Created
November 21, 2013 22:02
-
-
Save econchick/7590571 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"metadata": { | |
"name": "" | |
}, | |
"nbformat": 3, | |
"nbformat_minor": 0, | |
"worksheets": [ | |
{ | |
"cells": [ | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [ | |
"from scapy.all import * # this makes me cringe" | |
], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"output_type": "stream", | |
"stream": "stderr", | |
"text": [ | |
"WARNING: No route found for IPv6 destination :: (no default route?)\n" | |
] | |
}, | |
{ | |
"output_type": "stream", | |
"stream": "stderr", | |
"text": [ | |
"WARNING:scapy.runtime:No route found for IPv6 destination :: (no default route?)\n" | |
] | |
} | |
], | |
"prompt_number": 1 | |
}, | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [ | |
"a = sniff(iface=\"en0\", filter=\"tcp and port 80\", count=10)" | |
], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [], | |
"prompt_number": 2 | |
}, | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [ | |
"a" | |
], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"metadata": {}, | |
"output_type": "pyout", | |
"prompt_number": 4, | |
"text": [ | |
"<Sniffed: TCP:10 UDP:0 ICMP:0 Other:0>" | |
] | |
} | |
], | |
"prompt_number": 4 | |
}, | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [ | |
"a.res" | |
], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"metadata": {}, | |
"output_type": "pyout", | |
"prompt_number": 5, | |
"text": [ | |
"[<Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=64 id=37422 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694476 ack=0 dataofs=11L reserved=0L flags=S window=65535 chksum=0xc917 urgptr=0 options=[('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)] |>>>,\n", | |
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=64 id=27327 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57233 dport=http seq=2864733882 ack=0 dataofs=11L reserved=0L flags=S window=65535 chksum=0xc917 urgptr=0 options=[('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)] |>>>,\n", | |
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=44 id=0 flags=DF frag=0L ttl=50 proto=tcp chksum=0x7fe7 src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57232 seq=1353117467 ack=3533694477 dataofs=6L reserved=0L flags=SA window=5840 chksum=0xe010 urgptr=0 options=[('MSS', 1460)] |<Padding load='\\x00\\x00' |>>>>,\n", | |
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=45255 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694477 ack=1353117468 dataofs=5L reserved=0L flags=A window=65535 chksum=0xc8ff urgptr=0 |>>>,\n", | |
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=44 id=0 flags=DF frag=0L ttl=50 proto=tcp chksum=0x7fe7 src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57233 seq=2524100872 ack=2864733883 dataofs=6L reserved=0L flags=SA window=5840 chksum=0x7f88 urgptr=0 options=[('MSS', 1460)] |<Padding load='\\x00\\x00' |>>>>,\n", | |
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=39734 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57233 dport=http seq=2864733883 ack=2524100873 dataofs=5L reserved=0L flags=A window=65535 chksum=0xc8ff urgptr=0 |>>>,\n", | |
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=1500 id=42369 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694477 ack=1353117468 dataofs=5L reserved=0L flags=A window=65535 chksum=0xceb3 urgptr=0 options=[] |<Raw load='GET /pyladiessf HTTP/1.1\\r\\nHost: meetup.com\\r\\nConnection: keep-alive\\r\\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\\r\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36\\r\\nAccept-Encoding: gzip,deflate,sdch\\r\\nAccept-Language: en-US,en;q=0.8\\r\\nCookie: fbm_2403839689=base_domain=.meetup.com; user_segment=Prospect; MEETUP_CSRF=6913548c-ea62-41cc-8684-89a5c935dce5; trax_scroll_to_talk=uuid=29150187-2ba1-4fd4-8f3e-90abbc90355c&v=scroll&p=start&s=0&_=3eee03; MY_MEETUP_M2M_CC=on; MEETUP_LANGUAGE=language=en&country=US; MEETUP_TRACK=id=1f534ec6-fb10-4979-a22c-1e480f621c56&l=1&s=f734329722f35a959f3471e7ca23fec2af8519d4; MEETUP_SEGMENT=member; MEETUP_MEMBER=id=31339252&status=4×tamp=1385022848&bs=0&tz=US%2FPacific&zip=94107&country=us&city=San+Francisco&state=CA&lat=37.77&lon=-122.4&domain=&dc=&s=a8ec95cd103d031634542fe2e577af1b1c21ffae&rem=1; _ga=GA1.2.1358022415.1381185132; trax_CreatePayment=uuid=f7e9340c-950b-48b0-9ce6-2d5d1d2ba284&v=control1&p=basics&s=0&_=5e611a; SnapABugHistory=2#; trax_baseline=uuid=7511d21f-c034-4478-8ac1-f55ca9b05b2b&v=control&p=description-section&s=15&_=ef8dc7; trax_group_rec_ts_model=uuid=3d79e29b-71c5-4b7c-b9b8-1fb2a07f5c1e&v=topicscore&p=start&s=0&_=2faf42; trax_also_in_algorithm2=uuid=f5b5b08f-defd-4571-a4aa-6ef0b393d5cf&v=original&p=start&s=0&_=4c0a2d; trax_browsebar=uuid=d0671560-a880-49c2-a068-c09' |>>>>,\n", | |
