Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket,sys
- import time
- from struct import *
- from collections import OrderedDict
- import os
- import optparse
- #define ETH_P_ALL 0x0003
- parser = optparse.OptionParser("usage: %prog -t <sniff etmek ucun vaxt>")
- parser.add_option('-t','--time',dest='usertime',type='int', help='Sebekeni sniff etmek ucun vaxt')
- (options,args) = parser.parse_args()
- if(options.usertime == None):
- print parser.usage
- sys.exit(0)
- timeforsniff=options.usertime
- def eth_addr (a) :
- b = "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x" % (ord(a[0]) , ord(a[1]) , ord(a[2]), ord(a[3]), ord(a[4]) , ord(a[5]))
- return b
- def time_diff(outside,vaxt=5):
- netice = (time.time()-int(outside))/60
- if(netice>=vaxt):
- return True
- if(os.name=='nt'):
- print "[*]Windows OS desteklemir"
- sys.exit()
- try:
- s = socket.socket( socket.AF_PACKET , socket.SOCK_RAW , socket.ntohs(0x0003))
- except socket.error , msg:
- print '[*]Socket yaranmadi! Error Code : ' + str(msg[0]) + ' Error Message ' + msg[1]
- sys.exit()
- except AttributeError:
- print "[*]Windows OS de AF_PACKET islemir."
- sys.exit()
- now = time.time()
- protocol_numb = {"1":"ICMP","6":"TCP","17":"UDP"}
- #butun_paketler = {"ICMP":{},"TCP":{},"UDP":{}}
- butun_paketler = OrderedDict([("ICMP",OrderedDict([])),("TCP",OrderedDict([])),("UDP",OrderedDict([]))])
- print "-"*55
- print "PunCap Packet Collector v1"
- print "http://anti-armenia.org \n(c) 2015"
- print "-"*55
- print "Paketler capture olunur..."
- while True:
- if(time_diff(now,timeforsniff)):
- break
- packet = s.recvfrom(65565)
- packet = packet[0]
- eth_length = 14
- eth_header = packet[:eth_length]
- eth = unpack('!6s6sH' , eth_header)
- eth_protocol = socket.ntohs(eth[2])
- dest_mac = eth_addr(packet[0:6])
- source_mac = eth_addr(packet[6:12])
- if eth_protocol == 8 :
- ip_header = packet[eth_length:20+eth_length]
- iph = unpack('!BBHHHBBH4s4s' , ip_header)
- version_ihl = iph[0]
- version = version_ihl >> 4
- ihl = version_ihl & 0xF
- iph_length = ihl * 4
- protocol = iph[6]
- if(str(iph[6]) not in protocol_numb.keys()):
- protocol_name = str(iph[6])
- else:
- protocol_name = protocol_numb[str(iph[6])]
- s_addr = socket.inet_ntoa(iph[8]);
- d_addr = socket.inet_ntoa(iph[9]);
- timestamp = time.time();
- elave=None
- #TCP protocol
- if protocol == 6 :
- t = iph_length + eth_length
- tcp_header = packet[t:t+20]
- tcph = unpack('!HHLLBBHHH' , tcp_header)
- source_port = tcph[0]
- dest_port = tcph[1];
- if(str(s_addr) not in butun_paketler['TCP']):
- elave = OrderedDict([("Source_Mac",str(source_mac)),("Dest_Mac",str(dest_mac)),("Source_Port",str(source_port)),("Dest_Port",str(dest_port)),("Source_IP",str(s_addr)),("Dest_IP",str(d_addr)),("TimeStamp",str(int(timestamp)))])
- #butun_paketler["TCP"][str(s_addr)] = elave;
- butun_paketler["TCP"][str(s_addr)] = OrderedDict([]);
- butun_paketler["TCP"][str(s_addr)]["0"] = elave
- else:
- all_key = butun_paketler['TCP'][str(s_addr)].keys();
- last = all_key[len(butun_paketler['TCP'][str(s_addr)].keys())-1]
- reqem = int(last)+1
- elave = OrderedDict([("Source_Mac",str(source_mac)),("Dest_Mac",str(dest_mac)),("Source_Port",str(source_port)),("Dest_Port",str(dest_port)),("Source_IP",str(s_addr)),("Dest_IP",str(d_addr)),("TimeStamp",str(int(timestamp)))])
- butun_paketler["TCP"][str(s_addr)][str(reqem)] = elave;
- #ICMP Packets
- elif protocol == 1 :
- u = iph_length + eth_length
- icmph_length = 4
- icmp_header = packet[u:u+4]
- icmph = unpack('!BBH' , icmp_header)
- icmp_type = icmph[0]
- code = icmph[1]
- if(str(s_addr) not in butun_paketler['ICMP']):
- elave = OrderedDict([("Source_Mac",str(source_mac)),("Dest_Mac",str(dest_mac)),("ICMP_TYPE",str(icmp_type)),("ICMP_CODE",str(code)),("Source_IP",str(s_addr)),("Dest_IP",str(d_addr)),("TimeStamp",str(int(timestamp)))])
- #butun_paketler["ICMP"][str(s_addr)] = elave;
- butun_paketler["ICMP"][str(s_addr)] = OrderedDict([]);
- butun_paketler["ICMP"][str(s_addr)]["0"] = elave
- else:
- all_key = butun_paketler['ICMP'][str(s_addr)].keys();
- last = all_key[len(butun_paketler['ICMP'][str(s_addr)].keys())-1]
