36 lines
1.2 KiB
Python
36 lines
1.2 KiB
Python
from netfilterqueue import NetfilterQueue, Packet as NFQPacket
|
|
from scapy.all import IP, TCP, Packet as SPacket, Raw, Ether, send
|
|
# from scapy.layers.ipsec import IP
|
|
from scapy.layers.http import HTTPResponse, HTTP
|
|
|
|
def process_packet(nfqpacket: NFQPacket):
|
|
scapy_packet: SPacket = IP(nfqpacket.get_payload())
|
|
if scapy_packet.haslayer(IP) and scapy_packet.haslayer(TCP) and scapy_packet.haslayer(HTTP) and scapy_packet.haslayer(HTTPResponse):
|
|
if scapy_packet[IP][TCP][HTTP][HTTPResponse].fields['Status_Code'] == b'200':
|
|
print(f"Original Packet: {scapy_packet.summary()}")
|
|
|
|
new_packet: SPacket = IP(scapy_packet.build().replace(b'OK',b'NO'))
|
|
|
|
del new_packet[IP].chksum
|
|
del new_packet[TCP].chksum
|
|
|
|
print(f"Modified Packet: {new_packet.summary()}")
|
|
print()
|
|
|
|
nfqpacket.set_payload(new_packet.build())
|
|
nfqpacket.accept()
|
|
|
|
def main():
|
|
nfqueue = NetfilterQueue()
|
|
nfqueue.bind(0, process_packet)
|
|
|
|
try:
|
|
print("Binding to NFQUEUE 0...")
|
|
nfqueue.run()
|
|
except KeyboardInterrupt:
|
|
print("Stopping...")
|
|
finally:
|
|
nfqueue.unbind()
|
|
|
|
if __name__ == "__main__":
|
|
main() |