live-campus-mcs-p-2027.2/Semaine_09/Scapy_test/sniffer_ftp.py

import platform
from scapy.all import sniff, TCP, IP, conf, get_if_list
from scapy.packet import Packet

conf.sniff_promisc = False
system = platform.system()

# Interface de déboguage (si le nom de l'adaptateur n'est pas celui renseigné plus bas)
# print("Interfaces disponibles:")
# for iface in get_if_list():
#     print(f"  - {iface}")

match system:
    case "Darwin":      # MacOS
        lo = "lo0"
    case "Windows":
        lo = "\\Device\\NPF_Loopback"
    case _:             # Certainement du Linux
        lo = "lo"

def detecter_credentials(paquet: Packet):
    if paquet.haslayer(TCP) and paquet[TCP].payload:
        payload = bytes(paquet[TCP].payload).decode(errors="ignore")
        if payload.startswith("USER ") or payload.startswith("PASS "):
            print(f"{paquet[IP].src} => {paquet[IP].dst}")
            print(payload.strip())

sniff(filter= "tcp port 2121", iface= lo, prn= detecter_credentials, store= 0)