Revision: 22021
Updated Code
at December 29, 2009 09:58 by narkisr
Updated Code
#!/usr/local/bin/ruby
require 'pcaplet'
httpdump = Pcaplet.new('-s 1500 -i eth0')
HTTP_REQUEST = Pcap::Filter.new('tcp and dst port 80', httpdump.capture)
HTTP_RESPONSE = Pcap::Filter.new('tcp and src port 80', httpdump.capture)
httpdump.add_filter(HTTP_REQUEST | HTTP_RESPONSE)
httpdump.each_packet {|pkt|
data = pkt.tcp_data
case pkt
when HTTP_REQUEST
if data and data =~ /^GET\s+(\S+)/
path = $1
host = pkt.dst.to_s
host << ":#{pkt.dst_port}" if pkt.dport != 80
s = "#{pkt.src}:#{pkt.sport} > GET http://#{host}#{path}"
end
when HTTP_RESPONSE
if data and data =~ /^(HTTP\/.*)$/
status = $1
s = "#{pkt.dst}:#{pkt.dport} < #{status}"
end
end
puts s if s
}
Revision: 22020
Initial Code
Initial URL
Initial Description
Initial Title
Initial Tags
Initial Language
at December 29, 2009 06:26 by narkisr
Initial Code
#!/usr/local/bin/ruby
require 'pcaplet'
httpdump = Pcaplet.new('-s 1500')
HTTP_REQUEST = Pcap::Filter.new('tcp and dst port 80', httpdump.capture)
HTTP_RESPONSE = Pcap::Filter.new('tcp and src port 80', httpdump.capture)
httpdump.add_filter(HTTP_REQUEST | HTTP_RESPONSE)
httpdump.each_packet {|pkt|
data = pkt.tcp_data
case pkt
when HTTP_REQUEST
if data and data =~ /^GET\s+(\S+)/
path = $1
host = pkt.dst.to_s
host << ":#{pkt.dst_port}" if pkt.dport != 80
s = "#{pkt.src}:#{pkt.sport} > GET http://#{host}#{path}"
end
when HTTP_RESPONSE
if data and data =~ /^(HTTP\/.*)$/
status = $1
s = "#{pkt.dst}:#{pkt.dport} < #{status}"
end
end
puts s if s
}
Initial URL
http://www.google.com/codesearch/p?hl=en#e3Lo27gapsI/UNIX/utilities/framework-3.0.tar.gz|z3AQRfppUi8/framework-3.0/external/ruby-pcapx/examples/httpdump.rb&q=Pcap::Filter
Initial Description
Sniffing http request & response using pcap in Ruby.
Initial Title
http sniffing Ruby
Initial Tags
http
Initial Language
Ruby