netsec-djw2/hw4/app.py

from scapy.all import * 
import socket
import sys
import time
import hashlib

def compute_checksums(file_path):
    sha512_hash = hashlib.sha512()
    md5_hash = hashlib.md5()
    try:
        with open(file_path, "rb") as f:
            while chunk := f.read(8192):
                sha512_hash.update(chunk)
                md5_hash.update(chunk)
    except FileNotFoundError:
        print(f"Error: File not found - {file_path}")
        return
    sha512_digest = sha512_hash.hexdigest()
    md5_digest = md5_hash.hexdigest()
    print(f"MD5: {md5_digest}")
    print(f"SHA-512: {sha512_digest}")


def main():
	if len(sys.argv) > 1: 
		try:
			bpf: str = 'tcp and src host 192.168.86.228 and src port 5000 and dst host 192.168.86.167'
			#bpf  = 'host 192.168.86.167 or 192.168.86.228 and port 5000'
			packets: PacketList = sniff(offline = sys.argv[1], filter=bpf, session = TCPSession)
		except:
			print("File read failure: %s not found" % sys.argv[1])
			sys.exit(1)
	else:
		print("Need a pcap file to read!")
		sys.exit(1)
	raw_packets: PacketList = packets[Raw]
	byte_accum: bytearray = bytearray(b'')
	count = 0
	print("Total packets matching BPF: ",len(packets))
	print("Total raw packets matching BPF: ",len(raw_packets))
	for r in raw_packets:
		raw_packet: Packet = r
		if b"Content-Type" in raw_packet[Raw].load:
			payload: bytes = raw_packet[Raw].load.split(b'\r\n')[-1]
			#print('Packet: ', raw_packet)
			#print("Packet Raw: ", raw_packet[Raw].load )
			#print()
			#print('payload: ', payload)
			#input()
			#print()
			count += 1
			byte_accum = byte_accum + bytearray(payload) 
	result_bytes: bytes = base64_bytes(bytes(byte_accum).decode('ascii'))	
	file = open('download.bin','wb')
	file.write(result_bytes)
	print('done: ' ,count, ' packets decoded and packets written to download.bin')
	compute_checksums('download.bin')

if __name__ == '__main__':
	main()