通常的中間人攻擊基本都是攔截修改普通的http協議裏面的內容,而對於怎麼攔截修改websocket協議傳輸的內容好像都沒有多少介紹.
talk is cheap show me the codeweb
using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Windows.Forms; using Fiddler; namespace Intercept_HTTP_requests { public partial class Form1 : Form { public Form1() { InitializeComponent(); SetSSLCer(); FiddlerApplication.OnNotification += delegate (object sender, NotificationEventArgs oNEA) { Console.WriteLine("** NotifyUser: " + oNEA.NotifyString); }; FiddlerApplication.Log.OnLogString += delegate (object sender, LogEventArgs oLEA) { Console.WriteLine("** LogString: " + oLEA.LogString); }; FiddlerApplication.OnWebSocketMessage += FiddlerApplication_OnWebSocketMessage; FiddlerApplication.Startup(8877, true, true); } public static byte[] hexStringToBytes(String hexString) { hexString = hexString.Replace("-", ""); int length = hexString.Length / 2; char[] hexChars = hexString.ToCharArray(); byte[] d = new byte[length]; for (int i = 0; i < length; i++) { int pos = i * 2; d[i] = (byte)(charToByte(hexChars[pos]) << 4 | charToByte(hexChars[pos + 1])); } return d; } private static byte charToByte(char c) { return (byte)"0123456789ABCDEF".IndexOf(c); } private static void FiddlerApplication_OnWebSocketMessage(object sender, WebSocketMessageEventArgs e) { if (e.oWSM.PayloadAsString().Contains("77-65-69-6C-69-66-61-67-65") && e.oWSM.MaskingKey == null) { String payload = e.oWSM.PayloadAsString().Replace("77-65-69-6C-69-66-61-67-65", "79-78-61-73-78-68-61-73-64-68-64-73-61-64-61-73-64-61-73"); e.oWSM.SetPayload(hexStringToBytes(payload)); } } private void button1_Click(object sender, EventArgs e) { button1.Text = "運行中.."; } private void button2_Click(object sender, EventArgs e) { FiddlerApplication.Shutdown(); System.Threading.Thread.Sleep(1000); this.Close(); } private bool SetSSLCer() { if (CertMaker.rootCertIsMachineTrusted()) return true; BCCertMaker.BCCertMaker a = new BCCertMaker.BCCertMaker(); a.CreateRootCertificate(); return a.TrustRootCertificate(); } } }
最重要的問題就是若是你要替換的內容比本來的內容短,必須在前面補零!!!c#