karpierz / pcap-ct Goto Github PK
View Code? Open in Web Editor NEWPython wrapper for the pcap library.
License: BSD 3-Clause "New" or "Revised" License
pcap-ct's People
Contributors
Stargazers
Watchers
pcap-ct's Issues
sendpacket is broken
in _pcap.py the sendpacket function is defined as below:
def sendpacket(self, buf) -> int:
"""Send a raw network packet on the interface."""
if _pcap.sendpacket(self.__pcap, buf, len(buf)) == -1:
raise OSError(self.geterr())
return len(buf)
when i try to send a packet, i receive the following error:
Traceback (most recent call last):
File ".\sig.py", line 50, in <module>
for ip in spoofer:
File "C:\Users\<redacted>\Desktop\sig\sig\spoofer.py", line 78, in __next__
self.pc.sendpacket(self.arp_poison_victim)
File "C:\Program Files (x86)\Python38-32\lib\site-packages\pcap\_pcap.py", line 312, in sendpacket
if _pcap.sendpacket(self.__pcap, buf, len(buf)) == -1:
ctypes.ArgumentError: argument 2: <class 'TypeError'>: expected LP_c_ubyte instance instead of bytes
The following fix will resolve the error:
def sendpacket(self, buf) -> int:
"""Send a raw network packet on the interface."""
if _pcap.sendpacket(self.__pcap, ct.cast(ct.c_char_p(buf), ct.POINTER(ct.c_ubyte)), len(buf)) == -1:
raise OSError(self.geterr())
return len(buf)
can you fix it in your source?
loop() blocks in non-blocking mode
Suppose I want to catch exactly 1 packet during 1 second. I do something like this (simplified):
import pcap
def open(name):
dev = pcap.pcap(name = name, promisc = True, immediate = True, timeout_ms = 1000)
dev.setnonblock(True)
return dev
def read(dev):
ret = b''
def _callback(timestamp, pkt, *args):
nonlocal ret
ret = pkt
dev.loop(1, _callback)
return ret
dev = open('myiface0')
pkt = read(dev)If the packet doesn't arrive, the call to read hangs, because timeout is ignored in the loop function:
def loop(self, cnt, callback, *args):
#...
while True:
# with nogil:
n = _pcap_ex.next_ex(self.__pcap, ct.byref(phdr), ct.byref(pkt))
if n == 0: # timeout
continue
#...ImportError: cannot import name 'is_osx' from 'libpcap._platform'
>>> import pcap
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Users\Keytone\miniconda3\lib\site-packages\pcap\__init__.py", line 8, in <module>
from ._pcap import * # noqa
File "C:\Users\Keytone\miniconda3\lib\site-packages\pcap\_pcap.py", line 37, in <module>
from . import _pcap_ex
File "C:\Users\Keytone\miniconda3\lib\site-packages\pcap\_pcap_ex.py", line 13, in <module>
from libpcap._platform import defined, is_windows, is_osx
ImportError: cannot import name 'is_osx' from 'libpcap._platform' (C:\Users\Keytone\miniconda3\lib\site-packages\libpcap\_platform\__init__.py)
Are SIGINTs from python passed to Cpyhton?
I think that I can't start capturing because the signals aren't passed.
Can be?
import pcap
sniffer = pcap.pcap(name=None, promisc=True, immediate=True, timeout_ms=50)
addr = lambda pkt, offset: '.'.join(str(ord(pkt[i])) for i in range(offset, offset + 4))
for ts, pkt in sniffer:
print('%d\tSRC %-16s\tDST %-16s' % (ts, addr(pkt, sniffer.dloff + 12),
addr(pkt, sniffer.dloff + 16)))
the error:
runfile('/home/gil/PycharmProjects/netdiscover/main.py', wdir='/home/gil/PycharmProjects/netdiscover')
Traceback (most recent call last):
File "<input>", line 1, in <module>
File "/snap/pycharm-professional/230/plugins/python/helpers/pydev/_pydev_bundle/pydev_umd.py", line 197, in runfile
pydev_imports.execfile(filename, global_vars, local_vars) # execute the script
File "/snap/pycharm-professional/230/plugins/python/helpers/pydev/_pydev_imps/_pydev_execfile.py", line 18, in execfile
exec(compile(contents+"\n", file, 'exec'), glob, loc)
File "/home/gil/PycharmProjects/netdiscover/main.py", line 7, in <module>
for ts, pkt in sniffer:
File "/home/gil/PycharmProjects/netdiscover/venv/lib/python3.8/site-packages/pcap/_pcap.py", line 375, in __iter__
_pcap_ex.setup(self.__pcap)
File "/home/gil/PycharmProjects/netdiscover/venv/lib/python3.8/site-packages/pcap/_pcap_ex.py", line 132, in setup
libc.signal(SIGINT, __signal_handler)
NameError: name 'SIGINT' is not defined
From here?
Line 132 in 60528e7
Does pcap-ct support remote capture (rpcap) ?
I want to capture packets of another PC with rpcapd running on it.
If rpcapd is installed on a remote machine, Wireshark/Tshark can capture remote packets by replacing the local interface name with a remote interface name like "rpcap://remoteip:2002/eth0". (e.g. from "tshark -i eth0" to "tshark -i rpcap://remoteip:2002/eth0")
So I tried pcap.pcap(name="rpcap://remoteip:2002/eth0" ) but it returned with an error:
"OSError: Activateing packet capture failed. Error returned by packet capture library was No such device exists"
Apparently it checked if the interface is available on the local machine. However, when doing remote capture, it shouldn't check interface name locally.
I'm wondering if pcap-ct support rpcap? Is this error an issue or just my wrong way of using this lib?
(
Thank you for developing such a nice and friendly python lib.
pcap-ct is more convenient than other pcap based libs in terms of installation since other libs need to compile winpcap C files (such as pcap.h) so a C compiler and winpcap dev pack are needed and other libs are more difficult to migrate.
)
pcap-ct 1.2.3b6 missing dependency on pkg_about and missing metadata
C:\>python
Python 3.9.6 (tags/v3.9.6:db3ff76, Jun 28 2021, 15:26:21) [MSC v.1929 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import pcap
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Tools\Python39\lib\site-packages\pcap\__init__.py", line 5, in <module>
from .__about__ import * ; del __about__ # noqa
File "C:\Tools\Python39\lib\site-packages\pcap\__about__.py", line 5, in <module>
__import__("pkg_about").about()
ModuleNotFoundError: No module named 'pkg_about'
>>> exit()
C:\> pip install pkg_about
Collecting pkg_about
Using cached pkg_about-1.0.2-py3-none-any.whl (4.8 kB)
Requirement already satisfied: importlib-resources>=5.2.0 in c:\tools\python39\lib\site-packages (from pkg_about) (5.2.2)
Requirement already satisfied: importlib-metadata>=4.6.1 in c:\tools\python39\lib\site-packages (from pkg_about) (4.6.4)
Requirement already satisfied: packaging>=21.0.0 in c:\tools\python39\lib\site-packages (from pkg_about) (21.0)
Requirement already satisfied: setuptools>=42.0.2 in c:\tools\python39\lib\site-packages (from pkg_about) (56.0.0)
Requirement already satisfied: zipp>=0.5 in c:\tools\python39\lib\site-packages (from importlib-metadata>=4.6.1->pkg_about) (3.5.0)
Requirement already satisfied: pyparsing>=2.0.2 in c:\tools\python39\lib\site-packages (from packaging>=21.0.0->pkg_about) (2.4.7)
Installing collected packages: pkg-about
Successfully installed pkg-about-1.0.2
WARNING: You are using pip version 21.1.3; however, version 21.2.4 is available.
You should consider upgrading via the 'c:\tools\python39\python.exe -m pip install --upgrade pip' command.
C:\> python
Python 3.9.6 (tags/v3.9.6:db3ff76, Jun 28 2021, 15:26:21) [MSC v.1929 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import pcap
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Tools\Python39\lib\site-packages\pcap\__init__.py", line 5, in <module>
from .__about__ import * ; del __about__ # noqa
File "C:\Tools\Python39\lib\site-packages\pcap\__about__.py", line 5, in <module>
__import__("pkg_about").about()
File "C:\Tools\Python39\lib\site-packages\pkg_about\_about.py", line 17, in about
metadata = get_metadata(package)
File "C:\Tools\Python39\lib\site-packages\importlib_metadata\__init__.py", line 947, in metadata
return Distribution.from_name(distribution_name).metadata
File "C:\Tools\Python39\lib\site-packages\importlib_metadata\__init__.py", line 524, in from_name
raise PackageNotFoundError(name)
importlib_metadata.PackageNotFoundError: No package metadata was found for pcap
>>>
TypeError: 'CArgObject' object is not subscriptable
I have not idea what are ct.cast().. sorry!
code execution
import pcap
sniffer = pcap.pcap(name=None, promisc=True, immediate=True, timeout_ms=50)
addr = lambda pkt, offset: '.'.join(str(ord(pkt[i])) for i in range(offset, offset + 4))
for ts, pkt in sniffer:
print('%d\tSRC %-16s\tDST %-16s' % (ts, addr(pkt, sniffer.dloff + 12),
addr(pkt, sniffer.dloff + 16)))
Error
runfile('/home/gil/PycharmProjects/netdiscover/main.py', wdir='/home/gil/PycharmProjects/netdiscover')
Traceback (most recent call last):
File "<input>", line 1, in <module>
File "/snap/pycharm-professional/230/plugins/python/helpers/pydev/_pydev_bundle/pydev_umd.py", line 197, in runfile
pydev_imports.execfile(filename, global_vars, local_vars) # execute the script
File "/snap/pycharm-professional/230/plugins/python/helpers/pydev/_pydev_imps/_pydev_execfile.py", line 18, in execfile
exec(compile(contents+"\n", file, 'exec'), glob, loc)
File "/home/gil/PycharmProjects/netdiscover/main.py", line 6, in <module>
for ts, pkt in sniffer:
File "/home/gil/PycharmProjects/netdiscover/venv/lib/python3.8/site-packages/pcap/_pcap.py", line 387, in __next__
n = _pcap_ex.next_ex(self.__pcap, ct.byref(phdr), ct.byref(pkt))
File "/home/gil/PycharmProjects/netdiscover/venv/lib/python3.8/site-packages/pcap/_pcap_ex.py", line 172, in next_ex
pkt = ct.cast(_pcap.next(pcap, hdr[0]), ct.POINTER(ct.c_ubyte))
TypeError: 'CArgObject' object is not subscriptable
Line 172 in 8593094
NameError: name 'SIGINT' is not defined
Hi
My environment is
- Ubuntu
- Python 3.9.5
- pcap-ct 1.2.3b5
When I execute below code
pc = pcap.pcap(input_pcap_trace)
[print(a) for a in pc]
I am obtaining below error message
NameError: name 'SIGINT' is not defined
I have read that was available a fix for this bug, do you need help to test it on linux?
Regards
How can I determine the network inferface name?
I tried to give Wi-Fi 4 or its GUID when calling this line, but throws an error:
sniffer = pcap.pcap(name=None, promisc=True, immediate=True, timeout_ms=50)As you could see above, I can configure the Wi-Fi 4 to monitor mode and am able to sniff Probe Request packets on Wireshark.
Any idea?
Thanks!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.