python+scapy带界面抓包分析
来源:互联网 发布:桑蚕丝裙子淘宝网天猫 编辑:程序博客网 时间:2024/06/05 20:38
python+scapy带界面抓包分析
前言:
这是一个乱七八糟的程序,想到什么就加了什么,而且bug挺多。贴出来只是为了记录我的学习过程233333
- scapy用于抓包分析
- PyQt4用于界面展示
- 使用MySQL存储
正题
代码块
全部代码,如下:
#!/usr/bin/python# -*- coding: UTF-8 -*-import sysimport scapy_http.http as HTTPfrom scapy.all import *import threadingfrom scapy.error import Scapy_Exceptionimport MySQLdbfrom PyQt4 import QtCore, QtGui#一定要用root运行,不然不能抓包,详细参考net-credsreload(sys)sys.setdefaultencoding('utf-8')conn = MySQLdb.connect( host='localhost', port=3306, user='root', passwd='root', db='python_db',)#数据库设置cur = conn.cursor()#建表#create table mypkt(id int, edst varchar(30), esrc varchar(30), ipsrc varchar(20), sport varchar(15), ipdst varchar(20), dport varchar(15), seq varchar(15), ack varchar(15),load varchar(5000);global count,pop3,smtp,ftp,telnet,zhttpcount = 0pop3 = 0smtp = 0ftp = 0telnet = 0zhttp = 0#sniff的回调函数def callback(pkt): #用来计数 global count, pop3, smtp, ftp, telnet, zhttp if HTTP.HTTPRequest or HTTP.HTTPResponse in pkt: zhttp = zhttp+1 http(pkt) if(pkt[TCP].sport==110 or pkt[TCP].dport==110): pop3 = pop3 +1 mypop3(pkt) if (pkt[TCP].sport == 25 or pkt[TCP].dport == 25): smtp = smtp +1 mystmp(pkt) if(pkt[TCP].sport == 21 or pkt[TCP].dport == 21): ftp = ftp+1 myftp(pkt) if (pkt[TCP].sport == 'telnet' or pkt[TCP].dport == 'telnet'): telnet = telnet +1 mytelnet(pkt) pktz()def pktz(): global pop3, smtp, ftp, telnet, zhttp#保存包的个数 cur.execute('delete from pkt;') value = [pop3, smtp, ftp, telnet, zhttp] cur.execute('insert into pkt values(%s,%s,%s,%s,%s);', value) conn.commit()#获取包信息def init(pkt): global count count= count+1 #Ethernet->IP->TCP->RAW 0123 Ethernet_dst = pkt[0].dst Ethernet_src = pkt[0].src src = pkt[IP].src dst = pkt[IP].dst sport = pkt[TCP].sport dport = pkt[TCP].dport seq = pkt[TCP].seq ack = pkt[TCP].ack if pkt[TCP].payload: load = pkt[TCP].payload else: load = 'null' value = [count, Ethernet_dst,Ethernet_src,src,sport,dst,dport,seq,ack,load] print value cur.execute('insert into mypkt values(%s,%s,%s,%s,%s,%s,%s,%s,%s,%s);', value) conn.commit()def mytelnet(pkt): init(pkt) print "----telnet----" print pkt.show()def myftp(pkt): init(pkt) print "----ftp----" print pkt.show()def mystmp(pkt): init(pkt) print "-----smtp-----" print pkt.show()def mypop3(pkt): init(pkt) print "-----pop3-----" print pkt.show()def http(pkt): init(pkt) load = pkt[TCP].payload if HTTP.HTTPRequest in pkt: global count count = count + 1 print "-----------------", count, "-----------------" print "HTTP Request:" print load # print "======================================================================" if HTTP.HTTPResponse in pkt: print "-----------------", count, "-----------------" print "HTTP Response:" try: headers, body = str(load).split("\r\n\r\n", 1) print headers, body except Exception, e: print e # print "======================================================================"#此处为设置窗口界面class Ui_Dialog(object): def setupUi(self, Dialog): Dialog.setObjectName(_fromUtf8("Dialog")) Dialog.resize(677, 452) self.tableView = QtGui.QTableView(Dialog) self.tableView.setGeometry(QtCore.QRect(10, 70, 661, 371)) self.tableView.setObjectName(_fromUtf8("tableView")) self.pktnum = QtGui.QLabel(Dialog) self.pktnum.setGeometry(QtCore.QRect(30, 10, 101, 21)) self.pktnum.setObjectName(_fromUtf8("pktnum")) self.xsnum = QtGui.QLabel(Dialog) self.xsnum.setGeometry(QtCore.QRect(30, 40, 531, 20)) self.xsnum.setObjectName(_fromUtf8("xsnum")) self.retranslateUi(Dialog) QtCore.QMetaObject.connectSlotsByName(Dialog) def