INTERCEPTING & MODIFYING PACKETS

Scapy can be used to:

  • Create packets.
  • Analyze packets.
  • Send/receive packets.

But it can't be used to intercept packets/flows.

CLASSIC MITM SCENARIO

 MITM - SNIFFING DATA

 MITM - MODIFYING DATA

1. Execute the command - iptables to capture the packets into a queue.

iptables -I INPUT -d 10.0.0.0/ -j NFQUEUE --queue-num

2. Access the Packets queue.

Install the module netfilterqueue first.

pip3 install -U git+https://github.com/kti/python-netfilterqueue

3. Write the Python script to intercept and process the packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(1, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

We can also drop the packets through function packet.drop().

4. Use the following command to stop the packet capturing.

iptables --flush

Converting Packets to Scapy Packets

1. Execute the iptables command to capture the OUTPUT and INPUT packets.

iptables -I OUTPUT -j NFQUEUE --queue-num 

iptables -I INPUT -j NFQUEUE --queue-num

2. Execute the following Python script to process the captured packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

3. Convert the packet to scapy packet and show on the screen.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

4. Stop the capture of the packet by the command.

iptables --flush

Python Ethical Hacking - Intercepting and Modifying Packets的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(1)

    PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting info ...

  2. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  3. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  4. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  5. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  6. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  7. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  8. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  9. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

随机推荐

  1. 6.kubernetes的GUI资源管理插件-dashboard

    目录 1.准备dashboard镜像 2.创建资源配置清单 3.应用资源配置清单 4.查看创建的资源 5.解析域名 6.浏览器访问 7.令牌命令行获取方式 准备dashboard镜像 [root@hd ...

  2. shellcode 免杀(一)

    工具免杀 选择了几个简单或者近期还有更新的免杀工具进行学习 ShellcodeWrapper https://github.com/Arno0x/ShellcodeWrapper 该工具的原理是使用异 ...

  3. 深入理解跨域SSO单点登录原理与技术

    [本文版权归微信公众号"代码艺术"(ID:onblog)所有,若是转载请务必保留本段原创声明,违者必究.若是文章有不足之处,欢迎关注微信公众号私信与我进行交流!] 一:SSO体系结 ...

  4. JavaWeb网上图书商城完整项目--day02-4.regist页面提交表单时对所有输入框进行校验

    1.现在我们要将table表中的输入的参数全部提交到后台进行校验,我们提交我们是按照表单的形式提交,所以我们首先需要在table表外面添加一个表单 <%@ page language=" ...

  5. django drf插件(一)

    复习 """ 1.vue如果控制html 在html中设置挂载点.导入vue.js环境.创建Vue对象与挂载点绑定 2.vue是渐进式js框架 3.vue指令 {{ }} ...

  6. 如果人生也能存档——C#中的备忘录模式

    大家好,老胡又和大家见面了.首先承认今天的博客有点标题党了,人生是没有存档,也没有后悔药的.有存档和后悔药的,那是游戏,不知道这是不是游戏让人格外放松的原因之一. 今天恰逢端午放假,就让我们来试着做一 ...

  7. Win8.1卸载64位Oracle Database 11g的详细图文步骤记录

    Oracle Database 11g在Win8 上的卸载过程记录. Step1停用oracle服务:进入计算机管理/任务管理器,在服务中,找到oracle开头的所有服务,右击选择停止: Step2 ...

  8. 学习Java的Day03

    接口的特点!!!! 接口不能创建对象 接口的变量使用public static final修饰,如果不写默认添加: 接口的方法为public abstrict,如果不写默认添加: 子类必须重写接口中所 ...

  9. JS代码简洁之道--函数

    函数的参数越少越好 有一个准则是:如果你的函数参数超过两个,就应该改为对象传入. 这样做是合理的,因为当函数参数超过两个时,参数顺序开始变得难以记忆,而且容易出现一种很尴尬的情况:比如我只需要传入第三 ...

  10. web前端达到什么水平,才能找到工作?

    前端都需要学什么(可以分为八个阶段)<1>第一阶段: HTML+CSS:HTML进阶. CSS进阶.DIV+CSS布局.HTML+CSS整站开发. JavaScript基础:Js基础教程. ...