Adding an extra header in HTTP packets

Sometimes, you would like to manipulate an application by supplying a custom HTTP header that contains custom information. For example, adding an authorization header can be useful to implement the HTTP basic authentication in your packet capture code.

How to do it...

Let us sniff the packets using the sniff() function of Scapy and define a callback function, modify_packet_header(), which adds an extra header of certain packets.

Listing 9.3 gives the code for adding an extra header in HTTP packets, as follows:

#!/usr/bin/env python
# Python Network Programming Cookbook -- Chapter - 9
# This program is optimized for Python 2.7. 
# It may run on any other version with/without modifications.

from scapy.all import *

def modify_packet_header(pkt):
  """ Parse the header and add an extra header"""
  if pkt.haslayer(TCP) and pkt.getlayer(TCP).dport == 80 and 
pkt.haslayer(Raw):
    hdr = pkt[TCP].payload.__dict__        
    extra_item = {'Extra Header' : ' extra value'}
    hdr.update(extra_item)     
    send_hdr = '
'.join(hdr)
    pkt[TCP].payload = send_hdr
  
    pkt.show()
  
    del pkt[IP].chksum
    send(pkt)

if __name__ == '__main__':
  # start sniffing
  sniff(filter="tcp and ( port 80 )", prn=modify_packet_header)

If you run this script, it will show a captured packet; print the modified version of it and send it to the network, as shown in the following output. This can be verified by other packet capturing tools such as tcpdump or wireshark:

$ python 9_3_add_extra_http_header_in_sniffed_packet.py 

###[ Ethernet ]###
  dst       = 52:54:00:12:35:02
  src       = 08:00:27:95:0d:1a
  type      = 0x800
###[ IP ]###
     version   = 4L
     ihl       = 5L
     tos       = 0x0
     len       = 525
     id        = 13419
     flags     = DF
     frag      = 0L
     ttl       = 64
     proto     = tcp
     chksum    = 0x171
     src       = 10.0.2.15
     dst       = 82.94.164.162
     options   
###[ TCP ]###
        sport     = 49273
        dport     = www
        seq       = 107715690
        ack       = 216121024
        dataofs   = 5L
        reserved  = 0L
        flags     = PA
        window    = 6432
        chksum    = 0x50f
        urgptr    = 0
        options   = []
###[ Raw ]###
           load      = 'Extra Header
sent_time
fields
aliastypes
post_transforms
underlayer
fieldtype
time
initialized
overloaded_fields
packetfields
payload
default_fields'
.
Sent 1 packets.

How it works...

First, we set up the packet sniffing using the sniff() function of Scapy, specifying modify_packet_header() as the callback function for each packet. All TCP packets having TCP and a raw layer that are destined to port 80 (HTTP) are considered for modification. So, the current packet header is extracted from the packet's payload data.

The extra header is then appended to the existing header dictionary. The packet is then printed on screen using the show() method, and for avoiding the correctness checking failure, the packet checksum data is removed from the packet. Finally, the packet is sent over the network.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
13.58.51.36