Listen for local connection attempt

[BitByteBit]

I've been playing around with the TCP/UDP functions. I set up a connection to listen on port 90, then in my browser connected to my IP:Port, as expected the function I specified triggered and I got a neat lil message box confirming that everything was dandy.

Then I went on to my PS3 and opened the web browser and tried the same test. No luck, it didn't work; I knew it was a long shot but figured it was worth trying. I then tried using UDP, no dice. Just to make sure, I pinged my ps3 and got a reply.

I looking deeper into it and found out that the PS3 browser seems to send a very limited accept header, could this be the issue?

Info Source

I tried running a pure AutoIt HTTP server, again it worked fine for my PC but no luck with the PS3.

I guessed that on attempting to connect to my IP from my PS3, there must be some packets sent, so I installed wireshark.

As I thought the ps3 does a SYN-ACK request, my PC doesnt reply, is this possible to read in autoit?

Basically, I want to watch a port on my PC, when a certain IP (PS3) tries to access it, I want my script to be able to notice that connection attempt (even if it fails) and run a short script. Like I said I've tried using TCPListen to no avail, does anyone have any good ideas?

I will upload the results from wireshark if anyone is interested.

[BitByteBit]

Ok, using WinPcap, I have managed to listen to a port on my PC.

However now even though my function is run, it is run multiple times due to multiple packets being sent.

I've tried using a timer and checking the difference, but because this is being done in a loop, the timer keeps being reset. I also tried analyzing the packets and seeing if the first one was unique in some way, it is, but it is also very similar to the 4th packet.

expandcollapse popup

;#include<Winpcap.au3>
;http://opensource.grisambre.net/pcapau3/
#include<array.au3>
Opt("TrayIconDebug", 1)
#Region Declarations
If Not FileExists(@SystemDir & "\wpcap.dll") Then
    MsgBox(0, "File missing", "Please download WinPcap")
    Exit
EndIf
Global $Pcap_dll = DllOpen(@SystemDir & "\wpcap.dll")
Global $Pcap_errbuf = DllStructCreate("char[256]")
Global $Pcap_ptrhdr = 0
Global $Pcap_ptrpkt = 0
Global $Pcap_statV ; Total volume captured
Global $Pcap_statN ; Total number of packets captured
Global $Pcap_starttime ; Start time of Capture
;Global $NIC = "rpcap://\Device\NPF_{26CD427B-978E-4E3E-8E85-1C37D0F306BE}"
Global $X = 0
Global $T = 0
Global $Pcap_timebias = (2 ^ 32 - RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation", "ActiveTimeBias")) * 60
#EndRegion Declarations


;Start WinPCAP DLL
$winpcap = _PcapSetup()

;Get Network Interface Card Information
$pcap_devices = _PcapGetDeviceList() ;$pcap_devices[0][0] = Long NIC name
;_ArrayDisplay($pcap_devices)


;Start listening on port 420 and 421
$pcap = _PcapStartCapture($pcap_devices[0][0], "tcp port 420")
;$pcap1 = _PcapStartCapture($pcap_devices[0][0], "tcp port 421")

While 1
    $packet = _PcapGetPacket($pcap)
    If IsArray($packet) Then
        ;and TimerDiff($T2) > 5
        ;_ArrayDisplay($packet)
        $T += 1
        ToolTip($T,10,10)
        If $packet [0] = "0x00E02993"  Then
            _ArrayDisplay($packet)
            ;FixLag()
            ;Reset()
            $X += 1
            ToolTip($x,10,10)
        EndIf
    EndIf
    #cs
    $packet1 = _PcapGetPacket($pcap1)
    EndIf
    If IsArray($packet1) Then ;If data is received on port 421 then run function
        ;_ArrayDisplay($packet)
        If $packet1 [1] = 78 Then MsgBox(0,"","1")
    EndIf
    #ce
WEnd

Func Reset()
    _PcapStopCapture($pcap)
    Sleep(8200)
    $pcap = _PcapStartCapture($NIC, "tcp port 420")
EndFunc

Func FixLag()
    $packet = ""
    ;ProcessClose("opera.exe")
    ProcessClose("chrome.exe")
    ProcessClose("chrome.exe")
    If ProcessExists("dwm.exe") Then ShellExecuteWait(@SystemDir & "\net.exe", "stop UxSms")
    ShellExecute(@SystemDir & "\net.exe", "stop themes")
    If ProcessExists("searchindexer.exe") Then ShellExecute(@SystemDir & "\net.exe", "stop WSearch")
    If ProcessExists("ipodservice.exe") Then ShellExecute(@SystemDir & "\net.exe", 'stop "Ipod Service"')
    If Not ProcessExists("WinPower.exe") Then
        ShellExecute("F:\Tristans Files\Desktop\Tools\WinPower\WinPower.exe")
        While Not WinExists("Rizone's Power Tools 0.0.2.2988 Prototype 5")
            Sleep(250)
        WEnd
        WinActivate("Rizone's Power Tools 0.0.2.2988 Prototype 5")
        WinWaitActive("Rizone's Power Tools 0.0.2.2988 Prototype 5")
        Sleep(150)
    Else
        WinActivate("Rizone's Power Tools 0.0.2.2988 Prototype 5")
        WinWaitActive("Rizone's Power Tools 0.0.2.2988 Prototype 5")
        Sleep(150)
    EndIf
    $r = ControlClick("Rizone's Power Tools 0.0.2.2988 Prototype 5", "", "Button11")
EndFunc   ;==>FixLag

