今日又无聊~~~感觉浏览器检查太麻烦,于是乎想搞个抓包脚本监听本地网卡~~~~代码贴上,复制即可使用~不行那就装个包哦!嘿嘿
- import os
- import dpkt
- import socket
- import datetime
- import uuid
-
- from scapy.sendrecv import sniff
- from scapy.utils import wrpcap
-
- def get_local_ip():
-
- hostname = socket.gethostname()
- # 获取本机内网ip
- local_ips = socket.gethostbyname_ex(hostname)[-1]
-
- return local_ips
-
- def body_transfer(body):
-
- str_body = body.decode()
-
- body_ls = str_body.split("&")
-
- for item in body_ls:
- key_, value_ = item.split("=")
- print(" %s: %s"% (key_, value_))
-
- def get_dpkt():
-
- dpkt_ = sniff(count = 100) #这里是针对单网卡的机子,多网卡的可以在参数中指定网卡,例:iface=Qualcomm QCA9377 802.11ac Wireless Adapter
- _uuid = uuid.uuid1()
- filename = f"{_uuid}.pcap"
- wrpcap(filename, dpkt_)
-
- return filename
-
- def print_pcap(pcap):
- try:
- local_ips = get_local_ip()
-
- for timestamp, buf in pcap:
- eth = dpkt.ethernet.Ethernet(buf) #获得以太包,即数据链路层包
- # print("ip layer:"+eth.data.__class__.__name__) #以太包的数据既是网络层包
- # print("tcp layer:"+eth.data.data.__class__.__name__) #网络层包的数据既是传输层包
- # print("http layer:" + eth.data.data.data.__class__.__name__) #传输层包的数据既是应用层包
- #
- # print('Timestamp: ',str(datetime.datetime.utcfromtimestamp(timestamp))) #打印出包的抓取时间
-
- if not isinstance(eth.data, dpkt.ip.IP):
- print('Non IP Packet type not supported %s' % eth.data.__class__.__name__)
- continue
- ip = eth.data
- src_ip = socket.inet_ntoa(ip.src)
- dst_ip = socket.inet_ntoa(ip.dst)
- do_not_fragment =bool(ip.off & dpkt.ip.IP_DF)
- more_fragments =bool(ip.off & dpkt.ip.IP_MF)
- fragment_offset = ip.off & dpkt.ip.IP_OFFMASK
-
- if isinstance(ip.data, dpkt.tcp.TCP):
-
- # Set the TCP data
- tcp = ip.data
-
- # Now see if we can parse the contents as a HTTP request
- # 看看是否可以将内容解析为HTTP请求
- try:
-
- request = dpkt.http.Request(tcp.data)
-
- print('IP: %s -> %s (len=%d ttl=%d DF=%d MF=%d offset=%d)' % (src_ip + "(本机)" if src_ip in local_ips else src_ip, dst_ip, ip.len, ip.ttl, do_not_fragment, more_fragments,fragment_offset))
-
- print("URL: %s" % request.headers.get("host") + request.uri)
- print("METHOD: %s" % request.method.upper())
- print("Headers: ")
- for key, value in request.headers.items():
- print(" %s: %s" %(key, value))
-
- print("Body:")
- body_transfer(request.body)
- print("Data:")
- body_transfer(request.data)
- # print('HTTP request: %s\n' % repr(request))
-
- print()
- except (dpkt.dpkt.NeedData, dpkt.dpkt.UnpackError):
- continue
-
- # Pull out fragment information (flags and offset all packed into off field, so use bitmasks)
-
- except Exception as error:
- pass
-
- def main():
-
- while True:
- filename = get_dpkt()
- with open(filename, "rb") as f:
- pcap = dpkt.pcap.Reader(f)
- print_pcap(pcap)
-
- os.remove(filename)
-
- if __name__ =='__main__':
- main()
实现输出:
- IP: 192.168.8.4(本机) -> 101.226.211.223 (len=770 ttl=128 DF=1 MF=0 offset=0)
- URL: client.show.qq.com/cgi-bin/qqshow_user_props_info
- METHOD: POST
- Headers:
- accept: */*
- accept-language: zh-CN
- x-flash-version: 32,0,0,330
- content-type: application/x-www-form-urlencoded
- content-length: 115
- accept-encoding: gzip, deflate
- user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E)
- host: client.show.qq.com
- connection: Keep-Alive
- cache-control: no-cache
- cookie: pgv_pvid=3799000690; euin_cookie=640439D46CDC58665AB4F5F3B323373956EAFBBF9BF51FDF; ptcz=5d07117027510d320908125b0ef4126ddda91a6d014acaf2f052391f96270a23; pgv_pvi=2758768640; uin_cookie=207223216; RK=3QRly54pcL
- Body:
- senduin: 24350438
- uin: 20722321
- sVersion: 2014
- ckey: B2A96E6CCA568A891AA2FEFF214DC03A73FC7D583079467F01117641FAD33BA9
- Data:
湘公网安备 43102202000103号