- reqem = int(last)+1
- elave = OrderedDict([("Source_Mac",str(source_mac)),("Dest_Mac",str(dest_mac)),("ICMP_TYPE",str(icmp_type)),("ICMP_CODE",str(code)),("Source_IP",str(s_addr)),("Dest_IP",str(d_addr)),("TimeStamp",str(int(timestamp)))])
- butun_paketler["ICMP"][str(s_addr)][str(reqem)] = elave;
- #UDP packets
- elif protocol == 17 :
- u = iph_length + eth_length
- udph_length = 8
- udp_header = packet[u:u+8]
- udph = unpack('!HHHH' , udp_header)
- source_port = udph[0]
- dest_port = udph[1]
- if(str(s_addr) not in butun_paketler['UDP']):
- elave = OrderedDict([("Source_Mac",str(source_mac)),("Dest_Mac",str(dest_mac)),("Source_Port",str(source_port)),("Dest_Port",str(dest_port)),("Source_IP",str(s_addr)),("Dest_IP",str(d_addr)),("TimeStamp",str(int(timestamp)))])
- butun_paketler["UDP"][str(s_addr)] = OrderedDict([]);
- butun_paketler["UDP"][str(s_addr)]["0"] = elave
- else:
- all_key = butun_paketler['UDP'][str(s_addr)].keys();
- last = all_key[len(butun_paketler['UDP'][str(s_addr)].keys())-1]
- reqem = int(last)+1
- elave = OrderedDict([("Source_Mac",str(source_mac)),("Dest_Mac",str(dest_mac)),("Source_Port",str(source_port)),("Dest_Port",str(dest_port)),("Source_IP",str(s_addr)),("Dest_IP",str(d_addr)),("TimeStamp",str(int(timestamp)))])
- butun_paketler["UDP"][str(s_addr)][str(reqem)] = elave;
- else :
- pass
- icmp= 0
- tcp = 0
- udp = 0
- ip_vs_paket = OrderedDict([])
- packet_target = []
- temp = []
- for protocol_types in butun_paketler:
- for ip_addreses in butun_paketler[protocol_types]:
- for packet_accept_order in butun_paketler[protocol_types][ip_addreses]:
- if(protocol_types=="ICMP"):
- icmp=icmp+1
- elif(protocol_types=="TCP"):
- tcp = tcp+1
- elif(protocol_types=="UDP"):
- udp=udp+1
- cemi = tcp+udp+icmp
- for protocol_types in butun_paketler:
- for ip_addreses in butun_paketler[protocol_types]:
- if(ip_addreses not in ip_vs_paket):
- ip_vs_paket[ip_addreses] = OrderedDict([])
- ip_vs_paket[ip_addreses][protocol_types] = len(butun_paketler[protocol_types][ip_addreses])
- else:
- ip_vs_paket[ip_addreses][protocol_types] = len(butun_paketler[protocol_types][ip_addreses])
- for protocol_types in butun_paketler:
- for ip_addreses in butun_paketler[protocol_types]:
- for packet_accept_order in butun_paketler[protocol_types][ip_addreses]:
- raw_packet_info = butun_paketler[protocol_types][ip_addreses][packet_accept_order]
- s_addr = raw_packet_info['Source_IP']
- d_addr = raw_packet_info['Dest_IP']
- s_mac = raw_packet_info['Source_Mac']
- d_mac = raw_packet_info['Dest_Mac']
- timestamp = raw_packet_info['TimeStamp']
- if(protocol_types=="TCP"):
- s_port = raw_packet_info['Source_Port']
- d_port = raw_packet_info['Dest_Port']
- packet_target.append(s_addr+":"+s_port+"->"+d_addr+":"+d_port+"_TCP")
- elif(protocol_types=="UDP"):
- s_port = raw_packet_info['Source_Port']
- d_port = raw_packet_info['Dest_Port']
- packet_target.append(s_addr+":"+s_port+"->"+d_addr+":"+d_port+"_UDP")
- elif(protocol_types=="ICMP"):
- icmp_type = raw_packet_info['ICMP_TYPE']
- icmp_code = raw_packet_info['ICMP_CODE']
- packet_target.append(s_addr+"->"+d_addr+"_ICMP")
- #print butun_paketler
- print "-"*70
- print "Umumi Statistika:"
- print "-"*50
- print "Cemi Paket:",cemi
- print "TCP paketlerin sayi:",tcp
- print "UDP paketlerin sayi:",udp
- print "ICMP paketlerin sayi:",icmp
- print "-"*50
- print "Her IP gonderdiyi paket:"
- print "-"*50
- for ip in ip_vs_paket:
- data = ip_vs_paket[ip]
- if("TCP" not in data.keys()):
- tcp_spec = 0
- else:
- tcp_spec = data["TCP"]
- if("UDP" not in data.keys()):
- udp_spec = 0
- else:
- udp_spec = data["UDP"]
- if("ICMP" not in data.keys()):
- icmp_spec= 0
- else:
- icmp_spec= data["ICMP"]
- print ip,"--","TCP=",tcp_spec,",UDP=",udp_spec,",ICMP=",icmp_spec
- print "-"*50
- print "IPlerin gonderdiyi paketlerin miqdari:"
- print "-"*50
- for data in packet_target:
- if(data not in temp):
- temp.append(data)
- sayi = packet_target.count(data)
- bol = data.split("_")
- print bol[0]+" Sayi:"+str(sayi)+" "+bol[1]+" Protokolu"
- print "-"*50
- print "-"*70
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement