/
Sniffer.py
156 lines (132 loc) · 4.7 KB
/
Sniffer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
import socket
import struct
import thread
import threading
import time
import os
import ctypes
import inspect
import sys
from EasiNet.Protocol.Common_pb2 import *
from EasiNet.Protocol.Control_pb2 import *
from EasiNet.Protocol.Operation_pb2 import *
import binascii
HeadLength = 9
TailLength = 1
Head = None
HeadCache = ''
Body = None
BodyCache = ''
Tail = None
TailCache = ''
allClass = inspect.getmembers(sys.modules[__name__], inspect.isclass)
print(allClass)
commands = []
for name, type in allClass:
if name.endswith('Command'):
commands.append((name, type))
class EasiCommand(object):
def __init__(self):
self.NetCommand = NetCommand()
self.Command = None
def __str__(self):
return "%s \n%s" % (self.NetCommand , self.Command)
@classmethod
def Parse(cls, data):
easiCommand = EasiCommand()
easiCommand.NetCommand.ParseFromString(data)
commandTypeStr = CommandEnum.Name(easiCommand.NetCommand.CommandType)+"Command"
commandType = globals()[commandTypeStr]
if commandType is None:
return
easiCommand.Command = commandType()
easiCommand.Command.ParseFromString(easiCommand.NetCommand.CommandData)
return easiCommand
class CommandHead(ctypes.BigEndianStructure):
_fields_ = [
('flag', ctypes.c_ubyte),
('length', ctypes.c_int32),
('mainCmd', ctypes.c_ubyte),
('subCmd', ctypes.c_ubyte),
('reserves', ctypes.c_ubyte * 2)]
_pack_ = 1
def __new__(self, socket_buffer):
return self.from_buffer_copy(socket_buffer)
def __init__(self, socket_buffer):
pass
def __str__(self):
return 'length: %d, main: %d, sub:%d' % (self.length, self.mainCmd, self.subCmd)
@classmethod
def Parse(cls,data):
return CommandHead(data)
def parseHead(buf,offset,length):
global Head,HeadCache,Body,BodyCache,Tail,TailCache
writelength = min(length, HeadLength - len(HeadCache))
HeadCache += buf[offset:offset+writelength]
if len(HeadCache) == HeadLength:
Head = CommandHead.Parse(HeadCache)
print Head
Body = None
BodyCache = ''
return writelength
def parseBody(buf,offset,length):
global Head,HeadCache,Body,BodyCache,Tail,TailCache
writelength = min(length, Head.length - len(BodyCache))
BodyCache += buf[offset:offset+writelength]
if len(BodyCache) == Head.length:
Body = EasiCommand.Parse(BodyCache)
Tail = None
TailCache = ''
return writelength
def parseTail(buf,offset,length):
global Head,HeadCache,Body,BodyCache,Tail,TailCache
writelength = min(length, TailLength - len(TailCache))
TailCache += buf[offset:offset+writelength]
if len(TailCache) == TailLength:
Tail = TailCache
print '----------------------------------------------------------------------------'
print Body
Head = None
HeadCache = ''
return writelength
def processData(buf):
#print buf
length = len(buf)
offset = 0
while length > 0:
if Head is None:
writelength = parseHead(buf,offset,length)
offset += writelength
length -= writelength
elif Body is None:
writelength = parseBody(buf,offset,length)
offset += writelength
length -= writelength
else:
writelength = parseTail(buf,offset,length)
offset += writelength
length -= writelength
def get_packet():
HOST = socket.gethostbyname(socket.gethostname())
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)
HOST = '127.0.0.1' # '169.254.110.192' #'14.23.184.237'
s.bind((HOST, 0))
s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
while True:
buf = s.recvfrom(65565)[0]
# print 'buf[0]'+str(len(buf[0]))+": "+ str(binascii.b2a_hex(buf[0]))
# print 'buf[0]'+str(len(buf)-40)+": "+ str(buf[40:])
port = struct.unpack('HH', buf[20:24])
src_ip = "%d.%d.%d.%d" % struct.unpack('BBBB', buf[12:16])
dest_ip = "%d.%d.%d.%d" % struct.unpack('BBBB', buf[16:20])
src_port = socket.htons(port[0])
dest_port = socket.htons(port[1])
if src_port != 12021 and dest_port != 12021: # or (ord(buf[33]) & 0b00001000 == 0):
continue
data_len = len(buf)
key = "%s:%d - %s:%d - %d - %s" % (src_ip, src_port, dest_ip, dest_port, data_len - 40, str(buf[40:]))
# print key
processData(buf[40:])
get_packet()
os.exit()