今天就跟大家聊聊有关pcap邮件如何读取并写入txt,可能很多人都不太了解,为了让大家更加了解,小编给大家总结了以下内容,希望大家根据这篇文章可以有所收获。
#coding=utf-8
import string
import urllib
import json
from scapy.all import *
import re
readfile =input("请输入需要分析的文件名:")
mail_port=input("请输入您要解析的邮件类型(IMAP输入143,SMTP输入25,POP3输入110):")
savefile=input("请输入您要保存的文件名:")
dpkt1=list()
dpkt2=list()
dpkt = rdpcap(readfile)
print(dpkt)
sessions = dpkt.sessions()
print(sessions)
for session in sessions:
payload = b'' # the payload of one HTTP POST
for packet in sessions[session]:
try:
#if packet['TCP'].dport ==int(mail_port):
dpkt2.append(str(packet[TCP].window)) print(dpkt2) except: pass
string=''.join(dpkt2)
#string=str(dpkt2)
string=string.replace("\r\n","")
string=string.replace("\t","")
string=string.replace("'b'","")
string=string.replace(" ","")
dlist=list()
dNumb=0
i=1
a=len(dpkt2)
print(string)
From = ''.join(re.findall(u"From:(.com>)", string))
To=''.join(re.findall(u"To:(,?.?com?>)",string))
Cc=''.join(re.findall(u"Cc:(,?.?com>)",string))
Bcc=''.join(re.findall(u"Bcc:(,?.?com>)",string))
Subject=''.join(re.findall(u"Subject:([A-Za-z0-9]+)X-Priority",string))
Content = ''.join(re.findall(u"base64([A-Za-z0-9=/+]+?)---", string))
AttachName = ''.join(re.findall(u"filename=(\".?\")", string))
Attach = ''.join(re.findall(u"filename=\".?\"([A-Za-z0-9=/+]+?)---", string))
dict={"From":From,"To":To,"Cc":Cc,"Bcc":Bcc,"Subject":Subject,"Content":base64.b64decode(Content),"AttachName":AttachName,"Attach":Attach}
dlist.append(dict)
dNumb=dNumb+1
f = open(savefile,"w+")
for i in range(dNumb): #原来是dnmb
#f.write(to)
#f.write(str(dlist[i])+"\r\n")
#print(dlist[i])
for key,value in dlist[i].items():
print('{key}:{value}'.format(key = key, value = value))
f.write(str('{key}:{value}'.format(key = key, value = value))+"\r\n")
看完上述内容,你们对pcap邮件如何读取并写入txt有进一步的了解吗?如果还想了解更多知识或者相关内容,请关注亿速云行业资讯频道,感谢大家的支持。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。