Core Pcapy python modules ?

**shamanvirtuel** · 08-26-2007, 06:32 PM

in my rest time, im involved in learning python and its interaction with network classes.......

so i google it, and finally found the 2 open source projects from core (creators of core impact)

called Pcapy (capture)
& Impaket (python classes for packet analysis)

here is a brief info about pcapy

Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

DOES ANYBODY INVOLDED IN PY HAD WORKED YET WITH THAT ?

if so is it really easy to interacts between py scripts and pcapy modules for capturing packet on the fly and dumping them to files ?

+ does anybody use SPE ? the python editor integrated in bt ? just need a little info on how design process occurs in SPE ??

thx

**imported_blackfoot** · 08-27-2007, 02:43 PM

Hi

I read about it once but did not use it. I switched to the scapy function set (M. Biondi EADS) and import it direct into the python code. It is easy to use to dissect and repack but not well documented though I like it. I am finishing a big project with it at the moment using Dot11 and Ether.

Yes I am starting to use SPE but I still prefer NEdit. I just type.

**imported_wyze** · 08-27-2007, 04:19 PM

Originally Posted by shamanvirtuel

in my rest time, im involved in learning python and its interaction with network classes.......

so i google it, and finally found the 2 open source projects from core (creators of core impact)

called Pcapy (capture)
& Impaket (python classes for packet analysis)

here is a brief info about pcapy

Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

DOES ANYBODY INVOLDED IN PY HAD WORKED YET WITH THAT ?

if so is it really easy to interacts between py scripts and pcapy modules for capturing packet on the fly and dumping them to files ?

+ does anybody use SPE ? the python editor integrated in bt ? just need a little info on how design process occurs in SPE ??

thx

I stumbled upon that a week ago when I was looking into Lorcon; I have it on my SuSE box but haven't played with it yet. I'm interested in seeing how it works as well, since py is awesome!!!

**shamanvirtuel** · 08-27-2007, 05:56 PM

lol...well let's go so .....

nice to see im not alone to know that classes for network analysis

we can do nice things with pcapy
I Pcapy Module

open_live
open_offline
lookupdev
findalldevs
compile

II Reader Object Reference
dispatch
next
setfilter
getnet
datalink
getnonblock
dump_open

III Dumper Object
dump

IV Pkthdr Object
getts

V Bpf Object
filter

and with impacket once we have use pcapy for capture
we can do for example a packet sniffer, have a look here ands see how the code become simple and logic :

http://oss.coresecurity.com/impacket/sniff.py

**imported_wyze** · 08-30-2007, 10:10 AM

I'm going to spend some time to experiment this weekend... if you have any info, please post Shaman so I can get a good start!!

BackTrack Linux - Penetration Testing Distribution

Thread: Core Pcapy python modules ?

Thread Tools

Search Thread

Display

Core Pcapy python modules ?

scapy and pcapy

Posting Permissions