Rewriting Live TCP/IP (Layer 4) Streams

Posted by user213060 on Stack Overflow See other posts from Stack Overflow or by user213060
Published on 2010-04-01T22:01:40Z Indexed on 2010/04/02 13:33 UTC
Read the original article Hit count: 154

Filed under:

python

|

socket-programming

|

network-programming

|

security

I want to rewrite TCP/IP streams. Ettercap's etterfilter command lets you perform simple live replacements of TCP/IP data based on fixed strings or regexes. Example:

 if (ip.proto == TCP && tcp.dst == 80) {
    if (search(DATA.data, "gzip")) {
       replace("gzip", "    ");
       msg("whited out gzip\n");
    }
 }

 if (ip.proto == TCP && tcp.dst == 80) {
    if (search(DATA.data, "deflate")) {
       replace("deflate", "       "); 
       msg("whited out deflate\n");
    }
 }

http://ettercap.sourceforge.net/forum/viewtopic.php?t=2833

I would like to rewrite streams based on my own filter program instead of just simple string replacements.

Anyone have an idea of how to do this? Is there anything other than Ettercap that can do live replacement like this, maybe as a plugin to a VPN software or something?

The rewriting should occur at the transport layer (Layer 4) as it does in this example, instead of a lower layer packet-based approach.

Thanks!

© Stack Overflow or respective owner

Related posts about python

unmet dependencies in Ubuntu 12.04

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I tried today to install a dvb-card on my Ubuntu 12.04 (Linux blauhai-linux 3.2.0-25-generic #40-Ubuntu SMP Wed May 23 20:30:51 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux ). The installation failed with an error. After that, i tried to install python (it was already installed but i got this error): linux:~$… >>> More
How can I get sikuli-ide to work?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed sikuli-ide with sudo apt-get install sikuli-ide Everything was fine until I tried to start it from the terminal. I typed sikuli-ide But the only response I got was [info] locale: en_US The application was not started, furthermore there is no desktop file and sikuli-ide does not… >>> More
Getting PATH right for python after MacPorts install

as seen on Super User - Search for 'Super User'
I can't import some python libraries (PIL, psycopg2) that I just installed with MacPorts. I looked through these forums, and tried to adjust my PATH variable in $HOME/.bash_profile in order to fix this but it did not work. I added the location of PIL and psycopg2 to PATH. I know that Terminal is… >>> More
call python with system() in R to run a python script emulating the python console

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to pass a chunk of Python code to Python in R with something like system('python ...'), and I'm wondering if there is an easy way to emulate the python console in this case. For example, suppose the code is "print 'hello world'", how can I get the output like this in R? >>> print… >>> More
Python - Calling a non python program from python?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am currently struggling to call a non python program from a python script. I have a ~1000 files that when passed through this C++ program will generate ~1000 outputs. Each output file must have a distinct name. The command I wish to run is of the form: program_name -input -output -o1 -o2… >>> More

Related posts about socket-programming

C#.NET Socket Programming: Connecting to remote computers.

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a typical server in my end and a friend using a client to connect to my IP/Port and he consistently receives the exception: "A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed… >>> More
Java Socket Programming in Client/Server Applications

as seen on Internet.com - Search for 'Internet.com'
Java provides all the capabilities required to develop socket-based applications relatively easilyand it hides all the complexity involved. >>> More
Java Socket Programming in Client/Server Applications

as seen on Internet.com - Search for 'Internet.com'
Java provides all the capabilities required to develop socket-based applications relatively easilyand it hides all the complexity involved. >>> More
Windows Phone 7 : Socket Programming

as seen on Stack Overflow - Search for 'Stack Overflow'
Is there any support for TCP/IP Sockets in Windows Phone 7? I'm not having any luck finding it so far. I want to connect to a port on a server and issue commands/receive responses >>> More
C Socket Programming, problems with select() and fd_set

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello I'm learning my way about socket programming in C (referring to Beej). Here is a simple multi-user chat server i'm trying to implement: http://pastebin.com/gDzd0WqP On runtime, it gives Bus Error. It's coming from the lines 68-78. Help me trace the source of the problem? in fact, WHY is… >>> More