Hi Guys,
I'm writing an Android App for my diploma and i need to find a way to sniff the traffic of an unsecured wifi network. I need the session cookies, sent by other clients in the network.
I've tried to install busybox and use '/system/xbin/ifconfig eth0 promisc' to switch into promiscuous mode, and it actually does according to the output of 'system/xbin/ifconfig eth0' but i dont receive any packets of the clients in the network, only packets from my router.
My question is, what i'm doing wrong and how can i achieve to sniff cookies from other clients.
Thx in Advance!
Joker
Related
Hello everyone,
I am looking into the idea of being able to run an SSH or VNC server on the Windows Mobile platform over cellular (3G). I know for a fact Tmobile can assign a 'route-able' IP address to a phone here in the USA (this has been tested). I can ping this IP address from any computer on the internet (albeit with some substantial latency). Perhaps there is a way to use the Tmobile allowed "pinging your device" to tunnel SSH or VNC traffic.
I would like to figure out a way to reach an SSH or VNC server on my phone using this method. We would need to somehow "open" an inbound port to the phone (this would function like basic port forwarding).
All of this works perfectly over WiFi, of course, but the goal is to get this working over cellular 3G (in particular, Tmobile). I see this as a technical challenge we can overcome as a group.
Does anyone have any ideas on this?
Come on folks, someone must have some ideas on this!
Here's a few links I came across:
http://kar1107.blogspot.com/2006/03/running-servers-on-cell-phones.html
http://digg.com/software/Run_a_web_server_from_your_phone
Friends,
Can anyone think of a method for tunneling ICMP to a Windows Mobile device? An ICMP tunnel establishes a covert connection between two remote computers (a client and proxy), using ICMP echo requests and reply packets. This is great for mobile ISPs which permit ping to your phone, but disallow all incoming ports to your phone.
The idea is to have an application that allows you to tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies.
Use Case Scenario: You're on the go, and stumble across an open wireless network. The network gives you an IP address, but won't let you send TCP or UDP packets out to the rest of the internet, for instance to check your mail. What to do? By chance, you discover that the network will allow you to ping any computer on the rest of the internet. With ICMP tunneling, you can utilize this feature to check your mail, or do other things that require TCP.
Does anyone have any ideas?
Thanks!
Is there a way to pipe your tethering app through a VPN in android?
On my friends WinMo phone when he starts up his tethering he is asked what connection he wishes to use.
At this point he can choose a VPN connection which routes all of the tethering activity through it.
With the recent Tmobile blocks on tethering, which looks like it might be a combined useragent/traffic monitor, initiating a VPN through the phone would at least encrypt the data going through which should make it more difficult for them to see if the data originated from a tethered connection.
I was wondering if starting a VPN connection prior to tethering would cause a program such as Wifi Tether for Root Users to automatically use it?
Or could the user just initiate the VPN connection first on the pc once tethered. The only downfall there is that there may be a way for them to detect the initiation of the VPN connection from the PC versus the mobile.
I apologize if this is the wrong forum for this question, please move the thread if it is.
In a nutshell... HUH?
Hi,
Here’s my situation – at my office they use Cisco IronPort to monitor and filter all internet requests. A transparent proxy is used on the network switches to direct port 80 traffic to the IronPort server. Initially only the browser on my phone would work as that is the only app that passes the correct authentication. All other apps fail to reach the internet. But the IronPort server can be configured to pass through a type of device if it can be identified. Using the IP address of my phone to filter the traffic logs, it seems that some apps pass “Windows Phone OS” in the data packets. And by adding “Windows Phone OS” to the IronPort exception list, those apps now work. But most apps still don’t work because they don’t include any windows phone identifier in the data packets. Can anyone provide any additional info on this subject or a possible solution?
Thanks.
bump... any ideas... anyone?
Use cellular data instead of your corporate network?
Use apps that use the new socket APIs, or connect to HTTP servers running on a port other than 80?
Complain to your IT people (commoditization of IT being what it is, I'm actually surprised by this restriction)?
See if you can get them using proxy authentication instead of packet inspection for authentication purposes (WP7 supports proxy authentication on WiFi)?
Find a job with an IT infrastructure that doesn't suck?
I want to set my Mum's new tablet so that it can only access the Internet via the SSH server running on her Buffalo router (with Tomato firmware).
I've got the server working and accessible remotely and so far the only app I've found that has a Global Proxy setting to redirect everything via the SSH server is SSHTunnel, although I gather that it's not totally reliable when connections drop/change and I can't expect my Mum to cope with monitoring it and re-enabling it manually. When it's disabled, all traffic will just go over local connection unencrypted so that's a concern.
Ideally there'd be some way to setup the SSH settings at a system level, with no way to disable them and force all the traffic go out like this but I'm not sure if there is any way to achieve this.
The other part is setting a firewall (AFWall+ or Android Firewall seem to be the main ones) to only allow traffic via the SSH server. I'm not sure what whitelist rules would be required for this. For example, SSHTunnel connects to the server at x.x.x.x:x, so I presume I'd need a rule to allow connections to this address and this port (I had a quick play with the Avast firewall, which only allows creating custom rules for IP or port, so I'd need two rules with that and it doesn't allow entering the DynDNS name, only a IP address, so that's no good).
Then SSHTunnel has a Local Port (1984) and remote addressort (127.0.0.1:3128) so I presume I'd need rules to allow all of those as well (I'm not sure which of these need to be incoming/outgoing or both). Then there's the question of whether I need to allow other ports like DNS (53) and so on, or if that all goes over the SSH tunnel and doesn't require setting allow rules specifically.
It might be that a VPN server would be more suitable for what I'm trying to acheive than a SSH server and I think the Tomato firmware on the router has that facility (or if the version currently flashed doesn't, there's probably another version I could flash that does), so if that's the case, I'd appreciate advice on locking it down that way instead. Android has built-in VPN support, so it might be possible to use that but it depends on whether it will auto-connect and stay connected all the time or if it requires user intervention and I'll still need to setup firewall rules to prevent data being sent without the VPN in case it does get disabled.
Another issue is whether these firewall rules will prevent the device even being able to connect to any public Wi-Fi points before redirecting the traffic via the SSH/VPN server, which would obviously be no good.
OK, maybe there's another way
I was thinking of setting up a VPN on a Raspberry Pi installed at my parent's house, as they have reasonable broadband speeds, something like 100/10MB. Is there anyway that I could setup my Mum's tablet so that it passes everything through the VPN whether at home or away, so that she doesn't have to worry about toggling the VPN or firewall?
I can point it to the No-IP domain name I've setup but then I think every request would go out onto the Internet (albeit encrypted) before coming back in to the VPN, which would then have to go out again to retrieve whatever webpage, etc is being requested, which would obviously be stupid. If I point it to the LAN IP of 192.168.1.66, that will avoid doing that when at home but won't work when away.
So, any ideas?