manuel-delverme · August 12, 2021 18:49
diff --git a/script.py b/script.py
 from scapy.all import rdpcap, DNSQR, DNSRR

 f = ""
 last = ""
 for p in rdpcap('doNotSnoop.pcapng'):
    if p.haslayer(DNSQR) and not p.haslayer(DNSRR):

        qry = p[DNSQR].qname.replace(".jz-n-bs.local.", "").strip().split(".")
        qry2 = []
        for q in qry:
            try:
                q = q.decode('hex')
            except TypeError as e:
                print(e, q)
            qry2.append(q)
        qry = ''.join(qry2)[9:]
        if last != qry:
            print(qry)
            f += qry
        last = qry

 with open("cake", "wb") as fout:
    fout.write(f)
	from scapy.all import rdpcap, DNSQR, DNSRR

	f = ""
	last = ""
	for p in rdpcap('doNotSnoop.pcapng'):
	if p.haslayer(DNSQR) and not p.haslayer(DNSRR):

	qry = p[DNSQR].qname.replace(".jz-n-bs.local.", "").strip().split(".")
	qry2 = []
	for q in qry:
	try:
	q = q.decode('hex')
	except TypeError as e:
	print(e, q)
	qry2.append(q)
	qry = ''.join(qry2)[9:]
	if last != qry:
	print(qry)
	f += qry
	last = qry

	with open("cake", "wb") as fout:
	fout.write(f)