I know there are various programs that sniff packets like WireShark, but I'm pretty sure you can only view the data. I want to know if it's possible to edit incoming packets. I'm not sure if packets are the right term. I just want to edit incoming data that is recieved through the internet and who's destination is a specific application. Let's say I am playing an online game. As it loads my computer, it is recieving information like "This person has 10 coins in their money pouch". Obviously not exactly like that but you get the point. I would like to be able to change the data so it is say 100 instead of 10. I know something like this would be possible if you were to do this: Imagine my computer is connected to the internet with an ethernet cord. There is a device attached to the ethernet cord which recieves the data and changes it and then lets it continue to my computer. I would just like to know if this is possible, and how it could be accomplished.
Thanks!
The way I do it, is one of 2 ways:
1.
If your application supports it set up a HTTP Proxy on your machine and you could software like burp / Fiddler to mess with the data
If not (the protocol is not HTTP) you could use either one of 2 options i'v tried [Both based on Hooking the API calls from the application to the OS]:
EchoMirage software that allow messing around with the packets
[Bit more advanced: ] There is a debugger named OllyDbg which has a plugin named Universal Hooker; it enables to hook any window API function and execute a python script on demend. the uHooker contains examples for how to hook WSASend and WSARecive (which are the API functions used in windows sockets).
Related
I'm using VBA for Excel to communicate with hardware via serial communication. The code uses API calls similar to this here: http://dev.emcelettronica.com/serial-port-communication-in-excel-vba.
I've been successful with rs232 but it isn't working with rs485. After sending data and reading back the response, the read times out and it reads the same data that was sent.
I have access to software that someone else developed and their software works, so I know that the hardware is ok. I used a serial port sniffer and their code seems to have a lot of redundancy but it looks like its using the same configuration and sending the same data as my code. But their code gets a valid response while mine doesn't.
Could someone share some basic troubleshooting tips for this type of problem?
A major difference between rs232 and rs485 is that rs485 has an additional configuration setting for wire mode. The rs485 can support 2-wire or 4-wire configurations, with 3 different 2-wire configurations. Once I selected the correct configuration, the same code that I used for rs232 worked for rs485.
I am working with pcap in an OS X application to understand packet analysis.
I am working with a app https://github.com/jpiccari/MacAlyzer
but I am getting only raw data but I want to differentiate every domain request into separate and clear way to read request and response value. Please guide me the way to how to develop an application with pcap.
I have tried some code but they translate data into hex format. How do I convert that data into meaningful request and response objects like Charles and Fiddler show?
MacAlyzer wasn't developed for your needs. I know because I'm the author. As already stated, Charles and Fiddler are web proxies and work entirely different (and serve different purposes).
Diving a bit deeper into your question, communication between client and server happens IP-to-IP and not domain-to-domain. Domain information is not contained in the packets at the either the IP or TCP level. Instead computers request domain-to-IP lookup information which is then stored and communication is carried out using the client and server IP addresses.
MacAlyzer, and really libpcap, don't have sophisticated packet dissection (like say Wireshark) and cannot display packet information as verbosely as other programs. Before I lost interest in the project I was planning a library that would allow much richer packet dissection and analysis, but free time became very limited.
As for adding domain information to MacAlyzer, I'll explain at a high-level since it seems you know what you're doing. To include domain information instead of IP address in the Source and Destination columns you could edit function ip_host_string() in ip.m. This function controls how the client and server addresses are displayed. Modifying it to lookup the hostname from IP address and returning the resulting string would cause the domains to be displayed instead of IP addresses.
If you come up with some nice updates, consider submitting a pull request.
Here is the food for thoughts:
http://www.binarytides.com/packet-sniffer-code-c-linux/
Anyway, you will need to use C. Therefore, check the codes of the includes, for example:
http://www.eg.bucknell.edu/~cs363/2014-spring/code/tcp.h
Here is the documentation of "pcap":
http://www-01.ibm.com/support/knowledgecenter/#!/ssw_aix_71/com.ibm.aix.basetrf1/pcap_close.htm
I'm setting up some higher end security systems for a client. I'm using blue iris (his request) which has alot of great options for alerting you via cell phone or POTS telephone call. Unfortunately the building is 100% VoIP with no POTS and the camera server is in that building. I want it to ring a house number via a Automated VOIP call when an event is triggered in blue Iris then play a pre-recorded message.
We have a couple of Asterisk/Elastix PBXes in the company. I'm not sure how to proceeded:
Blus iris event triggered, it sends message/request/alert to a extension on the PBX
PBX makes the automated call to the group of numbers whenever that extension is dialed/contacted/triggered/etc.
