Skip to content

Instantly share code, notes, and snippets.

@econchick

econchick/quick_howto.ipynb

Created November 21, 2013 22:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save econchick/7590571 to your computer and use it in GitHub Desktop.
Save econchick/7590571 to your computer and use it in GitHub Desktop.
Download ZIP
Display the source blob
Display the rendered blob
Raw
quick_howto.ipynb
{
"metadata": {
"name": ""
},
"nbformat": 3,
"nbformat_minor": 0,
"worksheets": [
{
"cells": [
{
"cell_type": "code",
"collapsed": false,
"input": [
"from scapy.all import * # this makes me cringe"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stderr",
"text": [
"WARNING: No route found for IPv6 destination :: (no default route?)\n"
]
},
{
"output_type": "stream",
"stream": "stderr",
"text": [
"WARNING:scapy.runtime:No route found for IPv6 destination :: (no default route?)\n"
]
}
],
"prompt_number": 1
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"a = sniff(iface=\"en0\", filter=\"tcp and port 80\", count=10)"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 2
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"a"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 4,
"text": [
"<Sniffed: TCP:10 UDP:0 ICMP:0 Other:0>"
]
}
],
"prompt_number": 4
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"a.res"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 5,
"text": [
"[<Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=64 id=37422 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694476 ack=0 dataofs=11L reserved=0L flags=S window=65535 chksum=0xc917 urgptr=0 options=[('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)] |>>>,\n",
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=64 id=27327 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57233 dport=http seq=2864733882 ack=0 dataofs=11L reserved=0L flags=S window=65535 chksum=0xc917 urgptr=0 options=[('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)] |>>>,\n",
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=44 id=0 flags=DF frag=0L ttl=50 proto=tcp chksum=0x7fe7 src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57232 seq=1353117467 ack=3533694477 dataofs=6L reserved=0L flags=SA window=5840 chksum=0xe010 urgptr=0 options=[('MSS', 1460)] |<Padding load='\\x00\\x00' |>>>>,\n",
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=45255 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694477 ack=1353117468 dataofs=5L reserved=0L flags=A window=65535 chksum=0xc8ff urgptr=0 |>>>,\n",
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=44 id=0 flags=DF frag=0L ttl=50 proto=tcp chksum=0x7fe7 src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57233 seq=2524100872 ack=2864733883 dataofs=6L reserved=0L flags=SA window=5840 chksum=0x7f88 urgptr=0 options=[('MSS', 1460)] |<Padding load='\\x00\\x00' |>>>>,\n",
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=39734 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57233 dport=http seq=2864733883 ack=2524100873 dataofs=5L reserved=0L flags=A window=65535 chksum=0xc8ff urgptr=0 |>>>,\n",
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=1500 id=42369 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694477 ack=1353117468 dataofs=5L reserved=0L flags=A window=65535 chksum=0xceb3 urgptr=0 options=[] |<Raw load='GET /pyladiessf HTTP/1.1\\r\\nHost: meetup.com\\r\\nConnection: keep-alive\\r\\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\\r\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36\\r\\nAccept-Encoding: gzip,deflate,sdch\\r\\nAccept-Language: en-US,en;q=0.8\\r\\nCookie: fbm_2403839689=base_domain=.meetup.com; user_segment=Prospect; MEETUP_CSRF=6913548c-ea62-41cc-8684-89a5c935dce5; trax_scroll_to_talk=uuid=29150187-2ba1-4fd4-8f3e-90abbc90355c&v=scroll&p=start&s=0&_=3eee03; MY_MEETUP_M2M_CC=on; MEETUP_LANGUAGE=language=en&country=US; MEETUP_TRACK=id=1f534ec6-fb10-4979-a22c-1e480f621c56&l=1&s=f734329722f35a959f3471e7ca23fec2af8519d4; MEETUP_SEGMENT=member; MEETUP_MEMBER=id=31339252&status=4&timestamp=1385022848&bs=0&tz=US%2FPacific&zip=94107&country=us&city=San+Francisco&state=CA&lat=37.77&lon=-122.4&domain=&dc=&s=a8ec95cd103d031634542fe2e577af1b1c21ffae&rem=1; _ga=GA1.2.1358022415.1381185132; trax_CreatePayment=uuid=f7e9340c-950b-48b0-9ce6-2d5d1d2ba284&v=control1&p=basics&s=0&_=5e611a; SnapABugHistory=2#; trax_baseline=uuid=7511d21f-c034-4478-8ac1-f55ca9b05b2b&v=control&p=description-section&s=15&_=ef8dc7; trax_group_rec_ts_model=uuid=3d79e29b-71c5-4b7c-b9b8-1fb2a07f5c1e&v=topicscore&p=start&s=0&_=2faf42; trax_also_in_algorithm2=uuid=f5b5b08f-defd-4571-a4aa-6ef0b393d5cf&v=original&p=start&s=0&_=4c0a2d; trax_browsebar=uuid=d0671560-a880-49c2-a068-c09' |>>>>,\n",
