Awesome-Mirrors/cyber-security-resources
1
0
Fork 0
mirror of https://github.com/The-Art-of-Hacking/h4cker.git synced 2024-08-31 14:32:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
46886af1b2
cyber-security-resources/programming_and_scripting_for_cybersecurity/recon_scripts/another_scapy_sniffer_walkthrough.md
Omar Santos 46886af1b2
Update another_scapy_sniffer_walkthrough.md
2023-01-12 13:40:14 -05:00

1.5 KiB
Raw Blame History

Simple Scapy Packet Capture

Here is a Python script that uses the Scapy library to capture a packet:

from scapy.all import *

# Define a callback function
def packet_callback(packet):
    print(packet.show())

# Use the sniff() function to capture packets
sniff(prn=packet_callback, filter="tcp", count=1)

This script uses the sniff() function from Scapy to capture packets. The prn argument is set to a callback function, packet_callback, which is called for each packet captured. The filter argument is set to "tcp" to capture only TCP packets, and the count argument is set to 1 to stop capturing after the first packet is captured. The show() function is used to display the packet information.

You can also use filter to capture specific IP or port.

sniff(prn=packet_callback, filter="tcp and host 10.1.1.2 and port 80", count=1)

It's important to note that capturing packets may require root/admin permissions.

Saving to a pcap file

Here is a modified version of the script that saves the captured packets to a pcap file:

from scapy.all import *

# Define a callback function
def packet_callback(packet):
    print(packet.show())
    wrpcap("captured_packets.pcap", packet, append=True)

# Use the sniff() function to capture packets
sniff(prn=packet_callback, filter="tcp", count=1)

This script uses the wrpcap() function from Scapy to save the captured packets to a pcap file named "captured_packets.pcap". The append=True argument is used to append the packets to the file instead of overwriting it.