INTERCEPTING & MODIFYING PACKETS

Scapy can be used to:

  • Create packets.
  • Analyze packets.
  • Send/receive packets.

But it can't be used to intercept packets/flows.

CLASSIC MITM SCENARIO

 MITM - SNIFFING DATA

 MITM - MODIFYING DATA

1. Execute the command - iptables to capture the packets into a queue.

iptables -I INPUT -d 10.0.0.0/ -j NFQUEUE --queue-num

2. Access the Packets queue.

Install the module netfilterqueue first.

pip3 install -U git+https://github.com/kti/python-netfilterqueue

3. Write the Python script to intercept and process the packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(1, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

We can also drop the packets through function packet.drop().

4. Use the following command to stop the packet capturing.

iptables --flush

Converting Packets to Scapy Packets

1. Execute the iptables command to capture the OUTPUT and INPUT packets.

iptables -I OUTPUT -j NFQUEUE --queue-num 

iptables -I INPUT -j NFQUEUE --queue-num

2. Execute the following Python script to process the captured packets.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

def process_packet(packet):

    print(packet)

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

3. Convert the packet to scapy packet and show on the screen.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

4. Stop the capture of the packet by the command.

iptables --flush

Python Ethical Hacking - Intercepting and Modifying Packets的更多相关文章

  1. Python Ethical Hacking - Packet Sniffer(1)

    PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting info ...

  2. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  3. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  4. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

    Recalculating Content-Length: #!/usr/bin/env python import re from netfilterqueue import NetfilterQu ...

  5. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  6. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  7. Python Ethical Hacking - Packet Sniffer(2)

     Capturing passwords from any computer connected to the same network.  ARP_SPOOF + PACKET_SNIFFER Ta ...

  8. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  9. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

随机推荐

  1. .Net微服务实战之DevOps篇

    技术只是基础 该系列的两篇文章<.Net微服务实战之技术选型篇>和<.Net微服务实战之技术架构分层篇>都是以技术角度出发描述微服务架构的实施. 如果技术选型篇叙述的是工具,那 ...

  2. Azure AD B2C(二)使用Azure AD B2C为ASP.NET Core 应用设置社交帐户(邮箱)登录/注册

    一,引言 上次关于Azure AD B2C 讲到一些概念,有介绍到,Azure AD B2C 也是一种身份验证的解决方案,但是它运行客户使用其首选的社交,企业或者本地账户标识对应用程序和API进行单一 ...

  3. Java CRC16 MODBUS校验算法实现

    /** * CRC校验算法工具类 */ public class CRCUtil { public static String getCRC(String data) { data = data.re ...

  4. MySQL服务器是怎么处理客户端请求的

    不论MySQL客户端进程和服务器进程是采用哪种方式进行通信,最后实现的效果都是:客户端进程向服务器进程发送一段文本(MySQL语句),服务器进程处理后再向客户端进程发送一段文本(处理结果).那服务器进 ...

  5. 拿来即用:用C+JS结构来处理JSON数据

    [面对的问题] 在物联网产品的开发过程中,对JSON格式的数据处理是一个强需求,例如亚马逊的 AWS IOT平台,设备与后台之间的通讯数据都是JSON格式,先瞄一眼大概的样子: 这是一个真实产品的通讯 ...

  6. java之FTP上传下载

    import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import ...

  7. JavaWeb网上图书商城完整项目--day02-21.退出功能的实现

    1.当用户点击退出的时候,跳转到登陆页面 当用户点击退出的时候,需要将session中保存的登陆的用户销毁掉 当用户点击退出的时候,调用UserServlet的quit方法 退出按钮在top.jsp中 ...

  8. nmap二层发现

    使用nmap进行arp扫描要使用一个参数:-sn,该参数表明屏蔽端口扫描而只进行arp扫描. nmap支持ip段扫描,命令:nmap -sn 192.168.1.0/24 nmap速度比arping快 ...

  9. 入门大数据---Spark_Streaming整合Kafka

    一.版本说明 Spark 针对 Kafka 的不同版本,提供了两套整合方案:spark-streaming-kafka-0-8 和 spark-streaming-kafka-0-10,其主要区别如下 ...

  10. JDK8 日期格式化

    SpringBoot 是为了简化 Spring 应用的创建.运行.调试.部署等一系列问题而诞生的产物,自动装配的特性让我们可以更好的关注业务本身而不是外部的XML配置,我们只需遵循规范,引入相关的依赖 ...