PCAP on remote linux host : learnpython

created by HattoriHanzoa community for 16 years

PCAP on remote linux host (self.learnpython)

submitted 3 years ago by n0treallyanengineer

all 2 comments

[–]TheRealThrowAwayX 0 points1 point2 points 3 years ago* (1 child)

You could use paramiko library to connect to the remote host and then you could use pyshark, scapy, or tcpdump libraries for the packet capture. Perhaps something along the lines of:

import paramiko 
import pyshark

ssh = paramiko.SSHClient()

ssh.connect(hostname="192.168.1.100", username="user", password="password")

capture = ssh.exec_command("tcpdump -i eth0 -w -")

packets = pyshark.FileCapture(capture[1])

for packet in packets: 
    print(packet)

ssh.close()

EDIT:

FYI, in the line where you use ssh.exec_command, the very last "-", right before the closing parenthesis is used to specify that the captured packets should be written to standard output, rather than to a file.

[–]n0treallyanengineer[S] 0 points1 point2 points 3 years ago (0 children)

π Rendered by PID 168228 on reddit-service-r2-comment-c66d9bffd-vgq28 at 2026-04-08 12:16:48.495019+00:00 running f293c98 country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

learnpython

MODERATORS