|
|
@@ -14,6 +14,7 @@
|
|
|
#
|
|
|
|
|
|
from scapy.all import *
|
|
|
+#import traceback
|
|
|
import pwd
|
|
|
import os
|
|
|
import re
|
|
|
@@ -43,7 +44,7 @@ def _to_str(inp):
|
|
|
return "".join( chr(x) for x in inp)
|
|
|
|
|
|
|
|
|
-VERSION = "1.6.1"
|
|
|
+VERSION = "1.7.0"
|
|
|
|
|
|
PROC_TCP4 = "/proc/net/tcp"
|
|
|
PROC_UDP4 = "/proc/net/udp"
|
|
|
@@ -353,26 +354,24 @@ def doPackets(packet):
|
|
|
except:
|
|
|
pass
|
|
|
else:
|
|
|
- if filter_prog.startswith('not-'):
|
|
|
- filter_progn = filter_prog[4:]
|
|
|
- if filter_progn.startswith('*') and filter_progn.endswith('*') and re.search(filter_progn[1:-1], program):
|
|
|
+ if have_filter_progn:
|
|
|
+ if have_filter_progn1 and re.search(filter_progn[1:-1], program):
|
|
|
return
|
|
|
- elif filter_progn.startswith('*') and not filter_progn.endswith('*') and re.search(filter_progn[1:]+'$', program):
|
|
|
+ elif have_filter_progn2 and re.search(filter_progn[1:]+'$', program):
|
|
|
return
|
|
|
- elif not filter_progn.startswith('*') and filter_progn.endswith('*') and re.match('^'+filter_progn[:-1], program):
|
|
|
+ elif have_filter_progn3 and re.match('^'+filter_progn[:-1], program):
|
|
|
return
|
|
|
- elif not filter_progn.startswith('*') and not filter_progn.endswith('*') and re.match('^'+filter_progn+'$', program):
|
|
|
+ elif have_filter_progn4 and re.match('^'+filter_progn+'$', program):
|
|
|
return
|
|
|
else:
|
|
|
- if filter_prog.startswith('*') and filter_prog.endswith('*') and not re.search(filter_prog[1:-1], program):
|
|
|
+ if have_filter_prog1 and not re.search(filter_prog[1:-1], program):
|
|
|
return
|
|
|
- elif filter_prog.startswith('*') and not filter_prog.endswith('*') and not re.search(filter_prog[1:]+'$', program):
|
|
|
+ elif have_filter_prog2 and not re.search(filter_prog[1:]+'$', program):
|
|
|
return
|
|
|
- elif not filter_prog.startswith('*') and filter_prog.endswith('*') and not re.match('^'+filter_prog[:-1], program):
|
|
|
+ elif have_filter_prog3 and not re.match('^'+filter_prog[:-1], program):
|
|
|
return
|
|
|
- elif not filter_prog.startswith('*') and not filter_prog.endswith('*') and not re.match('^'+filter_prog+'$', program):
|
|
|
+ elif have_filter_prog4 and not re.match('^'+filter_prog+'$', program):
|
|
|
return
|
|
|
-
|
|
|
|
|
|
o_payload = ""
|
|
|
|
|
|
@@ -527,7 +526,7 @@ iface = conf.route.route("0.0.0.0")[0]
|
|
|
rfilter = "ip or ip6"
|
|
|
print("")
|
|
|
# commandline params
|
|
|
-parser = argparse.ArgumentParser(description='sisniff V'+VERSION+"\n2017-2025 by sigi <https://wiki.zweiernet.ch/wiki/sisniff>",
|
|
|
+parser = argparse.ArgumentParser(description='sisniff V'+VERSION+"\n2017-2026 by sigi <https://wiki.zweiernet.ch/wiki/sisniff>",
|
|
|
formatter_class=argparse.RawDescriptionHelpFormatter)
|
|
|
parser.add_argument('-i', help="Interface", choices=iface_list)
