def pylibpcap_read():
"""Read pcap cli
"""
parser = argparse.ArgumentParser(description="Read pcap")
parser.add_argument("-i", "--input", type=str, help="File path.")
parser.add_argument("filter", nargs="*", type=str, help="BPF filter rules")
parser.add_argument("-v",
"--view",
action="store_true",
help="Show Packet Info")
parser.add_argument("-p",
"--view-payload",
action="store_true",
help="Show Payload")
args = parser.parse_args()
num = 0
with OpenPcap(args.input, "r", filters=" ".join(args.filter)) as f:
for plen, t, buf in f.read():
try:
num += 1
if args.view:
print(Packet(buf, plen).to_string(args.view_payload))
except KeyboardInterrupt:
pass
print("\nPacket Count:", num)
def wpcap(v, path):
"""
Write pcap file.
:param v: Buf/Buf(list)
:param out_file: Output file
"""
with OpenPcap(path, "a") as f:
f.write(v)
def mpcap(path, out_file, filters=""):
"""
Merge many pcap file.
:param path: Input dir/file
:param out_file: Output file
:param filters: BPF Filters, default ``""``
"""
with OpenPcap(out_file, "a", filters=filters) as f:
f.write_path(path)
def pylibpcap_write():
"""Write pcap cli
"""
parser = argparse.ArgumentParser(description="Write pcap")
parser.add_argument("-o", "--output", type=str, help="File path.")
parser.add_argument("payload", nargs=1, type=str, help="Payload")
args = parser.parse_args()
path = args.output or "pcap.pcap"
with OpenPcap(path, "a") as f:
f.write(bytes.fromhex(args.payload[0]))
# -*- coding: utf-8 -*- # @Author: JanKinCai # @Date: 2019-09-04 14:26:41 # @Last Modified by: [email protected] # @Last Modified time: 2019-09-04 14:27:23 from pylibpcap.pcap import rpcap from pylibpcap.open import OpenPcap buf = b'\x00\xc0\x9f2A\x8c\x00\xe0\x18\xb1\x0c\xad\x08\x00E\x00\x008' \ b'\x00\x00@\x00@\x11eG\xc0\xa8\xaa\x08\xc0\xa8\xaa\x14\x80\x1b' \ b'\x005\x00$\x85\xed\x102\x01\x00\x00\x01\x00\x00\x00\x00\x00' \ b'\x00\x06google\x03com\x00\x00\x10\x00\x01' with OpenPcap("tests/dns.pcap", filters="") as f: for blen, t, buf in f.read(): print("[+]: Buf length", blen) print("[+]: Time", t) print("[+]: Buf", buf) for blen, t, buf in rpcap("tests/dns.pcap"): print("[+]: Buf length", blen) print("[+]: Time", t) print("[+]: Buf", buf)
# @Author: JanKinCai # @Date: 2019-09-11 17:43:19 # @Last Modified by: [email protected] # @Last Modified time: 2019-09-12 09:27:39 from pylibpcap.open import OpenPcap with OpenPcap("pcap.pcap", filters="port 502") as f: with OpenPcap("pcap2.pcap", mode="a") as f1: for lens, t, buf in f.read(): print("[+]: Buf length", lens) print("[+]: Time", t) print("[+]: Buf", buf) f1.write(buf)