吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 1203|回复: 12
收起左侧

[Python 原创] python的 scapy和PacketSniffer实现抓包

[复制链接]
maxpoter 发表于 2024-3-15 08:37
本帖最后由 wushaominkk 于 2024-3-16 08:44 编辑

f
[Python] 纯文本查看 复制代码
rom scapy.all import *
from scapy.layers.http import HTTP
from scapy.layers.http import TCP
import codecs
import time
import requests

class PacketSniffer:
    def __init__(self, interface, filter_expr):
        self.interface = interface
        self.filter_expr = filter_expr
        self.packet_count = 0

    def start_sniffing(self):
        sniff(iface=self.interface, prn=self.process_packet, filter=self.filter_expr)

    def list_start_sniffing(self):
        sniff(iface=self.interface, prn=self.list_process_packet, filter=self.filter_expr)

    def process_packet(self, packet):
        self.parse_packet(packet)

    def process_packet(self, packet):
        global global_cookie
        print(f"*****{self.packet_count}**BEGIN****")
        print(f"数据包摘要:\n{packet.summary[i]()[/i]}")
        print(f"摘要完毕")

        [i]# if packet.haslayer(TCP) and packet.getlayer(TCP).payload:
[/i][i]        [/i]if packet.haslayer(TCP):
            raw_layer = packet.getlayer(Raw)

            [i]# 打印源IP和目标IP
[/i][i]            [/i]src_ip = packet.getlayer(IP).src
            dst_ip = packet.getlayer(IP).dst
            packet_size = len(str[i]([/i]packet[i])[/i])

            if raw_layer is not None:
                request = str(raw_layer.load)
                [i]# result = hexdump(request)
[/i][i]                [/i]result = (request)
                time.sleep(1)
                if result is not None:
                    print(f"request:{request.strip[i]()[/i]}", flush=True)[i]# 打印
[/i][i]                    # print(f"result:{result}", flush=True)# 打印
[/i][i]
[/i][i]                    # 使用正则表达式匹配b'...'的内容
[/i][i]                    [/i]pattern = r"b'(.*?)'"
                    match = re.search(pattern, request)
                    if match:
                        cookie_string = match.group(1)
                        print("提取的b'...'后面的内容:", match.group[i]([/i]1[i])[/i].strip[i]()[/i])
                        cookie_match = re.search(r'JSESSIONID=(.*?)\\r\\n\\r\\nsearch_page_size=', cookie_string)
                        if cookie_match:
                            session_id = cookie_match.group(1)
                            global_cookie = 'JSESSIONID='+session_id          [i]#赋值给全局变量global_cookie
[/i][i]                            [/i]print(f'{global_cookie}')
                            print(f'JSESSIONID={session_id}')
                            if session_id!="" or session_id is not None:
                                print(f"返回:{session_id}")
                                [i]# return session_id
[/i][i]                        [/i]else:
                            print("No match found.")
                    else:
                        print("没有找到匹配的b'...'内容。")

                [i]# 将字符串转换为字节对象
[/i][i]                [/i]request_bytes = request.encode('gbk')

                [i]# 使用 codecs 库解码字节对象
[/i][i]                [/i]decoded_data = codecs.decode(request_bytes, 'gbk')

                [i]# 计算发送和接收的数据包大小
[/i][i]                [/i]send_size = len(request)
                if 'GET' in request:
                    self.packet_count += 1
                    print(f"******GET*====={self.packet_count}=====*****")
                    print(f"Packet {self.packet_count}:")
                [i]# if 'GET' in request or 'POST' in request:
[/i][i]                [/i]if 'POST' in request:
                    self.packet_count += 1
                    print(f"****** POST*====={self.packet_count}=====*****")
                    print(f"Packet {self.packet_count}:")

[i]                    [/i]result = (request)
                    print(f"HTTP Payload: ")  [i]# 打印
[/i][i]                    [/i]time.sleep(1)
                    if result is not None:
                        print(f"request:{request.strip[i]()[/i]}", flush=True)  [i]# 打印
[/i][i]                        # print(f"result:{result}", flush=True)  # 打印
[/i][i]
[/i][i]                        # 使用正则表达式匹配b'...'的内容
[/i][i]                        [/i]pattern = r"b'(.*?)'"
                        match = re.search(pattern, request)
                        if match:
                            print("提取的b'...'后面的内容:", match.group[i]([/i]1[i])[/i])
                        else:
                            print("没有找到匹配的b'...'内容。")
                    print(f"Source IP: {src_ip}")
                    print(f"Destination IP: {dst_ip}")
                    print(f"Send Size: {send_size} bytes")
                    print(f"Packet Size: {packet_size}")
        print(f"*****{self.packet_count}**END****")
        print()

    def list_process_packet(self, packet):
        print(f"*****{self.packet_count}**BEGIN****")
        print(f"数据包摘要:\n{packet.summary[i]()[/i]}")  [i]# 打印数据包摘要
[/i][i]        [/i]print(f"摘要完毕")
[i]        [/i]if packet.haslayer(TCP):
            raw_layer = packet.getlayer(Raw)

