# <img src="https://github.com/nxenon/h2spacex/assets/61124903/fd6387bf-15e8-4a5d-816b-cf5e079e07cc" width="10%" valign="middle" alt="Scapy" /> H2SpaceX
[](https://pypi.org/project/h2spacex/)
[](https://www.python.org)
[](https://github.com/nxenon/h2spacex/blob/main/LICENSE)
HTTP/2 Single Packet Attack (Race Condition) low level library based on Scapy
# TODO
- Single Packet Attack - POST &...
- [x] implement
- [ ] test functionality on different H2 frameworks
- Single Packet Attack - GET
- [ ] implement
- [ ] Content-Length: 1 Method
- [ ] POST Request with x-override-method: GET header
- [ ] test functionality on different H2 frameworks
- Response Parsing
- [x] implement
- [ ] implement threaded response parser
- [x] Body Decompression
- [x] gzip
- [x] br
- [x] deflate
- [Proxy](https://github.com/nxenon/h2spacex/wiki/Quick-Start-Examples#proxy-example)
- [x] Socks5 Proxy
# More Research
Some following statements are just ideas and not testes or implemented.
- More Request in a Single Packet
- Increase MSS (Idea by James Kettle)
- Out of Order TCP Packets (Idea by James Kettle)
- IP Fragmentation
- Proxy the Single Packet Request through SOCKS
- Single Packet Attack on GET Requests
- Content-Length: 1 Method (Idea by James Kettle)
- x-override-method: GET Method (Idea by James Kettle)
- Index HPACK Headers to Make GET Requests Smaller
- HEADERS Frame without END_HEADER Flag
- HEADERS Frame Without Some Pseudo Headers
# Installation
H2SpaceX works with Python 3 (preferred: >=3.10)
pip install h2spacex
# Quick Start
You can import the HTTP/2 TLS Connection and set up the connection. After setting up the connection, you can do other things:
```python
from h2spacex import H2OnTlsConnection
h2_conn = H2OnTlsConnection(
hostname='http2.github.io',
port_number=443
)
h2_conn.setup_connection()
...
```
see more examples in [Wiki Page](https://github.com/nxenon/h2spacex/wiki/Quick-Start-Examples)
# References & Resources
- [James Kettle DEF CON 31 Presentation](https://youtu.be/tKJzsaB1ZvI?si=6uAuzOt3wjnEGYP6)
- [Portswigger Research Page](https://portswigger.net/research/smashing-the-state-machine#single-packet-attack)
- [HTTP/2 in Action Book](https://www.manning.com/books/http2-in-action)
I also got some ideas from a previous developed library [h2tinker](https://github.com/kspar/h2tinker).
Finally, thanks again to James Kettle for directly helping and pointing some other techniques.
Raw data
{
"_id": null,
"home_page": "https://github.com/nxenon/h2spacex",
"name": "h2spacex",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": "",
"keywords": "race-condition,http2,single-packet-attack",
"author": "nxenon",
"author_email": "nxenon <nasiri.aminm@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/e0/a0/3d2659e81bb1a4ef88973b2026f77d2192c288df1a9571caa648808314ea/h2spacex-0.1.15.tar.gz",
"platform": null,
"description": "# <img src=\"https://github.com/nxenon/h2spacex/assets/61124903/fd6387bf-15e8-4a5d-816b-cf5e079e07cc\" width=\"10%\" valign=\"middle\" alt=\"Scapy\" /> H2SpaceX\r\n\r\n[](https://pypi.org/project/h2spacex/)\r\n[](https://www.python.org)\r\n[](https://github.com/nxenon/h2spacex/blob/main/LICENSE)\r\n\r\nHTTP/2 Single Packet Attack (Race Condition) low level library based on Scapy\r\n\r\n# TODO\r\n\r\n- Single Packet Attack - POST &...\r\n - [x] implement\r\n - [ ] test functionality on different H2 frameworks\r\n- Single Packet Attack - GET\r\n - [ ] implement\r\n - [ ] Content-Length: 1 Method\r\n - [ ] POST Request with x-override-method: GET header\r\n - [ ] test functionality on different H2 frameworks\r\n- Response Parsing\r\n - [x] implement\r\n - [ ] implement threaded response parser\r\n - [x] Body Decompression\r\n - [x] gzip\r\n - [x] br\r\n - [x] deflate\r\n- [Proxy](https://github.com/nxenon/h2spacex/wiki/Quick-Start-Examples#proxy-example)\r\n - [x] Socks5 Proxy\r\n\r\n# More Research\r\nSome following statements are just ideas and not testes or implemented.