利用fiddler core api 攔截修改 websocket 數據

通常的中間人攻擊基本都是攔截修改普通的http協議裏面的內容,而對於怎麼攔截修改websocket協議傳輸的內容好像都沒有多少介紹.
talk is cheap show me the codeweb

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using Fiddler;


namespace Intercept_HTTP_requests
{
    public partial class Form1 : Form
    {
        public Form1()
        {

            InitializeComponent();
            SetSSLCer();

            FiddlerApplication.OnNotification += delegate (object sender, NotificationEventArgs oNEA) { Console.WriteLine("** NotifyUser: " + oNEA.NotifyString); };
            FiddlerApplication.Log.OnLogString += delegate (object sender, LogEventArgs oLEA) { Console.WriteLine("** LogString: " + oLEA.LogString); };
            FiddlerApplication.OnWebSocketMessage += FiddlerApplication_OnWebSocketMessage;
            FiddlerApplication.Startup(8877, true, true);

        }

        public static byte[] hexStringToBytes(String hexString)
        {
            hexString = hexString.Replace("-", "");
            int length = hexString.Length / 2;
            char[] hexChars = hexString.ToCharArray();
            byte[] d = new byte[length];
            for (int i = 0; i < length; i++)
            {
                int pos = i * 2;
                d[i] = (byte)(charToByte(hexChars[pos]) << 4 | charToByte(hexChars[pos + 1]));
            }
            return d;
        }
        private static byte charToByte(char c)
        {
            return (byte)"0123456789ABCDEF".IndexOf(c);
        }
        private static void FiddlerApplication_OnWebSocketMessage(object sender, WebSocketMessageEventArgs e)
        {
            if (e.oWSM.PayloadAsString().Contains("77-65-69-6C-69-66-61-67-65") && e.oWSM.MaskingKey == null)
            {

                String payload = e.oWSM.PayloadAsString().Replace("77-65-69-6C-69-66-61-67-65", "79-78-61-73-78-68-61-73-64-68-64-73-61-64-61-73-64-61-73");
                e.oWSM.SetPayload(hexStringToBytes(payload));

            }

        }
        private void button1_Click(object sender, EventArgs e)
        {
            button1.Text = "運行中..";
        }

        private void button2_Click(object sender, EventArgs e)
        {
            FiddlerApplication.Shutdown();
            System.Threading.Thread.Sleep(1000);
            this.Close();
        }

        private bool SetSSLCer()
        {
            if (CertMaker.rootCertIsMachineTrusted())
                return true;
            BCCertMaker.BCCertMaker a = new BCCertMaker.BCCertMaker();
            a.CreateRootCertificate();
            return a.TrustRootCertificate();
        }
    }
}

最重要的問題就是若是你要替換的內容比本來的內容短,必須在前面補零!!!c#

相關文章
相關標籤/搜索