            [i]# 打印源IP和目标IP
[/i][i]            [/i]src_ip = packet.getlayer(IP).src
            dst_ip = packet.getlayer(IP).dst
            packet_size = len(str[i]([/i]packet[i])[/i])

            if raw_layer is not None:
                request = str(raw_layer.load)
[i]                [/i]result = (request.strip[i]()[/i])
                time.sleep(1)
                if result is not None:
                    print(f"request:{request.strip[i]()[/i]}", flush=True)[i]# 打印
[/i][i]
[/i][i]                    # 使用正则表达式匹配b'...'的内容
[/i][i]                    [/i]pattern = r"b'(.*?)'"
                    match = re.search(pattern, request)
                    if match:
                        cookie_string = match.group(1).strip()
                        print("提取的b'...'后面的内容:", match.group[i]([/i]1[i])[/i])
                        cookie_match = re.search(r'JSESSIONID=(.*?)\\r\\n\\r\\nsearch_page_size=', cookie_string)
                        if cookie_match:
                            session_id = cookie_match.group(1)
                            print(f'JSESSIONID={session_id}')
                            if session_id!="" or session_id is not None:
                                print(f"返回:{session_id}")
                                [i]# return session_id
[/i][i]                        [/i]else:
                            print("No match found.")
                    else:
                        print("没有找到匹配的b'...'内容。")

                [i]# 将字符串转换为字节对象
[/i][i]                [/i]request_bytes = request.encode('gb2312')

                [i]# 使用 codecs 库解码字节对象
[/i][i]                [/i]decoded_data = codecs.decode(request_bytes, 'gb2312')

                [i]# 计算发送和接收的数据包大小
[/i][i]                [/i]send_size = len(request)

                if 'GET' in request or 'POST' in request:
                    self.packet_count += 1
                    print(f"******GET or POST*====={self.packet_count}=====*****")
                    print(f"Packet {self.packet_count}:")
[i]
[/i][i]                    [/i]result = (request)
                    print(f"HTTP Payload: ")  [i]# 打印
[/i][i]                    [/i]time.sleep(1)
                    if result is not None:
                        print(f"request:{request.strip[i]()[/i]}", flush=True)  [i]# 打印
[/i][i]
[/i][i]                        # 使用正则表达式匹配b'...'的内容
[/i][i]                        [/i]pattern = r"b'(.*?)'"
                        match = re.search(pattern, request)
                        if match:
                            print("提取的b'...'后面的内容:", match.group[i]([/i]1[i])[/i])
                        else:
                            print("没有找到匹配的b'...'内容。")
                    print(f"Source IP: {src_ip}")
                    print(f"Destination IP: {dst_ip}")
                    print(f"Send Size: {send_size} bytes")
                    print(f"Packet Size: {packet_size}")
        print(f"*****{self.packet_count}**END****")
        print()


if __name__ == '__main__':
    [i]# 创建PacketSniffer实例并指定接口和过滤器表达式
[/i][i]    [/i]print(f"先登录,然后进入,点击搜索")
    print(f"生成内容中有cookie,需要哪个浏览器就按上述步骤,拷贝cookie到global_data")
    print(f"")
    filter_expr = 'tcp and port 8004'
    sniffer = PacketSniffer(r"本地连接", filter_expr)  [i]# 使用eth0='本地连接'接口进行抓包,并过滤HTTP协议数据包
[/i][i]
[/i][i]    # 开始抓包并解析数据包,获取每次登陆后的cookie,存到全局变量global_cookie,手动更新到info中的Cookie
[/i][i]    [/i]sniffer.start_sniffing()
    [i]# MA待处理清单获取之后显示,现在的显示暂时无法获取数据,乱码,需要改进
[/i][i]    [/i]sniffer.list_start_sniffing()

运行图

运行图

免费评分

参与人数 4吾爱币 +9 热心值 +4 收起 理由
苏紫方璇 + 7 + 1 欢迎分析讨论交流,吾爱破解论坛有你更精彩!
张伯伦 + 1 用心讨论,共获提升!
yangyuchen021 + 1 + 1 用心讨论,共获提升!
RobynShao + 1 + 1 感谢发布原创作品,吾爱破解论坛因你更精彩!

查看全部评分

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

terroristjl 发表于 2024-3-15 10:20
感谢分享!
lyym99 发表于 2024-3-15 10:34
ypmc008 发表于 2024-3-15 11:06
kings0b 发表于 2024-3-15 11:09
好东西学习下
 楼主| maxpoter 发表于 2024-3-15 11:13

多谢提醒
lionggvip 发表于 2024-3-15 11:18
感谢分享
wasm2023 发表于 2024-3-15 11:55
请问能抓客户端吗
BOUs 发表于 2024-3-15 12:00
感谢分享!
 楼主| maxpoter 发表于 2024-3-15 15:06
wasm2023 发表于 2024-3-15 11:55
请问能抓客户端吗

客户端是指?这个是在浏览器(客户端)抓取服务端的数据的,您说的客户端是?
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-12-15 01:03

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表