Search Results

Search found 529 results on 22 pages for 'wireshark dissector'.

Page 10/22 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • a free logging proxy anybody (HTTP or TCP)?

    - by zvolkov
    I need to debug a web service. I want to point my client app to the proxy URL and point the proxy to the real service URL and see all requests/responses. I know I could do network sniffing (Wireshark/Ethereal) but isn't there a simple "proxy" app that can do this? I found trivialproxy but the links are broken :(

    Read the article

  • org.apache.commons.httpclient.NameValuePair in post method

    - by pushkins
    I'm writing some code like : PostMethod p = new PostMethod(someurl); ... NameValuePair[] data = { new NameValuePair("name1", "somevalue1"), new NameValuePair("var[3][1]", "10") }; try { hc.executeMethod(p); } ... And that's what I get, when I look at my post in Wireshark: POST /someurl HTTP/1.1 ... type=var&ship%5B3%5D%5B1%5D=10 %5B means [, %5D- ] So the problem is how I can get square brackets in my post?

    Read the article

  • A smart UDP protocol analyzer?

    - by ripper234
    Is there a "smart" UDP protocol analyzer that can help me reverse engineer a message based protocol? I'm using Wireshark to do the sniffing, but if there's a tool that can detect regularities in the protocol (repeated strings, bits of the protocol that are CRC/Checksum or length, ...) and aid the process that would help.

    Read the article

  • log in and send sms with java

    - by noobed
    I'm trying to log into a site and afterwards to send a SMS (you can do that for free by the site - it's nothing more than just enter some text into some fields and 'submit'). I've used wireshark to track some of the post/get requests that my machine has been exchanging with the server - when using the browser. I'd like to paste some of my Java code: URL url; String urlP = "maccount=myRawUserName7&" + "mpassword=myRawPassword&" + "redirect_http=http&" + "submit=........"; String urlParameters = URLEncoder.encode(urlP, "CP1251"); HttpURLConnection connection = null; // Create connection url = new URL("http://www.mtel.bg/1/mm/smscenter/mc/sendsms/ma/index/mo/1"); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); //I'm not really sure if these RequestProperties are necessary //so I'll leave them as a comment // connection.setRequestProperty("Content-Type", // "application/x-www-form-urlencoded"); // connection.setRequestProperty("Accept-Charset", "CP1251"); // connection.setRequestProperty("Content-Length", // "" + Integer.toString(urlParameters.getBytes().length)); // connection.setRequestProperty("Content-Language", "en-US"); connection.setUseCaches(false); connection.setDoInput(true); connection.setDoOutput(true); // Send request DataOutputStream wr = new DataOutputStream( connection.getOutputStream()); wr.writeBytes(urlParameters); wr.flush(); wr.close(); String headerName[] = new String[10]; int count = 0; for (int i = 1; (headerName[count] = connection.getHeaderFieldKey(i)) != null; i++) { if (headerName[count].equals("Set-Cookie")) { headerName[count++] = connection.getHeaderField(i); } } //I'm not sure if I have to close the connection here or not if (connection != null) { connection.disconnect(); } //the code above should be the login part //----------------------------------------- //this is copy-pasted from wireshark's info. String smsParam="from=men&" + "sender=0&" + "msisdn=359886737498&" + "tophone=0&" + "smstext=tova+e+proba%21+1.&" + "id=&" + "sendaction=&" + "direction=&" + "msgLen=84"; url = new URL("http://www.mtel.bg/moyat-profil-sms-tsentar_3004/" + "mm/smscenter/mc/sendsms/ma/index"); connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setRequestProperty("Cookie", headerName[0]); connection.setRequestProperty("Cookie", headerName[1]); //conn urlParameters = URLEncoder.encode(urlP, "CP1251"); connection.setUseCaches(false); connection.setDoInput(true); connection.setDoOutput(true); wr = new DataOutputStream( connection.getOutputStream()); wr.writeBytes(urlParameters); wr.flush(); wr.close(); //I'm not rly sure what exactly to do with this response. // Get Response InputStream is = connection.getInputStream(); BufferedReader rd = new BufferedReader(new InputStreamReader(is, "CP1251")); String line; StringBuffer response = new StringBuffer(); while ((line = rd.readLine()) != null) { response.append(line); response.append('\r'); } rd.close(); System.out.println(response.toString()); if (connection != null) { connection.disconnect(); } so that's my code so far. When I execute it ... I don't receive any text on my phone - so it clearly doesn't work as supposed to. I would appreciate any guidance or remarks. Is my cookie handling wrong? Is my login method wrong? Do I pass the right URLs. Do I encode and send the parameter string correctly? Is there any addition valuable data from these POSTs I should take? P.S. just in any case let me tell you that the username and password is not real. For security reasons I don't want to give valid ones. (I think this is appropriate approach) Here are the POST requests: POST /1/mm/auth/mc/auth/ma/index/mo/1 HTTP/1.1 Host: www.mtel.bg User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mtel.bg/1/mm/smscenter/mc/sendsms/ma/index/mo/1 Cookie: __utma=209782857.541729286.1349267381.1349270269.1349274374.3; __utmc=209782857; __utmz=209782857.1349267381.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=28%7C40; PHPSESSID=q0mage2usmv34slcv3dmd6t057; __utmb=209782857.3.10.1349274374 Content-Type: multipart/form-data; boundary=---------------------------151901450223722 Content-Length: 475 -----------------------------151901450223722 Content-Disposition: form-data; name="maccount" myRawUserName -----------------------------151901450223722 Content-Disposition: form-data; name="mpassword" myRawPassword -----------------------------151901450223722 Content-Disposition: form-data; name="redirect_https" http -----------------------------151901450223722 Content-Disposition: form-data; name="submit" ........ -----------------------------151901450223722-- HTTP/1.1 302 Found Server: nginx Date: Wed, 03 Oct 2012 14:26:40 GMT Content-Type: text/html; charset=Utf-8 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index Content-Length: 0 The above text is vied with wireshark's follow tcp stream when pressing the log in button. POST /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index HTTP/1.1 *same as the above ones* Referer: http://www.mtel.bg/moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/index Cookie: __utma=209782857.541729286.1349267381.1349270269.1349274374.3; __utmc=209782857; __utmz=209782857.1349267381.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=29%7C40; PHPSESSID=q0mage2usmv34slcv3dmd6t057; __utmb=209782857.4.10.1349274374 Content-Type: application/x-www-form-urlencoded Content-Length: 147 from=men&sender=0&msisdn=35988888888&tophone=0&smstext=this+is+some+FREE+SMS+text%21+100+char+per+sms+only%21&id=&sendaction=&direction=&msgLen=50 HTTP/1.1 302 Found Server: nginx Date: Wed, 03 Oct 2012 14:31:38 GMT Content-Type: text/html; charset=Utf-8 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /moyat-profil-sms-tsentar_3004/mm/smscenter/mc/sendsms/ma/success/s/1 Content-Length: 0 The above text is when you press the send button.

