A Modern Python wrapper for WinPcap
Project description
A Modern Python wrapper for WinPcap
Access WinPcap through ctypes.
Based on Massimo Ciani’s WinPcapy (https://code.google.com/p/winpcapy/)
Install
pip install winpcapy
Usage
Quick packet live log printer
>>> from winpcapy import WinPcapUtils
# run on the first Ethernert interface and print a log for each packet
>>> WinPcapUtils.capture_on_and_print("*Ethernet*")
16:05:49,624258 len:199
16:05:49,685950 len:60
16:05:49,686022 len:54
16:05:49,767311 len:66
16:05:49,819156 len:66
16:05:50,052113 len:92
16:05:50,128862 len:60Easy Packet live callback
from winpcapy import WinPcapUtils
# Example Callback function to parse IP packets
def packet_callback(win_pcap, param, header, pkt_data):
# Assuming IP (for real parsing use modules like dpkt)
ip_frame = pkt_data[14:]
# Parse ips
src_ip = ".".join([str(ord(b)) for b in ip_frame[0xc:0x10]])
dst_ip = ".".join([str(ord(b)) for b in ip_frame[0x10:0x14]])
print("%s -> %s" % (src_ip, dst_ip))
WinPcapUtils.capture_on("*Ethernet*", packet_callback)Device/Interface enumeration
>>> from winpcapy import WinPcapDevices
# Return a list of all the devices detected on the machine
>>> WinPcapDevices.list_devices()
{'\\Device\\NPF_{0A78B7C8-F023-1337-1337-84D448AA5126}': 'Microsoft',
'\\Device\\NPF_{2997B9BB-AA53-1337-1337-B862F874271C}': 'Microsoft',
'\\Device\\NPF_{C2EAA982-F851-1337-1337-B8D2A9BCE406}': 'Intel(R) Ethernet Connection I218-LM',
'\\Device\\NPF_{EAF47DBE-5B49-1337-1337-BD059E02666B}': 'Microsoft'}
# Itearte over devices (in memory), with full details access
>>> with WinPcapDevices() as devices:
... for device in devices:
... print device.name, device.description, device.flags ,device.addresses.contents.netmask.contents.sa_family
...
"\Device\NPF_{0A78B7C8-F023-1337-1337-84D448AA5126} Microsoft 0 0"
"\Device\NPF_{C2EAA982-F851-1337-1337-B8D2A9BCE406} Intel(R) Ethernet Connection I218-LM 0 0"
"\Device\NPF_{EAF47DBE-5B49-1337-1337-BD059E02666B} Microsoft 0 0"
"\Device\NPF_{2997B9BB-AA53-1337-1337-B862F874271C} Microsoft 0 0"Easy Packet sending
from winpcapy import WinPcapUtils
# Build a packet buffer
# This example-code is built for tutorial purposes, for actual packet crafting use modules like dpkt
arp_request_hex_template = "%(dst_mac)s%(src_mac)s08060001080006040001" \
"%(sender_mac)s%(sender_ip)s%(target_mac)s%(target_ip)s" + "00" * 18
packet = arp_request_hex_template % {
"dst_mac": "aa"*6,
"src_mac": "bb"*6,
"sender_mac": "bb"*6,
"target_mac": "cc"*6,
# 192.168.0.1
"sender_ip": "c0a80001",
# 192.168.0.2
"target_ip": "c0a80002"
}
# Send the packet (ethernet frame with an arp request) on the interface
WinPcapUtils.send_packet("*Ethernet*", packet.decode("hex"))
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
winpcapy-1.0.3.tar.gz
(19.9 kB
view details)
File details
Details for the file winpcapy-1.0.3.tar.gz.
File metadata
- Download URL: winpcapy-1.0.3.tar.gz
- Upload date:
- Size: 19.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f3c00d3449269a42c64ac222ef6b2363598cc39cb22a65f579a7a9142c18d755
|
|
| MD5 |
936e892b3a960952632eff7703a87c55
|
|
| BLAKE2b-256 |
900d648bc8b3efcf3a028f5bff3c1545b6d06138de73a3c3284f03d0643bfccb
|