\r\n\r\n- More Request in a Single Packet\r\n - Increase MSS (Idea by James Kettle)\r\n - Out of Order TCP Packets (Idea by James Kettle)\r\n - IP Fragmentation\r\n- Proxy the Single Packet Request through SOCKS\r\n- Single Packet Attack on GET Requests\r\n - Content-Length: 1 Method (Idea by James Kettle)\r\n - x-override-method: GET Method (Idea by James Kettle)\r\n - Index HPACK Headers to Make GET Requests Smaller\r\n - HEADERS Frame without END_HEADER Flag\r\n - HEADERS Frame Without Some Pseudo Headers\r\n\r\n# Installation\r\nH2SpaceX works with Python 3 (preferred: >=3.10)\r\n\r\n pip install h2spacex\r\n\r\n# Quick Start\r\nYou can import the HTTP/2 TLS Connection and set up the connection. After setting up the connection, you can do other things:\r\n\r\n```python\r\nfrom h2spacex import H2OnTlsConnection\r\n\r\nh2_conn = H2OnTlsConnection(\r\n hostname='http2.github.io',\r\n port_number=443\r\n)\r\n\r\nh2_conn.setup_connection()\r\n...\r\n```\r\nsee more examples in [Wiki Page](https://github.com/nxenon/h2spacex/wiki/Quick-Start-Examples)\r\n\r\n# References & Resources\r\n\r\n- [James Kettle DEF CON 31 Presentation](https://youtu.be/tKJzsaB1ZvI?si=6uAuzOt3wjnEGYP6)\r\n- [Portswigger Research Page](https://portswigger.net/research/smashing-the-state-machine#single-packet-attack)\r\n- [HTTP/2 in Action Book](https://www.manning.com/books/http2-in-action)\r\n\r\nI also got some ideas from a previous developed library [h2tinker](https://github.com/kspar/h2tinker).\r\n\r\nFinally, thanks again to James Kettle for directly helping and pointing some other techniques.\r\n",
"bugtrack_url": null,
"license": "GPL-3.0",
"summary": "HTTP/2 Single Packet Attack low level library based on Scapy",
"version": "0.1.15",
"project_urls": {
"Bug Tracker": "https://github.com/nxenon/h2spacex/issues",
"Examples": "https://github.com/nxenon/h2spacex/wiki/Quick-Start-Examples",
"Homepage": "https://github.com/nxenon/h2spacex",
"Wiki": "https://github.com/nxenon/h2spacex/wiki"
},
"split_keywords": [
"race-condition",
"http2",
"single-packet-attack"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "32ce46e92a757ccff7a3caece926b09d314bdae83c87d58ba060c34a45f3f875",
"md5": "49c9aeaaab9b02d8113a309948be3dcc",
"sha256": "9bc42146953836d05eaeaca655de0348781f597662aaa1b95491b5ffcb925922"
},
"downloads": -1,
"filename": "h2spacex-0.1.15-py3-none-any.whl",
"has_sig": false,
"md5_digest": "49c9aeaaab9b02d8113a309948be3dcc",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 22787,
"upload_time": "2023-11-07T08:33:54",
"upload_time_iso_8601": "2023-11-07T08:33:54.558411Z",
"url": "https://files.pythonhosted.org/packages/32/ce/46e92a757ccff7a3caece926b09d314bdae83c87d58ba060c34a45f3f875/h2spacex-0.1.15-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e0a03d2659e81bb1a4ef88973b2026f77d2192c288df1a9571caa648808314ea",
"md5": "3bc8cf2b08a441ef99e5cc5bfe89b55e",
"sha256": "c6879599df2e768d43f4acfaebb3823516c290efc56448f0c469aceebff8778b"
},
"downloads": -1,
"filename": "h2spacex-0.1.15.tar.gz",
"has_sig": false,
"md5_digest": "3bc8cf2b08a441ef99e5cc5bfe89b55e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 23328,
"upload_time": "2023-11-07T08:33:56",
"upload_time_iso_8601": "2023-11-07T08:33:56.143626Z",
"url": "https://files.pythonhosted.org/packages/e0/a0/3d2659e81bb1a4ef88973b2026f77d2192c288df1a9571caa648808314ea/h2spacex-0.1.15.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-11-07 08:33:56",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "nxenon",
"github_project": "h2spacex",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "h2spacex"
}
JSON