    Read the article

  • Is there a packet sniffer for Windows Mobile?

    - by eidylon
    I'm looking for a tool along the lines of Fiddler, or better yet Wireshark, that would run on a Windows Mobile 6.1 device. I have an app which calls some webservices on one of our servers, and I want to make sure it it going out to the proper address. Thanks in advance.

    Read the article

  • urllib open - how to control the number of retries

    - by user1641071
    how can i control the number of retries of the "opener.open"? for example, in the following code, it will send about 6 "GET" HTTP requests (i saw it in the Wireshark sniffer) before it goes to the " except urllib.error.URLError" success/no-success lines. password_mgr = urllib.request.HTTPPasswordMgrWithDefaultRealm() password_mgr.add_password(None,url, username, password) handler = urllib.request.HTTPBasicAuthHandler(password_mgr) opener = urllib.request.build_opener(handler) try: resp = opener.open(url,None,1) except urllib.error.URLError as e: print ("no success") else: print ("success!")

    Read the article

  • Linux-alternative to Fiddler2

    - by Epcylon
    I have used Fiddler2 with great results on windows before, but now I have moved to using linux for development. The problem I have, is that I have not been able to find a decent replacement for Fiddler2 that will run on linux. I have tried Wireshark, but it is perhaps too generic in what it does, and I can never really make any sense of its output. What tools do you use on linux to debug/inspect web-traffic during development?

