This script is a modified version of the the packet_sniffer_shay.py that came with SPSE course.
- The code was simplified, some functions were refactored, improved formatting.
- To improve readability the code was divided onto 3 modules:
- sniff_socket.py
- utils.py
- packet_sniffer.py
- This version takes into account the fact that IP header maye be larger than 20 bytes.
- This version doesn't parse TCP header options.
- Script works under both Python 2.7 and 3.2
To dump in/out HTTP traffic from/to 192.168.1.15 to the console:
python packet_sniffer.py host 192.168.1.15 tcp port 80
Oleg Mitrofanov (reider-roque) 2015
IP reference: http://www.networksorcery.com/enp/protocol/ip.htm
TCP reference: http://www.networksorcery.com/enp/protocol/tcp.htm
Ethernet frame header format: http://en.wikipedia.org/wiki/Ethernet_frame
IP header format: http://en.wikipedia.org/wiki/IPv4
TCP header format: http://en.wikipedia.org/wiki/Transmission_Control_Protocol