import subprocess import logging logger = logging.getLogger('iottbLogger.capture') logger.setLevel(logging.DEBUG) class Sniffer: def __init__(self): pass def setup_sniff_parser(subparsers): parser = subparsers.add_parser('sniff', help='Sniff packets with tcpdump') # metadata args parser.add_argument('-a', '--addr', help='IP or MAC address of IoT device') # tcpdump args parser.add_argument('--app', help='Application name to sniff', default=None) parser_sniff_tcpdump = parser.add_argument_group('tcpdump arguments') parser_sniff_tcpdump.add_argument('-i', '--interface', help='Interface to capture on.', dest='capture_interface', required=True) parser_sniff_tcpdump.add_argument('-I', '--monitor-mode', help='Put interface into monitor mode', action='store_true') parser_sniff_tcpdump.add_argument('-n', help='Deactivate name resolution. True by default.', action='store_true', dest='no_name_resolution') parser_sniff_tcpdump.add_argument('-#', '--number', help='Print packet number at beginning of line. True by default.', action='store_true') parser_sniff_tcpdump.add_argument('-e', help='Print link layer headers. True by default.', action='store_true', dest='print_link_layer') parser_sniff_tcpdump.add_argument('-t', action='count', default=0, help='Please see tcpdump manual for details. Unused by default.') cap_size_group = parser.add_mutually_exclusive_group(required=False) cap_size_group.add_argument('-c', '--count', type=int, help='Number of packets to capture.', default=10) cap_size_group.add_argument('--mins', type=int, help='Time in minutes to capture.', default=1) parser.set_defaults(func=sniff) def parse_addr(addr): #TODO Implement pass def sniff(args): if args.addr is None: print('You must supply either a MAC or IP(v4) address to use this tool!') logger.info("Exiting on account of missing MAC/IP.") exit(1) else: (type, value) = parse_addr(args.addr) #TODO Get this party started def sniff_tcpdump(args, filter): pass def sniff_mitmproxy(args, filter): pass def sniff_raw(cmd,args): pass