资源简介
解析pcap数据包,提取出其中内容,http协议,https,icmp.dns
代码片段和文件信息
#!/usr/bin/env python
“““
此示例扩展了print_packets示例。 它检查HTTP请求标头并显示其内容。
注意:我们没有重建‘流‘,所以请求(如果你试图解析它,则响应)只有在适合单个数据包时才能正确解析。
请求通常可以放在一个数据包中,但响应几乎永远不会。 为了正确重建流程,
您可能需要查看使用DPKT的其他项目(http://chains.readthedocs.io和其他)
“““
import dpkt
import datetime
import socket
from dpkt.compat import compat_ord
from All_in import parse_http_total as pt
from All_in import parse_http_detail as phd
from All_in import feature_enginging as fe
from All_in import add_detail as ad
from All_in import add_total as at
import traceback
import time
def mac_addr(address):
“““Convert a MAC address to a readable/printable string
Args:
address (str): a MAC address in hex form (e.g. ‘\x01\x02\x03\x04\x05\x06‘)
Returns:
str: Printable/readable MAC address
“““
return ‘:‘.join(‘%02x‘ % compat_ord(b) for b in address)
def inet_to_str(inet):
“““Convert inet object to a string
Args:
inet (inet struct): inet network address
Returns:
str: Printable/readable IP address
“““
# First try ipv4 and then ipv6
try:
return socket.inet_ntop(socket.AF_INET inet)
except ValueError:
return socket.inet_ntop(socket.AF_INET6 inet)
def print_http_requests(pcapoutfile):
“““Print out information about each packet in a pcap
Args:
pcap: dpkt pcap reader object (dpkt.pcap.Reader)
“““
# For each packet in the pcap process the contents
for timestamp buf in pcap:
# Unpack the Ethernet frame (mac src/dst ethertype)
eth = dpkt.ethernet.Ethernet(buf)
# Make sure the Ethernet data contains an IP packet
if not isinstance(eth.data dpkt.ip.IP):
print(‘Non IP Packet type not supported %s\n‘ % eth.data.__class__.__name__)
continue
# Now grab the data within the Ethernet frame (the IP packet)
ip = eth.data
# Check for TCP in the transport layer
if isinstance(ip.data dpkt.tcp.TCP):
# Set the TCP data
tcp = ip.data
# Now see if we can parse the contents as a HTTP request
# response = dpkt.http.Response(temp.data)
try:
# request = dpkt.http.Request(tcp.data)
response = dpkt.http.Response(tcp.data)
except (dpkt.dpkt.NeedData dpkt.dpkt.UnpackError):
try:
# response = dpkt.http.Response(tcp.data)
request = dpkt.http.Request(tcp.data)
# print(request.method)
# print(request.uri)
# print(request.headers[‘user-agent‘])
except (dpkt.dpkt.NeedData dpkt.dpkt.UnpackError):
continue
continue
# Pull out fragment information (flags and offset all packed into off field so use bitmasks)
do_not_fragment = bool 相关资源
- python实现谱聚类代码并进行可视化
- Python实现香农码_费诺码_霍夫曼码
- python svm 源码
- 基于python的推荐系统库
- 本地两个文件夹同步,python语言,l
- 图像相似度计算python
- 交大python课大作业
- 基于selenium模拟天眼查登录并爬取企业
- python小游戏完美解决大作业.zip
- Python编程 第四版 真正的完整版
- python开发用到的工具书籍一套全
- Python包:baidumapAPI
- python实现图书借阅系统
- python爬虫样例
- 特征空间可视化.py
- 希尔密码.py Python 矩阵实现希尔密码
- python 获取文件夹下文件名称并写入到
- python面向对象课件
- Python快速编程入门的课后习题答案(
- Python爬虫代码
- 搜集和整理的100道Python考试题.docx
- 手写体数字识别原始数据和贝叶斯代
- Python环境下利用matplotlib绘制发动机万
- 基于Python+Theano实现的Lenet5源代码(附
- Python 中文手册.chm
- python实现类似QQ群聊
- 淘宝秒杀python脚本
-
python 从xm
l文件中提取有用信息转 - REAPER的脚本程序汇总
- ABAQUS 二次开发Python教程
川公网安备 51152502000135号
评论
共有 条评论