/sockets/sniffer.py
Python | 58 lines | 36 code | 10 blank | 12 comment | 3 complexity | 959f120cb734cc91b9977c196347f5e1 MD5 | raw file
- # Sample incoming packet sniffer
- import socket, sys, struct
- #reload(sys)
- #sys.setdefaultencoding('utf8')
- # INET, streaming socket
- try:
- #s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP)
- #s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_UDP)
- s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
- #s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.ntohs(0x0003))
- except socket.error, msg:
- print('Error: %s, Message: %s'%(str(msg[0]),msg[1]))
- sys.exit()
- # Capture packets
- while True:
- # packet string from tuple
- packet = s.recvfrom(65565)[0]
-
- # unpack ip header
- ip_header = struct.unpack('!BBHHHBBH4s4s', packet[0:20])
- version = ip_header[0] >> 4
- iph_length = (ip_header[0] & 0xF) * 4
- ttl = ip_header[5]
- protocol = ip_header[6]
- src_addr = socket.inet_ntoa(ip_header[8]);
- dest_addr = socket.inet_ntoa(ip_header[9]);
-
- print('Version: %s'%str(version))
- print('IP Header Length: %s'%str(iph_length))
- print('TTL: %s'%str(ttl))
- print('Protocol: %s'%str(protocol))
- print('Source Address: %s'%str(src_addr))
- print('Destination Address: %s'%str(dest_addr))
- # unpack tcp header
- tcp_header = struct.unpack('!HHLLBBHHH', packet[iph_length:iph_length+20])
- src_port = tcp_header[0]
- dest_port = tcp_header[1]
- seq = tcp_header[2]
- ack = tcp_header[3]
- tcph_length = tcp_header[4] >> 4
-
- print('Source Port: %s'%str(src_port))
- print('Destination Port: %s'%str(dest_port))
- print('Sequence Number: %s'%str(seq))
- print('Acknowledgement: %s'%str(ack))
- print('TCP Header Length: %s'%str(tcph_length))
-
- # get data
- header_size = iph_length + tcph_length * 4
- data_size = len(packet) - header_size
- data = packet[header_size:]
-
- print('Data: %s'%data.decode())
-