Is this possible?
Results 1 to 6 of 6

Thread: Is this possible?

  1. #1
    Junior Member
    Join Date
    Jan 2004
    Posts
    2

    Is this possible?

    Can I use Ethereal, netcat or some other tool to manually intercept and modify
    http traffic that is being sent or received from a program on my windows system?

    I am running ethereal and can see lots of http traffic but would like the ability to intercept and modify the traffic in real time. Similar to what the WebScarab proxy?

    Am I not understanding the functionality of Ethereal or Netcat or does this tool even exit?

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    You are most definately not understanding the functionality of that software... You have basically already answered your own question though.... you require some sort of Proxy server if you're going to modify http traffic in real time.

    Achilles (http://www.mavensecurity.com/achilles) is a very popular proxy used for this purpose in Windows environments (It can also be used along with wine under Linux.. however there are other choices in both environments)

    As for the tools you mentioned..

    Ethereal is a sniffer... It lets you see what's travelling across the wire, however you can't touch the data... Think of it as a Read-Only device.

    NetCat is for creating connections or opening a port... so you could use this to talk to an HTTP server... but you'd be sending the requests to it manually..

    > nc www.antionline.com 80
    > GET / HTTP/1.0
    > [CRLF]
    > [CRLF]


    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  3. #3
    Junior Member
    Join Date
    Jan 2004
    Posts
    2
    Thanks for the response and clarification, now I have a follow up;

    I understand how to use a proxy with my web browsers. Go to the settings option and point it to the port where the proxy is running.

    What can be done when there are services running on your pc that open any port number (found out looking at Ethereal) and communicating to the remote server and wait for the response

    for example:
    localhost:4553 ----> remote_server:80
    localhost:4553 <---- remote_server:80

    I have set my proxy to look at certain ports on my localhost but the other programs randomly go to anther port.

    Is there a setting on Achilles or another proxy that can be a proxy on a range of ports or is there a network setting i need to configure so all my http traffic is forced goes through one port.

    Sorry if these questions seem basic. But I have searched this forum and across the web and can't find the answer.

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    You startup your proxy.... say it's listening on port 8080...

    You configure your browser to use the proxy @ localhost:8080. All traffic from your web browser will go through your proxy..

    Other programs you use have to be configurable to use a proxy... and you'll have to adjust their proxy settings seperately..

    I'm not tring to be rude, but perhaps you should consider looking into the basics and learning a little bit about proxies, networking, etc before trying to play with stuff.. it usually works better if you go that way..

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  5. #5
    Banned
    Join Date
    May 2006
    Posts
    20
    Thanks, this is helpful for me, I know a lot about proxies, I've been stuck behind a really anal (can I say that) one for quite some time and had to learn about how it worked etc so I could work out how to bypass the content filtering methods installed on it. (Business line provided for home use)

    Now I'm free of that and I'm looking at installing my own so I can modify traffic and muck around with all that kind of stuff as sort of an educational thing. So achilles looks good for me (Windows user, although starting to get into linux a lot more, mainly for security purposes)

    Thanks man.

  6. #6
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Bypassing the restrictions might be a violation of the EULA or AUP... You may even loose your Internet connection as a result..

    Why don't you switch ISPs if you don't agree with their policy?
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •