Sign in to follow this  
Followers 0
acer20006

TCP filter ??

11 posts in this topic

hii all actually i had two questions

question no1 : _ can i sniff the packet which i get it from TCPRecv ?? ;)

>>> i have tcp connection with some server and i received the packets(that's good)_ all i want is to catch a specific packets

for example:--

i have this packets

(rv = received)

rv: 0x0400457401007F310300

rv: 04004574A28023AD0200

rv: 0400457456265D260600

rv: 0x040045740100B6870200 <<<<<<<<<<

rv: 0x04004574010091550100

rv: 0x0C0045B40200017F31030001360000000105

rv: 0x0C0045B4020001B687020001360000000105

rv: 0x0C0045B402000123AD020001530000000105

now i want to search for B6870200and automatically save the whole packet(line) at text file if the packet exist

question no2 : TCPRecv catch all the packet from/to (server~client)

i wounder if there's a way to make it catch only the packet which send from (server to client) or (client to server)

*****

any idea ??

*****

thx

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

question no1 : _ can i sniff the packet which i get it from TCPRecv ??

I really don't understand the question. The word "sniff" implies that you want to intercept what you are getting in TCPRecv. But why? TCPRecv returns the data, you would otherwise sniff. Otherwise, if you actually mean you want to sniff on your AutoIt app, you can get Wireshark.

question no2 : TCPRecv catch all the packet from/to (server~client)

i wounder if there's a way to make it catch only the packet which send from (server to client) or (client to server)

TCPRecv only catches incoming messages. If you are the client, then it will only capture server->client. If you are the server, it will only capture client->server. Edited by Manadar

Share this post


Link to post
Share on other sites

StringRegExp()

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

I really don't understand the question. The word "sniff" implies that you want to intercept what you are getting in TCPRecv. But why? TCPRecv returns the data, you would otherwise sniff. Otherwise, if you actually mean you want to sniff on your AutoIt app, you can get Wireshark.

i will Explain: i want to make something like analyzer at my autoit which can find a specific packet at my packets list _ and about Wireshark i don't have any idea about it and also i don't know how to attach it with autoit _ if you can send to me some example i will be grateful

TCPRecv only catches incoming messages. If you are the client, then it will only capture server->client. If you are the server, it will only capture client->server.

my client didn't connect to the server directly( i redirect my client ip&port to my local ip {something like proxy}) that's why my autoit(local ip)can't identify the client/server packets

***

any idea ??!

Edited by acer20006

Share this post


Link to post
Share on other sites

StringRegExp()

ty i will try it

Share this post


Link to post
Share on other sites

my client didn't connect to the server directly( i redirect my client ip&port to my local ip {something like proxy}) that's why my autoit(local ip)can't identify the client/server packets

I don't know what network setup you have there, but it's horrible wrong. I'm surprised you can even visit these forums, because I doubt any application handles it's own packets sent back to him well.

Share this post


Link to post
Share on other sites

I don't know what network setup you have there, but it's horrible wrong. I'm surprised you can even visit these forums, because I doubt any application handles it's own packets sent back to him well.

mmmmmm , forget this part i can handle packets & my net work connection . let's return to the main question how to catch specific packet at packets list ( my idea is like the search function_ is it possible ?? / or i have to find another way ?)

BTW ty for help

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

How do you receive the packets?

$IP = "127.0.0.1"
TCPStartUp()
$socket = TCPConnect($IP, 22580)  
While 1
    $Packet = TCPRecv($socket, 10000) 
    If $Packet <> "" Then 
        pkt("incoming >>  : " & $Packet)
    EndIf
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
    EndSwitch
WEnd

this is the connection's code part

Edited by acer20006

Share this post


Link to post
Share on other sites

$IP = "127.0.0.1"
TCPStartUp()
$socket = TCPConnect($IP, 22580)  
While 1
    $Packet = TCPRecv($socket, 10000) 
    If $Packet <> "" Then 
        If (StringInStr($Packet, "B6870200") Then
            FileWrite("packetlog.txt", $Packet)
            pkt("incoming >>  : " & $Packet)
        EndIf
    EndIf
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
    EndSwitch
WEnd

Share this post


Link to post
Share on other sites

$IP = "127.0.0.1"
TCPStartUp()
$socket = TCPConnect($IP, 22580)  
While 1
    $Packet = TCPRecv($socket, 10000) 
    If $Packet <> "" Then 
        If (StringInStr($Packet, "B6870200") Then
            FileWrite("packetlog.txt", $Packet)
            pkt("incoming >>  : " & $Packet)
        EndIf
    EndIf
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
    EndSwitch
WEnd

StringInStr _ that's was easy ;)

ty Manadar i will try it

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0