Skip to content

Instantly share code, notes, and snippets.

@econchick

econchick/testing_ipython.ipynb

Last active December 29, 2015 00:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save econchick/7585647 to your computer and use it in GitHub Desktop.
Save econchick/7585647 to your computer and use it in GitHub Desktop.
Download ZIP
Display the source blob
Display the rendered blob
Raw
testing_ipython.ipynb
{
"metadata": {
"name": ""
},
"nbformat": 3,
"nbformat_minor": 0,
"worksheets": [
{
"cells": [
{
"cell_type": "code",
"collapsed": false,
"input": [
"from scapy.all import *"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 8
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"pkts = sniff(filter=\"tcp and host 8.8.8.8\", count=100)\n",
"# sample_http = 'data/http.cap'\n",
"# pkts = sniff(offline=sample_http)"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 19
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"pkts"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 11,
"text": [
"<Sniffed: TCP:41 UDP:2 ICMP:0 Other:0>"
]
}
],
"prompt_number": 11
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"pkts[3].show()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"###[ Ethernet ]###\n",
" dst = fe:ff:20:00:01:00\n",
" src = 00:00:01:00:00:00\n",
" type = 0x800\n",
"###[ IP ]###\n",
" version = 4L\n",
" ihl = 5L\n",
" tos = 0x0\n",
" len = 519\n",
" id = 3909\n",
" flags = DF\n",
" frag = 0L\n",
" ttl = 128\n",
" proto = tcp\n",
" chksum = 0x9010\n",
" src = 145.254.160.237\n",
" dst = 65.208.228.223\n",
" \\options \\\n",
"###[ TCP ]###\n",
" sport = tip2\n",
" dport = http\n",
" seq = 951057940\n",
" ack = 290218380\n",
" dataofs = 5L\n",
" reserved = 0L\n",
" flags = PA\n",
" window = 9660\n",
" chksum = 0xa958\n",
" urgptr = 0\n",
" options = []\n",
"###[ Raw ]###\n",
" load = 'GET /download.html HTTP/1.1\\r\\nHost: www.ethereal.com\\r\\nUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113\\r\\nAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1\\r\\nAccept-Language: en-us,en;q=0.5\\r\\nAccept-Encoding: gzip,deflate\\r\\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\\r\\nKeep-Alive: 300\\r\\nConnection: keep-alive\\r\\nReferer: http://www.ethereal.com/development.html\\r\\n\\r\\n'\n"
]
}
],
"prompt_number": 36
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"raw = pkts[3].getlayer(Raw)"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 37
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"load = raw.fields.get('load')"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 38
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print load"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"GET /download.html HTTP/1.1\r\n",
"Host: www.ethereal.com\r\n",
"User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113\r\n",
"Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1\r\n",
"Accept-Language: en-us,en;q=0.5\r\n",
"Accept-Encoding: gzip,deflate\r\n",
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n",
"Keep-Alive: 300\r\n",
"Connection: keep-alive\r\n",
"Referer: http://www.ethereal.com/development.html\r\n",
"\r\n",
"\n"
]
}
],
"prompt_number": 39
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"'GET /download' in load # your search term"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 41,
"text": [
"True"
]
}
],
"prompt_number": 41
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import select as s\n",
"\n",
"def trace_route(pkts):\n",
" for pkt in pkts:\n",
" try:\n",
" IP_layer = pkt.getlayer(IP)\n",
" proto_layer = pkt.getlayer(TCP)\n",
" except Exception:\n",
" continue\n",
" destination = IP_layer.dst\n",
" src = IP_layer.src\n",
" dport = proto_layer.dport\n",
" sport = proto_layer.sport\n",
" \n",
" while True:\n",
" try:\n",
" res, unans = traceroute(target=destination, dport=dport, sport=sport, maxttl=20)\n",
" traces = res.res\n",
" hops = [src]\n",
" for trace in traces:\n",
" hops.append(trace[1].src)\n",
" return hops, sport\n",
" except s.error:\n",
" continue\n",
" "
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 21
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"tr, sport = trace_route(pkts)"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"\n",
"Received 6 packets, got 5 answers, remaining 15 packets\n",
" 65.208.228.223:tcp80 \n",
"1 10.48.24.1 11 \n",
"2 80.239.169.193 11 \n",
"3 213.155.131.124 11 \n",
"4 213.155.136.176 11 \n",
"5 80.91.249.29 11 \n",
"Begin emission:\n",
"Finished to send 20 packets.\n"
]
}
],
"prompt_number": 22
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"tr"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 23,
"text": [
"['145.254.160.237',\n",
" '10.48.24.1',\n",
" '80.239.169.193',\n",
" '213.155.131.124',\n",
" '213.155.136.176',\n",
" '80.91.249.29']"
]
}
],
"prompt_number": 23
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import pygeoip"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 24
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"def map_ip(hops):\n",
" gip = pygeoip.GeoIP('data/GeoLiteCity.dat')\n",
" coordinates = []\n",
" for hop in hops:\n",
" geo_data = gip.record_by_addr(hop)\n",
" if geo_data:\n",
" lat = geo_data['latitude']\n",
" lon = geo_data['longitude']\n",
" coordinates.append((lon, lat))\n",
" return coordinates"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 25
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"coordinates = map_ip(tr)"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 26
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"coordinates"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 27,
"text": [
"[(9.0, 51.0),\n",
" (18.05000000000001, 59.33330000000001),\n",
" (8.0, 47.0),\n",
" (8.0, 47.0),\n",
" (8.0, 47.0)]"
]
}
],
"prompt_number": 27
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import geojson\n",
"def create_geojson(coordinates):\n",
" geo_list = []\n",
" j = 1\n",
" for route in coordinates:\n",
" data = {}\n",
" data[\"type\"] = \"Feature\"\n",
" data[\"id\"] = j\n",
" data[\"properties\"] = {\"title\": \"hop %i\" % j}\n",
" data[\"geometry\"] = {\"type\": \"LineString\", \"coordinates\": route}\n",
" j += 1\n",
" geo_list.append(data)\n",
"\n",
" d = {\"type\": \"FeatureCollection\"}\n",
" for item in geo_list:\n",
" d.setdefault(\"features\", []).append(item)\n",
"\n",
" return geojson.dumps(d)"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 28
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print create_geojson(coordinates)"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"{\"type\": \"FeatureCollection\", \"features\": [{\"geometry\": {\"type\": \"LineString\", \"coordinates\": [9.0, 51.0]}, \"type\": \"Feature\", \"id\": 1, \"properties\": {\"title\": \"hop 1\"}}, {\"geometry\": {\"type\": \"LineString\", \"coordinates\": [18.05000000000001, 59.33330000000001]}, \"type\": \"Feature\", \"id\": 2, \"properties\": {\"title\": \"hop 2\"}}, {\"geometry\": {\"type\": \"LineString\", \"coordinates\": [8.0, 47.0]}, \"type\": \"Feature\", \"id\": 3, \"properties\": {\"title\": \"hop 3\"}}, {\"geometry\": {\"type\": \"LineString\", \"coordinates\": [8.0, 47.0]}, \"type\": \"Feature\", \"id\": 4, \"properties\": {\"title\": \"hop 4\"}}, {\"geometry\": {\"type\": \"LineString\", \"coordinates\": [8.0, 47.0]}, \"type\": \"Feature\", \"id\": 5, \"properties\": {\"title\": \"hop 5\"}}]}\n"
]
}
],
"prompt_number": 42
},
{
"cell_type": "code",
"collapsed": false,
"input": [],
"language": "python",
"metadata": {},
"outputs": []
}
],
"metadata": {}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment