Created
June 7, 2024 14:41
-
-
Save dillera/89c94e445c6b31a27efeb80031a32055 to your computer and use it in GitHub Desktop.
Small Python script to capture UDP traffic and display the payload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pyshark | |
| import logging | |
| # Set up logging | |
| logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') | |
| def packet_handler(pkt): | |
| try: | |
| if 'UDP' in pkt: | |
| src_addr = pkt.ip.src | |
| dst_addr = pkt.ip.dst | |
| src_port = pkt.udp.srcport | |
| dest_port = pkt.udp.dstport | |
| payload = pkt.udp.payload | |
| logging.info(f"Source IP: {src_addr}, Source Port: {src_port}, " | |
| f"Destination IP: {dst_addr}, Destination Port: {dest_port}, " | |
| f"Payload: {payload}") | |
| except AttributeError as e: | |
| # This is normal with packets that don't have the expected layers | |
| pass | |
| def main(): | |
| # Define the interface | |
| interface = "eth0" | |
| # Create a live capture | |
| capture = pyshark.LiveCapture(interface=interface, display_filter='udp') | |
| logging.info(f"Starting packet capture on {interface} for all UDP ports including 6677") | |
| # Start the capture | |
| try: | |
| capture.apply_on_packets(packet_handler) | |
| except KeyboardInterrupt: | |
| logging.info("\nStopped packet capture.") | |
| except Exception as e: | |
| logging.error(f"Error: {e}") | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment