Python Ethical Hacking - Intercepting and Modifying Packets
INTERCEPTING & MODIFYING PACKETS
Scapy can be used to:
- Create packets.
- Analyze packets.
- Send/receive packets.
But it can't be used to intercept packets/flows.
CLASSIC MITM SCENARIO
MITM - SNIFFING DATA
MITM - MODIFYING DATA
1. Execute the command - iptables to capture the packets into a queue.
iptables -I INPUT -d 10.0.0.0/ -j NFQUEUE --queue-num
2. Access the Packets queue.
Install the module netfilterqueue first.
pip3 install -U git+https://github.com/kti/python-netfilterqueue
3. Write the Python script to intercept and process the packets.
#!/usr/bin/env python
from netfilterqueue import NetfilterQueue def process_packet(packet):
print(packet)
packet.accept() queue = NetfilterQueue()
queue.bind(1, process_packet)
try:
queue.run()
except KeyboardInterrupt:
print('')
We can also drop the packets through function packet.drop().
4. Use the following command to stop the packet capturing.
iptables --flush
Converting Packets to Scapy Packets
1. Execute the iptables command to capture the OUTPUT and INPUT packets.
iptables -I OUTPUT -j NFQUEUE --queue-num iptables -I INPUT -j NFQUEUE --queue-num
2. Execute the following Python script to process the captured packets.
#!/usr/bin/env python
from netfilterqueue import NetfilterQueue def process_packet(packet):
print(packet)
packet.accept() queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
queue.run()
except KeyboardInterrupt:
print('')
3. Convert the packet to scapy packet and show on the screen.
#!/usr/bin/env python from netfilterqueue import NetfilterQueue
from scapy.layers.inet import IP def process_packet(packet):
scapy_packet = IP(packet.get_payload())
print(scapy_packet.show())
packet.accept() queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
queue.run()
except KeyboardInterrupt:
print('')
4. Stop the capture of the packet by the command.
iptables --flush
Python Ethical Hacking - Intercepting and Modifying Packets的更多相关文章
- Python Ethical Hacking - Packet Sniffer(1)
PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting info ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...
- Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)
Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...
- Python Ethical Hacking - ARP Spoofing
Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...
- Python Ethical Hacking - Bypass HTTPS(1)
HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...
- Python Ethical Hacking - Packet Sniffer(2)
Capturing passwords from any computer connected to the same network. ARP_SPOOF + PACKET_SNIFFER Ta ...
- Python Ethical Hacking - BACKDOORS(8)
Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...
- Python Ethical Hacking - NETWORK_SCANNER(2)
DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...
随机推荐
- ObjectOutputStream和ObjectInputStream对对象进行序列化和反序列化
1 Java序列化和反序列化简介 Java序列化是指把对象转换为字节序列的过程,而Java反序列化是指把字节序列恢复为java对象的过程. 我们把对象序列化成有序字节流,保存到本地磁盘或者Redis等 ...
- .Net Core Configuration源码探究
前言 上篇文章我们演示了为Configuration添加Etcd数据源,并且了解到为Configuration扩展自定义数据源还是非常简单的,核心就是把数据源的数据按照一定的规则读取到指定的字 ...
- 工业4.0:换热站最酷设计—— Web SCADA 工业组态软件界面
前言 随着工业4.0的不断普及与发展,以及国民经济的飞速前进,我国的城市集中供热规模也不断扩大,科学的管理热力管网具有非常重大的经济和社会效益.目前热力系统,如换热站大都采用人工监控,人工监控不仅浪费 ...
- java异常处理之try_catch_finally
java异常处理之try_catch_finally 看下面的一个列子: public class TestException { int goabl=1; public TestException( ...
- jfinal运行时报错分析java.lang.ClassNotFoundException: com.sun.faces.config.ConfigureListener
这里解释一下,我用maven jetty运行没啥问题的项目,当我切换tomcat时候出现如下错误. 问题1. - jar not loaded. See Servlet Spec 3.0, secti ...
- Linux 查看日志的时候常用命令总结
Linux ~ 查看日志的常用命令总结 1.tail -n <行数>,显示文件的尾部n行内容. -f 循环读取,常用于查阅正在改变的日志文件. ① tail -f test.log ...
- 计算机网络之DDOS
1.什么是DDOS DDOS(Distributed Denial of Service),中文意思为“分布式拒绝服务”,就是利用大量合法的分布式服务器对目标发送请求,从而导致正常合法用户无法获得服务 ...
- 入门大数据---SparkSQL外部数据源
一.简介 1.1 多数据源支持 Spark 支持以下六个核心数据源,同时 Spark 社区还提供了多达上百种数据源的读取方式,能够满足绝大部分使用场景. CSV JSON Parquet ORC JD ...
- xshell界面变成半透明的怎么办?
在工具——选项查看选项卡去掉使窗口透明的前的勾就可以了
- Ubuntu apt update卡在Connecting to security.ubuntu.com解决方法
Ubuntu操作系统运行apt update命令时会卡在Connecting to security.ubuntu.com,搭了梯子也无法解决 尝试了网络上的方法,如: https://blog.cs ...