1 import sys
, struct
, fcntl
13 PACKET_ADD_MEMBERSHIP
= 1
14 PACKET_DROP_MEMBERSHIP
= 2
16 PACKET_MR_MULTICAST
= 0
18 PACKET_MR_ALLMULTI
= 2
30 class MySocket(socket
):
31 def __init__(self
, family
, type, proto
=0, _sock
=None):
32 socket
.__init
__(self
, family
, type, proto
, _sock
)
33 self
.SIOCGIFFLAGS
= None
35 def promiscuous(self
, dev
="eth0",on
=False ):
36 fileno
= self
.fileno()
37 result
= fcntl
.ioctl(fileno
, SIOCGIFFLAGS
, struct
.pack("16s16x",dev
))
38 (devname
, flags
)= struct
.unpack("16sH14x", result
)
40 if (flags
& 256) != 256:
43 self
.SIOCGIFFLAGS
= struct
.unpack("16sH14x", \
44 fcntl
.ioctl(fileno
, SIOCSIFFLAGS
,struct
.pack("16sH14x",devname
, flags
)) )
46 if (flags
& 256) != 0:
47 print "OFF", flags
& 256
49 self
.SIOCGIFFLAGS
= struct
.unpack("16sH14x", \
50 fcntl
.ioctl(fileno
, SIOCSIFFLAGS
,struct
.pack("16sH14x",devname
, flags
)) )
52 def pass_all_packets(self
, dev
="eth0"):
53 fileno
= self
.fileno()
54 result
= struct
.unpack("16si12x", fcntl
.ioctl(fileno
, SIOCGIFINDEX
, struct
.pack("16s16x",dev
)))
57 #not sure if this line is needed!!!!!!!!!!!!!!!!!!!!!!!1
58 #self.setsockopt(SOL_PACKET,PACKET_ADD_MEMBERSHIP, struct.pack("iH10x",result[1],PACKET_MR_PROMISC) )
60 #bind socket to an interface and open it for all packets
61 self
.bind((dev
, ETH_P_ALL
, PACKET_OTHERHOST
, 1))
63 def get_ether_layer(packet
):
64 a1
= struct
.unpack("6B",packet
[:6])
65 a2
= struct
.unpack("6B",packet
[6:12])
66 p
= struct
.unpack("H",packet
[12:14])
67 #convert to ntohs/ntol?????????????????????
68 return {"dest":(a1
[0],a1
[1],a1
[2],a1
[3],a1
[4],a1
[5]), "src":(a2
[0],a2
[1],a2
[2],a2
[3],a2
[4],a2
[5]),
71 def get_ip_layer(packet
):
72 i
= ntohl(struct
.unpack("I", packet
[14:18])[0])
73 i2
= ntohl(struct
.unpack("I", packet
[18:22])[0])
74 i3
= ntohl(struct
.unpack("I", packet
[22:26])[0])
75 i4
= ntohl(struct
.unpack("I", packet
[26:30])[0])
76 i5
= ntohl(struct
.unpack("I", packet
[30:34])[0])
79 version
= i
>> 28 & 0x0F
80 hdrlen
= i
>> 24 & 0x0F
82 i5
= ntohl(struct
.unpack("I", packet
[34:38])[0])
85 total_length
= i
& 0x0000FFFF
86 ident
= i2
& 0xFFFF0000
88 frag_offset
= i2
& 0x1FFF
90 proto
= i3
>> 16 & 0xFF
93 src_ip
= [ (i4
>> c
*8) & 0xFF for c
in range(0,4) ]
95 dst_ip
= [ (i5
>> c
*8) & 0xFF for c
in range(0,4) ]
100 #check checksum, has to be 0xFFFF
102 for a
in [i
,i2
,i3
,i4
,i5
]:
106 carry
= (sum >> 16) & 0xFFFF
110 raise "Checksum Error"
112 return {"version":version
, "hdrlen":hdrlen
, "total_length":total_length
,
113 "indent":ident
, "flags":flags
, "frag_offset":frag_offset
,
114 "ttl":ttl
, "proto":proto
, "chksum":chksum
, "src_ip":src_ip
, "dst_ip":dst_ip
,
118 #s = MySocket(AF_INET, SOCK_PACKET, ETH_P_ALL)
119 s
= MySocket(PF_PACKET
, SOCK_RAW
, ETH_P_ALL
)
120 s
.promiscuous("wlan0", True)
121 s
.pass_all_packets("wlan0")
122 #s.bind(("wlan0", ETH_P_ALL, PACKET_OTHERHOST, 1))
126 eth
= get_ether_layer(r
)
127 print "dest addres: %X:%x:%x:%x:%x:%x" % eth
['dest']
128 print "source hwaddres: %X:%x:%x:%x:%x:%x" % eth
['src']
129 print "proto: 0x%x" % eth
['proto']
130 if eth
['proto'] == 0x800:
133 if ip
['proto'] == 0x6:
134 print "TCP", ntohl(struct
.unpack("I", r
[34:38])[0]) >> 16 & 0xFFFF
135 print "TCP", ntohl(struct
.unpack("I", r
[34:38])[0]) & 0xFFFF
136 data
= ntohl(struct
.unpack("I", r
[46:50])[0]) >> 28 & 0xF