retranslateUi(self, Dialog): global pop3, smtp, ftp, telnet, zhttp Dialog.setWindowTitle(_translate("Dialog", "Dialog", None)) #获取数据 cur.execute('select * from pkt ;') results = cur.fetchall() for row in results: pop3 = int(row[0]) smtp = int(row[1]) ftp = int(row[2]) telnet = int(row[3]) zhttp = int(row[4]) num = pop3 + smtp +ftp+telnet+zhttp self.pktnum.setText("pkt num :"+str(num)) self.xsnum.setText("pop3:"+str(pop3)+" smtp:"+str(smtp)+" ftp:"+str(ftp)+" telnet:"+str(telnet)+" http:"+str(zhttp)) self.model = QtGui.QStandardItemModel(self.tableView) self.model.setColumnCount(9) self.model.setHeaderData(0, QtCore.Qt.Horizontal, _fromUtf8(u"目的MAC")) self.model.setHeaderData(1, QtCore.Qt.Horizontal, _fromUtf8(u"源MAC")) self.model.setHeaderData(2, QtCore.Qt.Horizontal, _fromUtf8(u"源ip")) self.model.setHeaderData(3, QtCore.Qt.Horizontal, _fromUtf8(u"源端口")) self.model.setHeaderData(4, QtCore.Qt.Horizontal, _fromUtf8(u"目的ip")) self.model.setHeaderData(5, QtCore.Qt.Horizontal, _fromUtf8(u"目的端口")) self.model.setHeaderData(6, QtCore.Qt.Horizontal, _fromUtf8(u"seq")) self.model.setHeaderData(7, QtCore.Qt.Horizontal, _fromUtf8(u"ack")) self.model.setHeaderData(8, QtCore.Qt.Horizontal, _fromUtf8(u"内容")) self.tableView.setModel(self.model) #self.tableView.setHorizontalHeaderLabels(['目的MAC', '源MAC', '源ip','源端口','目的ip','目的端口','seq','ack']) cur.execute('select * from mypkt ;') results = cur.fetchall() i=0 for row in results: self.model.setItem(i, 0, QtGui.QStandardItem(row[1])) self.model.setItem(i, 1, QtGui.QStandardItem(row[2])) self.model.setItem(i, 2, QtGui.QStandardItem(_fromUtf8(row[3]))) self.model.setItem(i, 3, QtGui.QStandardItem(_fromUtf8(row[4]))) self.model.setItem(i, 4, QtGui.QStandardItem(_fromUtf8(row[5]))) self.model.setItem(i, 5, QtGui.QStandardItem(_fromUtf8(row[6]))) self.model.setItem(i, 6, QtGui.QStandardItem(_fromUtf8(row[7]))) self.model.setItem(i, 7, QtGui.QStandardItem(_fromUtf8(row[8]))) self.model.setItem(i, 8, QtGui.QStandardItem(_fromUtf8(row[9]))) self.tableView.setModel(self.model) i+=1try: _fromUtf8 = QtCore.QString.fromUtf8except AttributeError: def _fromUtf8( s ): return stry: _encoding = QtGui.QApplication.UnicodeUTF8 def _translate( context, text, disambig ): return QtGui.QApplication.translate(context, text, disambig, _encoding)except AttributeError: def _translate( context, text, disambig ): return QtGui.QApplication.translate(context, text, disambig)mypkt = sniff(filter='tcp and port 80 or tcp port 110 or tcp port 21 or tcp port 23 or tcp port 25', prn=callback,iface='enp3s0', count=100)#配置信息。count=0可以一直抓wrpcap("demo.pcap", mypkt)app = QtGui.QApplication(sys.argv)Form = QtGui.QWidget()ui = Ui_Dialog()ui.setupUi(Form)Form.show()sys.exit(app.exec_())cur.close()conn.close()
后记
PyQt可以现在QTCreate上面做好,粘贴过来加以修改,这样比较方便
总体而言,这个数据库简直就是个累赘。但是我还是费心费力的强行加进去了。为什么呢?因为我老师告诉我使用数据库可以给这个程序打的成绩加十分,我妥协了。(╯‵□′)╯︵┻━┻
阅读全文
0 0
- python+scapy带界面抓包分析
- Python 使用 scapy 抓包
- python+scapy 抓包与解析
- python+scapy 抓包与解析
- scapy安装及SCTP包分析
- python scapy 网络包管理工具--进阶篇
- python scapy 网络包管理工具--基础篇
- HTTP抓包分析
- wireshark抓包分析
- 抓包函数分析
- wireshark抓包分析
- wireshark抓包分析
- 抓包分析工具
- wireshake抓包分析
- wireshark抓包分析
- 抓包报文分析
- RTMP 抓包分析
- TS抓包分析
- c++笔记,指针的定义
- Python标准库学习之filecmp
- js 常用写法
- 使用数组判断它是不是回文数(例如12321是回文)
- 【sklearn】标准化
- python+scapy带界面抓包分析
- 南京邮电大学网络攻防平台逆向writeup之[WxyVM]
- Mybatis设置全局变量及使用dom4j写入xml文件
- 金蝶K3系统定制国际销售日报表
- 最大数字的函数
- 64位win7 使用tensorflow的classify_image进行物体识别
- Go中调用C的动态库与静态库
- this指向问题
- 关于commondBuff