Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER - 代码天地

Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER

其他 2019-09-04 22:37:51 阅读次数: 0

MODIFYING DATA IN HTTP LAYER

Edit requests/responses.
Replace download requests.
Inject code(html/Javascript)

Modifying HTTP Requests on the Fly:

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue
from scapy.layers.inet import IP, TCP
from scapy.packet import Raw

ack_list = []


def process_packet(packet):
    scapy_packet = IP(packet.get_payload())
    # print(scapy_packet.show())
    if scapy_packet.haslayer(TCP) and scapy_packet.haslayer(Raw):
        if scapy_packet[TCP].dport == 80:
            # print("HTTP Request")
            if ".rar" in scapy_packet[Raw].load.decode():
                print("[+] rar Request")
                ack_list.append(scapy_packet[TCP].ack)
                print(scapy_packet.show())
        elif scapy_packet[TCP].sport == 80:
            if scapy_packet[TCP].seq in ack_list:
                ack_list.remove(scapy_packet[TCP].seq)
                print("[+] Replacing file")
                # print("HTTP Response")
                print(scapy_packet.show())

    packet.accept()


queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
    queue.run()
except KeyboardInterrupt:
    print('')

Browse the http website and download the .rar file.

猜你喜欢

转载自www.cnblogs.com/keepmoving1113/p/11461890.html

Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER

Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER（2）

Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER（3）

Python Ethical Hacking - KEYLOGGER

Python Ethical Hacking - Basic Concetion

Python Ethical Hacking - BACKDOORS(1)

Python Ethical Hacking - BACKDOORS(3)

Python Ethical Hacking - BACKDOORS(4)

Python Ethical Hacking - Persistence(2)

Python Ethical Hacking - DNS Spoofing

Python Ethical Hacking - BACKDOORS(2)

Python Ethical Hacking - NETWORK_SCANNER(1)

Python Ethical Hacking - Packet Sniffer(2)

Python Ethical Hacking - BeEF Framework(2)

Python Ethical Hacking - Bypass HTTPS(2)

Python Ethical Hacking - The Lab and Needed Software

Python Ethical Hacking - BeEF Framework(1)

Python Ethical Hacking - WEB PENETRATION TESTING(4)

Python Ethical Hacking - NETWORK_SCANNER(2)

Python Ethical Hacking - ARP Spoofing(1)

Python Ethical Hacking - ARPSpoof_Detector

Python Ethical Hacking - VULNERABILITY SCANNER(2)

Python Ethical Hacking - VULNERABILITY SCANNER(5)

Python Ethical Hacking - Malware Analysis(3)

Python Ethical Hacking - Malware Analysis(4)

Python Ethical Hacking - TROJANS Analysis(1)

Python Ethical Hacking - TROJANS Analysis(5)

Python Ethical Hacking - Malware Packaging(4)

Python Ethical Hacking - VULNERABILITY SCANNER(1)

Python Ethical Hacking - VULNERABILITY SCANNER(9)

今日推荐

《美国对全球网络空间安全与发展的威胁和破坏》报告发布

火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱？

北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”

LFOSSA 源来如此公开课 | 掌握云原生未来：CNCF 认证全面攻略与备考秘籍

周排行

循环神经网络（rnn）讲解

Tigao教程四：单独的关节运动

金蝶K3WISE15.0-注册套打教程

如何在Mac上配置Kubernetes

Android应用结束自身进程的方法

SpringMVC学习十三拦截器栈

中国驻洛杉矶总领馆举行新春招待会

HttpClient get post 发送

11 - three.js 笔记 - 绘制三维字体模型

Mysql递归获取某个父节点下面的所有子节点和子节点上的所有父节点

每日归档

更多

2024-05-01(4)

2024-04-30(1)

2024-04-29(40)

2024-04-28(0)

2024-04-27(56)

2024-04-26(39)

2024-04-25(22)

2024-04-24(36)

2024-04-23(26)

2024-04-22(39)