Advertisement
FlyFar

Ethernet Sniffer

Jul 7th, 2023
768
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.05 KB | Cybersecurity | 0 0
  1. import socket
  2. import textwrap
  3. import struct
  4.  
  5. TAB_1 = '\t - '
  6. TAB_2 = '\t\t - '
  7. TAB_3 = '\t\t\t - '
  8. TAB_4 = '\t\t\t\t - '
  9.  
  10. DATA_TAB_1 = '\t   '
  11. DATA_TAB_2 = '\t\t   '
  12. DATA_TAB_3 = '\t\t\t   '
  13. DATA_TAB_4 = '\t\t\t\t   '
  14.  
  15. def ether_frame(data):
  16.     #unpack etherbet frame
  17.     dest_mac,src_mac,protocol=struct.unpack('! 6s 6s 6s H',data[:14])
  18.     return get_mac_address(dest_mac), get_mac_address(src_mac), socket.htons(protocol), data[14:]
  19.  
  20. def get_mac_address(bytes_addr):
  21.     #Formats mac address in a proper format(AA:BB:CC:DD:EE:FF)
  22.     bytes_strmap=map('{:02x}'.format, bytes_addr)
  23.     mac_addr=':'.join(bytes_str).upper()
  24.     return mac_addr
  25.  
  26. def main():
  27.     connection=socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.ntohs(3))
  28.     while True:
  29.         raw_data,addr=connection.recvfrom(65536)
  30.         dest_mac, src_mac, eth_proto, data = ethernet_frame(raw_data)
  31.         print('\nEthernet Frame:')
  32.         print(TAB_1+'Destination: {}, Source: {}, Protocol: {}'.format(dest_mac,src_mac,eth_proto))
  33.  
  34.         if eth_proto==8:
  35.             (version,header_length,ttl,proto,src,target,data)=ipv4_packet(data)
  36.             print(TAB_1+'IPv4 Packet:')
  37.             print(TAB_2 + 'Version: {}, Header Length: {}, TTL: {},'.format(version,header_length,ttl))
  38.             print(TAB_2 + 'Protocol: {}, Source: {}, Target: {}'.format(proto, src, target))
  39.  
  40.         elif eth_proto==1:
  41.              icmp = ICMP(ipv4.data)
  42.             print(TAB_1 + 'ICMP Packet:')
  43.             print(TAB_2 + 'Type: {}, Code: {}, Checksum: {},'.format(icmp_type,code, checksum))
  44.             print(TAB_2 + 'ICMP Data:')
  45.             print(format_multi_line(DATA_TAB_3, data))
  46.  
  47.         elif eth_proto == 17:
  48.             src_port,dest_port,length,data = udp_packet(data)
  49.             print(TAB_1 + 'UDP Segment:')
  50.             print(TAB_2 + 'Source Port: {}, Destination Port: {}, Length: {}'.format(src_port,dest_port, size))
  51.  
  52.         elif eth_proto==6:
  53.             (src_port, dest_port,sequebce, acknowledgement, flag_urg, flag_ack, flag_psh, flag_rst, flag_syn, flag_fin, data)=tcp_packet(data)
  54.             print(TAB_1 + 'TCP Segment:')
  55.             print(TAB_2 + 'Source Port: {}, Destination Port: {}'.format(src_port, dest_port))
  56.             print(TAB_2 + 'Sequence: {}, Acknowledgment: {}'.format(sequence, acknowledgment))
  57.             print(TAB_2 + 'Flags:')
  58.             print(TAB_3 + 'URG: {}, ACK: {}, PSH: {}'.format(flag_urg, flag_ack, flag_psh))
  59.             print(TAB_3 + 'RST: {}, SYN: {}, FIN:{}'.format(flag_rst, flag_syn, flag_fin))
  60.             print(format_multi_line(DATA_TAB_3,data))
  61.  
  62.         else:
  63.             print(TAB_1 + 'Other IPv4 Data:')
  64.             print(format_multi_line(DATA_TAB_2, data))
  65.  
  66. def ipv4_packet(data):
  67.     #unpack IP Packet
  68.     version_header_length=data[0]
  69.     version=version_header_length >> 4
  70.     header_length = (version_header_length & 15) * 4
  71.     ttl,protocol,src,dest=struct.unpack('! 8x B B 2x 4s 4s',data[:20])
  72.     return version,header_length, ttl, protocol,ipv4(src),ipv4(dest),data[data_header:]
  73.  
  74. #Returns Formatted IPv4 Address
  75. def ipv4(addr):
  76.     return '.'.join(map(str,addr))
  77.  
  78. def icmp_packet(data):
  79.     icmp_type,code,checksum=struct.unpack('! B B H', data[:4])
  80.     return icmp_type,code,checksum,data[4:]
  81.  
  82. def tcp_packet(data):
  83.     (src_port,dest_port,sequence,acknowledgement,offest_reserved_flags)=struct.unpack('! H H L L H',data[:14])
  84.     offset=(offset_reserved_flags >> 12) * 4
  85.     flag_urg=(offset_reserved_flags & 32)>> 5
  86.     flag_ack=(offset_reserved_flags & 16)>> 4
  87.     flag_psh=(offset_reserved_flags & 8)>>  3
  88.     flag_rst=(offset_reserved_flags & 4)>>2
  89.     flag_syn=(offset_reserved_flags & 2)>>1
  90.     flag_fin=(offset_reserved_flags & 1)
  91.     return src_port, dest_port,sequebce, acknowledgement, flag_urg, flag_ack, flag_psh, flag_rst, flag_syn, flag_fin, data[offset:]
  92.  
  93.  
  94. def udp_packet(data):
  95.     src_port, dest_port,size=struct.unpack('! H H 2x H',data[:8])
  96.     return src_port,dest_port,size
  97.  
  98. def format_multi_line(prefix, string, size=80):
  99.     size -= len(prefix)
  100.     if isinstance(string, bytes):
  101.         string = ''.join(r'\x{:02x}'.format(byte) for byte in string)
  102.         if size % 2:
  103.             size -= 1
  104.     return '\n'.join([prefix + line for line in textwrap.wrap(string, size)])
  105.  
  106.  
  107. main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement