堆栈内存溢出
  简体   繁体   English

如何通过Netfilter队列和Scapy更改TCP有效负载和长度

[英]how to change the TCP payload and length via netfilter queue and scapy

 原文  2017-03-21 03:47:09       python/ iptables/ scapy/ payload/ netfilter

问题描述

using Netfilter Queue and scapy change the TCP payload, test client send a msg to test server: 使用Netfilter Queue和Scapy更改TCP有效负载,测试客户端将msg发送到测试服务器:

iptables rule in test server: iptables -A OUTPUT -p TCP -d [test client ip] -j NFQUEUE --queue-num 1 测试服务器中的iptables规则:iptables -A OUTPUT -p TCP -d [测试客户端ip] -j NFQUEUE --queue-num 1

after changing the TCP payload, if the length is same after changed, and just replace strings, all behave correctly. 更改TCP有效负载后,如果更改后的长度相同,并且仅替换字符串,则所有行为均正确。

but if the length is different, the program is abnormal: 但是如果长度不同,则程序异常:

if the payload length is shorter: client can receive the modified payload, but the socket can not close normally, the client send a RST connection to server 如果有效载荷长度较短:客户端可以接收修改后的有效载荷,但是套接字无法正常关闭,则客户端向服务器发送RST连接

if the payload length is longer: client also can receive the modified payload, but the server repeatedly to send packet for several times, the socket can not close normally, server socket is 'CLOSING', and client socket is 'FIN_WAIT1' or 'TIME_WAIT' the system queue is 14 at last, normal is 6: 如果有效载荷长度较长:客户端也可以接收修改后的有效载荷,但是服务器反复发送数据包几次,套接字无法正常关闭,服务器套接字为“ CLOSING”,客户端套接字为“ FIN_WAIT1”或“ TIME_WAIT” '系统队列最后是14,正常是6:

cat /proc/net/netfilter/nfnetlink_queue 猫/ proc / net / netfilter / nfnetlink_queue 

1   7888     0 2  4016     0     0       14  1

from tcpdump display, there are many "tcp retransmission" 从tcpdump显示,有很多“ tcp重传”

somebody help me? 来人帮帮我? thanks, below is the test code: 谢谢,下面是测试代码: 

from netfilterqueue import NetfilterQueue
from scapy.layers.inet import IP,TCP
from scapy.packet import Packet,Raw

def print_and_accept(pkt):
msg = IP(pkt.get_payload())
try:
    if msg.haslayer(TCP) and msg.haslayer(Raw):
        print msg[IP].show()
        _Data = 'for the hook test'
        msg[TCP].remove_payload()
        msg[TCP].add_payload(_Data)
        #msg[Raw].load = _Data
        msg[IP].len = len(msg)
        del msg[IP].chksum
        del msg[TCP].chksum
        msg = msg.__class__(str(msg))
        pkt.set_payload(str(msg))
        #new_msg = IP(pkt.get_payload())
        #print new_msg[TCP].payload
        #print new_msg[IP].show()
        print msg[IP].show()
        print 'End!!!'
        pkt.accept()
    else:
        pkt.accept()
except Exception, err:
    print err
    pkt.accept()

nfqueue = NetfilterQueue()
nfqueue.bind(1, print_and_accept)
try:
    nfqueue.run()
except KeyboardInterrupt:
    print('')

1 个解决方案

解决方案1
 0  2017-04-12 12:21:42

长度已更改,因此seq,ack num有所不同,它在关闭套接字时引起了异常,我仍然不知道如何解决此问题,但它不会影响有效负载传输

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用nfqueue / scapy更改TCP Payload - Change TCP Payload with nfqueue/scapy 使用Scapy和NetFilter队列接收自定义协议数据包 - Receiving Custom Protocol Packets With Scapy and NetFilter Queue Netfilter和Scapy - Netfilter and Scapy Scapy 改变数据包长度 - Scapy change packet length 如何通过 Scapy 设置 TCP 选项(时间戳和 SAckOk)? - How to set TCP options (Timestamp and SAckOk) via Scapy? 使用 Scapy 缩短 TCP 有效负载会导致 [TCP 上一个段未捕获] - Shortening TCP payload with Scapy results in [TCP Previous segment not captured] 如何修改 scapy 数据包有效载荷 - How to modify scapy packet payload 通过 netfilter 钩子修改后的 Tcp 虚假重传 - Tcp Spurious retransmissions after modification via netfilter hook 我该如何更改实时数据包的长度,然后将其转发到Scapy? - How can I change live packet length and then forward them in scapy? Python:使用nfqueue / scapy在TCP有效负载内重写查询 - Python: Rewriting query within TCP payload using nfqueue/scapy
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM