Sign in to follow this  
Followers 0
TeraBit

How to capture AutoIt UDP traffic with Wireshark?

6 posts in this topic

How to capture AutoIt UDP/TCP traffic with Wireshark?

Autoit is using http over udp or binary data send over udp?

how to make communication using udp and http standarts? Should I use tcp?

Share this post


Link to post
Share on other sites



What AutoIt sends depends on your script. Can you show what you have so far?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

I used RawCap to capture loopback interface. I have found out that AutoIt UPD uses binary to deliver data. Is this right? Also for some strange reason while opened dump file in Wireshark - it pointed out that there are errors in UDP geader checksum. WHY?

PrintScreen : post-42703-0-81083500-1323450206_thumb.j

Share this post


Link to post
Share on other sites

Once again. Can you post the code of the script which uses UDP?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#include <ButtonConstants.au3>
HotKeySet("{esc}", "Cleanup")
HotKeySet("{enter}", "sendData")
Global $ConnectedSocket = -1
Global $MainSocket
Local $g_IP, $RogueSocket, $GOOEY, $edit, $input, $butt, $msg
Local $ret, $recv
$g_IP = "127.0.0.1"
$_INCOMING_FLAG = "UDP DATA: "
OnAutoItExitRegister ("Cleanup")

; 1. UDP Listener ### Start The UDP Services ###
;==============================================
UDPStartup()
OnAutoItExitRegister ("Cleanup")
; 1. UDP Listener ### Create a Listening "SOCKET"
;==============================================
$socket = UDPBind($g_IP, 65432)
If @error <> 0 Then Exit
; 3. GUI ### Create a GUI for chatting
;==============================================
$GOOEY = GUICreate("P2P Chat", 300, 200)
$edit = GUICtrlCreateEdit("", 10, 40, 280, 150, $WS_DISABLED)
$input = GUICtrlCreateInput("", 10, 10, 200, 20)
$butt = GUICtrlCreateButton("Send", 210, 10, 80, 20, $BS_DEFPUSHBUTTON)
GUISetState()
; GUI Message Loop
;==============================================
While 1
$msg = GUIGetMsg()
If $msg = $GUI_EVENT_CLOSE Then ExitLoop
If $msg = $butt Then sendData()
$data = UDPRecv($socket, 200)
If $data <> "" Then
  GUICtrlSetData($edit, GUICtrlRead($edit) & $_INCOMING_FLAG &$data & @CRLF)
EndIf
;~  Sleep(50)

WEnd
GUIDelete($GOOEY)
Func sendData()
If $socket <> 0 Then
  $status = UDPSend($socket, GUICtrlRead($input))
  If $status = 0 Then
   MsgBox(0, "ERROR", "Error while sending UDP message: " & @error)
   Exit
  EndIf
 
ElseIf $ret > 0 Then
  ; UPDATE EDIT CONTROL WITH DATA WE SENT
  ;----------------------------------------------------------------
  GUICtrlSetData($edit, GUICtrlRead($edit) & GUICtrlRead($input) & @CRLF)
  GUICtrlSetData($input, "")
EndIf
EndFunc   ;==>sendData

Func Lookup()
; If no connection look for one
Return 0
EndFunc   ;==>Lookup
Func Cleanup()
UDPCloseSocket($socket)
UDPShutdown()
EndFunc   ;==>Cleanup

Share this post


Link to post
Share on other sites

Your RawCap is broken or something. AutoIt does not even control the checksum part of the UDP message, Windows does that. This checksum would never be 0x0000.

So what's your real question? HTTP over UDP? Writing HTTP packets is easy, trivial. Here's some sample code, but it's on the wrong end of the spectrum.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0