Merge pull request #7 from Sheksa/master

Fixed duplicate packet capturing casuing CRC issue in HTTP
ytisf · Jan 19, 2015 · 9d1eb41 · 9d1eb41
2 parents 02e8671 + 0a1e1ff
commit 9d1eb41
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/pyexfil/http_exfiltration.py b/pyexfil/http_exfiltration.py
@@ -128,16 +128,15 @@ def eth_addr(a):
 
 	# Main work starts here
 	while True:
-		packet = s.recvfrom(65565)
-		packet = packet[0]
+		packet, address = s.recvfrom(65565)
 		eth_length = 14
 
 		eth_header = packet[:eth_length]
 		eth = unpack('!6s6sH', eth_header)
 		eth_protocol = socket.ntohs(eth[2])
 
 		# Parse IP packets, IP Protocol number = 8
-		if eth_protocol == 8:
+		if eth_protocol == 8 and address[2] == 4: # Cancel out duplicates
 			# Parse IP header
 			ip_header = packet[eth_length:20 + eth_length]  # 20 first chars are IP Header
 			iph = unpack('!BBHHHBBH4s4s', ip_header)  # Unpacking IP Header