def next_packet(self): header = ctypes.POINTER(winpcapy.pcap_pkthdr)() pkt_data = ctypes.POINTER(ctypes.c_ubyte)() res = winpcapy.pcap_next_ex( self._fp, ctypes.byref(header), ctypes.byref(pkt_data), ) if(res == -1): raise RuntimeError( 'pcap_next_ex failed: ' % winpcapy.pcap_geterr(self._fp) ) if res == 0: return None return { 'header': { 'timestamp': ( datetime.datetime.utcfromtimestamp( header.contents.ts.tv_sec ) + datetime.timedelta( microseconds=header.contents.ts.tv_usec, ) ), 'caplen': header.contents.caplen, 'len': header.contents.len, }, 'data': bytearray(pkt_data[ :min(header.contents.caplen, header.contents.len) ]), }
def run(self): handler = 0 if self.num == 0: handler = DEV0HANDLER elif self.num == 1: handler = DEV1HANDLER while self.is_running: hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)() pkt = ctypes.POINTER(ctypes.c_ubyte)() res = winpcapy.pcap_next_ex(handler,ctypes.byref(hdr),ctypes.byref(pkt)) if res>0 : data = ctypes.string_at(pkt,hdr.contents.len) if netlib.read_mac_hdr(data)[self.x] == self.inMac: # nota bene : limite effet passerelle self.otbuffer.put(data) return
def recvfrom(self, bufsize): # retrieve a packet from pcap header = ctypes.POINTER(capy.pcap_pkthdr)() pkt_data = ctypes.POINTER(ctypes.c_ubyte)() status = capy.pcap_next_ex(self._fp, ctypes.byref(header), ctypes.byref(pkt_data)) if status == 0: # timeout return False elif status > 0: # interpret captured packet pkt_len = header.contents.caplen pkt_buf = ctypes.string_at(pkt_data, pkt_len) pkt = dpkt.ethernet.Ethernet(pkt_buf) return (pkt_buf, pkt.src) else: # some error occured raise ("error capturing packets: %s" % capy.pcap_geterr(self._fp)) pass
def run(self): if self.num == 0: handler = DEV0HANDLER elif self.num == 1: handler = DEV1HANDLER while self.is_running: hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)() pkt = ctypes.POINTER(ctypes.c_ubyte)() res = winpcapy.pcap_next_ex(handler,ctypes.byref(hdr),ctypes.byref(pkt)) if res>0: print "PROBE : packet found (len : "+str(hdr.contents.len)+")" if self.verbose: data = ctypes.string_at(pkt,hdr.contents.len) print "PROBE : packet content : "+str(data)+"\n" if self.verbose: print "ProbeSpider stoped" return
def recvfrom(self, bufsize): # retrieve a packet from pcap header = ctypes.POINTER(capy.pcap_pkthdr)() pkt_data = ctypes.POINTER(ctypes.c_ubyte)() status = capy.pcap_next_ex(self._fp, ctypes.byref(header), ctypes.byref(pkt_data)) if (status == 0): # timeout return False elif (status > 0): # interpret captured packet pkt_len = header.contents.caplen pkt_buf = ctypes.string_at(pkt_data, pkt_len) pkt = dpkt.ethernet.Ethernet(pkt_buf) return (pkt_buf, pkt.src) else: # some error occured raise ('error capturing packets: %s' % capy.pcap_geterr(self._fp)) pass
def run(self): handler = 0 if self.num == 0: handler = DEV0HANDLER elif self.num == 1: handler = DEV1HANDLER while self.is_running: hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)() pkt = ctypes.POINTER(ctypes.c_ubyte)() res = winpcapy.pcap_next_ex(handler, ctypes.byref(hdr), ctypes.byref(pkt)) if res > 0: data = ctypes.string_at(pkt, hdr.contents.len) if netlib.read_mac_hdr( data )[self.x] == self.inMac: # nota bene : limite effet passerelle self.otbuffer.put(data) return
def run(self): if self.num == 0: handler = DEV0HANDLER elif self.num == 1: handler = DEV1HANDLER while self.is_running: hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)() pkt = ctypes.POINTER(ctypes.c_ubyte)() res = winpcapy.pcap_next_ex(handler, ctypes.byref(hdr), ctypes.byref(pkt)) if res > 0: print "PROBE : packet found (len : " + str( hdr.contents.len) + ")" if self.verbose: data = ctypes.string_at(pkt, hdr.contents.len) print "PROBE : packet content : " + str(data) + "\n" if self.verbose: print "ProbeSpider stoped" return
def get_packets(self, filter): header = POINTER(winpcapy.pcap_pkthdr)() packet = POINTER(c_ubyte)() rtr = 1 try: while rtr >= 0: rtr = winpcapy.pcap_next_ex(self._pcap_t, header, packet) if self.__class__ == LiveNetworkCapture and self.dumper_t: winpcapy.pcap_dump(self.dumper_t, header, packet) #winpcapy.pcap_dump_flush(self.dumper_t) if rtr > 0: try: network_packet = NetworkPacket(header=header, packet=packet) if filter(network_packet): yield network_packet except PCapCorruptPacket: continue except: continue # TODO: smarter error checking here? except (KeyboardInterrupt, SystemExit), e: sys.exit()