    Read the article

  • DCOM Authentication Fails to use Kerberos, Falls back to NTLM

    - by Asa Yeamans
    I have a webservice that is written in Classic ASP. In this web service it attempts to create a VirtualServer.Application object on another server via DCOM. This fails with Permission Denied. However I have another component instantiated in this same webservice on the same remote server, that is created without problems. This component is a custom-in house component. The webservice is called from a standalone EXE program that calls it via WinHTTP. It has been verified that WinHTTP is authenticating with Kerberos to the webservice successfully. The user authenticated to the webservice is the Administrator user. The EXE to webservice authentication step is successful and with kerberos. I have verified the DCOM permissions on the remote computer with DCOMCNFG. The default limits allow administrators both local and remote activation, both local and remote access, and both local and remote launch. The default component permissions allow the same. This has been verified. The individual component permissions for the working component are set to defaults. The individual component permissions for the VirtualServer.Application component are also set to defaults. Based upon these settings, the webservice should be able to instantiate and access the components on the remote computer. Setting up a Wireshark trace while running both tests, one with the working component and one with the VirtualServer.Application component reveals an intresting behavior. When the webservice is instantiating the working, custom, component, I can see the request on the wire to the RPCSS endpoint mapper first perform the TCP connect sequence. Then I see it perform the bind request with the appropriate security package, in this case kerberos. After it obtains the endpoint for the working DCOM component, it connects to the DCOM endpoint authenticating again via Kerberos, and it successfully is able to instantiate and communicate. On the failing VirtualServer.Application component, I again see the bind request with kerberos go to the RPCC endpoing mapper successfully. However, when it then attempts to connect to the endpoint in the Virtual Server process, it fails to connect because it only attempts to authenticate with NTLM, which ultimately fails, because the webservice does not have access to the credentials to perform the NTLM hash. Why is it attempting to authenticate via NTLM? Additional Information: Both components run on the same server via DCOM Both components run as Local System on the server Both components are Win32 Service components Both components have the exact same launch/access/activation DCOM permissions Both Win32 Services are set to run as Local System The permission denied is not a permissions issue as far as I can tell, it is an authentication issue. Permission is denied because NTLM authentication is used with a NULL username instead of Kerberos Delegation Constrained delegation is setup on the server hosting the webservice. The server hosting the webservice is allowed to delegate to rpcss/dcom-server-name The server hosting the webservice is allowed to delegate to vssvc/dcom-server-name The dcom server is allowed to delegate to rpcss/webservice-server The SPN's registered on the dcom server include rpcss/dcom-server-name and vssvc/dcom-server-name as well as the HOST/dcom-server-name related SPNs The SPN's registered on the webservice-server include rpcss/webservice-server and the HOST/webservice-server related SPNs Anybody have any Ideas why the attempt to create a VirtualServer.Application object on a remote server is falling back to NTLM authentication causing it to fail and get permission denied? Additional information: When the following code is run in the context of the webservice, directly via a testing-only, just-developed COM component, it fails on the specified line with Access Denied. COSERVERINFO csi; csi.dwReserved1=0; csi.pwszName=L"terahnee.rivin.net"; csi.pAuthInfo=NULL; csi.dwReserved2=NULL; hr=CoGetClassObject(CLSID_VirtualServer, CLSCTX_ALL, &csi, IID_IClassFactory, (void **) &pClsFact); if(FAILED( hr )) goto error1; // Fails here with HRESULT_FROM_WIN32(ERROR_ACCESS_DENIED) hr=pClsFact->CreateInstance(NULL, IID_IUnknown, (void **) &pUnk); if(FAILED( hr )) goto error2; Ive also noticed that in the Wireshark Traces, i see the attempt to connect to the service process component only requests NTLMSSP authentication, it doesnt even attmept to use kerberos. This suggests that for some reason the webservice thinks it cant use kerberos...

    Read the article

  • Web server connection to SQL Server: Response Packet [Malformed Packet]

    - by John Murdoch
    I am seeing very, very sluggish performance between my web server (which handles HTTP web services connections) and a separate server running Microsoft SQL Server 2008. I have been capturing packet traffic on the web server trying to understand why things are running so slowly. I am using Wireshark to capture the packet traffic. The apparent problem is that the web server is sending TDS packets to the data server--each packet followed by a response from the data server with Response Packet [Malformed Packet] in the Info field. The packet sent from the web server appears to have an invalid checksum. Has anyone seen this type of problem before? Any ideas?

    Read the article

  • How to log invalid client SSL certificate in SSL

    - by matra
    I have a IIS web site which requires client certificate. I have turned off CRL checking. The client is unable to access the web site - he gets 403.17 (certificate expired) error. I would like to log the certificate he is using, becaue I think he is using the wrong certificate. Is there a way to do this? I probably can not use WireShark, because client certificatethat is passed from the client is probably already encryped. I am running a WIndows 2003 server. Matra

    Read the article

  • MS Windows Server 2008R2 slow file copy, slow network connection

    - by MattrixHax
    i just setup a windows 2008R2 standard server, with the only installed app being Hyper-V, and only 1 windows XP VM is running. Whenever i try to copy a file from my windows 7 laptop over to the 2008R2 server machine's admin shares ( \\servername\c$ ) the files start transferring around 60mb/s and then drop to around 5mb/s. My windows 7 machine and the server 2008 machine are both in WORKGROUP (no domain here). when i try the same transfer to our server 2003 box the transfer speeds are fine. tried disabling autotuning (netsh interface tcp set global autotuninglevel=disabled) as well as turning off the checksum offload to the adapter (tx and rx) - i still see strange packet errors (bad header checksum) using wireshark and just cannot seem to track down what the issue is - over 1 hour to transfer 4gb of files from 1 server to another that are on the same GB switch is just crazy.... any ideas would be greatly appreciated!

