- December 6, 2020 at 1:50 pm #49434
I’ve encountered a problem while using the code injector script shown in the lecture.Basicly the changes applied to the packet seem to make the browser refuse to aplly them,it throws me an http 400 error,saying that the request was malformed.I saw that zaid also had some “Bad request” errors in the terminal but in his case it worked perfectly.I was using bing.com to try injecting the code,I don’t know if it has something to do specifically with bing.the code didn’t work on vulnweb as well.Here are the screenshots of the errors:
Regards,December 7, 2020 at 6:37 pm #49473
Don’t use bing as it uses hsts protection now a days, try it with speedbit.com.
Also can you share a screenshot of your code?
DiegoDecember 8, 2020 at 8:45 pm #49592
I couldn’t reach speedbit,i can’t access it now,even on the main computer.I tried the code on vulnweb,and it didn’t work so I suppose it wouldn’t work on speedbit,since the thing is they are http.Anyway here are the screenshots of the code:
(This the reorganised code,without the scapy_packet.show commands,but still it doesnt work,I added the functions for changing iptables rules after the errors occured so i don’t think they are the reason)
I also noticed that the code didnt decode the incoming raw layers of packets,but i it did show the content length.It seems very strange to me.
Regards,December 9, 2020 at 6:37 pm #49701
I will suggest to remove the iptables rules form the code, they are inside a loop and that’s not a good practice, better run them manually.
So first flush iptables:
iptables –table nat –flush
iptables –table nat –delete-chain
iptables -P FORWARD ACCEPT
Enable port forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
Then run the iptables manually and try it again, and yes, it looks like speedbit.com is offline now, that’s weird. So you can try with stealmylogin.com
Are you sure you are using the latest custom kali image provided by Zaid? It’s important! Are you using python 2 or 3?
Let me know.
DiegoDecember 10, 2020 at 9:28 pm #49750
I removed the ip_tables changing function from the code.I cleared the iptables with the commands that you mentioned and I enabled port forwarding,the code still doesnt seem to work.I used stealmylogin.com.I’m using the custom kali image provided by zaid,has there been any newer versions?I downloaded it in may when I started doing zaid’s courses.I’m using python 2.I noticed now that instead of the script it seems like the error message “HTTP/1.1 400 Bad Request” gets somehow injected into the websites source code at the bottom,i think its still because the changes in the packet are getting rejected,here is the screenshot:
Regards,December 11, 2020 at 6:32 pm #49783
That’s weird, can you share a screenshot of the modified code? Also add a print after load.replace() and check if the load is being modified properly.
The latest custom kali is v1.3, but this script should work anyway.
Let me know.
DiegoDecember 16, 2020 at 9:39 pm #49957
I added the print after load.replace().
It seems like the requests are getting modified properly because i get decrypted answers containing html page details,but still in the load field of the returned packets,the error 400 “bad request” occurs and below i get a packet that contains something like this in the load field:
Here’s the screenshot of it:
Every packet contains the error 400 at the beginning,I noticed that some packets don’t get decrypted at all:
I get same results on http,https,and hsts websites.The program still doesn’t manage to inject the script into the browser.Here are screenshots of the code:
Regards,December 23, 2020 at 6:47 pm #50205
Test the script against http sites only, later on the course you’ll learn to bypass https. So you are getting ecvrypted content because you are using https and hsts sites.
Which http site are you using?
Also try by donwlaoding and importing the latest custom kali v1.3, this might also help to solve the issue, just install scapy and netfilterqueue on it.
Let me know how it goes!
- You must be logged in to reply to this topic.