Ejemplos de WinPcapUtils en Python

Ejemplo n.º 1

    def SendRawPacket(self, data):
        '''
        Sends a raw packet
        '''
        # Add padding if necessary
        if (len(data) < 120):
            data = data + "00" * (60 - len(data) / 2)

        WinPcapUtils.send_packet("*Ethernet*", data.decode("hex"))

Ejemplo n.º 2

def chawinpcap():
    def packet_callback(win_pcap, param, header, pkt_data):
        # Assuming IP (for real parsing use modules like dpkt)
        ip_frame = pkt_data[14:]
        # Parse ips
        src_ip = ".".join([str(b) for b in ip_frame[0xc:0x10]])
        dst_ip = ".".join([str(b) for b in ip_frame[0x10:0x14]])
        print("%s -> %s" % (src_ip, dst_ip))
    WinPcapUtils.capture_on("*Ethernet*", packet_callback)

Ejemplo n.º 3

Archivo: picture.py Proyecto: yulechen/picture

def start_dump():
    sock = None
    if platform.system() == 'Windows':
        from winpcapy import WinPcapUtils
        from winpcapy import WinPcapDevices
        WinPcapUtils.capture_on("*Realtek*", packet_callback)

    else:
        # 获取IP 层数据
        # sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
        # 获取以太网数据链路层数据
        sock = socket.socket(socket.PF_PACKET, socket.SOCK_RAW,
                             socket.htons(0x0800))
        while True:
            packet = sock.recvfrom(65535)[0]
            if len(packet) == 0:
                sock.close()
                break
            # print show_hex_raw(packet)
            parse(bytearray(packet))

Ejemplo n.º 4

Archivo: winpcapyif.py Proyecto: jdimpson/pystack

def bringupwinpcapy(iface, recv=True, dump=False):
    q = SimpleQueue()
    c = 0

    def packet_callback(win_pcap, param, header, pkt_data):
        nonlocal c  # winpcapy only works on python3 so *shrug*
        if dump:
            print("pkt len {}".format(len(pkt_data)))
        q.put((c, pkt_data))
        c += 1

    t = Thread(target=lambda: WinPcapUtils.capture_on(iface, packet_callback),
               daemon=True)
    if recv:
        t.start()
    return (t, q, iface)

Ejemplo n.º 5

from winpcapy import WinPcapUtils


# Example Callback function to parse IP packets
def packet_callback(win_pcap, param, header, pkt_data):
    # Assuming IP (for real parsing use modules like dpkt)
    ip_frame = pkt_data[14:]
    # Parse ips
    src_ip = ".".join([str(ord(b)) for b in ip_frame[0xc:0x10]])
    dst_ip = ".".join([str(ord(b)) for b in ip_frame[0x10:0x14]])
    print("%s -> %s" % (src_ip, dst_ip))


WinPcapUtils.capture_on("*Ethernet*", packet_callback)

Ejemplo n.º 6

from winpcapy import WinPcapUtils
import dpkt

# Example Callback function to parse IP packets
def packet_callback(win_pcap, param, header, pkt_data):
    # Assuming IP (for real parsing use modules like dpkt)
    ip_frame = pkt_data[14:]
    # Parse ips
    src_ip = ".".join([str(ord(b)) for b in ip_frame[0xc:0x10]])
    dst_ip = ".".join([str(ord(b)) for b in ip_frame[0x10:0x14]])
    print("%s -> %s" % (src_ip, dst_ip))
    p = dpkt.ethernet.Ethernet(pkt_data)
    if p.data.__class__.__name__ == 'IP':
        ip = '%d.%d.%d.%d' % tuple(map(ord, list(p.data.dst)))
        #print "IP:"+ip hdwwiz.exe
        if p.data.data.__class__.__name__ == 'TCP' and p.data.data.dport == 8080:
            hp = p.ip.tcp.data
            # print hp
            if hp.strip() and (hp.startswith('GET') or hp.startswith('POST')):
                print hp

#WinPcapUtils.capture_on("*Ethernet*", packet_callback)
WinPcapUtils.capture_on("MS NDIS 6.0 LoopBack Driver", packet_callback)

Ejemplo n.º 7

                mark_send = mark

            datatouple = (pkt_data[42], mark_send, pkt_data[44:46], timestamp,
                          pkt_data[50:54],
                          videodatalist[streamdata][framedata])
            framedata = framedata + 1

        #发送伪造后的数据数据
        makedata = ''.join(datatouple)
        sendp(Ether(src=S_MAC) / IP(src=S_IP, dst=D_IP) /
              UDP(sport=S_Port, dport=D_Port) / makedata,
              iface=sendface)


if __name__ == "__main__":
    #码流信息配置
    global S_MAC, S_IP, S_Port, D_IP, D_Port, sendface, frame_end
    S_MAC = 'ec:d6:8a:1e:7f:67'
    S_IP = '172.16.176.123'
    S_Port = 27997
    D_IP = "172.16.178.251"
    D_Port = 60068
    sendface = 'eth1'  #伪造的音频码流从哪个网卡发出去，'eth0'或'eth1'
    frame_end = 233

    (videodatalist, mark, mark_mark) = testmakedata('AES.pcap')
    command = "iptables -t filter -A FORWARD -s " + S_IP + " -p UDP --sport=" + str(
        S_Port) + " -j DROP"
    os.system(command)
    WinPcapUtils.capture_on_device_name('br0', packet_callback_send, 0)

