Pawon Raw Sockets (Windows): Flash Flash Frames

Question

Pawon Raw Sockets (Windows): Flash Flash Frames

I saw several examples of creating sniffing sockets for IP packets, for example using:

s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_IP)

What I am trying to achieve sniffs for Ethernet frames and analyzes the data received in Windows. I am interested in packets that do not contain IPPoE frames .

On Linux (using python), I was able to achieve this using:

s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.htons(3))
s.setsockopt(socket.SOL_SOCKET, IN.SO_BINDTODEVICE, struct.pack("%ds"%(len("eth0")+1,),"eth0"))
while condition:
    pkt = s.recvfrom(1500)
    addToQueue(filter(pkt))

Now, due to the differences between linux sockets and the WinSock2 API, I have the following compatibility issues:

There is no IN package for windows. This means that SO_BINDTODEVICE is not. How do I sniff everything that goes into eth0?
socket(), IPPROTO_IP.

- ? , , IP-

. , , Scapy, , , - ( prn) , . .

+3

python sockets winsock sniffing

TanB 03 . '11 0:26

2

Justin · Answer 1 · 2011-06-03T18:38:30+0000

Windows, , , , ...

HOST = socket.gethostbyname(socket.gethostname())
s = socket.socket(socket.AF_INET, socket.SOCK_RAW)
s.bind((HOST, 0))
s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
while condition:
    pkt = s.recvfrom(1500)
    addToQueue(filter(pkt))

, - pypcap ( libpcap).

Cukic0d · Answer 2 · 2019-10-16T20:27:07+0000

FTR

. , , Scapy, , , - ( prn), , . .

Scapy conf.use_pcap = False, Windows, sock = conf.L2socket(), , , " ".

recv() recv_raw() , , Scapy.

Pawon Raw Sockets (Windows): Flash Flash Frames

More articles: