Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > Re: Parse a Wireshark pcap file

Reply
Thread Tools

Re: Parse a Wireshark pcap file

 
 
Kevin Holleran
Guest
Posts: n/a
 
      01-23-2013
On Tue, Jan 22, 2013 at 10:29 PM, Dave Angel <(E-Mail Removed)> wrote:

> On 01/22/2013 10:15 PM, Kevin Holleran wrote:
>
>> Thanks, I have been trying to get it to work but I am on Mac OS 10.8.2. I
>> tried to get it from Macports and download/install it myself. Both seem
>> to
>> get me to here:
>>
>> ImportError: No module named dnet
>>
>> I tried to download libdnet but no matter what I do this is what I get.
>> Granted I am doing;
>>
>> from scapy.all import *
>>
>>
>> But I have no idea what I need. I am not trying to craft packets but
>> filter packets based on tcp.dstport 80 & frame matches signin.aspx. Then
>> my goal is to parse the data looking for post vars txtUserId & txtPwd and
>> extract them, dumping them to the screen as userid_value => password.
>>
>>

> I've never worked on Mac OSx And the only times I had and used scapy
> were on a work machine that's long gone. I still run Linux, but versions
> of everything have changed since then.
>
> I don't know if there's anyone here that's more current with scapy and/or
> with Mac, but in case there is, you could be lots clearer about what you're
> doing and how it fails.
>
> Version of OS. You said that well.
> Version of Python,.
> Exact location you got scapy from, what version it was
> How you installed it (I don't know Macports, clearly)
> What the full traceback was when it died.
>
>
>
>
> --
> DaveA
> --
> http://mail.python.org/**mailman/listinfo/python-list<http://mail.python.org/mailman/listinfo/python-list>
>


Noted, I will try to be more verbose.

Mac OS 10.8.2
Python v.2.7
I downloaded from the sourceforge site, then tried to install with MacPorts
when some dependencies were failing. I then downloaded & installed
pcapy-0.10.6 when that dependency still failed. That solved that but I
received the dnet error:

from scapy.all import conf
File "/Library/Python/2.7/site-packages/scapy/all.py", line 16, in
<module>
from arch import *
File "/Library/Python/2.7/site-packages/scapy/arch/__init__.py", line 75,
in <module>
from bsd import *
File "/Library/Python/2.7/site-packages/scapy/arch/bsd.py", line 12, in
<module>
from unix import *
File "/Library/Python/2.7/site-packages/scapy/arch/unix.py", line 20, in
<module>
from pcapdnet import *
File "/Library/Python/2.7/site-packages/scapy/arch/pcapdnet.py", line
160, in <module>
import dnet
ImportError: No module named dnet

So I downloaded and compiled libdnet-1.11 with a:
$ sudo ./configure && make

I see it compile fine & the libraries have been installed to:
/usr/local/sbin/dnet

However, python can't find it... I am not clear on how to point Python
there...

Thanks again.

Kevin

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Parse a Wireshark pcap file Dennis Lee Bieber Python 0 01-23-2013 06:21 AM
Re: Parse a Wireshark pcap file Dave Angel Python 0 01-23-2013 03:29 AM
Re: Parse a Wireshark pcap file Kevin Holleran Python 0 01-23-2013 03:26 AM
Re: Parse a Wireshark pcap file Kevin Holleran Python 0 01-23-2013 03:15 AM
Re: Parse a Wireshark pcap file Dave Angel Python 0 01-23-2013 03:03 AM



Advertisments