I'm trying to replicate the functionality provided by the Map Remote feature in Charles using MITMPROXY on OS X 10.9. What I want to do is replace any request for desiredurl.com with a request for desiredurl.ca (I'm open to any answer which tells me how to replicate the given functionality in Charles using free software).
I found this answer and this question which both looked like they should help, and I wrote the below script.
#!/usr/bin/env python
def redirect_request(context, flow):
host = flow.get_url()
if 'desiredurl' in host:
flow.set_url(host.replace('com','ca'))
I mitmdump -s path/to/script.py on my iMac and then connect my iPad to my iMac on port 8080 as usual, and see the traffic flying by in the Terminal window, but visiting desiredurl.com still takes me to desiredurl.com rather than desiredurl.ca. Thus, I tried the following:
#!/usr/bin/env python
def response(context, flow):
if 'desiredurl' in flow.request.host:
flow.request.host.replace('com','ca')
However, the requests still go to desiredurl.com rather than desiredurl.ca. Why is this?
Related
I've just started experimenting with WebRTC with Go and downloaded pions/webrtc library but I'am stuck with it's data-channels example.
As it written in docs I opened jsfiddle client example.
Then I'am running go run main.go command in the /go/src/github.com/pions/webrtc/examples/data-channels folder on my server to launch data-channel.
After that I copy Browser base64 Session Description from jsfiddle example and paste it into my terminal where data-channels go script is running and it generates Golang base64 Session Description code which I paste into jsfiddle example and then press Sart session button.
And it fails to establish connection :(
This is my jsfiddle example for client side:
And this is my server side go script:
What am I doing wrong?
Thanks for using pion-WebRTC (I am one of the developers!)
WebRTC uses a technology called ICE to allow peers to talk to each other. Two peers exchange IP addresses via the SDP (the text you pasted) then they attempt to communicate by sending small UDP packets between each other. Once two IP addresses successfully communicate via ICE the rest of the WebRTC steps can continue. For you this process is failing. I don't know how/why though. Firewalls, VPNs etc... all can cause problems.
You will have to debug and check different scenarios. I would try running the examples on your local PC. If that works then maybe try between a different server. A good tool to help here also is tcpdump that can show if UDP packets are arriving. I usually use tcpdump -i any udp and inbound
We also recently added IPv6 support, so might be worth trying from master and see if that helps at all! Hopefully this helps, but if you are still having issues feel free to ask more questions. We are also all available via our Slack Channel you can sign up here here and would be more then happy to chat!
I met similar problem, and I solved by
echo $BROWSER_SDP | ./main
BROWSER_SDP is the session description in your browser, main is the exe by go build main.go(you can rename exe by mv). This can make sure transfer SDP to the server, which is really important.
The detail
I'm getting bit helpless with this.
I need a tool that can perform MITM on any chosen SSL stream from localhost to remotehost (not just HTTPS!). Searching for such application seems to be pretty difficult task because all apps seems to follow this trend: SSL==HTTPS. My application trusts the certificate so that's not an issue. For HTTPS I use Proxifier + Charles Debugging Proxy. However Charles can capture only HTTPS, not binary SSL crypted data.
How do I imagine the flow of data.
In best case:
Application->MITM_PROXY->Server
Or:
Application->Proxifier->MITM_PROXY->Server
I think only one working so far was this combination:
SSLSplit on virtualized Linux + virtualized Windows with the application and default gateway set to that linux. Which is as you can imagine very inconvenient. Also the SSLSplit logs both recv and send into one file, which can be problematic with binary stream (I could deal with it I guess).
Any advices?
You could also use sslsplit -L to log to a single log file or named pipe and use a simple script to parse the log format used by SSLsplit, extracting the binary payload and do whatever you like with it. -L uses log headers for each logged segment. SSLsplit comes with a simple python module for parsing its log files in extra/logreader.py.
I know its a rather old question (4 months), but as it still has not been answered i'll give it a shot and leave a direction for future searches.
Have you tried Cain&Abel or stunnel?
I am writing a server type application which is normally run by a user but needs to bind to a privileged TCP port (502 - Modbus TCP). The port number is industry standard and my app is a simulator, so I can't really change to >1024 as most devices are pre-programmed for this port number and can not be changed.
The "Root EUID Security Policy" protects port 502 from access by anyone but root (see Authentication, Authorization, and Permissions Guide ). Therefore, the call to CFSocketSetAddress fails when using ports < 1024.
I'm trying to avoid running my simulator app as root for obvious security reasons.
Sandboxing may overcome this problem but I understand it's only available in 10.7 Lion and I have to work in 10.6 SL.
Could someone please point out what would be considered "best practice" for port access in this instance and maybe some pointers to examples and further reading.
Many Thanks
PS: I have seen Apple's Better Authorization Sample but it is 5 years old and a bit cumbersome involving a privileged helper tool run by launchd. I'm hoping there is a better solution that doesn't involve running a process as root.
You may be able to do this with ipfw; try here to learn about it and man ipfw for more details.
Look at the way Apache's https starts… it starts as root long enough to grab port 80 / 443, and then runs as an 'apache' or 'http' user from then on.
Usually I'd use Wireshark, but is there a really super quick way to determine what URL an app is pulling data from? I need to whitelist the host so that it works through a proxy server, as the app doesn't support proxies.
Fire up terminal and type
lsof -i
this lists all open internet connections. Of course you can restrict the listing to include only connections from certain executable with -c option. Read the man page for lsof. Learn to use it, it's a great little tool.
Check out Little Snitch http://www.obdev.at/products/littlesnitch/index.html
Great little program to catch those "phone homes". Cheap too!
Give this a shot:
Charles Web Debugging Proxy
It's not quite as heavy as Wireshark so you should be able to get your results pretty quick. Short of something like Wireshark or a HTTP Debugging Proxy, I'm not sure how you'd know.
Is there a Mac/Unix commands that lets you see the local network in terms of machines/IP addresses? If there's something on the Mac that is gui-based that would be great too.
ping the broadcast address (the broadcast address is printed as part of the output to ifconfig en0)
The hosts answering are on your local network. (You may also try arp -a but that only keeps track of recently contacted hosts so you may want to run it after the broadcast.)
There is a program called Bonjour Browser that will list well known services that have registered on your local network. I believe that most Macs have one or more registered protocols by default.
The only way to reliably do this is to scan the network using ping sweeps and similar techniques looking for open ports etc on various addresses. You can do that with nmap which is available for OS X. See http://www.netadmintools.com/art406.html for an example.
EDIT: Just to clarify, as diciu pointed out, you can usually ping the broadcast address and/or use your arp cache as well. This will probably work for most home networks where directed broadcast is allowed.
If not, then you would need to run a ping sweep with a tool like nmap to individually check each address for an available host. Many network discovery/scanning tools can check for more than just ping, looking for listening ports, SNMP, etc. as well.
in the days of tiger (10.4) every mac broadcast a 'presence' service on bonjour, which made finding macintoshes on the network a snap. alas, no more...
You can use netdiscover on Mac OS, which is based on ARP packets. It will send ARP requests and scan the response.
For example, run netdiscover command sudo netdiscover -i en0 -r 10.106.0.0/16 in my local network would bring the following result:
Try IP Scanner 2.5 for OS X. http://10base-t.com/ Looking for others, but that's the only real one I've found for OS X.
You can use Nmap but that seems to be a bit much for your stated goals.
OS X ships with netstat, or open Up /Applications/Utilities/Network Utility.app, perhaps this will work for you?
EDIT: oops. netstat doesn't do what I thought.
angry IP scanner for a no mus - no fuss IP scanner with basic port scanning.
NMap and Zenmap for the big power scans.
I actually use both together, as nmap can get easily sidetracked by certain reverse proxy boxes.