资源简介
解析pcap数据包,提取出其中内容,http协议,https,icmp.dns
代码片段和文件信息
#!/usr/bin/env python
“““
此示例扩展了print_packets示例。 它检查HTTP请求标头并显示其内容。
注意:我们没有重建‘流‘,所以请求(如果你试图解析它,则响应)只有在适合单个数据包时才能正确解析。
请求通常可以放在一个数据包中,但响应几乎永远不会。 为了正确重建流程,
您可能需要查看使用DPKT的其他项目(http://chains.readthedocs.io和其他)
“““
import dpkt
import datetime
import socket
from dpkt.compat import compat_ord
from All_in import parse_http_total as pt
from All_in import parse_http_detail as phd
from All_in import feature_enginging as fe
from All_in import add_detail as ad
from All_in import add_total as at
import traceback
import time
def mac_addr(address):
“““Convert a MAC address to a readable/printable string
Args:
address (str): a MAC address in hex form (e.g. ‘\x01\x02\x03\x04\x05\x06‘)
Returns:
str: Printable/readable MAC address
“““
return ‘:‘.join(‘%02x‘ % compat_ord(b) for b in address)
def inet_to_str(inet):
“““Convert inet object to a string
Args:
inet (inet struct): inet network address
Returns:
str: Printable/readable IP address
“““
# First try ipv4 and then ipv6
try:
return socket.inet_ntop(socket.AF_INET inet)
except ValueError:
return socket.inet_ntop(socket.AF_INET6 inet)
def print_http_requests(pcapoutfile):
“““Print out information about each packet in a pcap
Args:
pcap: dpkt pcap reader object (dpkt.pcap.Reader)
“““
# For each packet in the pcap process the contents
for timestamp buf in pcap:
# Unpack the Ethernet frame (mac src/dst ethertype)
eth = dpkt.ethernet.Ethernet(buf)
# Make sure the Ethernet data contains an IP packet
if not isinstance(eth.data dpkt.ip.IP):
print(‘Non IP Packet type not supported %s\n‘ % eth.data.__class__.__name__)
continue
# Now grab the data within the Ethernet frame (the IP packet)
ip = eth.data
# Check for TCP in the transport layer
if isinstance(ip.data dpkt.tcp.TCP):
# Set the TCP data
tcp = ip.data
# Now see if we can parse the contents as a HTTP request
# response = dpkt.http.Response(temp.data)
try:
# request = dpkt.http.Request(tcp.data)
response = dpkt.http.Response(tcp.data)
except (dpkt.dpkt.NeedData dpkt.dpkt.UnpackError):
try:
# response = dpkt.http.Response(tcp.data)
request = dpkt.http.Request(tcp.data)
# print(request.method)
# print(request.uri)
# print(request.headers[‘user-agent‘])
except (dpkt.dpkt.NeedData dpkt.dpkt.UnpackError):
continue
continue
# Pull out fragment information (flags and offset all packed into off field so use bitmasks)
do_not_fragment = bool
相关资源
- 二级考试python试题12套(包括选择题和
- pywin32_python3.6_64位
- python+ selenium教程
- PycURL(Windows7/Win32)Python2.7安装包 P
- 英文原版-Scientific Computing with Python
- 7.图像风格迁移 基于深度学习 pyt
- 基于Python的学生管理系统
- A Byte of Python(简明Python教程)(第
- Python实例174946
- Python 人脸识别
- Python 人事管理系统
- 基于python-flask的个人博客系统
- 计算机视觉应用开发流程
- python 调用sftp断点续传文件
- python socket游戏
- 基于Python爬虫爬取天气预报信息
- python函数编程和讲解
- Python开发的个人博客
- 基于python的三层神经网络模型搭建
- python实现自动操作windows应用
- python人脸识别(opencv)
- python 绘图(方形、线条、圆形)
- python疫情卡UN管控
- python 连连看小游戏源码
- 基于PyQt5的视频播放器设计
- 一个简单的python爬虫
- csv文件行列转换python实现代码
- Python操作Mysql教程手册
- Python Machine Learning Case Studies
- python获取硬件信息
评论
共有 条评论