Ejemplo n.º 8

 def RecvRawPacket(self):
     # WinPcapUtils.capture_on_and_print("*Ethernet*")
     WinPcapUtils.capture_on("*Ethernet*", mypacket_printer_callback)

Ejemplo n.º 9

Archivo: hello_winpcap.py Proyecto: East196/hello-py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

# pip install pypiwin32 winpcapy

from winpcapy import WinPcapDevices

# Return a list of all the devices detected on the machine
print((WinPcapDevices.list_devices()))

from winpcapy import WinPcapUtils

print((WinPcapUtils.capture_on_and_print("*Microsoft*")))

Ejemplo n.º 10

Archivo: winpcapyif.py Proyecto: jdimpson/pystack

def writewinpcapyethpacket(winp, ethpacket, dump=False):
    i = winp[2]
    if dump:
        for x in utils.hexdump(ethpacket):
            print(x)
    WinPcapUtils.send_packet(i, ethpacket)

Ejemplo n.º 11

Archivo: winp.py Proyecto: AjackTi/python

from winpcapy import WinPcapUtils
# run on the first Ethernert interface and print a log for each packet
WinPcapUtils.capture_on_and_print("*Ethernet*")

Ejemplo n.º 12

Archivo: sniffer.py Proyecto: deadman2000/python-interpreter

import ipaddress

from winpcapy import WinPcapUtils, WinPcapDevices
from interpreter.formats.net import EthernetFormat

devices = WinPcapDevices.list_devices()
for name in devices.keys():
    print(name, ':', devices[name])

eth = EthernetFormat()
filter = None
# filter = ipaddress.IPv4Address('192.168.1.40')

def packet_callback(win_pcap, param, header, pkt_data):
    try:
        packet = eth.parse_bytes(pkt_data)
        if hasattr(packet, 'ip'):
            # print('%s -> %s  %s' % (packet.ip.source, packet.ip.dest, packet.ip.protocol))
            if hasattr(packet, 'ip') and hasattr(packet.ip, 'udp'):
                if filter is None or packet.ip.source == filter or packet.ip.dest == filter:
                    print('%s:%d -> %s:%d = %s' % (packet.ip.source, packet.ip.udp.src_port, packet.ip.dest, packet.ip.udp.dst_port, packet.ip.udp.data))
    except:
        print('PARSE ERROR')
        print(pkt_data)


WinPcapUtils.capture_on_device_name(list(devices.keys())[0], packet_callback)

Ejemplo n.º 13

 def Capture_(self):
     WinPcapUtils.capture_on("*Ethernet*", self.Callback)

Ejemplo n.º 14

Archivo: MyWinPcap.py Proyecto: HELLORPG/MyWinPcap

 def print(self):
     # WinPcapUtils.capture_on_device_name(self.current_device, print_data)
     WinPcapUtils.capture_on_device_name(self.current_device, analysis_data)
     return

Ejemplo n.º 15

import binascii

arp_request_hex_template = "%(dst_mac)s%(src_mac)s08060001080006040001" \
                           "%(sender_mac)s%(sender_ip)s%(target_mac)s%(target_ip)s" + "00" * 18
packet = arp_request_hex_template % {
    "dst_mac": "aa" * 6,
    "src_mac": "bb" * 6,
    "sender_mac": "bb" * 6,
    "target_mac": "cc" * 6,
    # 192.168.0.1
    "sender_ip": "c0a80001",
    # 192.168.0.2
    "target_ip": "c0a80002"
}
# Send the packet (ethernet frame with an arp request) on the interface
WinPcapUtils.send_packet("*Ethernet*", binascii.hexlify(packet.encode()))

sniffer = pcap.pcap(name=None, promisc=True, immediate=True, timeout_ms=50)


def addr(pkt, offset):
    return '.'.join((str(pkt[i]) for i in range(offset, offset + 4)))


# bp-f filter for get http packets on port 80
# sniffer.setfilter(
#     "tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)")

for ts, pkt in sniffer:
    print(
        f'{int(ts)} SRC: {addr(pkt, sniffer.dloff + 12)} DST: {addr(pkt, sniffer.dloff + 16)}'

Ejemplo n.º 16

Archivo: MyWinPcap.py Proyecto: HELLORPG/MyWinPcap

 def test(self):
     WinPcapUtils.capture_on_and_print(
         "Intel(R) Ethernet Connection (7) I219-V")
     return

Ejemplo n.º 17

Archivo: test.py Proyecto: Fecer/Computer-Networks

           str: Printable/readable MAC address
    """
    return ':'.join('%02x' % compat_ord(b) for b in address)

def ip_addr(address):
    return ".".join('%d' %x for x in tuple(address))

def packet_callback(win_pcap, param, header, pkt_data):
    print("Frame income......")
    eth = dpkt.ethernet.Ethernet(pkt_data)
    mac(eth)
    # # 判断是否为IP数据报


if __name__ == '__main__':
    list_device = WinPcapDevices.list_devices()
    i=1
    for keys in list_device.keys():
        print(i,":",keys,":",list_device[keys])
        i=i+1
    id=int(input("选择需要捕获的设备编号:"))
    i=1
    for keys in list_device.keys():
        if i==id:
            print("catch packet on device:",keys)
            devicename=keys
            break
        else:
            i=i+1
WinPcapUtils.capture_on_device_name(devicename, callback=packet_callback)