blob: 5365871e3285a0547efd4677ee78bcf441236c99 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
|
#!/usr/bin/env python3
from base64 import b64decode
import subprocess
import requests
import re
packet_filter = "ip.src_host == 192.168.178.21 && ip.dst_host == 45.142.177.160 && tcp.flags.syn == 1"
cmd = f"tshark -nr intro-forensics-2.pcapng -Y '{packet_filter}' -T fields -e tcp.dstport"
ports = subprocess.check_output(cmd, shell=True).decode().split("\n")
ports = b"".join([int.to_bytes(int(p), 2, "big") for p in ports if p.strip() != ""])
print(ports.decode())
|
