Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!news.albasani.net!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.000 X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; '16,': 0.03; 'error:': 0.05; 'importerror:': 0.05; 'linux,': 0.05; 'dependency': 0.07; 'matches': 0.07; 'subject:file': 0.07; 'python': 0.09; '22,': 0.09; '75,': 0.09; 'bsd': 0.09; 'conf': 0.09; 'craft': 0.09; 'fails.': 0.09; 'get.': 0.09; 'noted,': 0.09; 'cc:addr:python- list': 0.10; '&&': 0.16; 'failed.': 0.16; 'osx': 0.16; 'sudo': 0.16; 'there...': 0.16; '\xa0you': 0.16; 'wrote:': 0.17; 'thanks,': 0.18; 'jan': 0.18; 'module': 0.19; 'versions': 0.20; 'skip:" 40': 0.20; 'trying': 0.21; 'import': 0.21; 'libraries': 0.22; 'parse': 0.22; 'password.': 0.22; 'cc:2**0': 0.23; 'kevin': 0.23; 'installed': 0.23; "i've": 0.23; 'downloaded': 0.24; 'idea': 0.24; 'machine': 0.24; 'tried': 0.25; 'cc:addr:python.org': 0.25; 'header:In-Reply-To:1': 0.25; 'compiled': 0.27; 'skip:" 50': 0.27; 'skip:& 60': 0.27; 'then.': 0.27; 'message-id:@mail.gmail.com': 0.27; 'fine': 0.28; 'run': 0.28; 'post': 0.28; 'url:mailman': 0.29; 'skip:& 10': 0.29; 'install': 0.29; 'worked': 0.30; 'point': 0.31; 'url:python': 0.32; 'file': 0.32; 'mac': 0.32; 'could': 0.32; 'url:listinfo': 0.32; 'extract': 0.33; 'traceback': 0.33; 'anyone': 0.33; 'version': 0.34; "can't": 0.34; 'changed': 0.34; 'received:google.com': 0.34; 'screen': 0.34; 'thanks': 0.34; 'clear': 0.35; 'filter': 0.35; 'doing': 0.35; 'pm,': 0.35; 'received:209.85': 0.35; 'there': 0.35; 'but': 0.36; 'url:org': 0.36; '12,': 0.36; 'received:209': 0.37; 'well.': 0.37; 'data': 0.37; 'subject:: ': 0.38; 'some': 0.38; 'url:mail': 0.40; '&': 0.61; 'matter': 0.61; 'here:': 0.62; 'times': 0.63; 'more': 0.63; 'here': 0.65; '20,': 0.65; 'goal': 0.74; './configure': 0.84; '2013': 0.84; 'clearer': 0.84; 'died.': 0.84; 'angel': 0.93 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=xAJv/OmhR7UMBSBmO/8mS/+purBPjeIxYCESTRy5W+w=; b=nKWeg3i7HA0iBqLDoChcKr9ekXhZ1qKbfYUB5mbsNJc+kxskJqqG9ibCKsaQkptLpZ lyj4jUhI4b2s4UuiHw7+JKvUDgLOYA5roofBvWKVe4LK0Nf1KFUEhSEDJRiF2tZFJ0K6 Yx2D13KW0PqTwUEKsVY7HlfaaPnETKg6iFXcUadYKUskl1b/M83pX88NA5Vy7hd9yN0b 4wLrNi3Nj7MvNKQFsdDvnbDXwdvuZq602rh8F8vmbrmPrXKca7Np0pY+Bx9IppZhEyx+ SezmJ6nyKY7HiTfEQH9cwQ6SUrIouFLkpxqmkKHu+pQmwWkPkwqj/5tI1Eq7A7uouX2t TYdA== MIME-Version: 1.0 X-Received: by 10.112.17.129 with SMTP id o1mr103447lbd.54.1358912604450; Tue, 22 Jan 2013 19:43:24 -0800 (PST) In-Reply-To: <50FF5910.7060309@davea.name> References: <50FF5312.50309@davea.name> <50FF5910.7060309@davea.name> Date: Tue, 22 Jan 2013 22:43:24 -0500 Subject: Re: Parse a Wireshark pcap file From: Kevin Holleran To: Dave Angel Content-Type: multipart/alternative; boundary=bcaec554d94411b17e04d3ec7fd4 Cc: "python-list@python.org" X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 193 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1358912612 news.xs4all.nl 6846 [2001:888:2000:d::a6]:57788 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:37408 --bcaec554d94411b17e04d3ec7fd4 Content-Type: text/plain; charset=ISO-8859-1 On Tue, Jan 22, 2013 at 10:29 PM, Dave Angel wrote: > On 01/22/2013 10:15 PM, Kevin Holleran wrote: > >> Thanks, I have been trying to get it to work but I am on Mac OS 10.8.2. I >> tried to get it from Macports and download/install it myself. Both seem >> to >> get me to here: >> >> ImportError: No module named dnet >> >> I tried to download libdnet but no matter what I do this is what I get. >> Granted I am doing; >> >> from scapy.all import * >> >> >> But I have no idea what I need. I am not trying to craft packets but >> filter packets based on tcp.dstport 80 & frame matches signin.aspx. Then >> my goal is to parse the data looking for post vars txtUserId & txtPwd and >> extract them, dumping them to the screen as userid_value => password. >> >> > I've never worked on Mac OSx And the only times I had and used scapy > were on a work machine that's long gone. I still run Linux, but versions > of everything have changed since then. > > I don't know if there's anyone here that's more current with scapy and/or > with Mac, but in case there is, you could be lots clearer about what you're > doing and how it fails. > > Version of OS. You said that well. > Version of Python,. > Exact location you got scapy from, what version it was > How you installed it (I don't know Macports, clearly) > What the full traceback was when it died. > > > > > -- > DaveA > -- > http://mail.python.org/**mailman/listinfo/python-list > Noted, I will try to be more verbose. Mac OS 10.8.2 Python v.2.7 I downloaded from the sourceforge site, then tried to install with MacPorts when some dependencies were failing. I then downloaded & installed pcapy-0.10.6 when that dependency still failed. That solved that but I received the dnet error: from scapy.all import conf File "/Library/Python/2.7/site-packages/scapy/all.py", line 16, in from arch import * File "/Library/Python/2.7/site-packages/scapy/arch/__init__.py", line 75, in from bsd import * File "/Library/Python/2.7/site-packages/scapy/arch/bsd.py", line 12, in from unix import * File "/Library/Python/2.7/site-packages/scapy/arch/unix.py", line 20, in from pcapdnet import * File "/Library/Python/2.7/site-packages/scapy/arch/pcapdnet.py", line 160, in import dnet ImportError: No module named dnet So I downloaded and compiled libdnet-1.11 with a: $ sudo ./configure && make I see it compile fine & the libraries have been installed to: /usr/local/sbin/dnet However, python can't find it... I am not clear on how to point Python there... Thanks again. Kevin --bcaec554d94411b17e04d3ec7fd4 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

On Tue, Jan 22, 2013 at 10:29 PM, Dave An= gel <d@davea.name> wrote:
On 01/22/2013 10:15 PM, Kevin Holleran w= rote:
Thanks, I have been trying to get it to work but I am on Mac OS 10.8.2. =A0= I
tried to get it from Macports and download/install it myself. =A0Both seem = to
get me to here:

ImportError: No module named dnet

I tried to download libdnet but no matter what I do this is what I get.
=A0 Granted I am doing;

from scapy.all import *


But I have no idea what I need. =A0I am not trying to craft packets but
filter packets based on tcp.dstport 80 & frame matches signin.aspx. =A0= Then
my goal is to parse the data looking for post vars txtUserId & txtPwd a= nd
extract them, dumping them to the screen as userid_value =3D> password.<= br>

I've never worked on Mac OSx =A0 And the only times I had and used scap= y were on a work machine that's long gone. =A0I still run Linux, but ve= rsions of everything have changed since then.

I don't know if there's anyone here that's more current with sc= apy and/or with Mac, but in case there is, you could be lots clearer about = what you're doing and how it fails.

Version of OS. =A0You said that well.
Version of Python,.
Exact location you got scapy from, what version it was
How you installed it (I don't know Macports, clearly)
What the full traceback was when it died.
=



--
DaveA
--
http://mail.python.org/mailman/listinfo/python-list

N= oted, I will try to be more verbose.
=
Mac OS 10.8.2
Python v.2.7
I downloaded from the so= urceforge site, then tried to install with MacPorts when some dependencies = were failing. =A0I then downloaded & installed pcapy-0.10.6 when that d= ependency still failed. =A0That solved that but I received the dnet error:<= /div>

=A0 =A0 from scapy.all import conf
=A0 File "/Library/Python/2.7/site-packages/scapy/= all.py", line 16, in <module>
=A0 =A0 from arch import *
=A0 File "/Library/Python/2.7/site-packages/scapy/arch/__in= it__.py", line 75, in <module>
= =A0 =A0 from bsd import *
=A0 File "/Library/Python/2.7/site-packages= /scapy/arch/bsd.py", line 12, in <module>
=A0 =A0 from unix import *
=A0 Fi= le "/Library/Python/2.7/site-packages/scapy/arch/unix.py", line 2= 0, in <module>
=A0 =A0 from pcapdnet import *
=A0 File "/Library/Python/2.7/site-packages/scapy/arc= h/pcapdnet.py", line 160, in <module>
=A0 =A0 import dnet
ImportError: No module named dnet

So I downloade= d and compiled libdnet-1.11 with a:
= =A0$ sudo ./configure && make

I see it compile fine & the libraries have been installed to:
/usr/local/sbin/dn= et

Howev= er, python can't find it... I am not clear on how to point Python there= ...

Thanks again.

Kevin
--bcaec554d94411b17e04d3ec7fd4--