# I Built a Python Packet Sniffer… This Is What Hackers See on Public WiFi 💀🔥 ## Метаданные - **Канал:** Python Simplified - **YouTube:** https://www.youtube.com/watch?v=YW5e8qAYIgU ## Содержание ### [0:00](https://www.youtube.com/watch?v=YW5e8qAYIgU) Segment 1 (00:00 - 05:00) We connect to public Wi-Fi all the time. We do it in hotels, in coffee shops, in airports. But have you ever wondered if it's a smart thing to do security-wise? Today, we will see exactly why public Wi-Fi is considered a gold mine for hackers. We will design a Flask application, and we'll try to intercept it with our very own Packet Sniffer. All you need is a computer and a phone connected to the same Wi-Fi network and in 15 minutes you will be absolutely traumatized. You will never trust public Wi-Fi again. I promise. Now, this video is brought to you by Try HackMe, a hands-on learning platform for cyber security. So, if you enjoy what you see today, you'll know exactly where to go next. And without any further ado, let's roll. So, first of all, let's talk about the type of software that we're going to build. Our packet sniffer is considered a maninthe-middle attack. It's like a mailman that opens your letters, reads them, glues them back, and only then delivers them to you. You have no idea that someone has access to your personal data and they're secretly eavesdropping on your private conversations. So, let's say that we are staying in a nice hotel that offers free Wi-Fi and we can upgrade it to a faster speed for only $2 per day. It is very common and most of us connected to these types of network many times in the past. We pick a username and a password. We enter our credit card details and our payment was successfully processed. But what if I told you that every single input that we just entered was snatched by a very simple Python script? Someone who has connected to the same network as us can now go shopping on our expense. So what does it look like in terms of code? Let's build this whole system together step by step. First of all, let's design a Wi-Fi login page named app. py using the official Flask quick start. You can just copy it from the docs. And if this is entirely new to you, I have a great tutorial to get you up to speed. It's this one right over here. Just make sure you add the if name equals main clause and import the requests class. Now, instead of hello world, we will create a homepage with only a few elements that we will bundle in a multi-line string named content. We have a header of Royale Hotel free Wi-Fi and let's edit a nice crown emoji. We then need a form with three types of inputs. The first one is a username which is an input in the type of text with the name of username. And same goes for our password. We will just copy the username and we will adjust everything to password. Okay, including the type. And finally, we need an input with the type of submit, which is of course our login button. So, let's give it the value of log in. And then instead of hello world, we will just return the content. Perfect. So, how do we run this thing? Well, prepare to be shocked because today we will run it on Windows. It is very uncommon for this channel, but since most malware targets Windows systems, we will design our packet sniffer accordingly. So, let's open an anaconda terminal, believe it or not, and let's create a new working environment with create-ash n. We will call it sniffer env. And we will install python 3. 12 in it. Then we will go ahead and activate it like so. And we will then pip install flask along with a packet sniffing library named scappy or scapy or whatever you call this thing. It will then navigate to the same folder as our app. py in my case with cd packet sniffer where our application lives. And then finally we can run our login page with python app. py. Then in our browser, we will open localhost in the port of 5000. Let's just paste it right over here. And here's our super quick and ugly login page. Now, at this point, our form is only collecting information, but it doesn't really know what to do with it. So, let's take care of that super quickly. We'll give our form an action or where to send the information. In my case, a route of slash login, which we will create shortly. And we will also give it a method of post as in how to send the information where post ### [5:00](https://www.youtube.com/watch?v=YW5e8qAYIgU&t=300s) Segment 2 (05:00 - 10:00) sends it quietly in the background and get adds it to the URL. Now to make it work, we need to catch that information in a new route with atapp. oute route that has a matching action of slash login and a matching method with methods to which we will pass a list with post and then right underneath we define a new function named log in and we then simply return successfully logged in or even better let's fetch the username from our submitted form with request form. get get to which we will pass a matching input name. Okay, username the one from above and then let's assign this to user and let's add it to our return statement. And then we say successfully logged in as user and actually let's also put it in a bold text like so. Beautiful. We will then save everything and we will rerun our application. And now if we go ahead and enter a username along with a password. Okay, let's say Maria and some kind of a password. And we hit submit, then our message pops along with my username. Yay. Next, we will learn how to intercept everything that happens on this app and on the same Wi-Fi network. For this, in our running command, we will set the host to 0. 