INTERCEPTING & MODIFYING PACKETS

Scapy can be used to:

  • Create packets.
  • Analyze packets.
  • Send/receive packets.

But it can't be used to intercept packets/flows.

CLASSIC MITM SCENARIO

 MITM - SNIFFING DATA

 MITM - MODIFYING DATA

1. Execute the command - iptables to capture the packets into a queue.

iptables -I INPUT -d 10.0.0.0/ -j NFQUEUE --queue-num

2. Access the Packets queue.

Install the module netfilterqueue first.

pip3 install -U git+https://github.com/kti/python-netfilterqueue

3. Write the Python script to intercept and process the packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(1, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

We can also drop the packets through function packet.drop().

4. Use the following command to stop the packet capturing.

iptables --flush

Converting Packets to Scapy Packets

1. Execute the iptables command to capture the OUTPUT and INPUT packets.

iptables -I OUTPUT -j NFQUEUE --queue-num 

iptables -I INPUT -j NFQUEUE --queue-num

2. Execute the following Python script to process the captured packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

3. Convert the packet to scapy packet and show on the screen.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

4. Stop the capture of the packet by the command.

iptables --flush

Python Ethical Hacking - Intercepting and Modifying Packets的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(1)

    PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting info ...

  2. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  3. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  4. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  5. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  6. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  7. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  8. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  9. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

随机推荐

  1. PN532资料 NFC RFID V3模块

    最新PN532链接:  https://pan.baidu.com/s/1HyXk-VuF-24ZJ8zAVb9lcA 提取码: bgju 复制这段内容后打开百度网盘手机App,操作更方便哦

  2. Windows7/10实现ICMP(ping命令)

    如果觉得本文如果帮到你或者你想转载都可以,只需要标注出处即可.谢谢 利用ICMP数据包.C语言实现Ping命令程序,能实现基本的Ping操作,发送ICMP回显请求报文,用于测试—个主机到只一个主机之间 ...

  3. 在执行jar包时如何使用调优参数

    [本文版权归微信公众号"代码艺术"(ID:onblog)所有,若是转载请务必保留本段原创声明,违者必究.若是文章有不足之处,欢迎关注微信公众号私信与我进行交流!] 使用时去掉换行 ...

  4. maven中pom.xml中配置整理: groupId、artifactId、parent、dependency、dependencyManagement区别

    <groupId>com.mycompany.commonmaven</groupId> <artifactId>commonmaven</artifactI ...

  5. Java中的final关键字解析

    一.final关键字的基本用法 1.修饰类   当用final修饰一个类时,表明这个类不能被继承.注意: final类中的成员变量可以根据需要设为final, final类中的所有成员方法都会被隐式地 ...

  6. Python3-subprocess模块-子进程管理

    简单介绍 subprocess模块可以创建新的进程,执行shell命令.Python脚本等 代码示例 import subprocess # 1.执行进程,并获取返回码 return_code = s ...

  7. mpvue实战-手势滑动导航栏

    写点东西记录一下美好时光,上周学习了一下通过mpuve开发微信小程序,看完文档,就准备撸起袖子加油干的时候,一开始就被支持手势滑动的导航栏给搞懵逼了.求助一波百度和谷歌未果后,只能自己动脑动手!为了给 ...

  8. 字符串String和list集合判空验证

    1`字符串判断处理: 结论: 当if判断条件为两个,并且它们两个为或的关系,如果第一个条件为false,则继续第二个条件的判断:如果第一个条件为true,该例子不足以说明是否判断第二个条件, 最终可以 ...

  9. Vs Code推荐安装插件

    前言: Visual Studio Code是一个轻量级但功能强大的源代码编辑器,轻量级指的是下载下来的Vs Code其实就是一个简单的编辑器,强大指的是支持多种语言的环境插件拓展,也正是因为这种支持 ...

  10. 使用 Egg + Vue 的第一个线上小产品——远程工作职位信息收集站点 yuancheng.works

    小插曲 开始很纠结,买了一个 yuancheng.works 域名会不会冒犯到 yuancheng.work 站长. 还在群里咨询了 @Phodal 等前辈.重新搞一个新域名,yuancheng.wo ...