Last active
December 29, 2015 00:49
-
-
Save econchick/7589025 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "metadata": { | |
| "name": "" | |
| }, | |
| "nbformat": 3, | |
| "nbformat_minor": 0, | |
| "worksheets": [ | |
| { | |
| "cells": [ | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "from scapy.all import *" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [], | |
| "prompt_number": 18 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "# online sniffing\n", | |
| "# pkts = sniff(filter=\"tcp and host search.yahoo.com\", count=300)\n", | |
| "# saving for later\n", | |
| "# wrpcap(\"data/yahoo_search.cap\", pkts)" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [] | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "# importing pcap file\n", | |
| "sample_http = 'data/yahoo_search.cap'\n", | |
| "pkts = sniff(offline=sample_http)" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [], | |
| "prompt_number": 19 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "pkts" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "metadata": {}, | |
| "output_type": "pyout", | |
| "prompt_number": 20, | |
| "text": [ | |
| "<Sniffed: TCP:300 UDP:0 ICMP:0 Other:0>" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 20 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "pkts.nsummary()" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "output_type": "stream", | |
| "stream": "stdout", | |
| "text": [ | |
| "0000 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http S\n", | |
| "0001 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http S\n", | |
| "0002 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http S\n", | |
| "0003 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 SA\n", | |
| "0004 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0005 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53263 SA\n", | |
| "0006 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http A\n", | |
| "0007 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53262 SA\n", | |
| "0008 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http A\n", | |
| "0009 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw\n", | |
| "0010 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0011 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0012 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0013 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw\n", | |
| "0014 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0015 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0016 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0017 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0018 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0019 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0020 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0021 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0022 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0023 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0024 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0025 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0026 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0027 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0028 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0029 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0030 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0031 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0032 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0033 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0034 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0035 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0036 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0037 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0038 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0039 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0040 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0041 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0042 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0043 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0044 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0045 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0046 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0047 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0048 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0049 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0050 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0051 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0052 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0053 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0054 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0055 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0056 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0057 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0058 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0059 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0060 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0061 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0062 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0063 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0064 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0065 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0066 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0067 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0068 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0069 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http FA\n", | |
| "0070 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http FA\n", | |
| "0071 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53262 A\n", | |
| "0072 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53262 FA\n", | |
| "0073 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53263 A\n", | |
| "0074 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http A\n", | |
| "0075 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http A\n", | |
| "0076 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http A\n", | |
| "0077 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53263 FA\n", | |
| "0078 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http A\n", | |
| "0079 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A / Raw\n", | |
| "0080 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw\n", | |
| "0081 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0082 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0083 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0084 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0085 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0086 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0087 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0088 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0089 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0090 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0091 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0092 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0093 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0094 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0095 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0096 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0097 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0098 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0099 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0100 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0101 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0102 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0103 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0104 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0105 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0106 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0107 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0108 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0109 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0110 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0111 