centos7 安装python-libpcap

1.安装依赖

​yum ​​​​install​ ​libpcap  libpcap-devel​

2.安装python依赖(python3.6以上版本)

​$ pip3 ​​​​install​​​ ​​Cython​

​$ pip3 ​​​​install​​​ ​​python-libpcap​

3.验证

​from pylibpcap.pcap ​​​​import​ ​rpcap​

4.使用

# Multi-file quick merge
$ libpcap-merge -i test.pcap -o pcap.pcap port 502
$ libpcap-merge -i pcap/ -o pcap.pcap port 502

# Capture data packet
$ sudo libpcap-capture -i enp0s3 -v -p port 22
$ sudo libpcap-capture -i enp0s3 -o pcap.pcap port 22

# Write packet
$ libpcap-write --output pcap.pcap ac64175ffa41000ec6c9157e08004500004b8a1e400080060000c0a80002c0a80001c794006618e119b56ef0831d5018faf081910000030000231ee00000001d00c1020600c20f53494d415449432d524f4f542d4553c0010a

# Read packet
$ libpcap-read -i test.pcap -v -p port 502

Read pcap:

from pylibpcap.pcap import rpcap


for len, t, pkt in rpcap("tests/dns.pcap"):
print("Buf length:", len)
print("Time:", t)
print("Buf:", pkt)

Write pcap:

from pylibpcap import wpcap


buf = b'x00xc0x9f2Ax8cx00xe0x18xb1x0cxadx08x00Ex00x008'
b'x00x00@x00@x11eGxc0xa8xaax08xc0xa8xaax14x80x1b'
b'x005x00$x85xedx102x01x00x00x01x00x00x00x00x00'
b'x00x06googlex03comx00x00x10x00x01'


wpcap(buf, "pcap.pcap")
wpcap([buf, buf], "pcap.pcap)
from pylibpcap import OpenPcap


with OpenPcap("pcap.pcap", "a") as f:
f.write(buf)

Merge pcap:

from pylibpcap.pcap import mpcap


mpcap("demo.pcap", "demo2.pcap")

mpcap("pcap/", "output.pcap", "port 502")

Get first iface:

from pylibpcap.pcap import get_first_iface

print(get_first_iface())

Get iface list:

from pylibpcap import get_iface_list

print(get_iface_list())

Send raw packet:

from pylibpcap import send_packet

send_packet("enp2s0", b"")

Capture data:

from pylibpcap.pcap import sniff


for plen, t, buf in sniff("enp2s0", filters="port 53", count=-1, promisc=1, out_file="pcap.pcap"):
print("[+]: Payload len=", plen)
print("[+]: Time", t)
print("[+]: Payload", buf)
from pylibpcap.base import Sniff


sniffobj = Sniff("enp2s0", filters="port 53", count=-1, promisc=1, out_file="pcap.pcap")

for plen, t, buf in sniffobj.capture():
print("[+]: Payload len=", plen)
print("[+]: Time", t)
print("[+]: Payload", buf)

stats = sniffobj.stats()
print(stats.capture_cnt, " packets captured")
print(stats.ps_recv, " packets received by filter")
print(stats.ps_drop, " packets dropped by kernel")
print(stats.ps_ifdrop, " packets dropped by iface")
发表评论

相关文章