Skip to content
This repository has been archived by the owner on Apr 19, 2020. It is now read-only.

TCP PProxy

Jump to bottom
Marcos Nesster edited this page May 7, 2017 · 1 revision

TCP-PProxy

A proxy that you can place between in a TCP stream. It filters the request and response streams with (scapy module) and actively modify packets of a TCP protocol that gets intercepted by WiFi-Pumpkin. this plugin uses modules to view or modify the intercepted data that possibly easiest implementation of a module, just add your custom module on "plugins/analyzers/" automatically will be listed on TCP/UDP Proxy tab.

Overview

First of all you need to import two modules

from scapy.all import *
from default import PSniffer # base plugin class

the basic plugin example:

from scapy.all import *
from scapy_http import http # for layer HTTP
from default import PSniffer # base plugin class

class ExamplePlugin(PSniffer):
    _activated     = False
    _instance      = None
    meta = {
        'Name'      : 'Example',
        'Version'   : '1.0',
        'Description' : 'Brief description of the new plugin',
        'Author'    : 'your name',
    }
    def __init__(self):
        for key,value in self.meta.items():
            self.__dict__[key] = value

    @staticmethod
    def getInstance():
        if ExamplePlugin._instance is None:
            ExamplePlugin._instance = ExamplePlugin()
        return ExamplePlugin._instance

    def filterPackets(self,pkt): # (pkt) object in order to modify the data on the fly
        if pkt.haslayer(http.HTTPRequest): # filter only http request 
        
            http_layer = pkt.getlayer(http.HTTPRequest) # get http fields as dict type
            ip_layer = pkt.getlayer(IP)# get ip headers fields as dict type
            
            print http_layer.fields['Method'] # show method http request
            # show all item in Header request http
            for item in http_layer.fields['Headers']:
                print('{} : {}'.format(item,http_layer.fields['Headers'][item]))
            
            print ip_layer.fields['src'] # show source ip address 
            print ip_layer.fields['dst'] # show destiny ip address 
            
            print http_layer # show item type dict
            print ip_layer # show item type dict
            
            return self.output.emit({'name_module':'send output to tab TCP-Proxy'})

Packet function

You can modify any packet/protocol on the fly using Scapy. All packets pass through function filterPackets as you can see bellow. read more about scapy

    def filterPackets(self,pkt): TCP packets layers
       print pkt.show() # show all details from packets

Logging

if you want to save data(tcp-proxy.log) in your plugin or add on logging Tab in TCP-Proxy, just use

self.output.emit({'your name plugin':'Hellow i am a TCP-Proxy plugin'})

the Logging tab receive the dict object , where the key is name of plugin and the value is data. I will soon add other protocols, 👍

General

Clone this wiki locally