#Region WinPCAP Functions
Func _PcapSetup() ; return WinPCAP version as full text or -1 if winpcap is not installed, and opens dll
    Local $v = DllCall($Pcap_dll, "str:cdecl", "pcap_lib_version")
    if (@error > 0) Then Return -1
    Return $v[0]
EndFunc   ;==>_PcapSetup

Func _PcapStartCapture($DeviceName, $filter = "", $promiscuous = 0, $PacketLen = 65536, $buffersize = 0, $realtime = 1) ; start a capture in non-blocking mode on device $DeviceName with optional parameters: $PacketLen, $promiscuous, $filter. Returns -1 on failure or pcap handler
    Local $handle = DllCall($Pcap_dll, "ptr:cdecl", "pcap_open", "str", $DeviceName, "int", $PacketLen, "int", $promiscuous, "int", 1000, "ptr", 0, "ptr", DllStructGetPtr($Pcap_errbuf))
    if (@error > 0) Then Return -1
    if ($handle[0] = 0) Then Return -1
    DllCall($Pcap_dll, "int:cdecl", "pcap_setnonblock", "ptr", $handle[0], "int", 1, "ptr", DllStructGetPtr($Pcap_errbuf))
    if ($filter <> "") Then
        Local $fcode = DllStructCreate("ptr")
        Local $comp = DllCall($Pcap_dll, "int:cdecl", "pcap_compile", "ptr", $handle[0], "ptr", DllStructGetPtr($fcode), "str", $filter, "int", 1, "int", 0)
        if ($comp[0] = -1) Then
            Local $v = DllCall($Pcap_dll, "str:cdecl", "pcap_geterr", "ptr", $handle[0])
            DllStructSetData($Pcap_errbuf, 1, "Filter: " & $v[0])
            _PcapStopCapture($pcap_devices[0][0])
            Return -1
        EndIf
        Local $set = DllCall($Pcap_dll, "int:cdecl", "pcap_setfilter", "ptr", $handle[0], "ptr", DllStructGetPtr($fcode))
        if ($set[0] = -1) Then
            Local $v = DllCall($Pcap_dll, "str:cdecl", "pcap_geterr", "ptr", $handle[0])
            DllStructSetData($Pcap_errbuf, 1, "Filter: " & $v[0])
            _PcapStopCapture($pcap_devices[0][0])
            Return -1
            DllCall($Pcap_dll, "none:cdecl", "pcap_freecode", "ptr", $fcode)
        EndIf
    EndIf
    If $buffersize > 0 Then DllCall($Pcap_dll, "int:cdecl", "pcap_setbuff", "ptr", $handle[0], "int", $buffersize)
    If $realtime Then DllCall($Pcap_dll, "int:cdecl", "pcap_setmintocopy", "ptr", $handle[0], "int", 1)
    $Pcap_statV = 0
    $Pcap_statN = 0
    $Pcap_starttime = TimerInit()
    Return $handle[0]
EndFunc   ;==>_PcapStartCapture

Func _PcapStopCapture($pcap) ; stop capture started with _PcapStartCapture
    If Not IsPtr($pcap) Then Return
    DllCall($Pcap_dll, "none:cdecl", "pcap_close", "ptr", $pcap)
EndFunc   ;==>_PcapStopCapture