|
|
|
parser.add_argument('-n', help="Do not resolve IP-Addresses", action="store_true")
|
|
|
@@ -563,6 +562,37 @@ if args.filter:
|
|
|
print("\033[1m> Applying Filter: \"" + rfilter + fillter + "\"\033[0m")
|
|
|
if args.p:
|
|
|
filter_prog = args.p
|
|
|
+ have_filter_prog = False
|
|
|
+ have_filter_progn = False
|
|
|
+ have_filter_progn1 = False
|
|
|
+ have_filter_progn2 = False
|
|
|
+ have_filter_progn3 = False
|
|
|
+ have_filter_progn4 = False
|
|
|
+ have_filter_prog1 = False
|
|
|
+ have_filter_prog2 = False
|
|
|
+ have_filter_prog3 = False
|
|
|
+ have_filter_prog4 = False
|
|
|
+ if filter_prog.startswith('not-'):
|
|
|
+ filter_progn = filter_prog[4:]
|
|
|
+ have_filter_progn = True
|
|
|
+ if filter_progn.startswith('*') and filter_progn.endswith('*'):
|
|
|
+ have_filter_progn1 = True
|
|
|
+ elif filter_progn.startswith('*') and not filter_progn.endswith('*'):
|
|
|
+ have_filter_progn2 = True
|
|
|
+ elif not filter_progn.startswith('*') and filter_progn.endswith('*'):
|
|
|
+ have_filter_progn3 = True
|
|
|
+ elif not filter_progn.startswith('*') and not filter_progn.endswith('*'):
|
|
|
+ have_filter_progn4 = True
|
|
|
+ else:
|
|
|
+ have_filter_prog = True
|
|
|
+ if filter_prog.startswith('*') and filter_prog.endswith('*'):
|
|
|
+ have_filter_prog1 = True
|
|
|
+ elif filter_prog.startswith('*') and not filter_prog.endswith('*'):
|
|
|
+ have_filter_prog2 = True
|
|
|
+ elif not filter_prog.startswith('*') and filter_prog.endswith('*'):
|
|
|
+ have_filter_prog3 = True
|
|
|
+ elif not filter_prog.startswith('*') and not filter_prog.endswith('*'):
|
|
|
+ have_filter_prog4 = True
|
|
|
no_promisc = ""
|
|
|
if args.P:
|
|
|
conf.sniff_promisc = conf.promisc = 0
|
|
|
@@ -581,7 +611,8 @@ else:
|
|
|
if args.v4:
|
|
|
MYADDRS6=[]
|
|
|
else:
|
|
|
- MYADDRS6 = _remove_empty(os.popen("ip addr show " + iface + " | egrep 'inet6' | grep -vi fe80 | awk '{{print $2}}' | awk -F'/' '{{print $1}}'").read().split())
|
|
|
+ #MYADDRS6 = _remove_empty(os.popen("ip addr show " + iface + " | egrep 'inet6' | grep -vi fe80 | awk '{{print $2}}' | awk -F'/' '{{print $1}}'").read().split())
|
|
|
+ MYADDRS6 = _remove_empty(os.popen("ip addr show " + iface + " | egrep 'inet6' | awk '{{print $2}}' | awk -F'/' '{{print $1}}'").read().split())
|
|
|
MYADDRS6.append(':::')
|
|
|
MYADDRS6.append('::1')
|
|
|
MYADDRS = MYADDRS + MYADDRS6
|
|
|
@@ -606,7 +637,7 @@ print("-------------------------------------------------------------------------
|
|
|
try:
|
|
|
sniff(filter=rfilter+fillter,iface=iface,prn=doPackets, store=0)
|
|
|
except Exception as e:
|
|
|
- print("\n \033[1mError: " + str(e) + "\033[0m \n")
|
|
|
-
|
|
|
+ print("\n \033[1msniff() Error: " + str(e) + "\033[0m \n")
|
|
|
+ traceback.print_exc()
|
|
|
|
|
|
## -- oond denn isch schloss
|
