Parse a Wireshark pcap file

Kevin Holleran kdawg44 at gmail.com
Wed Jan 23 04:43:24 CET 2013


On Tue, Jan 22, 2013 at 10:29 PM, Dave Angel <d at davea.name> wrote:

> On 01/22/2013 10:15 PM, Kevin Holleran wrote:
>
>> Thanks, I have been trying to get it to work but I am on Mac OS 10.8.2.  I
>> tried to get it from Macports and download/install it myself.  Both seem
>> to
>> get me to here:
>>
>> ImportError: No module named dnet
>>
>> I tried to download libdnet but no matter what I do this is what I get.
>>   Granted I am doing;
>>
>> from scapy.all import *
>>
>>
>> But I have no idea what I need.  I am not trying to craft packets but
>> filter packets based on tcp.dstport 80 & frame matches signin.aspx.  Then
>> my goal is to parse the data looking for post vars txtUserId & txtPwd and
>> extract them, dumping them to the screen as userid_value => password.
>>
>>
> I've never worked on Mac OSx   And the only times I had and used scapy
> were on a work machine that's long gone.  I still run Linux, but versions
> of everything have changed since then.
>
> I don't know if there's anyone here that's more current with scapy and/or
> with Mac, but in case there is, you could be lots clearer about what you're
> doing and how it fails.
>
> Version of OS.  You said that well.
> Version of Python,.
> Exact location you got scapy from, what version it was
> How you installed it (I don't know Macports, clearly)
> What the full traceback was when it died.
>
>
>
>
> --
> DaveA
> --
> http://mail.python.org/**mailman/listinfo/python-list<http://mail.python.org/mailman/listinfo/python-list>
>

Noted, I will try to be more verbose.

Mac OS 10.8.2
Python v.2.7
I downloaded from the sourceforge site, then tried to install with MacPorts
when some dependencies were failing.  I then downloaded & installed
pcapy-0.10.6 when that dependency still failed.  That solved that but I
received the dnet error:

    from scapy.all import conf
  File "/Library/Python/2.7/site-packages/scapy/all.py", line 16, in
<module>
    from arch import *
  File "/Library/Python/2.7/site-packages/scapy/arch/__init__.py", line 75,
in <module>
    from bsd import *
  File "/Library/Python/2.7/site-packages/scapy/arch/bsd.py", line 12, in
<module>
    from unix import *
  File "/Library/Python/2.7/site-packages/scapy/arch/unix.py", line 20, in
<module>
    from pcapdnet import *
  File "/Library/Python/2.7/site-packages/scapy/arch/pcapdnet.py", line
160, in <module>
    import dnet
ImportError: No module named dnet

So I downloaded and compiled libdnet-1.11 with a:
 $ sudo ./configure && make

I see it compile fine & the libraries have been installed to:
/usr/local/sbin/dnet

However, python can't find it... I am not clear on how to point Python
there...

Thanks again.

Kevin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20130122/ef0abc1e/attachment.html>


More information about the Python-list mailing list