当前位置: 首页>>代码示例>>Python>>正文


Python pyshark.LiveCapture方法代码示例

本文整理汇总了Python中pyshark.LiveCapture方法的典型用法代码示例。如果您正苦于以下问题:Python pyshark.LiveCapture方法的具体用法?Python pyshark.LiveCapture怎么用?Python pyshark.LiveCapture使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在pyshark的用法示例。


在下文中一共展示了pyshark.LiveCapture方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: capture_on_interface

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def capture_on_interface(interface, name, timeout=60):
    """
    :param interface: The name of the interface on which to capture traffic
    :param name: The name of the capture file
    :param timeout: A limit in seconds specifying how long to capture traffic
    """

    if timeout < 15:
        logger.error("Timeout must be over 15 seconds.")
        return
    if not sys.warnoptions:
        warnings.simplefilter("ignore")
    start = time.time()
    widgets = [
        progressbar.Bar(marker=progressbar.RotatingMarker()),
        ' ',
        progressbar.FormatLabel('Packets Captured: %(value)d'),
        ' ',
        progressbar.Timer(),
    ]
    progress = progressbar.ProgressBar(widgets=widgets)
    capture = pyshark.LiveCapture(interface=interface, output_file=os.path.join('tmp', name))
    pcap_size = 0
    for i, packet in enumerate(capture.sniff_continuously()):
        progress.update(i)
        if os.path.getsize(os.path.join('tmp', name)) != pcap_size:
            pcap_size = os.path.getsize(os.path.join('tmp', name))
        if not isinstance(packet, pyshark.packet.packet.Packet):
            continue
        if time.time() - start > timeout:
            break
        if pcap_size > const.PT_MAX_BYTES:
            break
    capture.clear()
    capture.close()
    return pcap_size 
开发者ID:PacketTotal,项目名称:HoneyBot,代码行数:38,代码来源:utils.py

示例2: listen_on_interface

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def listen_on_interface(interface, timeout=60):
    """
    :param interface: The name of the interface on which to capture traffic
    :return: generator containing live packets
    """

    start = time.time()
    capture = pyshark.LiveCapture(interface=interface)

    for item in capture.sniff_continuously():
        if timeout and time.time() - start > timeout:
            break
        yield item 
开发者ID:PacketTotal,项目名称:HoneyBot,代码行数:15,代码来源:utils.py

示例3: run

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def run(self):
        INTERFACE_NAME = self.get_config_option("network_interface")
        if INTERFACE_NAME is None:
            print("You didn't specify network_inteface in configuration file for feeder_tshark plugin.")
            sys.exit(0)
        elif INTERFACE_NAME == "any":
            INTERFACE_NAME = None

        try:
            cap = pyshark.LiveCapture(interface=INTERFACE_NAME, bpf_filter="udp port 53")

        # NOT WORKING
        except Exception:
            print("Cannot start capturing events with tshark. Interface choosen: {}".format(INTERFACE_NAME))
            sys.exit(0)

        try:
            for packet in cap.sniff_continuously():
                pass_mq = mq(packet, TYPE_NETWORK_PACKET, self.getName(), NiceDate.naive_datetime_localize(packet.sniff_time), generate_mq_key(packet, None), None)
                self.add_to_ultra_mq(pass_mq)
                self.global_break()

        # NOT WORKING
        except Exception as ts:
            print("Error when capturing events with tshark. Interface choosen: {}".format(INTERFACE_NAME))
            print(ts)
            sys.exit(0)

# 'add_field', 'all_fields', 'alternate_fields', 'base16_value', 'binary_value',
            # 'capitalize', 'center', 'count', 'decode', 'encode', 'endswith',
            # 'expandtabs', 'fields', 'find', 'format', 'get_default_value',
            # 'hex_value', 'hide', 'index', 'int_value', 'isalnum', 'isalpha',
            # 'isdigit', 'islower', 'isspace', 'istitle', 'isupper', 'join',
            # 'ljust', 'lower', 'lstrip', 'main_field', 'name', 'partition',
            # 'pos', 'raw_value', 'replace', 'rfind', 'rindex', 'rjust',
            # 'rpartition', 'rsplit', 'rstrip', 'show', 'showname',
            # 'showname_key', 'showname_value', 'size', 'split',
            # 'splitlines', 'startswith', 'strip', 'swapcase',
            # 'title', 'translate', 'unmaskedvalue', 'upper',
            # 'zfill'] 
开发者ID:yarox24,项目名称:attack_monitor,代码行数:42,代码来源:feeder_tshark.py

示例4: scan_passive

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def scan_passive(self, interface: str):
        for pkg in pyshark.LiveCapture(interface=interface, display_filter='rtps'):
            print(pkg) 
开发者ID:aliasrobotics,项目名称:aztarna,代码行数:5,代码来源:scanner.py

示例5: kerbsniff

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def kerbsniff(interface, username, domain, realm):

	logging.info("kerbsniff: Looking for %s\%s on %s" % (domain,username,interface))
	
	filtered_cap = pyshark.LiveCapture(interface, bpf_filter='tcp port 88')
	packet_iterator = filtered_cap.sniff_continuously
	
	# Loop infinitely over packets if in continuous mode
	for packet in packet_iterator():

		# Is this packet kerberos?
		kp = None
		encTimestamp = None
		try:
			kp = packet['kerberos']

			# Extract encrypted timestamp for Kerberos Preauthentication packets
			# that conatin honeytoken domain\username
			encTimestamp = kerb_handler(kp,domain,username)
		except KeyError as e:
			pass
		
		

		# Only attempt to decrypt a password or notify master if we find an encrypted timestamp
		if encTimestamp:

			if config.master_node:
				notifyMaster(username, domain, encTimestamp)
			else:
				cracker.enqueueJob(username, domain, encTimestamp, passwordHit) 
开发者ID:secureworks,项目名称:dcept,代码行数:33,代码来源:dcept.py

示例6: start_live_capture

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def start_live_capture(self):
        """
        Start capture procedure of packets over listener
        :return: None since captured packets are saved internally
        """
        capture = pyshark.LiveCapture(interface=self.interface, use_json=self.use_json, include_raw=self.include_raw,
                                      output_file=self.output_pcap_filename, display_filter=self.display_filter)
        capture.sniff(timeout=self.timeout)
        self.captured_packets = capture._packets
        logger.info("{0} packets are captured.".format(len(self.captured_packets)))
        capture.close() 
开发者ID:yakuza8,项目名称:peniot,代码行数:13,代码来源:generic_sniffer.py

示例7: get_packets

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def get_packets(
        timeout=50,
        interface=None,
        bpf_filter=None,
        display_filter="tcp.port == 80",
        tshark_path=None,
        output_file=None,
    ):
        """
        Returns the captured packets of the transmitted data using Wireshark.

        Args:
        timeout: An integer. Set for sniffing with tshark. Default to 50 seconds in this setup.
        interface: A string. Name of the interface to sniff on.
        bpf_filter: A string. The capture filter in bpf syntax 'tcp port 80'. Needs to be changed
                    to match filter for the traffic sent. Not to be confused with the display
                    filters (e.g. tcp.port == 80). The former are much more limited and is used to
                    restrict the size of a raw packet capture, whereas the latter is used to hide
                    some packets from the packet list. More info can be found at
                    https://wiki.wireshark.org/CaptureFilters.
        display_filter: A string. Default to 'tcp.port == 80' (assuming this is the port of the
                        'WebsocketClientWorker'). Please see notes for 'bpf_filter' for details
                        regarding differences. More info can be found at
                        https://wiki.wireshark.org/DisplayFilters.
        tshark_path: Path to the tshark binary. E.g. '/usr/local/bin/tshark'.
        output_file: A string. Path including the output file name is to saved.
                     E.g. '/tmp/mycapture.cap'

        Returns:
        catpure: A 'pyshark.capture.live_capture.LiveCapture' object. Of packets sent
                 over WebSockets.
        length: An integer. The number of packets captured at the network interface.
        """
        capture_output = []
        if interface is None:
            raise Exception("Please provide the interface used.")
        else:
            capture = pyshark.LiveCapture(
                interface=interface,
                bpf_filter=bpf_filter,
                tshark_path=tshark_path,
                output_file=output_file,
            )
            capture.sniff(timeout=timeout)
            length = len(capture)
            return capture, length 
开发者ID:OpenMined,项目名称:PySyft,代码行数:48,代码来源:metrics.py

示例8: __init__

# 需要导入模块: import pyshark [as 别名]
# 或者: from pyshark import LiveCapture [as 别名]
def __init__(
            self,
            filters: str = None,
            src_file: str = None,
            dest_file: str = None,
            interfaces: list = None,
            limit_length: int = None,
            pkt_count: int = None,
            callback=None
    ):
        """
        Packet capture method
        :param filters: https://wiki.wireshark.org/DisplayFilters
        :param src_file: Il file .pcap da cui leggere i pacchetti ascoltati (o None, per Live sniffing)
        :param dest_file: Il file in cui scrivere il .pcap dei pacchetti ascoltati (o None)
        :param interfaces: The list of interfaces to sniff (or None, to sniff all interfaces)
        :param limit_length: The limit length of each packet field (they will be truncated), or None
        :param pkt_count: Max packets to sniff, or None
        :param callback: The callback method to call (or None) (@see PcapSniffer._user_callback_example)
        """
        if not PcapSniffer.is_executable():
            raise RuntimeError('Unable to execute pcap sniffer')
        self.count = 0  # Sniffed packets
        self.max_count = pkt_count
        # Prevents the mac manufacturer lookup sniffing
        self.filters = PcapSniffer._get_filters(filters)
        self.src_file = src_file
        self.dest_file = dest_file
        self.limit_length = limit_length
        self.user_callback = callback
        self.interfaces = interfaces
        Log.info('Analyzing filters: ' + str(self.filters))
        if self.src_file is not None:
            Log.info('Analyzing file: ' + self.src_file)
            self._capture = pyshark.FileCapture(
                input_file=self.src_file,
                display_filter=self.filters,
                output_file=self.dest_file,
                # include_raw=True,
                # use_json=True
                # debug=APP_DEBUG
            )
        else:
            Log.info('Analyzing live traffic')
            self._capture = pyshark.LiveCapture(
                interface=self.interfaces,
                display_filter=self.filters,
                output_file=self.dest_file,
                # include_raw=True,
                # use_json=True
                # debug=APP_DEBUG
            ) 
开发者ID:offensive-hub,项目名称:black-widow,代码行数:54,代码来源:pcap_sniffer.py


注:本文中的pyshark.LiveCapture方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。