INTERCEPTING & MODIFYING PACKETS

Scapy can be used to:

  • Create packets.
  • Analyze packets.
  • Send/receive packets.

But it can't be used to intercept packets/flows.

CLASSIC MITM SCENARIO

 MITM - SNIFFING DATA

 MITM - MODIFYING DATA

1. Execute the command - iptables to capture the packets into a queue.

iptables -I INPUT -d 10.0.0.0/ -j NFQUEUE --queue-num

2. Access the Packets queue.

Install the module netfilterqueue first.

pip3 install -U git+https://github.com/kti/python-netfilterqueue

3. Write the Python script to intercept and process the packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(1, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

We can also drop the packets through function packet.drop().

4. Use the following command to stop the packet capturing.

iptables --flush

Converting Packets to Scapy Packets

1. Execute the iptables command to capture the OUTPUT and INPUT packets.

iptables -I OUTPUT -j NFQUEUE --queue-num 

iptables -I INPUT -j NFQUEUE --queue-num

2. Execute the following Python script to process the captured packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

3. Convert the packet to scapy packet and show on the screen.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

4. Stop the capture of the packet by the command.

iptables --flush

Python Ethical Hacking - Intercepting and Modifying Packets的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(1)

    PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting info ...

  2. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  3. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  4. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  5. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  6. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  7. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  8. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  9. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

随机推荐

  1. java中int和Integer的区别?为什么有了int还要有设计Integer?

    参考https://blog.csdn.net/chenliguan/article/details/53888018 https://blog.csdn.net/myme95/article/det ...

  2. winXP vc6行号显示插件-VC6LineNumberAddin方法-可用-无需注册

    1.VC6LineNumberAddin 修改日期是2008.6.3可用,其它需要注册码 http://codefish.googlecode.com/files/VC%E6%98%BE%E7%A4% ...

  3. 'ipconfig' 不是内部或外部命令,也不是可运行的程序 或批处理文件

    今天在学习的时候需要找本地ip地址,可是在命令行窗口却显示 百度之后发现原来是环境变量没配置的问题(其实之前是ok的,但应该是anconda安装的时候点了那个一键设置环境变量搞得本地的path里的数据 ...

  4. PHP丨PHP基础知识之流程控制for循环「理论篇」

    今天公司同事在看for循环,那么我们今天就来讲讲for循环吧! for循环是编程语言中一种循环语句,而循环语句由循环体及循环的判定条件两部分组成,其表达式为:for(单次表达式;条件表达式;末尾循环体 ...

  5. 虚拟机 VMware 设置VMWARE通过桥接方式使用主机无线网卡上网

    环境:WIN7旗舰版,台式机,U盘无线上网卡. 虚拟软件:VMware9.0,虚拟系统:CentOS6.4 需要实现虚拟机以独立机形式工作和上网. 先介绍一下VMware网络设置的三种方式 1 Hos ...

  6. java命令行输入参数

    Java命令行输入参数 代码用例:命令行输入参数,并进行加法运算. public class Demo01 { public static void main(String[] args) { for ...

  7. python基础扩展(二)

    python基础扩展(二) 常用操作 1.startswith(以什么开始) endswith(y)什么结束 s='taiWanw39dd' print(s.startswith('t')) #意思是 ...

  8. 最新的一波Vue实战技巧,不用则已,一用惊人

    在Vue中,不同的选项有不同的合并策略,比如 data,props,methods是同名属性覆盖合并,其他直接合并,而生命周期钩子函数则是将同名的函数放到一个数组中,在调用的时候依次调用 在Vue中, ...

  9. Java 反射简介

    本文部分内容参考博客.点击链接可以查看原文. 1. 反射的概念 反射是指在运行时将类的属性.构造函数和方法等元素动态地映射成一个个对象.通过这些对象我们可以动态地生成对象实例,调用类的方法和更改类的属 ...

  10. eclipse 导入下载或拷贝的java Web项目时报错 ,或者是报错Unbound classpath container: 'JRE System Library

    在Problems里报错Description Resource Path Location Type Unbound classpath container: 'JRE System Library ...