Man In The Middle Attack in Python

Posted: 31 Agustus 2012 in Uncategorized
Tag:

CLIENT SIDE

#!/usr/bin/python

"""
TELNET OKHO
"""

import socket

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect(('localhost', 50000))

def SendToServer(data):
        global sock
        sock.sendall(data)
        received = sock.recv(1024)
        return received

while 1:
        a = raw_input('cmd: ')
        if a == 'exit':
                sock.close()
                break
        data = SendToServer(a)
        print 'rec:', data
        print ''

MAN IN THE MIDDLE

#!/usr/bin/python

import SocketServer
import socket
from datetime import datetime, date, time
import logging

SERVER_ADDR = 'localhost'
SERVER_PORT = 50001
LOCAL_ADDR  = ''
LOCAL_PORT  = 50000
BUF_SIZE    = 1024
LOG_FILE    = '/home/okho/python/MITM.log'

logging.basicConfig(filename=LOG_FILE,level=logging.DEBUG)

def hexdump(src, length=10):
    result = []
    digits = 4 if isinstance(src, unicode) else 2
    for i in xrange(0, len(src), length):
       s = src[i:i+length]
       hexa = b' '.join(["%0*X" % (digits, ord(x))  for x in s])
       text = b''.join([x if 0x20 <= ord(x) < 0x7F else b'.'  for x in s])
       result.append( b"%04X   %-*s   %s" % (i, length*(digits + 1), hexa, text) )
    return b'\n'.join(result)

def SendToServer(data):
        global sock
        sock.sendall(data)
        received = sock.recv(BUF_SIZE)
        return received

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((SERVER_ADDR, SERVER_PORT))

class TCPRequestHandler(SocketServer.BaseRequestHandler ):
    def setup(self):
        print self.client_address, 'connected!'
        #self.request.send('hi ' + str(self.client_address) + '\n')

    def handle_timeout(self):
        self.shutdown()

    def handle(self):
        global BUF_SIZE, LOG_FILE, server, logging
        data = 'dummy'
        while data:
            if data:
                data = self.request.recv(BUF_SIZE)
                log_data =  '[', str(datetime.now()), '] rec from client: ', str(self.client_address), "\n", hexdump(data)

                log_str =  ''.join(log_data)
                print log_str
                logging.info (log_str)

                realdata = SendToServer(data)

                log_data = '[',str(datetime.now()), '] rec from real server:\n',hexdump(realdata), '\n'
                log_str = ''.join(log_data)
                print log_str
                logging.info (log_str)
                self.request.send(realdata)
                print ''
                if data.strip() == 'mitm-bye':
                                server.shutdown()
                                return

    def finish(self):
        print self.client_address, 'disconnected!'
        #self.request.send('bye ' + str(self.client_address) + '\n')

server = SocketServer.ThreadingTCPServer((LOCAL_ADDR, LOCAL_PORT), TCPRequestHandler)
server.allow_reuse_address = True
#timeout 10 menit
server.timeout = 600
server.serve_forever()

REAL SERVER

#!/usr/bin/python
# a simple tcp server

import SocketServer

class TCPRequestHandler(SocketServer.BaseRequestHandler ):
    def setup(self):
        print self.client_address, 'connected!'
        #self.request.send('hi ' + str(self.client_address) + '\n')

    def handle(self):
                global server
                data = 'dummy'
                while data:
                        if data:
                                data = self.request.recv(1024)
                                print 'rec: ', data
                                self.request.send(data)
                                if data.strip() == 'bye':
                                        server.shutdown()
                                        return

    def finish(self):
        print self.client_address, 'disconnected!'
        #self.request.send('bye ' + str(self.client_address) + '\n')

#server host is a tuple ('host', port)
SocketServer.allow_reuse_address = True
server = SocketServer.ThreadingTCPServer(('', 50001), TCPRequestHandler)
server.serve_forever()

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s