Created
May 18, 2024 14:05
-
-
Save louis030195/c68364c0b8bf4846c5e46867e4f4181f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from scapy.all import * | |
from openai import OpenAI | |
client = OpenAI( | |
base_url='http://localhost:11434/v1/', | |
api_key='ollama', | |
) | |
def analyze_packet(packet): | |
packet_data = hexdump(packet, dump=True) | |
prompt = f""" | |
You are an AI reverse engineer. Your task is to analyze the given network packet data and provide insights about the potential protocol structure and functionality. | |
Packet Data: | |
{packet_data} | |
Please provide a brief analysis of the packet, including: | |
1. Possible protocol identification | |
2. Key fields and their potential meanings | |
3. Packet type and purpose | |
""" | |
response = client.chat.completions.create( | |
messages=[ | |
{ | |
'role': 'system', | |
'content': prompt, | |
} | |
], | |
model='llama3', | |
stream=False | |
) | |
analysis = response.choices[0].message.content | |
return analysis | |
def packet_callback(packet): | |
analysis = analyze_packet(packet) | |
print(f"Packet Analysis:\n{analysis}\n") | |
# Extract protocol and packet type from the analysis | |
protocol = re.search(r'Protocol:\s*(\w+)', analysis, re.IGNORECASE) | |
packet_type = re.search(r'Packet Type:\s*(\w+)', analysis, re.IGNORECASE) | |
if protocol and packet_type: | |
protocol = protocol.group(1) | |
packet_type = packet_type.group(1) | |
print(f"Grouping: Protocol={protocol}, Packet Type={packet_type}") | |
# Perform grouping or further analysis based on the protocol and packet type | |
else: | |
print("Unable to extract protocol and packet type from the analysis.") | |
print("---") | |
# Start capturing packets | |
print("Starting packet capture...") | |
sniff(prn=packet_callback, count=10) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment