Parsing html path from packet using Scapy
Question:
I am making a application that resends the http packets using scapy.
When a packet is sniffed by scapy, it will check the source ip and destination path from header.
Then resend to place where it should go.
here is a example of header:
Url: 192.168.50.X:XXX/thePathInUrl
GET /thePathInUrl HTTP/1.1
Host: 192.168.50.250:448
Content-Type: text/plain
Content-Length: 12
this is body
I want to get the part of "/thePathInUrl"
I have researched a lot of solution about scapy.
Many of them are outdated and not work for the latest scapy or python3. Or mayby I just misunderstood the answers.
Here is some solutions I’ve tried before:
HTTP GET packet sniffer in Scapy
def http_header(packet):
http_packet=str(packet)
if http_packet.find('GET'):
print GET_print(packet)
This one returned an empty [] to me.
http_layer= packet.getlayer('HTTPRequest').fields
ip_layer = packet.getlayer('IP').fields
print('n{0[src]} just requested a {1[Method]} {1[Host]}{1[Path}]}'.format(ip_layer,http_layer))
This one said HTTPRequest is not existed in my packet
Also tried some answers using lambda expression. But several errors returned.
print("catch packets")
pkts=sniff(filter="port 448",count=1,)
for xx in pkts:
print(type(xx))
I also tried print what I sniffed
<class ‘scapy.layers.l2.Ether’>
This what It printed. It seems wrong? I was expecting a packet variable in side of list.
Or if there is other method is fit to such scenario?
Answers:
Before picking scapy as solution. I used socket as parser.
But seems it did some job more than just receives packet for me.
So I decided to turn to scapy.
The critical mistake I’d made is that I forgot I have to start the connection myself.
When I finally used the wireshark diagnose the traffic, It looks like It’s just still at the phase of initiation on Three-way Handshake. There is no doubt why scapy returned nothing but empty.
I’ve not tried implementing Handshake code yet. I’ll update as I tested.
*edit: work well after tried.
I am making a application that resends the http packets using scapy.
When a packet is sniffed by scapy, it will check the source ip and destination path from header.
Then resend to place where it should go.
here is a example of header:
Url: 192.168.50.X:XXX/thePathInUrl
GET /thePathInUrl HTTP/1.1
Host: 192.168.50.250:448
Content-Type: text/plain
Content-Length: 12
this is body
I want to get the part of "/thePathInUrl"
I have researched a lot of solution about scapy.
Many of them are outdated and not work for the latest scapy or python3. Or mayby I just misunderstood the answers.
Here is some solutions I’ve tried before:
HTTP GET packet sniffer in Scapy
def http_header(packet):
http_packet=str(packet)
if http_packet.find('GET'):
print GET_print(packet)
This one returned an empty [] to me.
http_layer= packet.getlayer('HTTPRequest').fields
ip_layer = packet.getlayer('IP').fields
print('n{0[src]} just requested a {1[Method]} {1[Host]}{1[Path}]}'.format(ip_layer,http_layer))
This one said HTTPRequest is not existed in my packet
Also tried some answers using lambda expression. But several errors returned.
print("catch packets")
pkts=sniff(filter="port 448",count=1,)
for xx in pkts:
print(type(xx))
I also tried print what I sniffed
<class ‘scapy.layers.l2.Ether’>
This what It printed. It seems wrong? I was expecting a packet variable in side of list.
Or if there is other method is fit to such scenario?
Before picking scapy as solution. I used socket as parser.
But seems it did some job more than just receives packet for me.
So I decided to turn to scapy.
The critical mistake I’d made is that I forgot I have to start the connection myself.
When I finally used the wireshark diagnose the traffic, It looks like It’s just still at the phase of initiation on Three-way Handshake. There is no doubt why scapy returned nothing but empty.
I’ve not tried implementing Handshake code yet. I’ll update as I tested.
*edit: work well after tried.