How to capture packets from a TCP connection using a proxy?

Asked

Viewed 229 times

0

I’m writing a TCP proxy to capture packets sent from my computer to a remote server and vice versa. I connected a fake test server on localhost and Proxy works well, intercepting and directing the incoming packets by a client, using telnet, to the test server (on my pc). The problem is that when I start the Proxy and connect to the real remote server, the Proxy does not capture the packets from that connection. How can I fix this?

proxy.Dart:

class Proxy {
  Proxy(String host, int port) {
    ServerSocket.bind(localhost, port).then((server) {
      print('Listening on $localhost:$port');
      server.listen((socket) async {
        print('Client connected to proxy');
        final clientConn = await Socket.connect(host /* localhost*/, port);

        final client2proxy = ClientToProxy(socket, clientConn);
        final proxy2server = ProxyToServer(clientConn, socket);
      });
    });
  }
}

client_to_proxy.Dart:

class ClientToProxy {
  Socket socket;
  Socket remote;
  String address;
  int port;

  ClientToProxy(Socket sock, Socket rem) {
    socket = sock;
    remote = rem;
    address = socket.remoteAddress.address;
    port = socket.remotePort;
    msgPattern = '[client] ($address:$port) ->';

    socket.listen(onDataHandler,
        onError: onErrorHandler, onDone: onDoneHandler);
  }

  void onDataHandler(List<int> data) {
    if (debug) print('$msgPattern Data: ${String.fromCharCodes(data)}');
    pipeSocket(remote, data);
  }

  void pipeSocket(Socket sock, dynamic data) => sock.add(data);
}

proxy_to_server.Dart:

class ProxyToServer {
  Socket socket;
  Socket remote;
  String address;
  int port;

  ProxyToServer(Socket sock, Socket rem) {
    socket = sock;
    remote = rem;
    address = socket.remoteAddress.address;
    port = socket.remotePort;
    msgPattern = '[server] ($address:$port) ->';

    socket.listen(onDataHandler,
        onError: onErrorHandler, onDone: onDoneHandler);
  }

  void onDataHandler(List<int> data) {
    if (debug) print('$msgPattern Data: ${String.fromCharCodes(data)}');
    pipeSocket(remote, data);
  }

  void pipeSocket(Socket sock, dynamic data) => sock.add(data);
}

How should I intercept these packages?

socket connection proxy dart tcp

  • do not know Dart, but it seems to me that in this line "final clientConn = await Socket.connect(host /* localhost*/, port);" you need to pass the ip of the remote server, where you are "/localhost/"

  • Actually I already pass the remote server IP in "host", in case the "localhost" is commented.

  • truth...does not have a firewall on your machine or remote machine blocking connections ?

  • I believe not, I think that if I blocked the connection, the socket would make an exception and end the execution of the program. Maybe I’m forgetting something related to the TCP protocol?

1 answer

0

You are only binding on the localhost interface, you have to bind on all interfaces. To do this you use the ip address 0.0.0.0. 

class Proxy {
  Proxy(String host, int port) {
    // ServerSocket.bind(localhost, port).then((server) { // <-----------------
    ServerSocket.bind("0.0.0.0", port).then((server) {
      print('Listening on $localhost:$port');
      server.listen((socket) async {
        print('Client connected to proxy');
        final clientConn = await Socket.connect(host /* localhost*/, port);

        final client2proxy = ClientToProxy(socket, clientConn);
        final proxy2server = ProxyToServer(clientConn, socket);
      });
    });
  }
}

obs. not tested, but if there is an error it will probably be in the Dart syntax.

  • I didn’t show it in the code, but the variable localhost is defined as: final localhost = InternetAddress.anyIPv4.address; //isso retorna '0.0.0.0', what already listens to connections in all interfaces: Listening on 0.0.0.0:30009

  • hmm...ok...but I’ll leave the answer anyway, for being informative

  • make a telnet test of the client machine for your program running on the server machine...this will solve the doubt if it is your environment (on client or more likely on server) that is blocking the connection

  • Listening on 0.0.0.0:30000&#xA;&#xA;Client connected to proxy&#xA;&#xA;[client] (127.0.0.1:58930) -> Data: teste&#xA;&#xA;[server] (52.45.64.113:30000) -> Disconnected / shut down&#xA; It’s kind of hard to read by the comment, but basically: the client socket (telnet) was captured in the proxy, but the server rejects it.

  • is with way to be firewall on the machine where you run the server (or some intermediate firewall, if it is a company)

  • do a direct test from the client machine to the remote server machine, without going through the proxy...if it works, then the error is in the proxy...if it doesn’t work, then the error is nay is in proxy

  • Thanks for the help, what was missing was redirecting the host to my proxy in the file /etc/hosts linux.

Show 2 more comments

Browser other questions tagged socket connection proxy dart tcp

You are not signed in. Login or sign up in order to post.