mirror of
https://github.com/20kaushik02/CSE548_ACNS_Work.git
synced 2025-12-06 09:04:06 +00:00
65 lines
2.0 KiB
Python
65 lines
2.0 KiB
Python
# pip3 install pyshark
|
|
# Then ...
|
|
# python3 streamy.py mypcap.pcap | python3 buildkey.py
|
|
|
|
import pyshark
|
|
import sys
|
|
|
|
# open the pcap file, filtered for a single TCP stream
|
|
cap = pyshark.FileCapture(sys.argv[1])
|
|
|
|
tupledict = {}
|
|
datadict = {}
|
|
longeststreamlen = -1
|
|
skippy = -1
|
|
|
|
for p in cap:
|
|
if p.transport_layer == 'TCP':
|
|
stream = p.tcp.stream
|
|
if (int(p.tcp.dstport) == 10047):
|
|
try:
|
|
thisstream = p.data.data.binary_value
|
|
if (len(thisstream) > longeststreamlen):
|
|
longeststream = thisstream[256:]
|
|
longeststreamlen = len(thisstream)
|
|
skippy = stream
|
|
except AttributeError: # Skip the ACKs.
|
|
pass
|
|
#if (stream not in tupledict and
|
|
if(int(p.tcp.dstport) == 10047):
|
|
try:
|
|
tupledict[stream] = (p.ip.dst, p.ip.ttl)
|
|
except AttributeError: # Skip the ACKs.
|
|
pass
|
|
#if (stream not in datadict and
|
|
if(int(p.tcp.srcport) == 10047):
|
|
try:
|
|
#if (int(stream) == 190):
|
|
# print("PING")
|
|
datadict[stream] = p.data.data.binary_value
|
|
#if (int(stream) == 190):
|
|
# print("PONG")
|
|
except AttributeError as error: # Skip the ACKs.
|
|
#if (int(stream) == 190):
|
|
# print(error)
|
|
#val=p.all_fields
|
|
datadict[stream] = b'hello'
|
|
#print(val)
|
|
pass
|
|
|
|
print(longeststream.hex())
|
|
|
|
for packettuple in tupledict:
|
|
hinttuple = tupledict[packettuple]
|
|
if (packettuple in datadict):
|
|
if (packettuple != skippy):
|
|
if (datadict[packettuple] != b"Couldn't decrypt!"):
|
|
print(hinttuple[0][8:] + " " + hinttuple[1])
|
|
else:
|
|
#pass
|
|
print("Something was in tupledict but not datadict")
|
|
print("Stream is " + str(int(packettuple)))
|
|
exit(1)
|
|
|
|
|