Clever Geek Handbook

How to change batch data using scapy?

How can I change packet data with scapy?

I tried using sniff()

and then the send()

edited package, but it won't work as the original package has already reached its goal.

+3


source to share


3 answers


"but it won't work because the original package has already reached its target."

So, first, you need to set up some kind of MiTM solution so that all communications between both ends move around your device and allow you to modify the packet data.



Some well-known software packages for this functionality / attack are ettercap and cain / abel.

+2


source


iTayb,

You seem to be interested in proxying some service with scapy? If so, which one?

The first order of business is how packages go through a box using scapy. Do this by installing the gateway on the remote computer according to the oblique box. If it's for some kind of penetration test, you will need to patch some MAC addresses. You can do this with scapy using the arpcachepoison method or with a third party program like ettercap.



Once that is complete, your method using sniff () and send () should work a little better, just make sure you change the packet before you get into the sending part;) Here's a small example of how you could do that .. here i am just changing the destination address of the ip header, but you can change whatever you want.

from scapy import *

def chgSend(x):
    x[IP].dst = '192.168.1.1'
    send(x)
while 1:
    sniff(prn=chgSend)

direct current

+3


source


I had the same problem,

I think the problem is that you enabled ip_forward so that the original packet is forwarded to the original destination before the modified packet is sent to scapy.

In theory, the solution is to create a rule in iptables forwarding the packets you want to change to a different port (this is more or less what Ettercap does internally).

      i.e = iptables -t nat -A PREROUTING -p tcp --destination-port "YourInterestingPort" -j REDIRECT   --to-port 1234

And then in scapy listen to that port, change the packet and send the packet to the original port.

This solution is difficult to implement due to filtering, you only need to redirect and modify the packets you want and exclude syn ack arp etc.

If you want to change the server's responses, an easier way to do this is to act as an intermediary instead of modifying packages on the fly.

  • Arpspoof
  • ipatbles

  • Open a socket, receive a packet, open a connection and send it to the original destination as if you were a client and received a response, change the response and put it back in the original request.

    while True: c, addr = s_mb.accept () # Establish client connection. query = c.recv (BUFFER_SIZE)

       s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
   s.connect((IP, PORT))
   s.send(PACKET)
   response = s.recv(1024)
   if response = "THIS IS THE RESPONSE THAT I WANT TO MODIFY":
    if(real_simulation):
        fakeresponse = "MODIFIED RESPONSE"
        #print "The packet has beeb modified"
       else:
        fakeresponse = response
   s.close()     
   c.send(fakeresponse)

(Sorry for the messy code)

+2


source






More articles:


All Articles