API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 15th, 2014
4,812
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.70 KB | None | 0 0
raw download clone embed print report diff
  1. import socket, struct, os, array
  2. from scapy.all import ETH_P_ALL
  3. from scapy.all import select
  4. from scapy.all import MTU
  5.  
  6. #author: askldjd
  7. #see: http://wp.me/pDfjR-rQ
  8. class IPSniff:
  9.  
  10.     def __init__(self, interface_name, on_ip_incoming, on_ip_outgoing):
  11.  
  12.         self.interface_name = interface_name
  13.         self.on_ip_incoming = on_ip_incoming
  14.         self.on_ip_outgoing = on_ip_outgoing
  15.        
  16.         # The raw in (listen) socket is a L2 raw socket that listens
  17.         # for all packets going through a specific interface.
  18.         self.ins = socket.socket(
  19.             socket.AF_PACKET, socket.SOCK_RAW, socket.htons(ETH_P_ALL))
  20.         self.ins.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 2**30)
  21.         self.ins.bind((self.interface_name, ETH_P_ALL))
  22.        
  23.     def __process_ipframe(self, pkt_type, ip_header, payload):
  24.    
  25.         # Extract the 20 bytes IP header, ignoring the IP options
  26.         fields = struct.unpack("!BBHHHBBHII", ip_header)
  27.        
  28.         dummy_hdrlen = fields[0] & 0xf    
  29.         iplen = fields[2]
  30.  
  31.         ip_src = payload[12:16]
  32.         ip_dst = payload[16:20]
  33.         ip_frame = payload[0:iplen]
  34.  
  35.         if pkt_type == socket.PACKET_OUTGOING:
  36.             if self.on_ip_outgoing is not None:
  37.                 self.on_ip_outgoing(ip_src, ip_dst, ip_frame)
  38.                
  39.         else:
  40.             if self.on_ip_incoming is not None:
  41.                 self.on_ip_incoming(ip_src, ip_dst, ip_frame)
  42.                            
  43.     def recv(self):
  44.         while True:
  45.        
  46.             pkt, sa_ll = self.ins.recvfrom(MTU)
  47.            
  48.             if type == socket.PACKET_OUTGOING and self.on_ip_outgoing is None:
  49.                 continue
  50.             elif self.on_ip_outgoing is None:
  51.                 continue
  52.            
  53.             if len(pkt) <= 0:
  54.                 break
  55.                
  56.             eth_header = struct.unpack("!6s6sH", pkt[0:14])
  57.            
  58.             dummy_eth_protocol = socket.ntohs(eth_header[2])
  59.            
  60.             if eth_header[2] != 0x800 :
  61.                 continue
  62.                
  63.             ip_header = pkt[14:34]
  64.             payload = pkt[14:]      
  65.  
  66.             self.__process_ipframe(sa_ll[2], ip_header, payload)
  67.  
  68. #Example code to use IPSniff
  69. def test_incoming_callback(src, dst, frame):
  70.     pass
  71.     #print("incoming - src=%s, dst=%s, frame len = %d"
  72.     #    %(socket.inet_ntoa(src), socket.inet_ntoa(dst), len(frame)))
  73.  
  74. def test_outgoing_callback(src, dst, frame):
  75.     pass
  76.     #print("outgoing - src=%s, dst=%s, frame len = %d"
  77.     #    %(socket.inet_ntoa(src), socket.inet_ntoa(dst), len(frame)))    
  78.  
  79. ip_sniff = IPSniff('eth0', test_incoming_callback, test_outgoing_callback)
  80. ip_sniff.recv()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!