kdub

Forum Replies Created

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • June 14, 2007 at 11:31 pm in reply to: Packet Length #6268
    kdub
    Participant

      @kdub wrote:

      @SerpentFly wrote:

      However, please note that injecting data into the TCP stream is not as easy as it may seem at the first look, because you should properly shift SEQ and ACK fields in your newly inserted packet and all sequent packets.

      Before I try to inject a packet into the TCP stream I thought I would check with you to see if there is another way to do what I need at the winsock level. If application 1 and application 2 are communicating via TCP using windows sockets on a set port, is there a way from my intercepting application to send a message to application 1 using Winsock so that is appears it came from application 2? I can’t figure out how to send messages using winsock using a port that is already open.
      (e.g. App1 is connected to App2 on local port 9999, I want App3 to be able to send messages to App1 using local local port 9999 as well).

      KDUB

      June 13, 2007 at 6:14 pm in reply to: Packet Length #6266
      kdub
      Participant

        @SerpentFly wrote:

        However, please note that injecting data into the TCP stream is not as easy as it may seem at the first look, because you should properly shift SEQ and ACK fields in your newly inserted packet and all sequent packets.

        Can you direct me to any websites that document the shifting of the SEQ and ACK fields. Also is shifting a set incremental value or is it based on the content of the packet?

        Thanks,

        KDUB

        June 13, 2007 at 5:41 am in reply to: Packet Length #6264
        kdub
        Participant

          Hi,

          I got the packet data finally!! Thank you for your help.

          I am now successfully intercepting the packets between two applications that communicate using TCP. Using my intercepting application, can I send a tcp request to one of the two applications by filling the Request.EthPacket.Buffer with a new packet that I create and then send it using SendPacketToMstcp or SendPacketToAdapter? Would either application be able to tell that the packet didn’t originate from the application it is connected to?

          KDUB

          June 11, 2007 at 5:40 am in reply to: Packet Length #6262
          kdub
          Participant

            @SerpentFly wrote:

            @kdub wrote:

            Read Ethernet header, check if next protocol is IP. Read IP header, check if next protocol is TCP. If it is then read TCP header and follow up data if there is any.

            I am checking for TCP packets and trying to read the data but I am still unsuccessful. How can I get the original Hex dump of the entire packet using the NDISAPI.dll?

            June 6, 2007 at 6:51 pm in reply to: Reading packet information example in VB #6254
            kdub
            Participant

              @SerpentFly wrote:

              You can parse follow up headers (IP, TCP/UDP) just on the same way.

              I am a newbie with all of this so sorry if this is a stupid question! The IP and TCP headers are all contained in the same packet right? What are the sizes of the IP header and TCP header? Does the data/payload section always follow the TCP header?

              Thanks

              KDUB

            • Author
              Posts
            Viewing 5 posts - 1 through 5 (of 5 total)