Guest User

Untitled

a guest
Jan 15th, 2014
4,061
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import socket, struct, os, array
  2. from scapy.all import ETH_P_ALL
  3. from scapy.all import select
  4. from scapy.all import MTU
  5.  
  6. #author: askldjd
  7. #see: http://wp.me/pDfjR-rQ
  8. class IPSniff:
  9.  
  10.     def __init__(self, interface_name, on_ip_incoming, on_ip_outgoing):
  11.  
  12.         self.interface_name = interface_name
  13.         self.on_ip_incoming = on_ip_incoming
  14.         self.on_ip_outgoing = on_ip_outgoing
  15.        
  16.         # The raw in (listen) socket is a L2 raw socket that listens
  17.         # for all packets going through a specific interface.
  18.         self.ins = socket.socket(
  19.             socket.AF_PACKET, socket.SOCK_RAW, socket.htons(ETH_P_ALL))
  20.         self.ins.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 2**30)
  21.         self.ins.bind((self.interface_name, ETH_P_ALL))
  22.        
  23.     def __process_ipframe(self, pkt_type, ip_header, payload):
  24.    
  25.         # Extract the 20 bytes IP header, ignoring the IP options
  26.         fields = struct.unpack("!BBHHHBBHII", ip_header)
  27.        
  28.         dummy_hdrlen = fields[0] & 0xf    
  29.         iplen = fields[2]
  30.  
  31.         ip_src = payload[12:16]
  32.         ip_dst = payload[16:20]
  33.         ip_frame = payload[0:iplen]
  34.  
  35.         if pkt_type == socket.PACKET_OUTGOING:
  36.             if self.on_ip_outgoing is not None:
  37.                 self.on_ip_outgoing(ip_src, ip_dst, ip_frame)
  38.                
  39.         else:
  40.             if self.on_ip_incoming is not None:
  41.                 self.on_ip_incoming(ip_src, ip_dst, ip_frame)
  42.                            
  43.     def recv(self):
  44.         while True:
  45.        
  46.             pkt, sa_ll = self.ins.recvfrom(MTU)
  47.            
  48.             if type == socket.PACKET_OUTGOING and self.on_ip_outgoing is None:
  49.                 continue
  50.             elif self.on_ip_outgoing is None:
  51.                 continue
  52.            
  53.             if len(pkt) <= 0:
  54.                 break
  55.                
  56.             eth_header = struct.unpack("!6s6sH", pkt[0:14])
  57.            
  58.             dummy_eth_protocol = socket.ntohs(eth_header[2])
  59.            
  60.             if eth_header[2] != 0x800 :
  61.                 continue
  62.                
  63.             ip_header = pkt[14:34]
  64.             payload = pkt[14:]      
  65.  
  66.             self.__process_ipframe(sa_ll[2], ip_header, payload)
  67.  
  68. #Example code to use IPSniff
  69. def test_incoming_callback(src, dst, frame):
  70.     pass
  71.     #print("incoming - src=%s, dst=%s, frame len = %d"
  72.     #    %(socket.inet_ntoa(src), socket.inet_ntoa(dst), len(frame)))
  73.  
  74. def test_outgoing_callback(src, dst, frame):
  75.     pass
  76.     #print("outgoing - src=%s, dst=%s, frame len = %d"
  77.     #    %(socket.inet_ntoa(src), socket.inet_ntoa(dst), len(frame)))    
  78.  
  79. ip_sniff = IPSniff('eth0', test_incoming_callback, test_outgoing_callback)
  80. ip_sniff.recv()
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×