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0112 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0113 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0114 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0115 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0116 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0117 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0118 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0119 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0120 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0121 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0122 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0123 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0124 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0125 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0126 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0127 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0128 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0129 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0130 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0131 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0132 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0133 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0134 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0135 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0136 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0137 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0138 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0139 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0140 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0141 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0142 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0143 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0144 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0145 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0146 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0147 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0148 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A / Raw\n", | |
| "0149 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw\n", | |
| "0150 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0151 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0152 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0153 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0154 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0155 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0156 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0157 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0158 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0159 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0160 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0161 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0162 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0163 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0164 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0165 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0166 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0167 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0168 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0169 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0170 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0171 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0172 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0173 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0174 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0175 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0176 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0177 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0178 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0179 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0180 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0181 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0182 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0183 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0184 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0185 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0186 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0187 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0188 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0189 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0190 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0191 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0192 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0193 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0194 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0195 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0196 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0197 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0198 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0199 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0200 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0201 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0202 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0203 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0204 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0205 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0206 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0207 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0208 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0209 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0210 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0211 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0212 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0213 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0214 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0215 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0216 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0217 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0218 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0219 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0220 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0221 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0222 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0223 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0224 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0225 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0226 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0227 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A / Raw\n", | |
| "0228 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw\n", | |
| "0229 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0230 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A\n", | |
| "0231 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0232 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0233 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0234 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0235 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0236 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0237 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0238 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0239 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0240 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0241 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0242 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0243 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0244 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0245 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0246 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0247 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0248 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0249 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0250 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0251 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0252 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0253 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0254 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0255 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0256 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0257 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0258 " | |
