Trying to sniff http packets using scapy

0
votes

The program runs fine when I am not trying to filter http links but it shows almost nothing when I use the code, I don't see any problem in the code and I have already used pip install scapy_http.

import scapy.all as scapy
from scapy.layers import http

def sniff(interface): 
   scapy.sniff(iface=interface, store=False , prn= process_sniffed_packet)

def process_sniffed_packet(packet):
   if packet.haslayer(http.HTTPRequest):
       print(packet)

sniff('eth0')

Blank screen until i press ctrl+c. It shows some weird links after around 20 seconds but I am not on those pages.

1
pythonscapypacket-sniffers

1 Answers

0
votes

I think your code works fine :)

  1. Open Wireshark togrther with running your code, and filter on http request packets. When I did it- there were no packets that were seen on Wireshark and not catched by the code
  2. I used Chrome to open web pages, and indeed didn't see many packets. In Wireshark I saw that the packets appear as TLS protocol instead. This is probably because of the way Chrome works or the use of HTTPS protocol.
  3. To solve this- I opened Internet Explorer- tons of HTTP packets appeared right away- both in Wireshark and in your code.
  4. Use packet.show() instead of print packet- it will be easier to investigate what you see