April 4th, 2014, 05:39 PM
Man-in-the-middle, capturing HTTP traffic
I'm working on this school project (performing man-in-the-middle, capturing http traffic): I successfully performed the ARP spoofing so I made my browser(on laptop 1) sending packets not to the default gateway but to another computer(2) in LAN (packets looks the same except target MAC is my laptop's MAC instead default gateway's). The problem is to capture such traffic on my second laptop. I understand that 2. computer which actually pretends to be the default gateway should be acting as a router so i turned on IP forwarding, turn off firewall and using
netsh interface proxyport add v4tov4 [listenPort] [listenIP] [connectPort] [connectIP]
I added an entry which helps forwarding packets to proxy server running on my 2.laptop (this proxy is just C# app using TcpListener, that's why connectIP should be 127.0.0.1). Unfortunately, I can see on Wireshark running on laptop 1 that my browser is sending packets (having in ethernet header target MAC of laptop2) but nothing happens on laptop2, Wireshark doesn't see any traffic coming on and my Http proxy obviosly does nothing. Does anyone have any idea what went wrong?
Click Here to Expand Forum to Full Width
This is a CodeGuru survey question.