Requirements: TCP packets need to be captured under Windows and can modify packets, similar to man-in-the-middle attacks in network security.
Review:
WinDivert: Windows Packet Divert
Windows Packet Divert (WinDivert) is a user-mode packet capture and transfer package for Windows 10, Windows 11, and Windows Server.
Official Website:The hyperlink login is visible.
WinDivert allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can:
- Capture network packets
- Filter/drop network packets
- Sniffing network packets
- (re)inject network packets
- Modify network packets
WinDivert can be used to implement user-mode packet filters, packet sniffers, firewalls, NAT, VPNs, tunneling applications, and more.
Key features of WinDivert include:
- Packet interception, sniffing, or dropping patterns
- Supports loopback (localhost) traffic
- Full IPv6 support
- Network layer
- Simple but powerful API
- Advanced filtering language
- Filter priority
- Silent installation
- It is provided free of charge under the terms of the GNU Broad General Public License (LGPL).
Build httpbin
httpbin(1): HTTP request and response service, build an http service, modify the requested packet content through WinDivert, you can intuitively see that the packet has been modified through the response content, and the server receives the content of the packet that has been intercepted and modified by the middleman.
Source:The hyperlink login is visible.
The Docker build httpbin command is as follows:
As shown below:
.NET console
First, create a new .NET 8 console application, and the nuget reference is as follows:
The code is as follows:
Before blocking and modifying the database, as shown in the following figure:
Start intercepting and modifying the packet, as shown in the following figure:
(End) |
Posted on 2025-9-26 10:53:00
|
|
|
|
