Viewing 15 posts - 1 through 15 (of 35 total)
  • Author
    Posts
  • #49842
    Avatarcarter.james199
    Participant

    I’m in the code injector section and I can’t seem to get it to work correctly. My code runs without error capturing all the request and changing the load, so accept
    encoding section of the load is blank. But after running and using the iptables my browser just won’t load I get no responses in my terminal and it’s just stuck at white space. If screenshots are needed I can provide but I did everything that Zaid did and it just won’t load any responses. I’m using website.org also for an HTTP site.

    #49876
    diegodiego
    Moderator

    Hi!
    Are you trying this in the local or remote host?
    Can you share your code please?

    Thanks!
    Diego

    #49881
    Avatarcarter.james199
    Participant

    Two screenshots of my code : https://imgur.com/a/ZN10tUc

    I’m trying to test this on my local computer. Haven’t moved on to trying this with a remote device yet.

    #49916
    diegodiego
    Moderator

    Hi!
    When you said you are trying it on the local computer do you mean kali? Or which exact computer?

    Also I’ll suggest to write the code as showed in the course, I mean import scapi.all as scapy, and your mod function seems a bit odd, why are you getting the payload ther? and why are you converting it to bytes using utf-8? Are you using python 2 or 3?

    Let me know.
    Diego

    #49949
    Avatarcarter.james199
    Participant

    I’m running iptables on the output and input chains on my local computer. It is not Kali but it’s my own Debian based creation. I’m using python 3.7 and some things are different because the course is a little outdated some of the commands he uses are depreciated or just not working. I had to make the changes I did to stop the errors. All the other programs work as intended with scapy.all import *, so I don’t see why that would be the problem. I took out the first two lines of the mod function I left those in when I was trying to figure out the problem, sorry. In the above screenshot I also sent the wrong packet to the mod function I sent the original netfilterqueue packet that’s why I was using IP(get_payload()). I fixed all that and reverted to what I had, sending the scapy pkt from the main process function to the mod function with the modified load. Now the mod function is just like Zaid’s, setting the pkt[Raw].load to the new load and deleting the len and chksums from UDP and TCP layers.

    After changing those few lines the program still does not work. Running it on my computer it never receives any responses in the terminal or in my browser. My browser is Firefox and it just forever loads with a white screen.

    I’m wondering if it could be that I need to set a new lens for the UDP and TCP layers? But I thought Zaid said they are automatically fixed to the right number after we delete them.

    #49953
    diegodiego
    Moderator

    Hi!
    As you are learning it would be better to follow all the instructions as in the lectures, I mean using custom kali and the syntax as showed by Zaid, I reapeat this is for learning purposes, and once the scripts work you can use your custom Debian machine and the syntax you want, this will also help to spot the error in your custom script. I don’t know the specifics of your custom Debian so I can’t tell if there’s any networking issue, did the DNS and file interceptor worked as expected?

    Can you share the result of iptables -L and iptables -t nat -L after setting the rules for INPUT and OUTPUT?

    Thanks!
    Diego

    #49960
    Avatarcarter.james199
    Participant

    View post on imgur.com


    I rewrote the code to match what Zaid did again and attached the screenshots to this post.

    View post on imgur.com


    I also attached the screenshots for the iptables commands you asked for.

    I was able to get the DNS spoofer to work with an HTTP site and everything else before that, other than the file interceptor because I didn’t know any HTTP sites that had downloads on their site. Why would me using my own operating system be a problem Zaid says we don’t have to use Kali in the course.

    #49979
    diegodiego
    Moderator

    Hi!
    As I mentioned above I suggested using custom kali for learning purposes, if you have plenty knowledge on using linux then use your custom distro, I never try to said that it was a problem but if you are not familiar with linux then it can be harder to spot where the issue is, but do it as you wish.

    If there’s no info being displayed in screen while running the script and the browser window does not load at all then there are some networking issues, can you share the results of the other iptables command I mentioned? And here is site that use http that you can use to test the file interceptor:
    http://www.diabeticretinopathy.org.uk/exeforlaptops.html

    And another problem here might be running the scripts as a normal user, will suggest to run them as root, logging ig as root would be prefered.

    Thanks!
    Diego

    #49985
    Avatarcarter.james199
    Participant

    So I thought I did run all the commands you posted, but I did them again and posted the screenshots. Also, thank you for the site.

    View post on imgur.com

    Another thing when I tried to run sudo iptables -t nat or –table, I get command not found. I run the script with sudo every time it won’t let me run unless it has root.And there is output to the screen it catches all the request just no responses.

    #50023
    diegodiego
    Moderator

    Hi!
    The command should be failling because you are missing -L, look what I wrote avobe, iptables -t nat -L, so if you are not getting repsonses it should be because some packets are stucked, try to flush iptables first:
    iptables –flush
    iptables –table nat –flush
    iptables –delete-chain
    iptables –table nat –delete-chain
    iptables -P FORWARD ACCEPT

    Enable port forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    Then run the proper iptables rules again and try it once more.

    Let me know how it goes!
    Diego

    #50036
    Avatarcarter.james199
    Participant

    Do I need to IP forward if I’m using this on my local device and not another computer?

    #50046
    diegodiego
    Moderator

    Hi!
    Yeah, that won’t affect the performance of the script, did flushing iptables work?

    Let me know.
    Diego

    #50062
    Avatarcarter.james199
    Participant

    Ok so I ran the correct iptables command ‘iptables -t nat -L’ and there were no queues in the chains everything with policy accept.
    I ran it before running the script and during getting the same output. The file interceptor scripted worked just fine with the site you gave me. And flushing iptables didn’t work it made the browser start getting responses and load the page yes but i was still unable to see any responses in my terminal.

    #50063
    Avatarcarter.james199
    Participant

    images of iptables commands

    View post on imgur.com

    #50122
    diegodiego
    Moderator

    Hi!
    Which website did you use this last time for testing the code injector? It was an http site right? If so then look at the code source page and verify if the code has been injected.

    Let me know.
    Diego

Viewing 15 posts - 1 through 15 (of 35 total)
  • You must be logged in to reply to this topic.