I'm trying to change simple GET request with pydivert (WinDivert for python)
我尝试用py分流(python的WinDivert)来更改简单的GET请求
What i seem to encounter is problem with packet lenght.
when i rewrite url so it has same amount or less of letters it works:
ie. GET /?a=asdf => GET /?a=z
我似乎遇到的是包的问题。当我重写url时,它有相同数量或更少的字母它工作:ie。GET / ?= asdf = > / ? z =
But when i add more letters to the request, browser loops and ends up without showing anything
但是当我在请求中添加更多的字母时,浏览器就会循环,结果却没有显示任何东西。
Below is example code i use
下面是我使用的示例代码。
filter_ = "true and tcp.PayloadLength > 0"
with Handle(filter=filter_) as handle:
while True:
packet = handle.receive()
if packet.payload[0:3]=="GET":
packet.payload=packet.payload.replace("GET /?a=asdf","GET /?a=gfdsazzz")
handle.send(packet)
and
和
<?php
echo $_GET['a'];
?>
Is there somewhere a MAX packet size setted. If yes then how to increase it?
是否有某个地方有一个最大的数据包大小。如果是,那么如何增加它?
If that would be a hint for you then if i will print all packets in console then i clearly see that request was responded by server because see packet.payload with gfdsazzz
如果这对你来说是一个提示,那么如果我在控制台上打印所有的包,那么我清楚地看到请求被服务器响应,因为看到了数据包。载荷与gfdsazzz
1 个解决方案
#1
2
The immediate problem is that you did not update the TCP/IP headers to reflect the new packet length.
最直接的问题是,您没有更新TCP/IP报头以反映新的包长度。
However, there are other more serious problems:
然而,还有其他更严重的问题:
- As you mentioned, the new packet may exceed the maximum packet size (MTU)
- 如您所述,新包可能超过最大数据包大小(MTU)
- The TCP Seq/Ack numbers need to be changed, and will no longer be in sync between both ends of the connection.
- TCP Seq/Ack数字需要更改,并且将不再在连接的两端同步。
- EDIT: Another problem is that the URL may be split between multiple packets, especially for long URLs.
- 编辑:另一个问题是URL可能会在多个包之间分开,特别是对于长URL。
The second and third problems can not be fixed easily.
第二和第三个问题不容易解决。
If you wish to modify TCP streams with WinDivert, a far better solution is to use WinDivert to redirect the traffic to a local proxy server, and have the proxy server edit the stream. For an example program that uses this idea, see TorWall.
如果您希望使用WinDivert修改TCP流,那么更好的解决方案是使用WinDivert将流量重定向到本地代理服务器,并让代理服务器编辑流。对于一个使用这个想法的示例程序,请参见TorWall。
#1
2
The immediate problem is that you did not update the TCP/IP headers to reflect the new packet length.
最直接的问题是,您没有更新TCP/IP报头以反映新的包长度。
However, there are other more serious problems:
然而,还有其他更严重的问题:
- As you mentioned, the new packet may exceed the maximum packet size (MTU)
- 如您所述,新包可能超过最大数据包大小(MTU)
- The TCP Seq/Ack numbers need to be changed, and will no longer be in sync between both ends of the connection.
- TCP Seq/Ack数字需要更改,并且将不再在连接的两端同步。
- EDIT: Another problem is that the URL may be split between multiple packets, especially for long URLs.
- 编辑:另一个问题是URL可能会在多个包之间分开,特别是对于长URL。
The second and third problems can not be fixed easily.
第二和第三个问题不容易解决。
If you wish to modify TCP streams with WinDivert, a far better solution is to use WinDivert to redirect the traffic to a local proxy server, and have the proxy server edit the stream. For an example program that uses this idea, see TorWall.
如果您希望使用WinDivert修改TCP流,那么更好的解决方案是使用WinDivert将流量重定向到本地代理服务器,并让代理服务器编辑流。对于一个使用这个想法的示例程序,请参见TorWall。