def next_packet(self):
header = ctypes.POINTER(winpcapy.pcap_pkthdr)()
pkt_data = ctypes.POINTER(ctypes.c_ubyte)()
res = winpcapy.pcap_next_ex(
self._fp,
ctypes.byref(header),
ctypes.byref(pkt_data),
)
if(res == -1):
raise RuntimeError(
'pcap_next_ex failed: ' % winpcapy.pcap_geterr(self._fp)
)
if res == 0:
return None
return {
'header': {
'timestamp': (
datetime.datetime.utcfromtimestamp(
header.contents.ts.tv_sec
) +
datetime.timedelta(
microseconds=header.contents.ts.tv_usec,
)
),
'caplen': header.contents.caplen,
'len': header.contents.len,
},
'data': bytearray(pkt_data[
:min(header.contents.caplen, header.contents.len)
]),
}
def run(self):
handler = 0
if self.num == 0:
handler = DEV0HANDLER
elif self.num == 1:
handler = DEV1HANDLER
while self.is_running:
hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)()
pkt = ctypes.POINTER(ctypes.c_ubyte)()
res = winpcapy.pcap_next_ex(handler,ctypes.byref(hdr),ctypes.byref(pkt))
if res>0 :
data = ctypes.string_at(pkt,hdr.contents.len)
if netlib.read_mac_hdr(data)[self.x] == self.inMac: # nota bene : limite effet passerelle
self.otbuffer.put(data)
return
def recvfrom(self, bufsize):
# retrieve a packet from pcap
header = ctypes.POINTER(capy.pcap_pkthdr)()
pkt_data = ctypes.POINTER(ctypes.c_ubyte)()
status = capy.pcap_next_ex(self._fp, ctypes.byref(header), ctypes.byref(pkt_data))
if status == 0:
# timeout
return False
elif status > 0:
# interpret captured packet
pkt_len = header.contents.caplen
pkt_buf = ctypes.string_at(pkt_data, pkt_len)
pkt = dpkt.ethernet.Ethernet(pkt_buf)
return (pkt_buf, pkt.src)
else:
# some error occured
raise ("error capturing packets: %s" % capy.pcap_geterr(self._fp))
pass
def run(self):
if self.num == 0:
handler = DEV0HANDLER
elif self.num == 1:
handler = DEV1HANDLER
while self.is_running:
hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)()
pkt = ctypes.POINTER(ctypes.c_ubyte)()
res = winpcapy.pcap_next_ex(handler,ctypes.byref(hdr),ctypes.byref(pkt))
if res>0:
print "PROBE : packet found (len : "+str(hdr.contents.len)+")"
if self.verbose:
data = ctypes.string_at(pkt,hdr.contents.len)
print "PROBE : packet content : "+str(data)+"\n"
if self.verbose:
print "ProbeSpider stoped"
return
def recvfrom(self, bufsize):
# retrieve a packet from pcap
header = ctypes.POINTER(capy.pcap_pkthdr)()
pkt_data = ctypes.POINTER(ctypes.c_ubyte)()
status = capy.pcap_next_ex(self._fp, ctypes.byref(header),
ctypes.byref(pkt_data))
if (status == 0):
# timeout
return False
elif (status > 0):
# interpret captured packet
pkt_len = header.contents.caplen
pkt_buf = ctypes.string_at(pkt_data, pkt_len)
pkt = dpkt.ethernet.Ethernet(pkt_buf)
return (pkt_buf, pkt.src)
else:
# some error occured
raise ('error capturing packets: %s' %
capy.pcap_geterr(self._fp))
pass
def run(self):
handler = 0
if self.num == 0:
handler = DEV0HANDLER
elif self.num == 1:
handler = DEV1HANDLER
while self.is_running:
hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)()
pkt = ctypes.POINTER(ctypes.c_ubyte)()
res = winpcapy.pcap_next_ex(handler, ctypes.byref(hdr),
ctypes.byref(pkt))
if res > 0:
data = ctypes.string_at(pkt, hdr.contents.len)
if netlib.read_mac_hdr(
data
)[self.x] == self.inMac: # nota bene : limite effet passerelle
self.otbuffer.put(data)
return
def run(self):
if self.num == 0:
handler = DEV0HANDLER
elif self.num == 1:
handler = DEV1HANDLER
while self.is_running:
hdr = ctypes.POINTER(winpcapy.pcap_pkthdr)()
pkt = ctypes.POINTER(ctypes.c_ubyte)()
res = winpcapy.pcap_next_ex(handler, ctypes.byref(hdr),
ctypes.byref(pkt))
if res > 0:
print "PROBE : packet found (len : " + str(
hdr.contents.len) + ")"
if self.verbose:
data = ctypes.string_at(pkt, hdr.contents.len)
print "PROBE : packet content : " + str(data) + "\n"
if self.verbose:
print "ProbeSpider stoped"
return
def get_packets(self, filter):
header = POINTER(winpcapy.pcap_pkthdr)()
packet = POINTER(c_ubyte)()
rtr = 1
try:
while rtr >= 0:
rtr = winpcapy.pcap_next_ex(self._pcap_t, header, packet)
if self.__class__ == LiveNetworkCapture and self.dumper_t:
winpcapy.pcap_dump(self.dumper_t, header, packet)
#winpcapy.pcap_dump_flush(self.dumper_t)
if rtr > 0:
try:
network_packet = NetworkPacket(header=header, packet=packet)
if filter(network_packet):
yield network_packet
except PCapCorruptPacket:
continue
except:
continue # TODO: smarter error checking here?
except (KeyboardInterrupt, SystemExit), e:
sys.exit()