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=1293 id=26360 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533695937 ack=1353117468 dataofs=5L reserved=0L flags=PA window=65535 chksum=0xcde4 urgptr=0 options=[] |<Raw load='a3b7db44a&v=mod&p=ghome&s=0&_=4c2b53; MEETUP_FB_DONE=1; MUP_jqueryEn=on; trax_event_rec_ts_model=uuid=86dda94d-8cd8-43ad-998f-d1987eb687d1&v=topicscore&p=start&s=0&_=8bc43a; MEETUP_GA=segment%3Dmember%26gj%3Dpswg4%26rv%3Drv13%2Crv13%2Crv13%2Crv13%2Crv13%26ic%3Dsn3%2Csn3; __utma=19434532.1358022415.1381185132.1385041110.1385043895.24; __utmb=19434532.10.10.1385043895; __utmc=19434532; __utmz=19434532.1384336433.9.6.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); __utmv=19434532.segment%3Dmember%26gj%3Dpswg4%26rv%3Drv13%2Crv13%2Crv13%2Crv13%2Crv13%26ic%3Dsn3%2Csn3; fbsr_2403839689=lsAHJkqP1G1sukr1Lx9BfE12nJqvs3zHOqQ8CAPyl_g.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiJBUUR3Wnp2LUdKSzRfYjFCSXYwbC1qWFBDOU9yNFBZc3drdU4xTDA3dXJwSThGY1QwdU5DS2lpVGVXSWFqT09MdWcyOEVUc3plMHA0MElkTlZZczlGejNocktyQ21FLTE5OGpXOUcwVUtrZEo4RnpQcmdIeFl0SUdmUzloRmdsYmFqeDJ3VEF5aXBZNkNIN29JcWxpeW5sT200MnRWOUdGZVJ2VVVxQzNkNDBGdFFkQWt0UXlVVjJHQ2tsRmFXSlFhOW1fTk9VZXk3YWpMT1dMRXJ3dk9kSWZncjdEWVViVGNXYm9HRi1FODBEcUVSNVE1X3Z4Uk9tRnlYSVpEaWFvckJGak9nMlhFRW92aHZzTllKSUx0dzdlLUMtLW9femJpQ1FoSkZCbElLaUxhMTdKZVBIejIycVY2cGY1ZjREQ3h0dkYyUmtqMmJhN2hSck00bzE1Yk1pMHpjVGw3SkhpLXc2cjRNZ2xHcC14SEEiLCJpc3N1ZWRfYXQiOjEzODUwNDM5MjAsInVzZXJfaWQiOiIxNDkwMDExNyJ9\\r\\n\\r\\n' |>>>>,\n", | |
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=42384 flags=DF frag=0L ttl=50 proto=tcp chksum=0xda5a src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57232 seq=1353117468 ack=3533695937 dataofs=5L reserved=0L flags=A window=8760 chksum=0xe6b1 urgptr=0 |<Padding load='\\x00\\x00\\x00\\x00\\x00\\x00' |>>>>,\n", | |
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=42385 flags=DF frag=0L ttl=50 proto=tcp chksum=0xda59 src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57232 seq=1353117468 ack=3533697190 dataofs=5L reserved=0L flags=A window=11680 chksum=0xd664 urgptr=0 |<Padding load='\\x00\\x00\\x00\\x00\\x00\\x00' |>>>>]" | |
] | |
} | |
], | |
"prompt_number": 5 | |
}, | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [ | |
"a.res[0] # first packet" | |
], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"metadata": {}, | |
"output_type": "pyout", | |
"prompt_number": 6, | |
"text": [ | |
"<Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=64 id=37422 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694476 ack=0 dataofs=11L reserved=0L flags=S window=65535 chksum=0xc917 urgptr=0 options=[('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)] |>>>" | |
] | |
} | |
], | |
"prompt_number": 6 | |
}, | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [ | |
"a.res[0].show()" | |
], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"output_type": "stream", | |
"stream": "stdout", | |
"text": [ | |
"###[ Ethernet ]###\n", | |
" dst = 00:09:0f:09:00:13\n", | |
" src = a8:20:66:3f:4f:ea\n", | |
" type = 0x800\n", | |
"###[ IP ]###\n", | |
" version = 4L\n", | |
" ihl = 5L\n", | |
" tos = 0x0\n", | |
" len = 64\n", | |
" id = 37422\n", | |
" flags = DF\n", | |
" frag = 0L\n", | |
" ttl = 64\n", | |
" proto = tcp\n", | |
" chksum = 0x0\n", | |
" src = 10.48.20.28\n", | |
" dst = 38.123.132.30\n", | |
" \\options \\\n", | |
"###[ TCP ]###\n", | |
" sport = 57232\n", | |
" dport = http\n", | |
" seq = 3533694476\n", | |
" ack = 0\n", | |
" dataofs = 11L\n", | |
" reserved = 0L\n", | |
" flags = S\n", | |
" window = 65535\n", | |
" chksum = 0xc917\n", | |
" urgptr = 0\n", | |
" options = [('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)]\n" | |
] | |
} | |
], | |
"prompt_number": 7 | |
}, | |
{ | |
"cell_type": "code", | |
"collapsed": false, | |
"input": [], | |
"language": "python", | |
"metadata": {}, | |
"outputs": [] | |
} | |
], | |
"metadata": {} | |
} | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment