CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 3 of 3

Hybrid View

  1. #1
    Join Date
    Apr 2014
    Posts
    2

    Man-in-the-middle, capturing HTTP traffic

    Hello
    I'm working on this school project (performing man-in-the-middle, capturing http traffic): I successfully performed the ARP spoofing so I made my browser(on laptop 1) sending packets not to the default gateway but to another computer(2) in LAN (packets looks the same except target MAC is my laptop's MAC instead default gateway's). The problem is to capture such traffic on my second laptop. I understand that 2. computer which actually pretends to be the default gateway should be acting as a router so i turned on IP forwarding, turn off firewall and using

    netsh interface proxyport add v4tov4 [listenPort] [listenIP] [connectPort] [connectIP]

    I added an entry which helps forwarding packets to proxy server running on my 2.laptop (this proxy is just C# app using TcpListener, that's why connectIP should be 127.0.0.1). Unfortunately, I can see on Wireshark running on laptop 1 that my browser is sending packets (having in ethernet header target MAC of laptop2) but nothing happens on laptop2, Wireshark doesn't see any traffic coming on and my Http proxy obviosly does nothing. Does anyone have any idea what went wrong?

  2. #2
    Join Date
    Jan 2006
    Location
    Fox Lake, IL
    Posts
    15,007

    Re: Man-in-the-middle, capturing HTTP traffic

    correctIP should be the IP address of the actual card that is bound.
    David

    CodeGuru Article: Bound Controls are Evil-VB6
    2013 Samples: MS CODE Samples

    CodeGuru Reviewer
    2006 Dell CSP
    2006, 2007 & 2008 MVP Visual Basic
    If your question has been answered satisfactorily, and it has been helpful, then, please, Rate this Post!

  3. #3
    Join Date
    Apr 2014
    Posts
    2

    Re: Man-in-the-middle, capturing HTTP traffic

    Thanks for reply.
    Actually, [connectIP] has to be 127.0.0.1. That's the point, my proxy server is using TcpListener listening on localhost which can't be changed.
    Maybe someone know any way to make my computer forwading incoming traffic do the other IP address ? Obiously netsh-method doesn;t work properly.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  





Click Here to Expand Forum to Full Width

Featured