NetKeeperPost/RouterPost1.py at master · jym66/NetKeeperPost · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import socket
from scapy.all import sniff
from scapy.layers.http import HTTPRequest, HTTP
from scapy.sessions import TCPSession
from scapy.supersocket import StreamSocket
from time import sleep


class HttpResend:
    def __init__(self, host, default_user, username):
        self.host = host
        self.port = 80
        self.filter = f"host {self.host} and tcp and port 80"
        self.default_user = default_user
        self.username = username
        self.stopFlag = False

    def start(self):
        sniff(filter=self.filter, prn=self.parse, session=TCPSession, stop_filter=self.stop)
        return

    def stop(self, x):
        return self.stopFlag

    def getUser(self):
        # 用户名加密的话可以在这里改
        return self.default_user

    def parse(self, pkt):
        # 解析HTTP协议
        if pkt.haslayer(HTTPRequest) and str(pkt.getlayer("Raw")).find(self.getUser()) != -1:
            body = bytes(pkt.getlayer("Raw")).decode().replace(self.default_user, self.username)
            print("已获取路由器发送的 HTTP 请求体,开始重新组装数据")
            if pkt[HTTPRequest].fields.get('Content_Length') is not None:
                pkt[HTTPRequest].fields['Content_Length'] = str(len(body)).encode()
            request = HTTP() / HTTPRequest(
                # 通用请求头
                Method=pkt[HTTPRequest].fields.get('Method'),
                Path=pkt[HTTPRequest].fields.get('Path'),
                Accept=pkt[HTTPRequest].fields.get('Accept'),
                Accept_Encoding=pkt[HTTPRequest].fields.get('Accept_Encoding'),
                Accept_Language=pkt[HTTPRequest].fields.get('Accept_Language'),
                Cache_Control=pkt[HTTPRequest].fields.get('Cache_Control'),
                Connection=pkt[HTTPRequest].fields.get('Connection'),
                Content_Length=pkt[HTTPRequest].fields.get('Content_Length'),
                Content_Type=pkt[HTTPRequest].fields.get('Content_Type'),
                Host=pkt[HTTPRequest].fields.get('Host'),
                Origin=pkt[HTTPRequest].fields.get('Origin'),
                Pragma=pkt[HTTPRequest].fields.get('Pragma'),
                Referer=pkt[HTTPRequest].fields.get('Referer'),
                User_Agent=pkt[HTTPRequest].fields.get('User_Agent'),
                Cookie=pkt[HTTPRequest].fields.get('Cookie'),
                Authorization=pkt[HTTPRequest].fields.get('Authorization'),
            ) / body
            print("数据组装完毕,开始重新发送拨号请求")
            sleep(1)  # 等一秒发送, 要不然发送太快可能不生效
            response = self.send_requests(request)
            print("发送完毕 状态码: " + response.getlayer("HTTPResponse").fields.get("Status_Code").decode() + " 请自行查看拨号是否成功")
            self.stopFlag = True

    def send_requests(self, byte_data):
        s = socket.socket()
        s.connect((self.host, self.port))
        sock = StreamSocket(s, HTTP)
        return sock.sr1(byte_data, verbose=False)


if __name__ == '__main__':
    HttpResend("192.168.0.156", "123", "password").start()