sniffer

Writing an http sniffer (or any other application level sniffer) [closed]

夙愿已清 提交于 2019-12-08 05:01:12
问题 Closed . This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed last year . I am trying my hands understanding PCAP libraries. I am able to apply a filter and get the TCP payload at port 80. But what next ? How can I read the HTTP data - suppose I want to know the "User Agent" field value in the http header..how should I proceed ? I have searched the

Writing an http sniffer (or any other application level sniffer) [closed]

和自甴很熟 提交于 2019-12-06 16:03:22
Closed . This question needs to be more focused . It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post . Closed last year . I am trying my hands understanding PCAP libraries. I am able to apply a filter and get the TCP payload at port 80. But what next ? How can I read the HTTP data - suppose I want to know the "User Agent" field value in the http header..how should I proceed ? I have searched the website (and googled a lot too), and could find a related thread here : writing a http sniffer . But this

Bluetooth Low Energy Notification Interval

本秂侑毒 提交于 2019-12-06 10:26:18
问题 I have a question regarding the bluetooth LE protocol. I have an Android Device and a peripheral device. Looking at the transmission with a sniffer and wireshark there is +/- every 40ms an empty PDU message. As I understood the protocol this means the connection interval those device chose is 40ms. For testing I am using a simple "UART" application where the android device enables the notification on an antribute of the peripheral device and gets notified whenever the attribute changes. Now,

WAMP下安装PEAR和PHPUnit

故事扮演 提交于 2019-12-06 00:38:54
刚才参考不少资料完成了Windows下面的PEAR和PHPUnit的安装。故记录一下,也给正在进行相关配置的朋友做一个参考。希望有用哈~~ 我们开始吧,首先说一下我的环境: Win7 64bit PHP5.3.13-VC9-TS Apache2.2.22 ———————————————————— 华丽的分割线 —————————————————————————— 1. 安装PEAR 下载go-pear.phar(下载地址: http://pear.php.net/go-pear.phar ) 将go-pear.phar放在待安装目录下: 我使用的是WAMP集成环境,PHP的目录如下: H:\Wamp\bin\php\php5.3.13 我再PHP目录下建立了一个文件夹PEAR,用来作为PEAR的安装目录,同时把go-pear.phar拷贝到 PEAR目录下,如下图所示: 运行命令,安装PEAR 打开CMD,进入PHP目录,执行如下命令: H:\wamp\bin\php\php5.3.13>php -d phar.require_hash=0 PEAR/go-pear.phar 运行后会提示安装在system还是local,输入Local即可。此后一直输入回车,直到提示是否修改php.ini文件,然后输入”Y“ 然后依然是连续输入回车。直到安装完成。 PEAR安装完成后

Python scan for WiFi

≯℡__Kan透↙ 提交于 2019-12-05 02:50:20
问题 I was searching for a program that can scan for WiFi networks and print all of the SSIDs. I tried with scapy but I failed. I am using the pyCharm editor. I tried this code: from scapy.all import * from scapy.layers.dot11 import Dot11 def packet_handler(pkt): if pkt.haslayer(Dot11) and pkt.type == 2: print(pkt.show()) scapy.sniff(iface="mon0", prn=packet_handler) 回答1: try pip install wifi then for scanning use from wifi import Cell, Scheme Cell.all('wlan0') This returns a list of Cell objects.

Writing email sniffer

浪尽此生 提交于 2019-12-05 01:57:29
问题 I am interested in writing an email sniffer that saves all emails sent via web based clients to hd, but I can't work out how to do this. How can I catch HTTPS mail before it is encrypted? I would really appriciate some useful info. I cannot find anything information on the web. There's a program called HTTP Analyzer V5 that does the exact thing I want to make. How should I start? If I make a packet sniffer, it's useless because all data is encrypted. Is there any other option? 回答1: You can't.

HTTP GET packet sniffer in Scapy

≯℡__Kan透↙ 提交于 2019-12-05 00:37:02
问题 I am trying to code a simple sniffer in Scapy, which only prints HTTP packets with GET method only. Here's the code: #!/usr/bin/python from scapy.all import * def http_header(packet): http_packet=str(packet) if http_packet.find('GET'): print GET_print(packet) print packet def GET_print(packet1): print "***************************************GET PACKET****************************************************" print packet1 print "*********************************************************************

python/scapy DNS sniffer and parser

大城市里の小女人 提交于 2019-12-04 17:57:33
I have python/scapy sniffer for DNS. I am able to sniff DNS messages and get IP/UDP source and destination IP address and ports but I have problems parsing DNS part I would appreciate some help or solution to work this out. #!/usr/bin/env python from scapy.all import * from datetime import datetime import time import datetime import sys ############# MODIFY THIS PART IF NECESSARY ############### interface = 'eth0' filter_bpf = 'udp and port 53' # ------ SELECT/FILTER MSGS def select_DNS(pkt): pkt_time = pkt.sprintf('%sent.time%') # ------ SELECT/FILTER DNS MSGS try: if DNSQR in pkt and pkt

Bluetooth Low Energy Notification Interval

旧街凉风 提交于 2019-12-04 17:33:43
I have a question regarding the bluetooth LE protocol. I have an Android Device and a peripheral device. Looking at the transmission with a sniffer and wireshark there is +/- every 40ms an empty PDU message. As I understood the protocol this means the connection interval those device chose is 40ms. For testing I am using a simple "UART" application where the android device enables the notification on an antribute of the peripheral device and gets notified whenever the attribute changes. Now, if I "send" multiple 20 byte packets through this setup, wireshark shows me, that those value

HTTP GET packet sniffer in Scapy

血红的双手。 提交于 2019-12-03 15:00:56
I am trying to code a simple sniffer in Scapy, which only prints HTTP packets with GET method only. Here's the code: #!/usr/bin/python from scapy.all import * def http_header(packet): http_packet=str(packet) if http_packet.find('GET'): print GET_print(packet) print packet def GET_print(packet1): print "***************************************GET PACKET****************************************************" print packet1 print "*****************************************************************************************************" sniff(iface='eth0',prn=http_header) Here is the output: *************