Impacket and packet sniffing

Hi All

I have found the simple script that sniffs ICMP packets using Impacket and pcapy. At the moment it is capturing the packet header and data, I was just wondering if anyone knows a way to get it to capture the packet headers only?

Expand|Select|Wrap|Line Numbers

 
#!/usr/bin/python

### sniffer

import pcapy

from impacket.ImpactDecoder import *
 
def recv_pkts(hdr, data):

    x = EthDecoder().decode(data)

    print x
 
def get_int():

    devs = pcapy.findalldevs()

    i=0

    for eth in devs:

        print " %d - %s" %(i,devs[i])

        i+=1

    sel=input(" Select interface: ")

    dev=devs[sel]

    return dev
 
dev = get_int()

p = pcapy.open_live(dev, 1500, 0, 100)

p.setfilter('icmp')

print "Listening on eth: net=%s, mask=%s\n" % (p.getnet(), p.getmask())

p.loop(-1, recv_pkts)

Thanks

Aug 1 '07 #1

Subscribe Post Reply

8459

bartonc

6,596

Expert 4TB

Hi All

I have found the simple script that sniffs ICMP packets using Impacket and pcapy. At the moment it is capturing the packet header and data, I was just wondering if anyone knows a way to get it to capture the packet headers only?

Expand|Select|Wrap|Line Numbers

#!/usr/bin/python

### sniffer

import pcapy

from impacket.ImpactDecoder import *

def recv_pkts(hdr, data):

    x = EthDecoder().decode(data)

    print x

def get_int():

    devs = pcapy.findalldevs()

    i=0

    for eth in devs:

        print " %d - %s" %(i,devs[i])

        i+=1

    sel=input(" Select interface: ")

    dev=devs[sel]

    return dev

dev = get_int()

p = pcapy.open_live(dev, 1500, 0, 100)

p.setfilter('icmp')

print "Listening on eth: net=%s, mask=%s\n" % (p.getnet(), p.getmask())

p.loop(-1, recv_pkts)

Thanks

I think I see what's going on here:
On line 24, the loop() function gets the recv_pkts() function (defined on line 6) as its second argument. That makes the (hdr, data) arguments required. All you have to do is not use the data in YOUR recv_pkts() function:

Expand|Select|Wrap|Line Numbers

 
def recv_pkts(hdr, data):

    ##  x = EthDecoder().decode(data)

    print hdr

Aug 1 '07 #2

T00l

Hi, Thanks for the reply, I have done as suggested and it does now appear to only be reading the headers, however they are in the format as shown below and not printing the actual header data, any ideas why?

C:\scripts>python tcp.py
0 - \Device\NPF_GenericDialupAdapter
1 - \Device\NPF_{60B0D7E9-10AC-46F6-8528-A40D066DFF72}
2 - \Device\NPF_{62E01695-B732-41F6-9F22-A9B92D20E3F2}
3 - \Device\NPF_{0650A74D-212C-4E76-89A1-E4D4F18EA3DE}
Select interface: 2
Listening on eth: net=80.42.47.246, mask=255.255.255.255

<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>

Many Thanks

Aug 2 '07 #3

T00l

Hi, Thanks for the reply, I have done as suggested and it does now appear to only be reading the headers, however they are in the format as shown below and not printing the actual header data, any ideas why?

C:\scripts>python tcp.py
0 - \Device\NPF_GenericDialupAdapter
1 - \Device\NPF_{60B0D7E9-10AC-46F6-8528-A40D066DFF72}
2 - \Device\NPF_{62E01695-B732-41F6-9F22-A9B92D20E3F2}
3 - \Device\NPF_{0650A74D-212C-4E76-89A1-E4D4F18EA3DE}
Select interface: 2
Listening on eth: net=80.42.47.246, mask=255.255.255.255

<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>
<Pkthdr object at 0x00B1A530>

Many Thanks

I've been playing around with this a bit more and it looks like it isn't just icking up the headers but is displaying an error for each packet receieved. I've tried to modify the code as below

def recv_pkts(hdr, data):
x = IPDecoder(hdr)
print x

But getting the following error

Traceback (most recent call last):
File "tcp.py", line 25, in <module>
p.loop(-1, recv_pkts)
File "tcp.py", line 8, in recv_pkts
x = IPDecoder(hdr)
TypeError: __init__() takes exactly 1 argument (2 given)

Anyone got any ideas?

Thanks

Aug 5 '07 #4

Similar topics

Impacket & sequence numbers

by: ias0nas | last post by:

Hello, I have been using Impacket to produce some packets, but unfortunatelly it does not provide functionality for changing the sequence number of a packet and leaves it to 0. Is it possible...

Python

pcapy - print the DATA field of a packet

by: billiejoex | last post by:

Hi all. I'm using pcapy module to sniff some ICMP packets. I would like to modify this source: http://www.google.it/search?hl=it&q=pcapy&btnG=Cerca+con+Google&meta= and visualize only the DATA...

Python

Packet Sniff not working

by: Anony | last post by:

Hi All, I used raw socket to sniff packet data. Now it can sniff only incoming packet, not outgoing data anymore. I don't know if it's due to the installation of XP SP2, firewall or other...

C# / C Sharp

C# supports only LAN packet sniffing

by: Nuno Magalhaes | last post by:

Why does C# only supports LAN packet sniffing? Should I have to use WinPCap if I want to capture the outgoing packets on xp pro also? Why this limitation? Here's the source for capturing the...

C# / C Sharp

Watching my Packet TCP and UDP

by: Dusan Micuch | last post by:

Hi, What's best way for Watching my Packet TCP and UDP ? Socket ? Some external DLL ? What I need to use for build programs like this? I want measure data on specific or anyone port at Real Time....

ASP.NET

creating a packet sniffing software

by: anton07 | last post by:

im a final year undergrad student..and i want to develop a packet sniffing software..but ive got no idea about what software's to use..hope i can get some help here..thanks so much.. or if there's...

Networking - Hardware / Configuration

Altering a packet and writing to network layer

by: nexus024 | last post by:

I am trying to write a program that will continuously sniff eth0 for a specific UDP packet thats being sent to a specific destination IP, alter the data of the packet, and finally transmit it to the...

Perl

Why did the packet capture program did not print any info like IP addr and port??

by: sangith | last post by:

Hi, I tried the packet capture module program. I did a file transfer using ftp from this host to another server. But when I ran the program, it was just hanging off and it did not print the...

Perl

packet sniffing with WinPcap/ SharpPcap: How to download FLV content noninteractively?

by: Ken Fine | last post by:

I have been investigating programmatically downloading FLV content from various sites ("video scraping"??) Many interactive GUI tools do this, such as the Orbit downloader. At the heart of them...

ASP.NET

Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud

by: CloudSolutions | last post by:

Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...

General

Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

General

One-click Importing Excel Data into a*Database

by: ryjfgjl | last post by:

In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...

Microsoft Excel

Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"

by: taylorcarr | last post by:

A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...

General

How to turn on java script in a villaon keypad mobile phone

by: Charles Arthur | last post by:

How do i turn on java script on a villaon, callus and itel keypad mobile phone

Java

Batch import of multiple excel files into the database

by: ryjfgjl | last post by:

If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...

Data Management

Migrating Website to Cloud - Emmanuel Katto

by: emmanuelkatto | last post by:

Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel

General

Navigating the Data Structures and Algorithms (DSA)

by: BarryA | last post by:

What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...

Algorithms / Advanced Math

Is that possible of reading the .csv file in column wise and the column have different lengths ?

by: Sonnysonu | last post by:

This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...

C / C++