| ] | |
| }, | |
| { | |
| "output_type": "stream", | |
| "stream": "stdout", | |
| "text": [ | |
| "Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0259 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0260 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0261 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0262 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0263 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0264 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0265 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0266 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0267 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0268 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0269 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0270 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0271 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0272 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0273 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0274 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0275 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0276 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0277 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0278 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0279 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0280 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0281 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0282 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0283 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0284 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0285 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0286 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0287 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0288 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0289 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0290 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0291 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0292 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0293 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0294 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0295 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding\n", | |
| "0296 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0297 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw\n", | |
| "0298 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A\n", | |
| "0299 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A / Raw\n" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 21 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "pkts[79].show()" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "output_type": "stream", | |
| "stream": "stdout", | |
| "text": [ | |
| "###[ Ethernet ]###\n", | |
| " dst = 00:1d:70:df:2d:11\n", | |
| " src = 14:10:9f:e1:54:9b\n", | |
| " type = 0x800\n", | |
| "###[ IP ]###\n", | |
| " version = 4L\n", | |
| " ihl = 5L\n", | |
| " tos = 0x0\n", | |
| " len = 1420\n", | |
| " id = 51853\n", | |
| " flags = DF\n", | |
| " frag = 0L\n", | |
| " ttl = 64\n", | |
| " proto = tcp\n", | |
| " chksum = 0x2448\n", | |
| " src = 10.25.3.61\n", | |
| " dst = 74.6.239.58\n", | |
| " \\options \\\n", | |
| "###[ TCP ]###\n", | |
| " sport = 53261\n", | |
| " dport = http\n", | |
| " seq = 3423577226\n", | |
| " ack = 4075984347\n", | |
| " dataofs = 8L\n", | |
| " reserved = 0L\n", | |
| " flags = A\n", | |
| " window = 8192\n", | |
| " chksum = 0xe4ca\n", | |
| " urgptr = 0\n", | |
| " options = [('NOP', None), ('NOP', None), ('Timestamp', (1222799014, 196990643))]\n", | |
| "###[ Raw ]###\n", | |
| " load = 'GET /search;_ylt=A0oG7mGUD49SBxcA3WpXNyoA;_ylc=X1MDMjc2NjY3OQRfcgMyBGJjawNmbWVsb2s1OTRqZ3UyJTI2YiUzRDQlMjZkJTNEOU15M2RnMXBZRUtpdVJyeG9BWlNlRGxLcjJFLSUyNnMlM0Q4ciUyNmklM0RTSjdlY2Y4ZURZakZnbS5DRWRucgRjc3JjcHZpZANHcC5VRjBnZXVyRDdPcmloVWtuRHdnWUFYWjUwR1ZLUEQ1UUFCc3hpBGZyA3lmcC10LTE0MARmcjIDc2ItdG9wBGdwcmlkA2NlVHN4WXhzUWIuOW51aGNlWG9TTUEEbXRlc3RpZANBRDAxJTNEU01FMzQxJTI2QURTUlAlM0RBRFNSUEMxJTI2QVNTVCUzRFZJUDI4OSUyNk1TRlQlM0RNU1kwMTAlMjZVSTAxJTNEVUlDMSUyNlVOSSUzRFJDRjA0NARuX3JzbHQDMTAEbl9zdWdnAzgEb3JpZ2luA3NlYXJjaC55YWhvby5jb20EcG9zAzAEcHFzdHIDBHBxc3RybAMEcXN0cmwDNgRxdWVyeQNNYWRyaWQEdF9zdG1wAzEzODUxMDczNTU4MzEEdnRlc3RpZANVSUMx?p=Madrid&fr2=sb-top&fr=yfp-t-140 HTTP/1.1\\r\\nHost: search.yahoo.com\\r\\nConnection: keep-alive\\r\\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\\r\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36\\r\\nReferer: http://search.yahoo.com/search;_ylt=ApD.LW7jivmrlmZzNKxChqqbvZx4?p=Python&toggle=1&cop=mss&ei=UTF-8&fr=yfp-t-140\\r\\nAccept-Encoding: gzip,deflate,sdch\\r\\nAccept-Language: en-US,en;q=0.8\\r\\nCookie: B=fmelok594jgu2&b=4&d=9My3dg1pYEKiuRrxoAZSeDlKr2E-&s=8r&i=SJ7ecf8eDYjFgm.CEdnr; AO=o=0; YLS=v=1&p=1&n=1; F=a=I.qqZFgMvSp1SMQ7oNaJGIBu5DAJGO25SeRxXSKxg6_KZLWHQMHEkeFQrEOxAH9BOvMhwKs-&b=.hBp; Y=v=1&n=fr6nunkr11qks&l=he6k4bodd/o&p=f2m0'\n" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 22 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "pkts[79].getlayer(Raw)" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "metadata": {}, | |
| "output_type": "pyout", | |
| "prompt_number": 23, | |
| "text": [ | |
| "<Raw load='GET /search;_ylt=A0oG7mGUD49SBxcA3WpXNyoA;_ylc=X1MDMjc2NjY3OQRfcgMyBGJjawNmbWVsb2s1OTRqZ3UyJTI2YiUzRDQlMjZkJTNEOU15M2RnMXBZRUtpdVJyeG9BWlNlRGxLcjJFLSUyNnMlM0Q4ciUyNmklM0RTSjdlY2Y4ZURZakZnbS5DRWRucgRjc3JjcHZpZANHcC5VRjBnZXVyRDdPcmloVWtuRHdnWUFYWjUwR1ZLUEQ1UUFCc3hpBGZyA3lmcC10LTE0MARmcjIDc2ItdG9wBGdwcmlkA2NlVHN4WXhzUWIuOW51aGNlWG9TTUEEbXRlc3RpZANBRDAxJTNEU01FMzQxJTI2QURTUlAlM0RBRFNSUEMxJTI2QVNTVCUzRFZJUDI4OSUyNk1TRlQlM0RNU1kwMTAlMjZVSTAxJTNEVUlDMSUyNlVOSSUzRFJDRjA0NARuX3JzbHQDMTAEbl9zdWdnAzgEb3JpZ2luA3NlYXJjaC55YWhvby5jb20EcG9zAzAEcHFzdHIDBHBxc3RybAMEcXN0cmwDNgRxdWVyeQNNYWRyaWQEdF9zdG1wAzEzODUxMDczNTU4MzEEdnRlc3RpZANVSUMx?p=Madrid&fr2=sb-top&fr=yfp-t-140 HTTP/1.1\\r\\nHost: search.yahoo.com\\r\\nConnection: keep-alive\\r\\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\\r\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36\\r\\nReferer: http://search.yahoo.com/search;_ylt=ApD.LW7jivmrlmZzNKxChqqbvZx4?p=Python&toggle=1&cop=mss&ei=UTF-8&fr=yfp-t-140\\r\\nAccept-Encoding: gzip,deflate,sdch\\r\\nAccept-Language: en-US,en;q=0.8\\r\\nCookie: B=fmelok594jgu2&b=4&d=9My3dg1pYEKiuRrxoAZSeDlKr2E-&s=8r&i=SJ7ecf8eDYjFgm.CEdnr; AO=o=0; YLS=v=1&p=1&n=1; F=a=I.qqZFgMvSp1SMQ7oNaJGIBu5DAJGO25SeRxXSKxg6_KZLWHQMHEkeFQrEOxAH9BOvMhwKs-&b=.hBp; Y=v=1&n=fr6nunkr11qks&l=he6k4bodd/o&p=f2m0' |>" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 23 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "first_query = pkts[79].getlayer(Raw)\n", | |
| "print first_query.fields.get('load').split('?p=')[1].split('&')[0]" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "output_type": "stream", | |
| "stream": "stdout", | |
| "text": [ | |
| "Madrid\n" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 24 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "second_query = pkts[148].getlayer(Raw)\n", | |
| "print second_query.fields.get('load').split('?p=')[1].split('&')[0]" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "output_type": "stream", | |
| "stream": "stdout", | |
| "text": [ | |
| "I+love+chocolate\n" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 25 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [ | |
| "third_query = pkts[227].getlayer(Raw)\n", | |
| "print third_query.fields.get('load').split('?p=')[1].split('&')[0]" | |
| ], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [ | |
| { | |
| "output_type": "stream", | |
| "stream": "stdout", | |
| "text": [ | |
| "Blue+Bottle+Coffe\n" | |
| ] | |
| } | |
| ], | |
| "prompt_number": 26 | |
| }, | |
| { | |
| "cell_type": "code", | |
| "collapsed": false, | |
| "input": [], | |
| "language": "python", | |
| "metadata": {}, | |
| "outputs": [] | |
| } | |
| ], | |
| "metadata": {} | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment