Thank you for reply. I've completed the Python for Pentesters course; and I have a script to sniff and dissect packets. What I do is arp spoof a victim machine and can sniff the packets on my kali, on which I allowed ip forwarding. I can change the HTTP header. For example, I can successfully modify a GET request:
old_hdr = pkt.getlayer(Raw).load
new_hdr = 'GET /hi.php?hi=ZZZZZZZZZZZZZZ HTTP/1.1'
hdr = old_hdr.split("\r\n")
hdr = new_hdr
send_hdr = '\r\n'.join(hdr)
pkt[TCP].payload = send_hdr
When I print pkt[TCP].show(), it does show that the GET has been modified. However, the server (I can see that using tcpdump) and the client do not receive the injected request. Say, I originally send GET /hi.php?hi=AAAAAA; so, the server will receive the original request. Maybe I should disable forwarding and have the code forward the packets?