def pylibpcap_read(): """Read pcap cli """ parser = argparse.ArgumentParser(description="Read pcap") parser.add_argument("-i", "--input", type=str, help="File path.") parser.add_argument("filter", nargs="*", type=str, help="BPF filter rules") parser.add_argument("-v", "--view", action="store_true", help="Show Packet Info") parser.add_argument("-p", "--view-payload", action="store_true", help="Show Payload") args = parser.parse_args() num = 0 with OpenPcap(args.input, "r", filters=" ".join(args.filter)) as f: for plen, t, buf in f.read(): try: num += 1 if args.view: print(Packet(buf, plen).to_string(args.view_payload)) except KeyboardInterrupt: pass print("\nPacket Count:", num)
def wpcap(v, path): """ Write pcap file. :param v: Buf/Buf(list) :param out_file: Output file """ with OpenPcap(path, "a") as f: f.write(v)
def mpcap(path, out_file, filters=""): """ Merge many pcap file. :param path: Input dir/file :param out_file: Output file :param filters: BPF Filters, default ``""`` """ with OpenPcap(out_file, "a", filters=filters) as f: f.write_path(path)
def pylibpcap_write(): """Write pcap cli """ parser = argparse.ArgumentParser(description="Write pcap") parser.add_argument("-o", "--output", type=str, help="File path.") parser.add_argument("payload", nargs=1, type=str, help="Payload") args = parser.parse_args() path = args.output or "pcap.pcap" with OpenPcap(path, "a") as f: f.write(bytes.fromhex(args.payload[0]))
# -*- coding: utf-8 -*- # @Author: JanKinCai # @Date: 2019-09-04 14:26:41 # @Last Modified by: [email protected] # @Last Modified time: 2019-09-04 14:27:23 from pylibpcap.pcap import rpcap from pylibpcap.open import OpenPcap buf = b'\x00\xc0\x9f2A\x8c\x00\xe0\x18\xb1\x0c\xad\x08\x00E\x00\x008' \ b'\x00\x00@\x00@\x11eG\xc0\xa8\xaa\x08\xc0\xa8\xaa\x14\x80\x1b' \ b'\x005\x00$\x85\xed\x102\x01\x00\x00\x01\x00\x00\x00\x00\x00' \ b'\x00\x06google\x03com\x00\x00\x10\x00\x01' with OpenPcap("tests/dns.pcap", filters="") as f: for blen, t, buf in f.read(): print("[+]: Buf length", blen) print("[+]: Time", t) print("[+]: Buf", buf) for blen, t, buf in rpcap("tests/dns.pcap"): print("[+]: Buf length", blen) print("[+]: Time", t) print("[+]: Buf", buf)
# @Author: JanKinCai # @Date: 2019-09-11 17:43:19 # @Last Modified by: [email protected] # @Last Modified time: 2019-09-12 09:27:39 from pylibpcap.open import OpenPcap with OpenPcap("pcap.pcap", filters="port 502") as f: with OpenPcap("pcap2.pcap", mode="a") as f1: for lens, t, buf in f.read(): print("[+]: Buf length", lens) print("[+]: Time", t) print("[+]: Buf", buf) f1.write(buf)