[Perl]获取Google Talk聊天信息~
时间:2005-09-13 来源:huhuegg
与先前的获取msn信息差不多啦~ 想要gmail账号的留mail,我有69个~ :)
#!/usr/bin/perl
# use strict;
use Net::PcapUtils;
use Time::Format;
$time{$format};
$time{$format, $unixtime};
sub process_pkt {
my($arg, $hdr, $pkt) = @_;
my($packages)=unpack('H*', $pkt);
### START PACKAGE INFO ###
my(%PACKTYPE)=('0800'=>'IP', '0806'=>'ARP', '8035'=>'RARP');
my($source_mac)=substr($packages,0,12);
my($dest_mac)=substr($packages,12,12);
my($type)=substr($packages,24,4);
$type=$PACKTYPE{$type};
### START IP HEAD ###
if ($type eq IP) {
## get ip head info ##
my($ipversion)=substr($packages,28,1);
my($ipheadlength)=substr($packages,29,1);
my($typeofservice)=substr($packages,30,2);
my($totlength)=hex(substr($packages,32,4));
my($id)=hex(substr($packages,36,4));
my($fragment_offset)=hex(substr($packages,40,4));
my($time_to_live)=hex(substr($packages,44,2));
my($protocol)=substr($packages,46,2);
my($ipchecksum)=hex(substr($packages,48,4));
my($sourceipA)=hex(substr($packages,52,2));
my($sourceipB)=hex(substr($packages,54,2));
my($sourceipC)=hex(substr($packages,56,2));
my($sourceipD)=hex(substr($packages,58,2));
my($sourceip)=$sourceipA . "." . $sourceipB . "." . $sourceipC . "." . $sourceipD;
my($destipA)=hex(substr($packages,60,2));
my($destipB)=hex(substr($packages,62,2));
my($destipC)=hex(substr($packages,64,2));
my($destipD)=hex(substr($packages,66,2));
my($destip)=$destipA . "." . $destipB . "." . $destipC . "." . $destipD;
my(%TCPORUDP)=('06'=>'TCP', '17'=>'UDP');
$protocol=$TCPORUDP{$protocol};
### END IP HEAD ###
### START TCP HEAD ###
if ($protocol eq TCP) {
my($sourceport)=hex(substr($packages,68,4));
my($destport)=hex(substr($packages,72,4));
my($sequence)=hex(substr($packages,76,8));
my($acknowledgement)=hex(substr($packages,84,8));
my($tcphederlength)=hex(substr($packages,92,2));
### get all flag ###
my($flags)=hex(substr($packages,94,2));
my(%flags)=('1'=>'FIN', '2'=>'SYN', '3'=>'RST', '4'=>'PSH', '5'=>'ACT', '6'=>'URG');
my(%flag)=('FIN'=>'fin', 'SYN'=>'syn', 'RST'=>'rst', 'PSH'=>'psh', 'ACT'=>'act', 'URG'=>'urg');
$number=1;
while ($flags>0) {
$mo=$flags % 2;
$flags=($flags-$mo)/2;
$flag{$flags{$number}}=$mo;
$number=$number+1;
}
$mo=$flags % 2;
$flag{$flags{$number}}=$mo;
### end get flag ###
my($window)=hex(substr($packages,96,4));
my($tcpchecksum)=hex(substr($packages,100,4));
my($urgent_pointer)=hex(substr($packages,104,4));
### END TCP HEAD ###
### START DATA ###
my($data)=substr($packages,108);
### END DATA ###
### START CHANGE DATA TO ASCII ##
### END CHANGE DATA TO ASCII ##
### START CHECK MSN HEAD ###
my($msndata)=substr($data,24);
my($num) = length($msndata);
my($datatoascii)="";
my($datalocal)=0;
while ($datalocal <= $num) {
$tempascii=chr(hex(substr($msndata,$datalocal,2)));
$datatoascii=$datatoascii . $tempascii;
$datalocal=$datalocal+2;
}
### END CHECK MSN HEAD ###
### START LISTEN DESTIP 216.239.37.125 INFO ###
$destipstring="216.239.37.125";
if ($destip eq $destipstring) {
$_=$datatoascii;
if(m//) {
@accountstring=split(/ /, $_);
@accountto=split(///, substr($accountstring[0],1));
my($searchstart)="";
my($searchend)="";
my($start)=index($datatoascii,$searchstart);
my($end)=index($datatoascii,$searchend);
my($datastart)=$start+6;
my($stringlength)=$end-$datastart;
my($getstring)=substr($datatoascii,$datastart,$stringlength);
print("#Start Google Talk Message# ");
print("$time{'yyyy/mm/dd'} $time{'hh:mm:ss'} $sourceip:$sourceport -> $destip:$destport ");
print("MSG TO: $accountto[0] $getstring ");
print("#End Google Talk Message# ");
}
}
}
}
### END PACKAGE INFO ###
}
Net::PcapUtils::loop(&process_pkt, SNAPLEN => 999999999);
相关阅读 更多 +
排行榜 更多 +
