import dpkt,os,sys os.chdir(sys.path[0]) f = open('12.cap','rb') pcap = dpkt.pcap.Reader(f) for ts, buf in pcap: eth = dpkt.ethernet.Ethernet(buf) ip = eth.data tcp = ip.data try: if tcp.dport==80 and len(tcp.data)>0: http=dpkt.http.Request(tcp.data) if http.method=='POST': print http.headers['host']+http.uri+'\n'+http.body,#,http.headers['user-agent'] print '\n\n' except:pass f.close()