I'd use an external script file (PHP, Ruby, BASH) to generate your call request on the PBX. See my answer at [
Asterisk AGI - Originate a call using php agi
] for more details. However, what you're doing is entirely possible, as I do it myself for a couple of different solution sets.
Essentially, and most easily, you'd generate a call file via script and within it ensure you have a couple of channel variables set that are keys for specific routing. When the call connects at the far end, the near end goes into a dialplan on the ASTPBX where exactly what message is played, after-message behaviour, etc, is managed by the channel variables you've set.
I'm trying to create an embedded outdoor display of bus arrival times at my university. I'd like the device to utilize my school's secured WiFi network to show arrival time updates determined from a server script I have running.
I was hoping to get some advice on the high-level operation of this thing -- would it be better for the display board to poll a hosted database via the WiFi network or should I have a script try to communicate with the board directly over 802.11? (Push or Pull?)
I was planning to use a Wifly or WIZnet ethernet board in combination with a wireless access hub. Mostly inspired by this project: http://www.circuitcellar.com/Wiznet/winners/001166.html Would anyone recommend something else over one of the WIZnet boards? I saw SPI/UART options and thought these boards could work with an AVR platform.
And out of curiosity -- if you were to 'cold start' this device (ie, request a bus arrival time by pushing the display's on button) you might expect it to take 10-20 seconds to get assigned an IP and successfully connect to the database, does that sound right?
I'd go pull. In fact, I'd have outdoor display make http or https requests of the server. That way the server could tell it how long to show a given set of data before polling for a new one using standard http page expiration.
I think pull would make it easier to have multiple displays, and to test your server as well. I've also got a gut feeling that this would make your display more secure. Someone would have to hack your server to hijack your display.
There's a very cool looking Arduino-targetted product called the WiShield. Seems super easy to use and he provides some source code. It uses SPI for host communication. If you're not interested in going the Arduino route, I'm sure the source code wouldn't be too hard to port to something like avr-gcc. Check it out, might save you some time and headaches for $55. Worth checking out anyway.
If I understand the parallel port right, sending data from (D0 to D7) simultaneous, but that it can control the sticks individually?
example:
D0 = Input
D1 = Input
D2 = Output
...
...
...
D7 = Input
would it work?
what I want to do is to both send and receive data simultaneously.
Data wires (D0-D7) are being read or set simultaneously. For various tecniques for bidirectional I/O read the attached articles:
Standard parallel port: http://www.beyondlogic.org/spp/parallel.htm
EPP: http://www.beyondlogic.org/epp/epp.htm
ECP: http://www.beyondlogic.org/ecp/ecp.htm
This site is a good source for programming the parallel port.
The basic idea is that you need a DLL, add-on or library that allows you to access the I/O Ports of the PC. For Windows XP on up you need a specific driver that will allow you do this as the OS doesn't offer access out of the box.
The Parallel port will generally reside at one of three address 278,378, 3BC. This port. have the bytes you are reading or writing.
The (base)+1 port allows access to the status bytes. IE. 279,379, 3BD
The (base)+2 port allows access to the control bytes. IE. 27A,37A,3BE
The parallel port documentation will tell not only how to implement the common modes (like bi-directional) but how to control the port at the byte level to implement your own custom.
Back in the day there was only the standard mode available. You pump out your bytes at the (base) port. Some application, like mine, manipulated individual bits of that ports as form of cheap Digital I/O Controller. We did use the status and control bytes as additional inputs and outputs. There were commands you can send to the Parallel Port chip configure the modes precisely.
Today there are are hundreds of sites with example of using the Parallel Port to solve all kinds of problems. I would be surprised that one of doesn't have something you can use for you specific application.
Again the book I recommend starting with is Parallel Port complete. It tells just about everything you need to start with. If your application is too esoteric for that book it will give a springboard from which you can find the exact setup you need.
Of course by sending a number that has just the required bit set (2n) you'd get the expected result.
I'm not sure about bidirectional access though. I guess it's achieved by using control pins along with the data pins but that's just a guess.
Parallel ports doing EPP or ECP only allow D0-D7 to be all input or all output. Trying to do otherwise may fry your hardware.
See http://www.nor-tech.com/solutions/dox/ieee1284_parallel_ports.pdf, page 6.
However, parallel ports have several control lines that may be useful if you only need a small amount of input/output in the "other" direction.
I believe its bit 5 in the port's control register (base address + 2) that switches direction. (no hardware line attached)