Python 3 Network Packet Sniffer
A Network Packet Sniffer developed in Python 3. Packets are disassembled as they arrive at a given network interface controller and their information is displayed on the screen.
This application maintains no dependencies on third-party modules and can be run by any Python 3.6+ interpreter.
Demo
Running the Application
I. Execute the binary
Download the Network Packet Sniffer from the dist directory and run it.
Administrative privileges are required due to the use of socket.SOCK_RAW
by the
decoder.
user@host:~$ sudo ./packet_sniffer
II. (Optional) Build your own binary
What if you don't trust third-party binaries running with sudo
on your system? In this
case the build.py
file can be used to compile your own binary.
Building the binary requires the PyInstaller
package. You just need to install all dependencies and build.
Dependency management works with both Poetry (recommended) and Virtualenv.
user@host:~$ git clone https://github.com/EONRaider/Packet-Sniffer.git
user@host:~$ cd Packet-Sniffer
user@host:~/Packet-Sniffer$ poetry install <--or--> pip install -r requirements.txt
user@host:~/Packet-Sniffer$ python3 build.py
III. (Optional) Development Mode
It's also possible to run the application without any third-party dependencies or
manipulation of binaries. Simply clone this repository with git clone
and execute
the packet_sniffer.py
file by passing the required PYTHONPATH
to sudo
.
user@host:~$ git clone https://github.com/EONRaider/Packet-Sniffer.git
user@host:~$ cd Packet-Sniffer
user@host:~/Packet-Sniffer$ sudo --preserve-env PYTHONPATH=$(pwd) python3 src/packet_sniffer.py
Why the black magic with sudo
? The command is required due to the use of socket.SOCK_RAW
.
The --preserve-env
option is required because the src
module is only visible from the
root directory of the project and, hence, PYTHONPATH
must be manipulated accordingly. This
is not a result of the design of the tool itself, but of the way Python works internally.
Usage
packet_sniffer.py [-h] [-i INTERFACE] [-d]
Network Packet Sniffer
optional arguments:
-h, --help show this help message and exit
-i INTERFACE, --interface INTERFACE
Interface from which packets will be captured (monitors
all available interfaces by default).
-d, --displaydata Output packet data during capture.
Legal Disclaimer
The use of code contained in this repository, either in part or in its totality, for engaging targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for misuses or damages caused by any code contained in this repository in any event that, accidentally or otherwise, it comes to be utilized by a threat agent or unauthorized entity as a means to compromise the security, privacy, confidentiality, integrity, and/or availability of systems and their associated resources. In this context the term "compromise" is henceforth understood as the leverage of exploitation of known or unknown vulnerabilities present in said systems, including, but not limited to, the implementation of security controls, human- or electronically-enabled.
The use of this code is only endorsed by the developers in those circumstances directly related to educational environments or authorized penetration testing engagements whose declared purpose is that of finding and mitigating vulnerabilities in systems, limiting their exposure to compromises and exploits employed by malicious agents as defined in their respective threat models.