Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- # encoding: utf-8
- from __future__ import division, with_statement
- import sys, os
- import subprocess
- # This is a horrible little script written by someone who doesn't understand
- # how to use tcpdumbp or subprocess well. It intends to display an allert
- # whenever specified keywords (such as a password) are seen in network
- # traffic. Along with the warning it sends 3 \x07 beeps to stdout, in case
- # you aren't paying attention.
- #
- # If I don't run this as root it eats a processor core and achives nothing.
- # Beware.
- def main():
- # It may not be en1 for you.
- monitorApp = "tcpdump -s 0 -A -i en1".split(" ")
- process = subprocess.Popen(monitorApp, stdout = subprocess.PIPE, stderr = subprocess.STDOUT)
- keywords = []
- while True:
- next = raw_input("Triggering Keyword: ")
- if next:
- keywords.append(next)
- else:
- break
- if not keywords:
- raise ValueError("Must provide triggering keywords.")
- keywords = ["password", "wordpass"]
- data = ""
- lastLen = 0
- while process.returncode is None:
- new = process.stdout.read(1024)
- data = data[-lastLen:] + new
- lastLen = len(new)
- # This is to ensure nothing is cut between two chunks that are read.
- # As a side effect, twice as many alets as neccessary are displayed.
- if any(word in data for word in keywords):
- sys.stderr.write("Keyword found in traffic!\x07\x07\x07\n")
- else:
- pass
- # sys.stdout.write(".")
- if __name__ == "__main__": sys.exit(main())
Add Comment
Please, Sign In to add comment