以以下利用一段代码读取http数据包里的request内容:

#!/usr/bin/envpythonimportscapy_http.httpashttpfromscapy.allimport*defprocess_tcp_packet(packet):ifnotpacket.haslayer(http.HTTPRequest):returnhttp_layer=packet.getlayer(http.HTTPRequest)printhttp_layer.show()ip_layer=packet.getlayer(IP)print'\n{0[src]}justrequesteda{1[Method]}{1[Host]}{1[Path]}'.format(ip_layer.fields,http_layer.fields)sniff(filter='tcpandport80',prn=process_tcp_packet)

运行结果如下:

###[ HTTP Request ]###

Method = 'GET'

Path = '/'

Http-Version= 'HTTP/1.1'

Host = '192.168.32.142'

User-Agent= 'curl/7.60.0'

Accept = '*/*'

Accept-Language= None

Accept-Encoding= None

Accept-Charset= None

Referer = None

Authorization= None

Expect = None

From = None

If-Match = None

If-Modified-Since= None

If-None-Match= None

If-Range = None

If-Unmodified-Since= None

Max-Forwards= None

Proxy-Authorization= None

Range = None

TE = None

Cache-Control= None

Connection= None

Date = None

Pragma = None

Trailer = None

Transfer-Encoding= None

Upgrade = None

Via = None

Warning = None

Keep-Alive= None

Allow = None

Content-Encoding= None

Content-Language= None

Content-Length= None

Content-Location= None

Content-MD5= None

Content-Range= None

Content-Type= None

Expires = None

Last-Modified= None

Cookie = None

Headers = 'Host: 192.168.32.142\r\nAccept: */*\r\nUser-Agent: curl/7.60.0'

Additional-Headers= None


192.168.32.10 just requested a GET 192.168.32.142/