0. 0. 0, zero which will expose our app to any device on the network and then we will also choose a port number in my case 80. Now if we save everything and rerun our app in the browser we can then delete port 5000 from the URL and only keep it as localhost. That's because port 80 is the default port. So it doesn't matter if we type localhost in the port of 80 or simply localhost. The result is exactly the same. Now, we will of course make our login page prettier and way more malicious very soon, but for now, let's just focus on snatching the username and the password because if we know how to do that, we can then catch anything else. Now, the first thing we need for our sniffer is a packet capture driver called NPCAP. We will download it from the official website, clicking on download and then getting the installer for Windows 11. Then you just follow the instructions from the wizard. And once it is installed, we can then move on with coding. So in a new Python file named sniffer. py from scape. all, we will import sniff as well as the raw class. Then right below, we will design a function named catch packet where we receive small chunks of data while they are transferred over a network. We call them packets and our goal is to catch the important ones. and of course to process them inside this function. So let's go ahead and pass packet as an argument. But how do we know what's important? Well, anything that has readable data in it. If it's a system message or a warning, we don't really care. But if it's an HTTP request or a response, that's what we want to catch. For this, we will filter anything that doesn't have a raw layer in it or actual text that is attached to it. Let's just write it below. If packet has layer raw, we will then store it below with packet in the index of raw or more accurately in the layer of raw and we will then fetch its load attribute save it as data. But simply loading it is not enough. It's fine for computers but not so much for humans. If we want to read this data, we will need to decode it. Okay, so let's call the decode method on it. Translating it from binary bytes into actual text. And since much of it is not so easy to translate in our decode method, we will set the errors property to ignore. So if one of our bytes is problematic, then we just skip it and move on. Then right underneath, we can print our data into our console. But another tiny filter we can add is first checking if the length of our data is bigger than 10. And we do so right before our print statement. Now you don't have to do it on your end, but I'll do it on mine because it will ignore incomplete or noisy data. Great. So now we have a function that catches packets and we can use it in our application. So first let's print a message that confirms that our sniffer is listening. Okay, so sniffer started on Wi-Fi and we will even add a very scary emoji right in front of it. And then right underneath we will call the sniff function passing it the following parameters. So first we will set the ### [10:00](https://www.youtube.com/watch?v=YW5e8qAYIgU&t=600s) Segment 3 (10:00 - 15:00) iface or the interface to Wi-Fi and then we'll set a filter of TCP port 80 where TCP stands for transmission control protocol that is the book of rules. we use to communicate with our app. And then port 80 is of course the port of our login page. Then we will set PRN as in print function to catch packet the function that we defined above. And then finally we will set store to false. And that way we are not storing all these packets on our RAM. We just print them and forget about it. And that's it. That's all we need to catch the username and password of anyone who stumbles upon our login page. So, let's see exactly how it works. For this, we will connect our phone to the same Wi-Fi network as our computer. And we will make sure that app. py is running in our terminal. Then we will need our computer's IP address which you can find through your PowerShell or your command prompt by typing IP config where your IP address is under IPv4. Then on our phone we will navigate to the browser and we will type in our IP address in the URL and boom, here's our super ugly login page. Now if it bugs you as much as it bugs me, let's quickly make it prettier. We'll just download a file named UI. py from my GitHub. The link is in the description as usual. And we will save it right next to our app and our sniffer files. And then at the top of app. py from UI, we will import stylish UI. And then instead of returning the content, we will then go ahead and pass the content to the stylish UI function. And we'll do so in both our routes like so. Then we will save everything. We'll refresh our application and okay much better including on our phone. Perfect. So now it is time to launch our sniffer. We will do so from another Anaconda terminal. We will activate our sniffer env once again and we will navigate to the project folder of course but this time we will run python sniffer. py Hi. And then once it started listening, we will then go ahead and refresh the browser on our phone and we already see the first piece of data which looks a lot like our login page. Fantastic. But what happens if we now type our username and password inside this form? Let's see. Okay, so my username is Maria and then my password let's say is Python simplified and I hit submit. Now, we still get a web page in return. But if we scroll up only a tiny bit, we get the response from our app that not