设备Macbook Air,系统Mac OS X 10.10
mac下抓包,要么用第三方软件wireshark,要么自己写python脚本用 pcap, dpkt 。
首先,都必须开启网卡:sudo chmod 777 /dev/bpf*
否则,wireshark无法搜到设备,python脚本会报没有权限的Error:
pc=pcap.pcap('en0',immediate=True)
File "pcap.pyx", line 198, in pcap.pcap.__init__ (pcap.c:1778)
OSError: en0: You don't have permission to capture on that device ((cannot open BPF device) /dev/bpf0: Permission denied)
File "pcap.pyx", line 198, in pcap.pcap.__init__ (pcap.c:1778)
OSError: en0: You don't have permission to capture on that device ((cannot open BPF device) /dev/bpf0: Permission denied)
开启网卡之后,就可以顺利用wireshark,或者python import pcap, dpkt 抓包了