def get_tshark_interface_names(tshark_path=None): parameters = [get_process_path(tshark_path), "-D"] with open(os.devnull, "w") as null: tshark_interfaces = subprocess.check_output( parameters, stderr=null).decode("utf-8") return [line.split(". ")[1] for line in tshark_interfaces.splitlines()]
def get_tshark_interface_names(tshark_path: str = None) -> List[str]: """ Retorna uma lista dos nomes de interface de rede. """ parameters = [get_process_path(tshark_path), '-D'] with open(os.devnull, 'w') as null: tshark_interfaces = check_output(parameters, stderr=null).decode("ascii") return [line.split('. ')[1] for line in tshark_interfaces.splitlines()]
async def _get_tshark_process(self, packet_count=None, stdin=None): read, write = os.pipe() dumpcap_params = [get_process_path(process_name="dumpcap", tshark_path=self.tshark_path)] + self._get_dumpcap_parameters() self._log.debug("Creating Dumpcap subprocess with parameters: " + " ".join(dumpcap_params)) dumpcap_process = await asyncio.create_subprocess_exec(*dumpcap_params, stdout=write, stderr=self._stderr_output()) self._created_new_process(dumpcap_params, dumpcap_process, process_name="Dumpcap") tshark = await super(LiveCapture, self)._get_tshark_process(packet_count=packet_count, stdin=read) return tshark
def _get_tshark_process(self, packet_count=None, stdin=None): read, write = os.pipe() dumpcap_params = [get_process_path(process_name="dumpcap", tshark_path=self.tshark_path)] + self._get_dumpcap_parameters() dumpcap_process = yield From(asyncio.create_subprocess_exec(*dumpcap_params, stdout=write, stderr=self._stderr_output())) self._created_new_process(dumpcap_params, dumpcap_process, process_name="Dumpcap") tshark = yield From( super(LiveCapture, self)._get_tshark_process(packet_count=packet_count, stdin=read)) raise Return(tshark)
def getInterface(available_interfaces=None): if available_interfaces == None: available_interfaces = get_tshark_interface_names(get_process_path()) interface = input('[?] Please enter the name of the adapter interface: ') if interface == '': exit() if interface in available_interfaces: return interface print('Given interface does not seem to exist! Available interfaces are ' + str(available_interfaces)) return getInterface(available_interfaces)
async def _get_tshark_process(self, packet_count=None, stdin=None): read, write = os.pipe() dumpcap_params = [get_process_path(process_name="dumpcap", tshark_path=self.tshark_path)] + self._get_dumpcap_parameters() self._log.debug("Creating Dumpcap subprocess with parameters: %s" % " ".join(dumpcap_params)) dumpcap_process = await asyncio.create_subprocess_exec(*dumpcap_params, stdout=write, stderr=self._stderr_output()) self._created_new_process(dumpcap_params, dumpcap_process, process_name="Dumpcap") tshark = await super(LiveCapture, self)._get_tshark_process(packet_count=packet_count, stdin=read) ## close read and write in order to avoid orphaned files after every capture.sniff() os.close(read) os.close(write) return tshark
async def _get_tshark_process(self, packet_count=None, stdin=None): read, write = os.pipe() dumpcap_params = [ get_process_path(process_name="dumpcap", tshark_path=self.tshark_path) ] + self._get_dumpcap_parameters() self._log.debug("Creating Dumpcap subprocess with parameters: " + dumpcap_params) if sys.platform != "win32": # This one needed to support bpf filters with spaces on *nix systems ("tcp port 80" for example) . dumpcap_command = " ".join(dumpcap_params) dumpcap_process = await asyncio.create_subprocess_shell( dumpcap_command, stdout=write, stderr=self._stderr_output()) else: dumpcap_process = await asyncio.create_subprocess_exec( *dumpcap_params, stdout=write, stderr=self._stderr_output()) self._created_new_process(dumpcap_params, dumpcap_process, process_name="Dumpcap") tshark = await super(LiveCapture, self)._get_tshark_process( packet_count=packet_count, stdin=read) return tshark
def _get_tshark_path(self): return get_process_path(self.tshark_path)
def test_get_tshark_path(mock_exists): mock_exists.return_value = True actual = get_process_path("/some/path/tshark") expected = "/some/path/tshark" assert actual == expected