A-A+
python pcapng IP提取工具 Wireshark IP提取工具

【注意:此文章为博主原创文章!转载需注意,请带原文链接,至少也要是txt格式!】
首先说明这个工具利用的就是tcpdump,所以这个Python脚本必须在linux系统下运行。要么就需要你电脑有tcpdump这个工具。
下面是代码:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | #!/usr/bin/env python # -*- coding: utf-8 -*- import os import sys import re pcap = raw_input("Location Pcap File > ") if pcap == pcap: control = (os.popen("file " '%s' % pcap)).read() if 'capture file' in control: print ("[+] Okey Capture File\n") pass else: print("File Don't Pcap\n Exit..") sys.exit() ipls = os.popen("tcpdump -nn -r '%s' -p 'tcp or udp'" % pcap).read() ipreg = re.findall(r"\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b", ipls) st2 = set() uniq2 = [allip for allip in ipreg if allip not in st2 and not st2.add(allip)] for sauron in uniq2: print(sauron) print("\n") print("[+BONUS]Request IP List\n") reqipl = os.popen( "tcpdump -nn -r '%s' -p 'tcp or udp' | awk -F' ' '{print $3}' | awk -F'.' '{print $1\".\"$2\".\"$3\".\"$4}' | sort | uniq | sort -n" % pcap).read() print (reqipl) |
布施恩德可便相知重
微信扫一扫打赏
支付宝扫一扫打赏