Python Black Hat programming 4.1 SNIFFER (Sniffer) data capture--supplemental

Source: Internet
Author: User

Abandoned for one months, picked up again, rusty a lot. Found in the article "4.1 under" did not mention the Pcap library, it is not supposed to.

In the Network data Analysis tool, Tcpdump is definitely the famous, tcpdump bottom is Libpcap library, written by C language. The Pcapy module is a libpcap-based Python interface. Pcapy's project address on GitHub is: Https://github.com/CoreSecurity/pcapy.

Let's take a look at how to implement a packet capture using Pcapy.

#!/usr/bin/pythonimport pcapydev = "eth0"filter = "tcp and port 80"def handle_packet(hdr, data):    print datapcap = pcapy.open_live(dev, 1500, 0, 100)pcap.setfilter(filter)pcap.loop(0, handle_packet)

The above code is very simple, first import the Pcapy module, after the definition of two variables, Dev is to listen to the network card, filter is the BPF format filter expression, here we only capture the HTTP protocol data. The Handle_packet method is used to handle the logic of the captured packet, where we simply print the captured data, and in subsequent articles we will continue to extend the method for data parsing.

The last three lines of code are specific applications where we use pcapy for data capture.

pcap = pcapy.open_live(dev, 1500, 0, 100)

Open_live method The first parameter is the device to be opened, the second parameter is the size of the capture packet, whether the third parameter turns on promiscuous mode, the fourth parameter is the delay time to wait for the packet, and the method returns a Pcapy object.

pcap.setfilter(filter)

Call the SetFilter method to set the filter.

pcap.loop(0, handle_packet)

Call the loop method to begin a packet capture, the first parameter of the method is the number of executions, less than or equal to 0 is unrestricted, and the second parameter is a packet handler.

Well, just to add that so much, the results of the operation are as follows:

Finally thanks to those who do not abandon friends!

Section 4.2 section"4.1 Sniffer (sniffer) data analysis" has been first published in the subscription number, enter the subscription number (QR code below), from the menu "Essence ", "Python Black Hat programming " enter.

To see the full range of tutorials, follow my subscription number (xuanhun521, QR code below) and reply to "Python". Question discussion please add QQ Group: Hacking (1 group): 303242737 Hacking (2 group): 147098303.

Welcome attention to "Xuan Soul Studio"

Python Black Hat programming 4.1 SNIFFER (Sniffer) data capture--supplemental

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.