Question: Now, create a new function called parse PCAP mail() that takes an IP address (type str) along with the list of Scapy packets. Your function
Now, create a new function called parse PCAP mail() that takes an IP address (type str) along with the list of Scapy packets. Your function should write to a unique le all the packets originating from a given IP address and accessing a server's destination mail ports (143 and 25). So, if the IP address is 10.3.0.18 you should write all the mail packets associated with 10.3.0.18 to 10.3.0.18mail.txt. Ignore packets if their payload field is empty. Once you are done with this function, write a wrapper function that generates separate les for all the IP addresses in the coffee shop.
from scapy.all import * import sys
def parsePCAP(pkts): for pkt in pkts: print "Source IP: " + pkt[IP].src print "Destination IP: " + pkt[IP].dst print "Source port: " + str(pkt[TCP].sport) print "Destinations port: " + str(pkt[TCP].dport) print "Packet Payload: " + str(pkt[TCP].payload)
if __name__ == "__main__": if len(sys.argv) < 2: print "usage: python lab3.py [pcap]" sys.exit() pcap= rdpcap(sys.argv[1]) pcap = [pkt for pkt in pcap if TCP in pkt] parsePCAP(pcap)
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help