I just wanted to write a program to show the server-list of teknomw3. I'm not familiar with wireshark or packet-sniffing. I just tried using wireshark and got information.
Below is one of information sent by the master-server to mw3,
I can clearly see the data sent by the master-server, that contains the data of a dedicated-server.
here's the packet info mw3 sent, before getting the server list,
Is there a way to create my own program to get the server list? I know C#, Java. but not an expert.
From where should I start?
Related
I am a student and today for a lab, we were asked to install and use Wireshark. The installation went well, I installed the correct version, installed WinPcap, and the program started without any issues.
I was connected to the University's Wifi and as part of our lab we had to visit http://www.cas.mcmaster.ca/~rzheng/course/CAS4C03W17/Labs/INTRO-wireshark-file1.html and answer questions about the data captured in Wireshark.
Problem is, I am not getting any get or post requests, filtering by http.request.method == "GET" shows nothing, and http.request.method == "POST" shows nothing as well. Filtering by http shows the 200 OK and 304 Not Modified (if I refresh).
I was the only one in my lab who had this problem, and my instructor wasn't able to figure it out. He saved and sent me his output which has Get and Post requests so I can continue my work.
Did anyone have this problem before or have any idea on how to solve it? I can upload the saved outputs if you think it would help. Thanks!
Capture sample looks like it's filtered, since it contains only packets sent to your PC IP address. What is missing:
There is not a single outgoing packet, despite they are obviously on the net. E.g. there are "TCP acknowledge" packets received by PC in capture file, but packets sent by PC, which are acknowledged by them, aren't shown.
Not a single incoming broadcast/multicast packet. This situation is possible, but not very likely.
So there is some trouble with sniffer setup on your site. Possible explanations:
accidentally configured capture filter (don't mix with display filter)
Some interfering software is installed. Example of the same complaint
Method to determine if issue is gone: apply !(ip.dst == YOUR_IP_ADDR) display filter and check if packets output isn't empty on visiting any web page. Possible plan of troubleshooting:
check capture filter
check different network card (e.g. non-wireless connection)
check wireshark operability in pure environment (e.g. liveUSB)
try removing suspected interfering software
I'm trying to read the data from HTTP stream with TCP inside Linux kernel. I'm able to get most data from skb_buff here. However, if the server pushes data to the client without requests, the data won't be copied to user space so that I cannot find it any more.
Using Wireshark, I can find the additional data as a single packet normally. Therefore I think these data should go into kernel somewhere, even if they are not requested by the user space. Is it possible to find all the data when they are retrieved from Network Interface like Wireshark did? If so, where should I find them?
Thanks! Any ideas are appreciable.
EDIT: It should be different from another similar question. I even couldn't get the skb instance containing the data I need because the client didn't request it. Therefore such data won't be copied into user space. Thanks for pointing that question to me but I still need to find the correct skb instance first. I suspect I should catch the data somewhere when the data is retrieved from network interface.
I have a GUI application that sends/recv over tcp to a server.
Sometimes, we get junk data while doing a tcp recv from the server. While reading these nulls or invalid data, the client application crashes sometimes.
Is there a good way to validate this data? - other than catching this exception.
I dont want the GUI application to crash because of bad data sent by the server.
TCP has a checksum that it uses to validate the data received; that is done by the operating system (or sometimes the network hardware, if you have nice hardware). If the contents are not correct, with a very high probability, the data that was sent was incorrect. I just state that because I'm not totally sure that you were aware of this fact.
If you need to validate the data, you will have to validate the data. Write a function that parses your data, and returns a meaningful value only if there's meaningful data. Make your GUI aware of this.
Your question is kind of self-answering... you can't say "I want to be fault-tolerant, but I don't want to care about faults" ("other than catching this exception"), and based on the lack of description of the data you'd expect, I'd say you don't really care about the form of the data.
This question is similar to
Starting to use OpenSSL
but more specific and detailed so I think it's fair to ask.
Suppose I have an simple http server that does the following in a successful GET scenario
creates a listening socket
a client connects
reads the data through recv
parses the GET request, now it knows which resource to return
writes the response through send
close the socket
This server is written in c++ on linux.
My question is, What does it take to convert this server into an minimal https server? (in particular using OpenSSL, but answers in a general sense are welcome.)
Here's my understanding (question marks mean I'm have no idea)
initialize the library
read the server certificate and private key and other configurations
create a normal listening socket(?)
a client connects
do the handshaking through a library function(?)
handshaking done
do I need a special step before I start receiving and sending data?
read data through library function(?)
does the data look exactly like an HTTP GET at this point?
if it does, parse the GET and get the resource
write return data through library function(?)
close the connection through a library function(?)
In summary, I'm hoping that it only requires adding some extra steps to the current code and does not affect the HTTP parsing. Is this assumption correct?
Many thanks to anybody who could fill in the blanks.
Look through "Network Security with OpenSSL", as it covers this. Even if you don't have the book, you can look through the code.
I'm trying to write a small program that I can talk to Omegle strangers via command line for school. However I'm having some issues, I'm sure I could solve the problem if I could view the headers sent however if you talk to a stranger on Omegle while Live HTTP Headers (or a similar plug-in or program) is running the headers don't show. Why is this? Are they not sending HTTP headers and using a different protocol instead?
I'm really lost with this, any ideas?
I had success in writing a command line Omegle chat client. However it is hardcoded in C for POSIX and curses.
I'm not sure what exactly your problem is, maybe it's just something with your method of reverse engineering Omegle's protocol. If you want to make a chat client, use a network packet analyzer such as Wireshark (or if you're on a POSIX system I recommend tcpdump), study exactly what data is sent and received during a chat session and have your program emulate what the default web client is doing. Another option is to de-compile/reverse engineer the default web client itself, which would be a more thorough method but more complicated.