Understanding Protocols
For HTTP, setup sockspy as http proxy:
set up browser to use the localhost port 8080 as the proxy. The below screen dump captured all the http traffic when I visited Singapore Infomap.
For POP3, setup your local host file to point your POP3 domainname to be 127.0.0.1 (localhost) and have sockspy point point to the IP address.
Captured POP3 traffic is shown and you can see that the username and password are sent in plain text.
Captured IMAP4 traffic is shown below
By understanding the protocols, one should be able to simulate the relevant protocol traffic using a simple telnet client.
Eg. To simulate a HTTP GET
$ telnet www.sg 80 Trying 160.96.178.46... Connected to www.sg. Escape character is '^]'. GET / HTTP/1.1 Host: www.sg HTTP/1.1 200 OK Cache-Control: max-age=1800 Expires: Sun, 17 Jun 2007 15:30:09 GMT Content-Location: http://www.sg/index.html Date: Sun, 17 Jun 2007 15:00:09 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Fri, 09 Feb 2007 08:33:24 GMT ETag: "52feb8f6244cc71:15d2" Content-Length: 204 <html> <head> <title>Singapore Infomap</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <META HTTP-EQUIV=Refresh CONTENT="0; URL=http://app.www.sg"> </head> </html>
The reply from the telnet simulation is the same as what we captured using sockspy.
posted by chihungchan at 10:45 PM
0 Comments:
Post a Comment
<< Home