Func _PcapGetPacket($pcap) ; return 0: timeout, -1:error, -2:EOF in file or if successfull array[0]=time [1]=captured len [2]=packet len [3]=packet data
    ;If Not IsPtr($pcap) Then Return -1
    $Pcap_ptrhdr = DllStructCreate("ptr")
    $Pcap_ptrpkt = DllStructCreate("ptr")
    Local $pk[4]
    Local $res = DllCall($Pcap_dll, "int:cdecl", "pcap_next_ex", "ptr", $pcap, "ptr", DllStructGetPtr($Pcap_ptrhdr), "ptr", DllStructGetPtr($Pcap_ptrpkt))
    If ($res[0] <> 1) Then Return $res[0]
    Local $pkthdr = DllStructCreate("int s;int us;int caplen;int len", DllStructGetData($Pcap_ptrhdr, 1))
    Local $packet = DllStructCreate("ubyte[" & DllStructGetData($pkthdr, 3) & "]", DllStructGetData($Pcap_ptrpkt, 1))
    Local $time_t = Mod(DllStructGetData($pkthdr, 1) + $Pcap_timebias, 86400)
    $pk[0] = StringFormat("%02d:%02d:%02d.%06d", Int($time_t / 3600), Int(Mod($time_t, 3600) / 60), Mod($time_t, 60), DllStructGetData($pkthdr, 2))
    $pk[1] = DllStructGetData($pkthdr, 3)
    $pk[2] = DllStructGetData($pkthdr, 4)
    $pk[3] = DllStructGetData($packet, 1);StringLeft
    $X += 1
    $Data = "Log " & $X  & @CRLF & $pk[0] & @CRLF & $pk[1] & @CRLF & $pk[2] & @CRLF & $pk[3] & @CRLF& @CRLF
    $hFile = FileOpen(@DesktopDir&"\Log.txt",1)
    FileWrite($hFile,$Data)
    FileClose($hFile)
    ; stats
;   $Pcap_statV += $pk[2]
;   $Pcap_statN += 1
    Return $pk
EndFunc   ;==>_PcapGetPacket
#EndRegion

Here are the packets I recorded:

I wondered if I could check the time code that is returned.

expandcollapse popup

Log 1
15:17:50.484191
78
78
0x00E02993C475001D0DAF88BC080045000040E79E40004006CF45C0A80141C0A80142FA4D01A451418F8100000000B002FFFFD5780000020405B401030300040201010101080A0000000000000000

Log 2
15:17:50.517836
54
54
0x001D0DAF88BC00E02993C47508004500002854BF40008006223DC0A80142C0A8014101A4FA4D0000000051418F82501400004F470000

Log 3
15:17:56.477554
78
78
0x00E02993C475001D0DAF88BC080045000040CD5340004006E990C0A80141C0A80142FA4D01A451418F8100000000B002FFFFD5600000020405B401030300040201010101080A0000001800000000

Log 4
15:17:56.477651
54
54
0x001D0DAF88BC00E02993C47508004500002854C040008006223CC0A80142C0A8014101A4FA4D0000000051418F82501400004F470000

Log 5
15:18:08.477457
78
78
0x00E02993C475001D0DAF88BC080045000040C09140004006F652C0A80141C0A80142FA4D01A451418F8100000000B002FFFFD5300000020405B401030300040201010101080A0000004800000000

Log 6
15:18:08.477553
54
54
0x001D0DAF88BC00E02993C47508004500002854C140008006223BC0A80142C0A8014101A4FA4D0000000051418F82501400004F470000

Log 7
15:18:32.478443
78
78
0x00E02993C475001D0DAF88BC080045000040184000004006DEA4C0A80141C0A80142FA4D01A451418F8100000000B002FFFFD4D00000020405B401030300040201010101080A000000A800000000

Log 8
15:18:32.478540
54
54
0x001D0DAF88BC00E02993C475080045000028555E40008006219EC0A80142C0A8014101A4FA4D0000000051418F82501400004F470000

Log 1
15:22:08.179115
78
78
0x00E02993C475001D0DAF88BC080045000040E59B40004006D148C0A80141C0A80142FA4C01A4588056E800000000B002FFFF06D40000020405B401030300040201010101080A0000000000000000

Log 2
15:22:08.200078
54
54
0x001D0DAF88BC00E02993C47508004500002860AC400080061650C0A80142C0A8014101A4FA4C00000000588056E95014000080A20000

Log 3
15:22:14.176847
78
78
0x00E02993C475001D0DAF88BC0800450000408EF44000400627F0C0A80141C0A80142FA4C01A4588056E800000000B002FFFF06BC0000020405B401030300040201010101080A0000001800000000

Log 4
15:22:14.176943
54
54
0x001D0DAF88BC00E02993C47508004500002860B7400080061645C0A80142C0A8014101A4FA4C00000000588056E95014000080A20000

Log 5
15:22:26.176820
78
78
0x00E02993C475001D0DAF88BC080045000040F71F40004006BFC4C0A80141C0A80142FA4C01A4588056E800000000B002FFFF068C0000020405B401030300040201010101080A0000004800000000

Log 6
15:22:26.176918
54
54
0x001D0DAF88BC00E02993C47508004500002861144000800615E8C0A80142C0A8014101A4FA4C00000000588056E95014000080A20000

Log 7
15:22:50.178417
78
78
0x00E02993C475001D0DAF88BC08004500004087C3000040066F21C0A80141C0A80142FA4C01A4588056E800000000B002FFFF062C0000020405B401030300040201010101080A000000A800000000

Log 8
15:22:50.178515
54
54
0x001D0DAF88BC00E02993C4750800450000286168400080061594C0A80142C0A8014101A4FA4C00000000588056E95014000080A20000

Edited April 26, 2010 by BitByteBit