" <Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=1293 id=26360 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533695937 ack=1353117468 dataofs=5L reserved=0L flags=PA window=65535 chksum=0xcde4 urgptr=0 options=[] |<Raw load='a3b7db44a&v=mod&p=ghome&s=0&_=4c2b53; MEETUP_FB_DONE=1; MUP_jqueryEn=on; trax_event_rec_ts_model=uuid=86dda94d-8cd8-43ad-998f-d1987eb687d1&v=topicscore&p=start&s=0&_=8bc43a; MEETUP_GA=segment%3Dmember%26gj%3Dpswg4%26rv%3Drv13%2Crv13%2Crv13%2Crv13%2Crv13%26ic%3Dsn3%2Csn3; __utma=19434532.1358022415.1381185132.1385041110.1385043895.24; __utmb=19434532.10.10.1385043895; __utmc=19434532; __utmz=19434532.1384336433.9.6.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); __utmv=19434532.segment%3Dmember%26gj%3Dpswg4%26rv%3Drv13%2Crv13%2Crv13%2Crv13%2Crv13%26ic%3Dsn3%2Csn3; fbsr_2403839689=lsAHJkqP1G1sukr1Lx9BfE12nJqvs3zHOqQ8CAPyl_g.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiJBUUR3Wnp2LUdKSzRfYjFCSXYwbC1qWFBDOU9yNFBZc3drdU4xTDA3dXJwSThGY1QwdU5DS2lpVGVXSWFqT09MdWcyOEVUc3plMHA0MElkTlZZczlGejNocktyQ21FLTE5OGpXOUcwVUtrZEo4RnpQcmdIeFl0SUdmUzloRmdsYmFqeDJ3VEF5aXBZNkNIN29JcWxpeW5sT200MnRWOUdGZVJ2VVVxQzNkNDBGdFFkQWt0UXlVVjJHQ2tsRmFXSlFhOW1fTk9VZXk3YWpMT1dMRXJ3dk9kSWZncjdEWVViVGNXYm9HRi1FODBEcUVSNVE1X3Z4Uk9tRnlYSVpEaWFvckJGak9nMlhFRW92aHZzTllKSUx0dzdlLUMtLW9femJpQ1FoSkZCbElLaUxhMTdKZVBIejIycVY2cGY1ZjREQ3h0dkYyUmtqMmJhN2hSck00bzE1Yk1pMHpjVGw3SkhpLXc2cjRNZ2xHcC14SEEiLCJpc3N1ZWRfYXQiOjEzODUwNDM5MjAsInVzZXJfaWQiOiIxNDkwMDExNyJ9\\r\\n\\r\\n' |>>>>,\n",
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=42384 flags=DF frag=0L ttl=50 proto=tcp chksum=0xda5a src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57232 seq=1353117468 ack=3533695937 dataofs=5L reserved=0L flags=A window=8760 chksum=0xe6b1 urgptr=0 |<Padding load='\\x00\\x00\\x00\\x00\\x00\\x00' |>>>>,\n",
" <Ether dst=a8:20:66:3f:4f:ea src=00:09:0f:09:00:13 type=0x800 |<IP version=4L ihl=5L tos=0x0 len=40 id=42385 flags=DF frag=0L ttl=50 proto=tcp chksum=0xda59 src=38.123.132.30 dst=10.48.20.28 options=[] |<TCP sport=http dport=57232 seq=1353117468 ack=3533697190 dataofs=5L reserved=0L flags=A window=11680 chksum=0xd664 urgptr=0 |<Padding load='\\x00\\x00\\x00\\x00\\x00\\x00' |>>>>]"
]
}
],
"prompt_number": 5
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"a.res[0] # first packet"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 6,
"text": [
"<Ether dst=00:09:0f:09:00:13 src=a8:20:66:3f:4f:ea type=0x800 |<IP version=4L ihl=5L tos=0x0 len=64 id=37422 flags=DF frag=0L ttl=64 proto=tcp chksum=0x0 src=10.48.20.28 dst=38.123.132.30 options=[] |<TCP sport=57232 dport=http seq=3533694476 ack=0 dataofs=11L reserved=0L flags=S window=65535 chksum=0xc917 urgptr=0 options=[('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)] |>>>"
]
}
],
"prompt_number": 6
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"a.res[0].show()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"###[ Ethernet ]###\n",
" dst = 00:09:0f:09:00:13\n",
" src = a8:20:66:3f:4f:ea\n",
" type = 0x800\n",
"###[ IP ]###\n",
" version = 4L\n",
" ihl = 5L\n",
" tos = 0x0\n",
" len = 64\n",
" id = 37422\n",
" flags = DF\n",
" frag = 0L\n",
" ttl = 64\n",
" proto = tcp\n",
" chksum = 0x0\n",
" src = 10.48.20.28\n",
" dst = 38.123.132.30\n",
" \\options \\\n",
"###[ TCP ]###\n",
" sport = 57232\n",
" dport = http\n",
" seq = 3533694476\n",
" ack = 0\n",
" dataofs = 11L\n",
" reserved = 0L\n",
" flags = S\n",
" window = 65535\n",
" chksum = 0xc917\n",
" urgptr = 0\n",
" options = [('MSS', 1460), ('NOP', None), ('WScale', 4), ('NOP', None), ('NOP', None), ('Timestamp', (1197585139, 0)), ('SAckOK', ''), ('EOL', None)]\n"
]
}
],
"prompt_number": 7
},
{
"cell_type": "code",
"collapsed": false,
"input": [],
"language": "python",
"metadata": {},
"outputs": []
}
],
"metadata": {}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment