vijayanandrp · June 14, 2017 20:59
diff --git a/read_captured_pcap_file_using_python.py b/read_captured_pcap_file_using_python.py
 #!/usr/bin/env python

 import dpkt
 import sys
 import socket
 import urlparse

 captured_pcap = file("captured.pcap", 'rb')

 fpcap = dpkt.pcap.Reader(captured_pcap)
 url_request = []

 for ts,buf in fpcap:
        eth = dpkt.ethernet.Ethernet(buf)
        ip = eth.data
        tcp = ip.data
        try:
                ip_src = socket.inet_ntoa(ip.src) # converting into human readable format
                ip_dst = socket.inet_ntoa(ip.dst)
        except:
                continue

        ip_dst = ip_dst.strip()
        if (tcp.dport == 80 or tcp.dport == 443) and len(tcp.data) &gt; 0 :  #and (ip_dst == '74.125.236.181' or ip_dst == '74.125.236.182'):
                try:
                        http = dpkt.http.Request(tcp.data)
                        uri = http.uri
                        print uri
                        parsed = urlparse.urlparse(uri)
                        dict_url = urlparse.parse_qs(parsed.query)
                        #print set(dict_url)
                        url_request.append(dict_url)

                except:
                        continue

 print '*'*127
 print '\n  Splitting URI in to dictionary  \n'
 print '*'*127

 for uri in url_request:
        if len(uri) &gt; 1:
                print uri

 captured_pcap.close()
	#!/usr/bin/env python

	import dpkt
	import sys
	import socket
	import urlparse

	captured_pcap = file("captured.pcap", 'rb')

	fpcap = dpkt.pcap.Reader(captured_pcap)
	url_request = []

	for ts,buf in fpcap:
	eth = dpkt.ethernet.Ethernet(buf)
	ip = eth.data
	tcp = ip.data
	try:
	ip_src = socket.inet_ntoa(ip.src) # converting into human readable format
	ip_dst = socket.inet_ntoa(ip.dst)
	except:
	continue

	ip_dst = ip_dst.strip()
	if (tcp.dport == 80 or tcp.dport == 443) and len(tcp.data) > 0 : #and (ip_dst == '74.125.236.181' or ip_dst == '74.125.236.182'):
	try:
	http = dpkt.http.Request(tcp.data)
	uri = http.uri
	print uri
	parsed = urlparse.urlparse(uri)
	dict_url = urlparse.parse_qs(parsed.query)
	#print set(dict_url)
	url_request.append(dict_url)

	except:
	continue

	print ''127
	print '\n Splitting URI in to dictionary \n'
	print ''127

	for uri in url_request:
	if len(uri) > 1:
	print uri

	captured_pcap.close()