pythonTCP包注入
版權宣告:本文可能為博主原創文章,若標明出處可隨便轉載。 https://blog.csdn.net/Jailman/article/details/77574233
#! /usr/bin/env python
import socket
import struct
def checksum(data):
s = 0
n = len(data) % 2
for i in range(0, len(data)-n, 2):
s+= ord(data[i]) + (ord(data[i+1]) << 8)
if n:
s+= ord(data[i+1])
while (s >> 16):
s = (s & 0xFFFF) + (s >> 16)
s = ~s & 0xffff
return s
class ip():
def __init__(self, source, destination):
self.version = 4
self.ihl = 5 # Internet Header Length
self.tos = 0 # Type of Service
self.tl = 0 # total length will be filled by kernel
self.id = 54321
self.flags = 0 # More fragments
self.offset = 0
self.ttl = 255
self.protocol = socket.IPPROTO_TCP
self.checksum = 0 # will be filled by kernel
self.source = socket.inet_aton(source)
self.destination = socket.inet_aton(destination)
def pack(self):
ver_ihl = (self.version << 4) + self.ihl
flags_offset = (self.flags << 13) + self.offset
ip_header = struct.pack("!BBHHHBBH4s4s",
ver_ihl,
self.tos,
self.tl,
self.id,
flags_offset,
self.ttl,
self.protocol,
self.checksum,
self.source,
self.destination)
return ip_header
class tcp():
def __init__(self, srcp, dstp):
self.srcp = srcp
self.dstp = dstp
self.seqn = 0
self.ackn = 0
self.offset = 5 # Data offset: 5x4 = 20 bytes
self.reserved = 0
self.urg = 0
self.ack = 0
self.psh = 1
self.rst = 0
self.syn = 0
self.fin = 0
self.window = socket.htons(5840)
self.checksum = 0
self.urgp = 0
self.payload = ""
def pack(self, source, destination):
data_offset = (self.offset << 4) + 0
flags = self.fin + (self.syn << 1) + (self.rst << 2) + (self.psh << 3) + (self.ack << 4) + (self.urg << 5)
tcp_header = struct.pack("!HHLLBBHHH",
self.srcp,
self.dstp,
self.seqn,
self.ackn,
data_offset,
flags,
self.window,
self.checksum,
self.urgp)
#pseudo header fields
source_ip = source
destination_ip = destination
reserved = 0
protocol = socket.IPPROTO_TCP
total_length = len(tcp_header) + len(self.payload)
# Pseudo header
psh = struct.pack("!4s4sBBH",
source_ip,
destination_ip,
reserved,
protocol,
total_length)
psh = psh + tcp_header + self.payload
tcp_checksum = checksum(psh)
tcp_header = struct.pack("!HHLLBBH",
self.srcp,
self.dstp,
self.seqn,
self.ackn,
data_offset,
flags,
self.window)
tcp_header+= struct.pack("H", tcp_checksum) + struct.pack("!H", self.urgp)
return tcp_header
def test(source,site,data):
s = socket.socket(socket.AF_INET,
socket.SOCK_RAW,
socket.IPPROTO_RAW)
src_host=source
dest_host=socket.gethostbyname(site)
# IP Header
ipobj=ip(src_host,dest_host)
iph=ipobj.pack()
# TCP Header
tcpobj=tcp(1234,80)
tcpobj.data_length=len(data)
tcph=tcpobj.pack(ipobj.source,ipobj.destination)
# Injection
packet=iph+tcph+data
s.sendto(packet,(dest_host,80))
s.close()
if __name__ == `__main__`:
test("10.0.0.1","www.baidu.com","ITS TEST")
相關文章
- 手機抓包+注入黑科技HttpCanary——最強大的Android抓包注入工具HTTPPCAAndroid
- Simple Injector是.NET的依賴注入庫包依賴注入
- 資料包注入重放工具aireplay-ngAI
- Spring注入:配置注入(set注入和構造器注入)與註解注入Spring
- PHP 依賴注入擴充套件包 - 讓你在任何時候隨心所欲使用依賴注入「秀配圖 ^_^」PHP依賴注入套件
- SQL 注入:聯合注入SQL
- sql注入之union注入SQL
- 程式注入之DLL注入
- Laravel底層學習筆記01 - 框架核心,依賴注入,閉包Laravel筆記框架依賴注入
- sql注入之堆疊注入及waf繞過注入SQL
- 封神臺MYSQL 注入 - Dns注入MySqlDNS
- 大量使用的Node.js包存在程式碼注入漏洞,請及時更新Node.js
- win10最強注入工具,遠端執行緒注入、訊息鉤子注入、輸入法注入、EIP注入、登錄檔注入、APC注入(APC好像不能用)Win10執行緒
- 封神臺Oracle注入- 報錯注入Oracle
- HttpCanary實現對HTTP2協議的抓包和注入(原理篇)HTTPPCA協議
- sql注入之型別及提交注入SQL型別
- C++ DLL注入和程式碼注入C++
- dns注入DNS
- sql注入SQL
- php注入PHP
- quine注入UI
- SQL 注入SQL
- IOC注入技術之編譯時注入編譯
- 關於SpringBoot bean無法注入的問題(與檔案包位置有關)改變自動掃描的包Spring BootBean
- 關於SpringBoot bean無法注入的問題(與檔案包位置有關)Spring BootBean
- sql注入修改SQL
- MySql注入科普MySql
- SQLServer注入技巧SQLServer
- 程式碼注入
- sql注入1SQL
- sql注入2SQL
- mysql防注入MySql
- SQL防注入SQL
- oracle注入整理Oracle
- 自動注入
- 防止sql注入SQL
- 黑客向熱門JavaScript庫注入惡意程式碼 竊取Copay錢包的比特幣黑客JavaScript比特幣
- Spring set注入和構造注入的區別Spring