How to replace specific content in http response?

[Loong H]

I don't know if this question is naive, but I really want to know how to achieve this goal using libcrafter? Will libcrafter mangle the response and then the user who send request can only receive the packet we modify?

Many thx.

[Esteban Pellegrino]

what you want to do will work as long as you don't modify the size of the HTTP payload. if you modify the size you'll have to fix the TCP seq / ack number accordingly to not mess up the connection. and that's not something trivial to do. what you need to do is basically TCP hijacking, and that requires a full TCP stack implementation in user mode.

my suggestion for you is to take another approach. you can perform a MITM attack (with any tool you want, including libcrafter) and then redirect all the traffic of your victim to a proxy setup on the attacker machine. then do all the HTTP mangling on the proxy.

On Tue, Jan 27, 2015 at 12:25 AM, Loong H <godghos...@gmail.com> wrote:

I don't know if this question is naive, but I really want to know how to achieve this goal using libcrafter? Will libcrafter mangle the response and then the user who send request can only receive the packet we modify?

Many thx.

--
You received this message because you are subscribed to the Google Groups "libcrafter" group.
To unsubscribe from this group and stop receiving emails from it, send an email to libcrafter+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Esteban Pellegrino | Software Developer
Twitter | Zimperium.com

[Loong H]

Hi Esteban, thanks for your patient. What I want to do is modify packets in an Ethernet bridge, is that proxy a good way?

在 2015年1月28日星期三 UTC+8上午12:24:47，Esteban Pellegrino写道：

[Esteban Pellegrino]

I don't know what you mean by Ethernet bridge? can you explain a bit more?

if you need to modify HTTP data a proxy is the way to go.

[Loong H]

Sorry for the concept, what i mean is this thing: http://en.wikipedia.org/wiki/Bridging_(networking)

I have read this article and tried it already:

http://freecode.com/articles/configuring-a-transparent-proxywebcache-in-a-bridge-using-squid-and-ebtables

I only wonder if there is another way in link layer to do what i want.

--
You received this message because you are subscribed to a topic in the Google Groups "libcrafter" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/libcrafter/IxiQj239EzM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to libcrafter+...@googlegroups.com.