diff options
| author | Luneji <61687883+Luneji@users.noreply.github.com> | 2020-05-12 10:45:40 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-12 10:45:40 +0200 |
| commit | 2c3bff2c161edbc40ba37d4570cd4e673e167a4f (patch) | |
| tree | 7f77f688308769ab8cdecf28874680a5402ac290 | |
| parent | 9edecc23c01cb440e2aa3b21930da3d51fe430c6 (diff) | |
Update script.sh
| -rwxr-xr-x | analyse/script.sh | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/analyse/script.sh b/analyse/script.sh index 056e47b..fdffe64 100755 --- a/analyse/script.sh +++ b/analyse/script.sh @@ -4,8 +4,10 @@ #TO-DO: #prend en compte l'interface internet par defaut sur la machine #recupere l'adresse IP lie a cette interface +#installe tcpdump avant toute chose #corrige le deplacement du cut dans certaines trames (comme ARP) #Affiche quelque chose d'autre que "IP" en protocole (probleme pour la plupart des paquets +#enleve ce qu'il y a apres la virgule pour les secondes #ajoute la date #insert dans la bdd les differentes infos @@ -27,7 +29,7 @@ while : do - sudo tcpdump -i $1 -c1 -nn tcp -w capturetcp.pcap + sudo tcpdump -i wlp2s0 -c1 -nn tcp -w capturetcp.pcap sudo tcpdump -nn -r capturetcp.pcap > grostastcp echo -e "Voici un paquet TCP\n" cat grostastcp | cut -d" " -f1 >> /tmp/heuretcp.txt @@ -37,13 +39,21 @@ do cat grostastcp | cut -d" " -f15 >> /tmp/tailletcp.txt tail -n1 /tmp/heuretcp.txt tail -n1 /tmp/protocoletcp.txt - tail -n1 /tmp/sourcetcp.txt - tail -n1 /tmp/destinationtcp.txt + tcpvar=$(tail -n1 /tmp/sourcetcp.txt) + echo "${tcpvar%.*}" >> /tmp/ipsrctcp.txt + echo "${tcpvar##*.}" >> /tmp/portsrctcp.txt + tail -n1 /tmp/ipsrctcp.txt + tail -n1 /tmp/portsrctcp.txt + tcprav=$(tail -n1 /tmp/destinationtcp.txt) + echo "${tcprav%.*}" >> /tmp/ipdsttcp.txt + echo "${tcprav##*.}" | cut -d":" -f1 >> /tmp/portdsttcp.txt + tail -n1 /tmp/ipdsttcp.txt + tail -n1 /tmp/portdsttcp.txt tail -n1 /tmp/tailletcp.txt # Attention ici c'est UDP - sudo tcpdump -i $1 -c1 -nn udp -w captureudp.pcap + sudo tcpdump -i wlp2s0 -c1 -nn udp -w captureudp.pcap sudo tcpdump -nn -r captureudp.pcap > grostasudp echo -e "Voici un paquet UDP\n" cat grostasudp | cut -d" " -f1 >> /tmp/heureudp.txt @@ -53,7 +63,15 @@ do cat grostasudp | cut -d" " -f8 >> /tmp/tailleudp.txt tail -n1 /tmp/heureudp.txt tail -n1 /tmp/protocoleudp.txt - tail -n1 /tmp/sourceudp.txt - tail -n1 /tmp/destinationudp.txt + udpvar=$(tail -n1 /tmp/sourceudp.txt) + echo "${udpvar%.*}" >> /tmp/ipsrcudp.txt + echo "${udpvar##*.}" >> /tmp/portsrcudp.txt + tail -n1 /tmp/ipsrcudp.txt + tail -n1 /tmp/portsrcudp.txt + udprav=$(tail -n1 /tmp/destinationudp.txt) + echo "${udprav%.*}" >> /tmp/ipdstudp.txt + echo "${udprav##*.}" | cut -d":" -f1 >> /tmp/portdstudp.txt + tail -n1 /tmp/ipdstudp.txt + tail -n1 /tmp/portdstudp.txt tail -n1 /tmp/tailleudp.txt done |