I have tested a scenario here a proxy sits between the server and client while browsing youtube videos.
I am sniffing the HTTP traffic, and observe that at least a bunch of SWF files (content-type:Content-Type: application/x-shockwave-flash) are being received. I am able to store these files on the disk as well.
Now, I am trying to playback these files, but it is not a single file. Not sure why and how youtube server is sending these multiple files.
Questions:
1. How can we interpret these files at the Proxy itself before they reach the Flash player in the browser.
2. How can we process these files (e.g. transcode) at the proxy and then send them to the client.
3. Are these files independent pieces of informations that Flash player need or these are chunked by the youtube server?
Thanks.
Related
I am trying to reverse engineer the network API's for my baby monitor's app (Owlet) on my iPhone so I can access the live video stream from the Owlet cam.
My end goal is to create a plugin for Google Home and view the video stream there rather than having to use the Owlet app.
In order to isolate the network API's, I have used MITMPROXY and Charles Proxy to analyze the HTTP/S activity of my iPhone while using the app.
I downloaded the profiles from both proxies on my phone and trusted them (not simultaneously). I can use the Owlet app and view the cam livestream within the app while using the proxies, so in theory the proxies should be recording the activity.
The problem I am having is this: I cannot find the HTTP request for the video stream. All of the HTTP/S responses are "Content-Type: application/JSON". No chunked, no mpeg, or any other media file types or clues to indicate a request/response is a streamed video. I can see all of the authorization requests/responses and I can see metadata updates about the status of the Owlet hardware sensors, but nothing for the actual video stream.
I am able to replicate the authorization requests within the network. I can access metadata about the user account and the camera. But I cannot find out how to access the video stream from the camera.
Can HTTP/S proxies such as MITMPROXY and Charles essentially skip some network activity coming from the targeted device? Is it possible that the request for the stream URL is some other protocol besides HTTP/S that the proxies just ignore?
I am a novice regarding networking; please forgive any poorly phrased/understood concepts.
I'm just learning about it and I have these things in mind but I'm not quite sure about them. Is there any wrong ideas about my findings? Please elaborate it in simple terms.
HTTP:
used to view websites between web servers
web server files to another web server
used to transfer small files (in text form)
used to have access in WWW
FTP
used to access and transfer files between a local machine and a web server
local files to a web server
used to transfer large files (in any form)
used to have access in a remote server
HTTP and FTP (note there is a section on the wikipedia page illustrates the differences between HTTP and FTP) are both application layer protocols.
See also here.
HTTP:
used to make request response communications between a server and a client
this communication can be used to both upload and download text and binary information
state less
faster when transferring many small files
used for web pages with or without authentication required
FTP:
also performs uploading and downloading of information
stateful control connection
faster for single large file transfers
file transfer authentication needed
limited support of pipe-lining
The big difference is that HTTP fixes many of the issues incurred by FTP. One example is that FTP has very little overhead and no metadata while HTTP provides this and there HTTP supports the sending of multiple files. Also HTTP is state less.
Some extra sources I would advise you read for more information on this are:
1. http://www.differencebetween.net/technology/difference-between-ftp-and-http/
2.
https://daniel.haxx.se/docs/ftp-vs-http.html
Also for more information on the different types of FTP, I would advise looking at this Stack Overflow post.
We are using Wowza Streaming Engine for live streaming, and thought we can use Amazon CloudFront to deliver the video to viewers to reduce the load on our servers and stop worrying how much bandwidth we consume.
Users use HLS to watch the video on iOS devices, the URLs look like this: http://[cdnHash].cloudfront.net/live/[origin]_[stream_name]/playlist.m3u8. We have a number of servers across the world, so we created several Behaviours in CloudFront, so it knows where to get each stream, depending on the [origin] piece of the URL as Path Pattern.
This works, we can view the video using this URL, and all seems fine. However, we noticed that for every viewer using CloudFront URL, a new connection to Wowza Engine is created. Which kinda defeats the purpose of using a CDN, because the bandwidth from our servers is again directly proportional to the number of viewers, plus we'll be now paying for CloudFront bandwidth as well.
I am not sure where to look for the root of this problem: settings on Wowza origins, or CloudFront settings?
It sounds like you are using the incorrect application type in your Wowza Streaming Engine. To integrate your Wowza with CloudFront, you will need to use an HTTP Origin type of application. When in this mode, connections are session-less and should not spawn unique connections for each CloudFront playback.
To create an HTTP Origin type of application:
From the Manager UI, go into Applications, and click on the Add Application menu.
Select either Live or VOD HTTP Origin depending on the type of content you are streaming.
Save your new application and test streaming from your CloudFront distribution again.
I am currently trying to debug a flex application that uses a vlc media player plugin to watch mpeg-2 videos.
I have run up Fiddler and I can see lots of calls from the flex application for resources it uses but when I play a video in the player, I do not see any requests for the video in Fiddler.
Any ideas how to get Fiddler to show the http traffic when a video is played?
Fiddler will show any HTTP/HTTPS traffic that is sent through it. For traffic not seen in Fiddler, there are two possibilities:
1> The traffic is non-HTTP/HTTPS (e.g. straight TCP/IP).
2> The traffic is HTTP/HTTPS but is not configured to go through the proxy.
If the traffic is non-HTTP/HTTPS, there's nothing you can do to get it to appear in Fiddler.
If the traffic is HTTP/HTTPS but isn't using the system's default proxy, you may be able to configure it to do so. For instance, I don't know if the VLC plugin respects the settings from the VLC client, but try clicking Tools > Preferences > Input & Codecs and put 127.0.0.1:8888 the box for the proxy URL.
When i Download something from any File Sharing web Site ( Rapid share, FileSonic etc) then at first the browser connects to them with Http , but when the actual file download is happening does the underlying protocol changes to FTP?
the download protocol is still HTTP (at least with Rapidshare).