random

- collection of un-sorted bollocks
git clone git://git.acid.vegas/random.git
Log | Files | Refs | Archive

ddosmon.py (1878B)

      1 #!/usr/bin/env python
      2 # DDoSmon - developed by acidvegas in python (https://git.acid.vegas/ddosmon)
      3 import socket
      4 
      5 try:
      6 	import dpkt
      7 	from dpkt.compat import compat_ord
      8 except ImportError:
      9 	raise Exception('missing required \'dpkt\' library (pip install dpkt)')
     10 
     11 try:
     12 	import pcapy
     13 except ImportError:
     14 	raise Exception('missing required \'pcapy\' library (pip install pcapy)')
     15 
     16 def inet_to_str(inet):
     17 	try:
     18 		return socket.inet_ntop(socket.AF_INET, inet)
     19 	except ValueError:
     20 		return socket.inet_ntop(socket.AF_INET6, inet)
     21 
     22 def mac_addr(address):
     23 	return ':'.join('%02x' % compat_ord(b) for b in address)
     24 
     25 def handle_packet(header, data):
     26 	eth = dpkt.ethernet.Ethernet(data)
     27 	if isinstance(eth.data, dpkt.ip.IP) or isinstance(eth.data, dpkt.ip6.IP6):
     28 		ip  = eth.data
     29 		do_not_fragment = bool(ip.off & dpkt.ip.IP_DF)
     30 		more_fragments  = bool(ip.off & dpkt.ip.IP_MF)
     31 		fragment_offset = ip.off & dpkt.ip.IP_OFFMASK
     32 		print('Protocol       : ', ip.get_proto(ip.p).__name__)
     33 		print('Ethernet Frame : ', mac_addr(eth.src), mac_addr(eth.dst), eth.type)
     34 		print('Connection     : %s:%s -> %s:%s   (len=%d ttl=%d DF=%d MF=%d offset=%d)' % (inet_to_str(ip.src), ip.data.sport, inet_to_str(ip.dst), ip.data.dport, ip.len, ip.ttl, do_not_fragment, more_fragments, fragment_offset))
     35 		if isinstance(ip.data, dpkt.icmp.ICMP):
     36 			icmp = ip.data
     37 			print('ICMP: type:%d code:%d checksum:%d data: %s\n' % (icmp.type, icmp.code, icmp.sum, repr(icmp.data)))
     38 		elif isinstance(ip.data, dpkt.tcp.TCP):
     39 			tcp = ip.data
     40 			try:
     41 				request = dpkt.http.Request(tcp.data)
     42 			except (dpkt.dpkt.NeedData, dpkt.dpkt.UnpackError):
     43 				pass
     44 			else:
     45 				print('HTTP request: %s\n' % repr(request))
     46 				if not tcp.data.endswith(b'\r\n'):
     47 					print('\nHEADER TRUNCATED! Reassemble TCP segments!\n')
     48 
     49 if __name__ == '__main__':
     50 	pcap = pcapy.open_live('eth0', 65536, 0, 100)
     51 	pcap.loop(-1, handle_packet)