Kali Linux

Packet-Sniffer : A pure-Python Network Packet Sniffing Tool

Packet-Sniffer is a simple pure-Python network packet sniffer. Packets are disassembled as they arrive at a given network interface controller and their information is displayed on the screen.

This application maintains no dependencies on third-party modules and can be run by any Python 3.x interpreter.

Installation

GNU / Linux

Simply clone this repository with git clone and execute the packet_sniffer.py file as described in the following Usage section.

user@host:~/DIR$ git clone https://github.com/EONRaider/Packet-Sniffer.git

Other Systems

This project is dependent on PF_PACKET – a stateful packet filter not found on Windows or Mac OS X. For demonstration purposes, you can try out this package in a Docker container. Although it will not have full access to localhost on your machine, you can still sniff on the Docker subnet and at least get the module running.

Use this command to build and run from the project directory:

docker build -t sniff . && docker run –network host sniff

Note that the entry command is simply python packet_sniffer.py, so feel free to use the full functionality of the module by overriding the default command. Remember that we tagged the container with the name “sniff” before, so we can pass command-line arguments to the sniffer in the following manner:

docker run –network host sniff [your command goes here]
echo “Now let’s print help”
docker run –network host sniff python packet_sniffer.py –help

Usage of --network host is not supported on OS X or Windows so this container won’t be fully functional – but you will see packets traveling within the docker subnet.

Usage

packet_sniffer.py [-h] [-i INTERFACE] [-d]
A pure-Python network packet sniffer.
optional arguments:
-h, –help show this help message and exit
-i INTERFACE, –interface INTERFACE
Interface from which packets will be captured (captures
from all available interfaces by default).
-d, –displaydata Output packet data during capture.

Running the Application

ObjectiveInitiate the capture of packets on all available interfaces
Executionsudo python3 packet_sniffer.py
OutcomeRefer to sample output below

Sample output:

[>] Packet #476 at 17:45:13:
[+] MAC ……ae:45:39:30:8f:5a -> dc:d9:ae:71:c8:b9
[+] IPv4 ……….192.168.1.65 -> 140.82.113.3 | PROTO: TCP TTL: 64
[+] TCP ………………40820 -> 443 | Flags: 0x010 > ACK
[>] Packet #477 at 17:45:14:
[+] MAC ……dc:d9:ae:71:c8:b9 -> ae:45:39:30:8f:5a
[+] IPv4 ……….140.82.113.3 -> 192.168.1.65 | PROTO: TCP TTL: 49
[+] TCP ………………..443 -> 40820 | Flags: 0x010 > ACK
[>] Packet #478 at 17:45:18:
[+] MAC ……dc:d9:ae:71:c8:b9 -> ae:45:39:30:8f:5a
[+] ARP Who has 192.168.1.65 ? -> Tell 192.168.1.254
[>] Packet #479 at 17:45:18:
[+] MAC ……ae:45:39:30:8f:5a -> dc:d9:ae:71:c8:b9
[+] ARP ………..192.168.1.65 -> Is at ae:45:39:30:8f:5a

R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

6 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

6 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

6 days ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

6 days ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

6 days ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

1 week ago