Reputation: 1003
how to modify packet header(IP header, TCP Header) before the host send them into the network
I want to modify packet header(IP header, TCP Header) before the host send them into the network.
For example, if I'm using firefox for browsing, then I want to intercept all the packets from firefox and modify the IP/TCP header and then send them into the network.
so basically, there are two requirements: 1 intercept all the packets from firefox(but not other programs). if this is not possible, is it possible to intercept the packets from a specific port or ip/port pair
2 modify the IP/TCP header and then inject them into the network
are there ways, APIs to achieve this? how about libpcap? are there similar source code snippets? I'm working with linux c
thanks!
Upvotes: 3
Views: 17340
Answers (3)
Reputation: 145
To modify the packets, it is better as simple as injecting the packet which is modified into your network. C has a library libnet which does every thing related to packet injection. Python has scapy to inject the packets .
Now you can do quite interesting things , with libent and scapy , instead of modifying your packet ip/tcp headers , perform arp spoofing and then inject falsify packets and redirect them to the victim.
Libpcap is used for capturing packets but not for modifying packets . So you can build your own sniffer using libpcap , but to inject/modify packets you need to use libnet .
To make life simpler , there are tools like burp suite etc..where you can modify the http headers only before forwarding it .
Upvotes: 4
Reputation: 498
it should be for you Network packet capturing for Linux.
But it seems to intercept all process in the system.
maybe you can use
#include <sys/ptrace.h>
long ptrace (enum __ptrace_request request,
pid_t pid,
void *addr,
void *data);
and hook send(2) or recv(2) to modify the tcp header.
Upvotes: -3
Reputation: 439
Razorback is an open source API for deep packet injection. You can find the source at:
http://sourceforge.net/projects/razorbacktm/files/Razorback/
You can also request them for the source code for their proposed system.
http://www.icir.org/vern/papers/pktd-pam03.pdf
Upvotes: 1
Related Questions
- Intercept Ethernet packets before they reach kernel
- access and change the reserved bits on tcp header
- Using libtins to recreate IP packet change its header
- How to alter an Ethernet Packet (a packet that comes from the NIC)? Can I Use Netfilter Hooks?
- Modify header of a captured packet
- How to change packet before sending it to network card
- Linux module for modify packets(Netfilter)
- Control TCP header fields from a user program
- How to captuare an IP packet, change its content and resend it on Linux?
- Windows network packet modification