-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathHTTPsniffer.py
69 lines (51 loc) · 2.02 KB
/
HTTPsniffer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/usr/bin/env python
import argparse
import signal
from sys import exit
from scapy.all import sniff
from scapy.layers.http import HTTPRequest, Raw
from scapy.layers.inet import IP
def keyboard_interrupt_handler(interrupt_signal, frame):
"""
Keyboard (CTRL + C) interrupt function
"""
print("HTTP sniffing finished")
print("KeyboardInterrupt ID: {} {} has been caught.".format(interrupt_signal, frame))
exit(1)
def http_sniff(packet):
global raw
if packet.haslayer(HTTPRequest):
url = packet[HTTPRequest].Host.decode() + packet[HTTPRequest].Path.decode()
ip = packet[IP].src
method = packet[HTTPRequest].Method.decode()
print("IP: {:<20} Method: {:<4} URL: {}".format(ip, method, url))
if raw and packet.haslayer(Raw) and method == "POST":
data = packet[Raw].load.decode().split("&")
for element in data:
print(element)
def run_app():
global interface
global port
global raw
description = 'HTTP sniffer'
epilog = 'The author of this code take no responsibility for your use or misuse'
parser = argparse.ArgumentParser(prog='HTTPsniffer.py', description=description, epilog=epilog)
parser.add_argument('interface', help='Interface you will use (eq en0)')
parser.add_argument('-p', '--port', help='Port you will use (eq 80 or 8080)', default=80, type=int)
parser.add_argument("--raw", help="Show POST raw data", action="store_true")
args = parser.parse_args()
if args.raw:
raw = True
if not args.port:
port = "port 80"
else:
port = "port " + str(args.port)
if len(args.interface) < 1:
print('You did not provide any interface?')
exit(1)
print("Start HTTP sniffing on port {} and interface {}".format(args.port, args.interface))
sniff(filter=port, prn=http_sniff, iface=args.interface, store=False)
if __name__ == "__main__":
interface = port = raw = None
signal.signal(signal.SIGINT, keyboard_interrupt_handler)
run_app()