def __init__(self, data, hdr_length): print('Ethernet Protocol: IPv4') ip_hdr_ = data[hdr_length : hdr_length + IPV4_HDR_SIZE] ip_hdr = struct.unpack('!BBHHHBBH4s4s', ip_hdr_) version_ = ip_hdr[0] version = version_ >> 4 # bit shift to get the first 4 bits only ihl = (version_ & 0xf) * 4 # set first 4 bits to 0 to get last 4 bits only # The idea of using the socket lib came from this example code # https://www.binarytides.com/code-a-packet-sniffer-in-python-with-pcapy-extension/ src_addr = socket.inet_ntoa(ip_hdr[8]) dest_addr = socket.inet_ntoa(ip_hdr[9]) print('Source Address: {} | Destination Address: {}'.format(src_addr, dest_addr)) protocol = ip_hdr[6] total_hdr_size = ihl + hdr_length # the total size of the currently processed headers # ICMPv4 if protocol == 1: ICMPHandler(data, total_hdr_size, ihl) # TCP elif protocol == 6: print('Protocol: TCP') TCPHandler(data, total_hdr_size, ihl) # UDP elif protocol == 17: print('Protocol: UDP') UDPHandler(data, total_hdr_size, ihl) # unknown else: print('Protocol: Unknown') print('Data:') hexdump.hexdump(data[total_hdr_size:])
def __init__(self, pkt_dict, data, hdr_length): src_mac_addr = mac2str(pkt_dict['source']) dest_mac_addr = mac2str(pkt_dict['dest']) print('Source MAC: {} | Destination MAC: {}'.format(src_mac_addr, dest_mac_addr)) protocol = pkt_dict['type'] if protocol == 2048: # IPv4 = 0x86DD = 2048 IPv4Handler(data, hdr_length) elif protocol == 34525: # IPv6 = 0x86DD = 34525 IPv6Handler(data, hdr_length) else: # unknown protocol print('DataLink Type: Unknown. Type = {}'.format(type)) hexdump.hexdump(data[hdr_length:])
def __init__(self, data, hdr_length): ipe_hdr = data[hdr_length:hdr_length + 2] ipe_hdr_ = struct.unpack('!BB', ipe_hdr) next_header = ipe_hdr_[0] next_header_len = (ipe_hdr_[1] + 1) * 8 total_hdr_size = hdr_length + next_header_len print('Next header length: {} (bytes)'.format(next_header, next_header_len)) # ICMPv6 if next_header == 58: print('Protocol: ICMPv6') ICMPv6Handler(data, total_hdr_size) # TCP elif next_header == 6: TCPHandler(data, total_hdr_size, IPV6_HDR_SIZE) # UDP elif next_header == 17: UDPHandler(data, total_hdr_size, IPV6_HDR_SIZE) # Hop-by-hop options header elif next_header == 0: print('Protocol: Hop-by-hop options header') IPv6ExtentionHandler(data, total_hdr_size) # Routing header elif next_header == 43: print('Protocol: Routing header') IPv6ExtentionHandler(data, total_hdr_size) # Fragment header elif next_header == 44: print('Protocol: Fragment header') IPv6ExtentionHandler(data, total_hdr_size) # Destination options header elif next_header == 60: print('Protocol: Destination options header') IPv6ExtentionHandler(data, total_hdr_size) # Authentication header elif next_header == 51: print('Protocol: Authentication header') IPv6ExtentionHandler(data, total_hdr_size) # Encapsulating security payload header elif next_header == 50: print('Protocol: Encapsulating security payload header') IPv6ExtentionHandler(data, total_hdr_size) # IPv6 elif next_header == 41: print('Protocol: IPv6') IPv6Handler(data, total_hdr_size) # unknown else: print('Protocol: Unknown') print('Data:') hexdump.hexdump(data[total_hdr_size:])
def __init__(self, data, hdr_length, ihl): udp_hdr = data[hdr_length : hdr_length + UDP_HDR_SIZE] udp_hdr_ = struct.unpack('!HHHH', udp_hdr) src_port = str(udp_hdr_[0]) dest_port = str(udp_hdr_[1]) print('Source Port: {} | Destination Port: {}'.format(src_port, dest_port)) total_hdr_size = ETHERNET_HDR_SIZE + ihl + UDP_HDR_SIZE payload_size = len(data) - total_hdr_size print('Payload Size: ({})'.format(payload_size)) print("Data:") hexdump.hexdump(data[total_hdr_size:])
def __init__(self, data, hdr_length): print('Ethernet Protocol: IPv6') ip_hdr_ = data[hdr_length:hdr_length + IPV6_HDR_SIZE] ip_hdr = struct.unpack('!LHBB16s16s', ip_hdr_) src_addr = mac2str(ip_hdr[4]) dest_addr = mac2str(ip_hdr[5]) print('Source Address: {} | Destination Address: {}'.format(src_addr, dest_addr)) next_header = ip_hdr[2] # ICMPv6 if next_header == 58: print('Protocol: ICMPv6') ICMPv6Handler(data, IPV6_HDR_SIZE + hdr_length) # TCP elif next_header == 6: TCPHandler(data, IPV6_HDR_SIZE + hdr_length, IPV6_HDR_SIZE) # UDP elif next_header == 17: UDPHandler(data, IPV6_HDR_SIZE + hdr_length, IPV6_HDR_SIZE) # Hop-by-hop options header elif next_header == 0: print('Protocol: Hop-by-hop options header') IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE) # Routing header elif next_header == 43: print('Protocol: Routing header') IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE) # Fragment header elif next_header == 44: print('Protocol: Fragment header') IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE) # Destination options header elif next_header == 60: print('Protocol: Destination options header') IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE) # Authentication header elif next_header == 51: print('Protocol: Authentication header') IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE) # Encapsulating security payload header elif next_header == 50: print('Protocol: Encapsulating security payload header') IPv6ExtentionHandler(data, hdr_length + IPV6_HDR_SIZE) # unknown else: print('Protocol: unknown') print('Data:') hexdump.hexdump(data[hdr_length + IPV6_HDR_SIZE:])