only includes our username and password that we just entered, but also the device type, the device language, the time in which we press the submit button, and so on and so on. But other than that, everything is fine. Now, in case of catching our username and password, it's not really that big of a deal unless you use the exact same username and password everywhere. So, a black hat might try to enter these in PayPal or Instagram or Gmail. And that's why it's always best to have some kind of a dummy username for websites you don't trust. But what happens if our login page is way more malicious than that? Now, if you actually want to understand how hackers think, you need to start by breaking into things. The problem is if you do that on your own, you'll probably get in trouble. So, let's do it the right way, practicing offensive security legally and safely. For this, we will navigate to tryhackme. com and then we will go back and make our app a lot more malicious. Now, this is one of the biggest hands-on cyber security platforms with millions of people learning this stuff every single day. So, let's click on the cyber security 101 path and let's enroll in it. These paths are guided step-by-step road maps where you always know what to learn next. Then we will log in with Google and we will start with the offensive security intro. Breaking into systems, exploiting bugs and finding loopholes to gain unauthorized access. So the answer to the first question is of course offensive security. Next, we jump into the hands-on demo and we see a virtual machine spinning directly in the browser. So, we're breaking into real systems without installing or downloading anything to our computer. Everything is done safely in a control browser environment. Now, the first question asks for our bank account number. And in my case, it is 8881. And now we can officially start hacking it. So, let's quickly open a terminal and run derb followed by the URL of fake ### [15:00](https://www.youtube.com/watch?v=YW5e8qAYIgU&t=900s) Segment 4 (15:00 - 19:00) bank account. And this will discover all the hidden folders and files. In our case, we found an image folder and a much more interesting bank deposit folder. So, let's copy that URL and let's submit it as the answer. Beautiful. Now, I'm going to leave the next steps to you, adding funds to your account, and continue exploiting it further and further. So, if you enjoyed this exercise and you want unlimited access to all the paths and all the labs, click on the link in the pinned comment right now and use my code Python 25 for 25% off the annual plan. Now, let's go back to the video and make our innocent login page absolutely horrifying. For this, we will download Melapp. py from the same GitHub repository as earlier and let's run it instead of app. py. Now, on the surface, it looks the same, but once we enter our dummy details, we are now presented with an option to upgrade our Wi-Fi for only $2 per day. And this is the stuff of nightmares because most hotels, they do offer this kind of option. The owners are rarely experts in it, and they may not even realize that someone can pick up this information. Maybe it's the exact same guy who designed their website. So, it's very important to be cautious on both ends. Now, let's run our sniffer once again. And then let's refresh the browser on our phone. And then let's enter our login credentials. And then we will enter our credit card details. We just make up a bunch of numbers. And great, our payment was processed. Our Wi-Fi is officially faster. But we just gave our credit information to some black hat who will absolutely abuse it. But how come that in 2026 when we have so many security measures that we still need to worry about that? Well, first of all, we do have security measures built into the browser both on the phone and on the computer. The problem is if you're creative enough, you can easily bypass them. For example, in our credit card form, I am using bold unic code characters to write credit card number and CVV. If I were to use a regular text instead, like so, then we would see a scary message that says that our connection is not secure. This is a built-in browser red flag. But as you can see, we can easily bypass it. The biggest red flag though is something that every user can see without even looking at the code. We simply look at the URL and if you don't see a lock icon or an HTTPS prefix, then run for your life. We all know that, but we don't always check it. So, from now on, do it every single time for any kind of input, no matter how legit the website looks like. And thank you so much for watching. If you found this video helpful, please share it with the world. And don't forget to leave it a huge thumbs up and all kinds of comments. Now, if you'd like to see more videos of this kind, you can always subscribe to my channel and turn on the notification bell. I'll see you soon in an awesome tutorial. I will leave it as a mystery to you. So, I'll see you soon. And in the meantime, bye-bye. Let's roll. Pretty bad. We'll do it again. Honey, can you make me more tea? Uh, put it in the I laughed too much. We will run it on Windows. Local host. Local host. It's a It's an attribute. People will get upset at me. And boom. And now we can cut. And my password is Python simplified. It was good. Let's try it again. I didn't do it very well. Browser. Both on the phone. Both on the phone and on the computer. Bold unicorn. Thank you very much. --- *Источник: https://ekstraktznaniy.ru/video/44532*