    Read the article

  • Windows 2008 R2 DHCP server not responding to DHCP discover

    - by MartinSteel
    I've got two Windows 2008 Enterprise R2 servers both running DNS and DHCP called cod & lobster. DHCP is setup using the split scope option introduced with 2008 R2, whereby both servers should respond with the first response providing the lease. Setup is as follows: Cod - IP: 192.168.0.231 - Pool: 192.168.0.101 - 192.168.0.179, exclusion for 160-179. - Response Delay: 0ms - Authorised in Active Directory (Re-authorised to confirm) - Windows firewall disabled while testing Lobster - IP: 192.168.0.232 - Pool: 192.168.0.101 - 192.168.0.179, exclusion for 101-159. - Response Delay: 1000ms - Authorised in Active Directory All DHCP leases to clients are currently being issues by Lobster rather than Cod. Packet captures with Wireshark show the following (all to broadcast address): Client - DHCP Discover Lobster - DHCP Offer (after 1s delay) Client - DHCP Request Lobster - DHCP Ack Client - DHCP Inform From my setup with two servers I'd expect to see a DHCP Offer coming from Cod almost immediately after the DHCP Discover. Does anybody have any idea what would prevent the DHCP Server responding to the discover?

    Read the article

  • Virus that tries to brute force attack Active Directory users (in alphabetical order)?

    - by Nate Pinchot
    Users started complaining about slow network speed so I fired up Wireshark. Did some checking and found many PCs sending packets similar to the following: (screenshot) http://imgur.com/45VlI.png I blurred out the text for the username, computer name and domain name (since it matches the internet domain name). Computers are spamming the Active Directory servers trying to brute force hack passwords. It will start with Administrator and go down the list of users in alphabetical order. Physically going to the PC finds no one anywhere near it and this behavior is spread across the network so it appears to be a virus of some sort. Scanning computers which have been caught spamming the server with Malwarebytes, Super Antispyware and BitDefender (this is the antivirus the client has) yields no results. This is an enterprise network with about 2500 PCs so doing a rebuild is not a favorable option. My next step is to contact BitDefender to see what help they can provide. Has anybody seen anything like this or have any ideas what it could possibly be?

    Read the article

  • Can't ping host from vmware guest using bridged networking

    - by user199421
    Host is Windows 7 Guest is Ubuntu 11.04 Network adapter is wireless I can ping other computers on the network but not the host. No firewall are involved. Sniffing the traffic with wireshark it looks like both the host and the guest are using the same MAC address. My guest simply doesn't receive a reply when asking for 192.168.1.101 (the host) My router has no problem giving both of them different IP addresses but maybe duplicate MAC address is the problem? It seems logical that both will have the same MAC address (from the host point of view) but it strange that there is no work around for this because otherwise I don't see how the host and guess are supposed to communicate.

    Read the article

  • How can I limit my data usage over tethering on Windows?

    - by Casebash
    The excess data charges if I go over my tethering data limit are ridiculously. Fennec already stated the question well. Because of this, and on general principle, I'd like to have some tools which permit me to do things like: Monitor the amount of bandwidth that I've used I think I can do this from Sprint too, but on-the-computer is nice too on-the-computer gives me a possibility of breaking it down by application See what sort of programs are using the Internet connection I could use, like, Wireshark, but that's a bit too micro-level to be practical Keep those programs, and the operating system, from doing things like "downloading an operating system update" while on the mobile hotspot Related I want to monitor and limit OS X's data transfer while I'm tethering via my iPhone

    Read the article

  • No communication on my VLAN?

    - by Donovan
    I am using a Netgear FSM7328S switch and have designated ports 19-24 as being part of VLAN # 3. I designated them all as untagged because I do not want them to switch traffic to any other port on the switch. I also removed them from the default, untagged, VLAN 1. My issue is that none of the ports 19-24 will communicate with eachother. My laptop plugged in with wireshark shows no switched traffic what so ever. Have I configured it wrong? Thanks, D

    Read the article

  • What is the best/easiest way to use scripts to analyze network traffic?

    - by yungin
    I'm looking to analyze packets via scripts. I'd like to use something high level. I'm in a mac/linux environment. I'm currently looking at different python+libpcap libraries. Perhaps lua+wireshark too. Maybe tcpdump+bash (but not sure that has a lot of info i can use). I also heard good things about scapy. Not sure. I'm wondering if you have any recommendations? There's quite a few of them out there. What have you found that works best? I'd definitely want something scriptable not something that I need to compile (like c/c++, etc)

    Read the article

  • Apahce - How to disable gzip content encoding (eg DEFLATE) for one set of URLs?

    - by Rory McCann
    I have a ubuntu apache webserver and I have enabled mod_deflate to gzip all the content. However there's one folder I'd like to disable the mod_deflate for. I was going to do something like this: <Location /myfolder> RemoveOutputFilter DEFLATE </Location> But that doesn't work. Rational: I am trying to debug an XMLRPC server and I am using wireshark to see what gets past in the HTTP requests, since the replies are gzipped, I can't see what's going on.

    Read the article

  • Can't connect to wireless router anymore due to data rate problem

    - by Jay White
    I was playing around with my wireless router, and switched the mode to a fixed mode B. Now< I can no longer assoicate to the AP. Windows does not give any particular error message, but with wireshark I see that the returned error is that the client does not support the necessary data rate. My wireless card is type n, and it is set to mode a/b/g compatible. I tried setting ot to just b, however this made no difference. How can I set the data rate of my card so that I can connect again to my AP? I would prefer not to just reset the device, as there has been some configuration done that would be a pain to redo, and as well I do not have the ISP password handy. Regardless I would like to understand this situation better.

    Read the article

  • Setting up Linux VPN Client on Mint: Never sends "Set-Link-Info" packet

    - by cabanaboy
    I have tried to set up a VPN Connection on the Linux Mint disto, but could not get it working. When I use a Windows 7 VPN client it works fine. I brought up Wireshark on both Windows and Linux machine and noticed that on the Windows machine, the client never attempted to send the "Set-Link-Info" packet whereas the Windows (working) VPN client did. Why isn't the Linux Mint client sending the "Set-Link-Info" packet. I think if it did that, then my connection would work. What am I missing?

    Read the article

  • What program should I use for SSL stripping and re-encrypting

    - by Sparksis
    I'm trying to strip a HTTP over SSL connection down to SSL and then re-encrypt the channel (with a signed certificate(s) I can provide). Of course I want to be able to store captures of all the un-encrypted data. The purpose of this is to reverse engineer a HTTP handshake that is used by a SIP program on my machine. I've tried SSLstrip but it doesn't support what I need it too. Edit: I want something to this effect https://github.com/applidium/Cracking-Siri/blob/master/tcpProxy.rb only more generic and able to write to a pcap stream that wireshark will understand (I'm not sure if this does that). Edit2: upon further inspection this does not create pcap streams. I guess if need be I can write a compatible version but that is not the desired choice.

    Read the article

  • FTP transfer hangs for random files

    - by hoffmandirt
    I've been stuck on this FTP issue for a while now. I have IIS 7 setup with an IIS 6 FTP server running on a Windows Server 2008 box. The problem I am running into is that I can't download certain files from the FTP server, even though I uploaded those files to the FTP server. The connection times out after 120 seconds. I have used Wireshark and checked the log files. The only message I see is the timeout message. The first thing that came to my mind was permission issues, however I have probably tried every combination of permissions that I can think of, with the end goal of getting the permissions to be the same for the files that work and the files that do not work. With the list of files I have now, I can download the zip, war, and msi files, but not the txt or sql files. It almost seems like a binary thing, but I've changed my transfer mode on the FTP client and also toggled the Active/Passive options around.

    Read the article

  • Lot of Multicast traffic on LAN

    - by Nel
    Recently the whole network at work is being hit by multicast traffic originating on the LAN itself. I did some investigating and the service which seems to be responsible is ws-discovery. I have attached a screenshot of wireshark capturing the traffic. I have tried shutting down the source machine from which it was originating, but the multicast traffic still seems to be present in the network. My network topology 2 subnets - 10.10.10.0/24 and 10.20.10.0/24. Gateway is a debian system. We have 3 switches for 3 floors. They are all unmanaged Dlink 24-port switches. Multicast blocking at switch level is out of the question. Any solutions? :(

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >