "Protocol:\t\t" + getProtocol(protocolNr) | |
| 126 | print "Checksum:\t\t" + str(checksum) | |
| 127 | print "Source:\t\t\t" + sourceAddress | |
| 128 | print "Destination:\t\t" + destinationAddress | |
| 129 | print "Payload:\n" + data[20:] | |
| 130 | # disabled promiscuous mode | |
| 131 | s.ioctl(SIO_RCVALL, RCVALL_OFF) |
