dcsimg
Results 1 to 5 of 5

Thread: Packet sniffer .net for secret messages (Need help, i'm stupid)

  1. #1

    Thread Starter
    New Member
    Join Date
    Sep 2017
    Posts
    11

    Angry Packet sniffer .net for secret messages (Need help, i'm stupid)

    Dear reader(s),

    I had an idea to create an application that pings to an ip with an secret message (in this case my ip) (Have already made this)
    With wireshark if i filter it correctly i can see the secret message and where it came from.
    And i want to make another application application on the pinged pc that reveals the secret message, just like wireshark.


    I have no experience with pinging and intercepting packets with vb.net.
    Is there someone who can make an simple application that intercepts packets from an specific Source 000.00.000.00 (with source code please and in vb.net, i suck at c#)
    to an specific destination 192.168.0.25

    and shows the secret message.

    picture from wireshark:
    Name:  help.jpg
Views: 257
Size:  14.3 KB

    Sorry for being stupid

    Kind regrets,
    Panda
    Last edited by babypandah; Jul 26th, 2019 at 07:35 AM.

  2. #2
    Super Moderator Shaggy Hiker's Avatar
    Join Date
    Aug 2002
    Location
    Idaho
    Posts
    33,985

    Re: Packet sniffer .net for secret messages (Need help, i'm stupid)

    It sounds like you are really just talking about sending messages between computers. That's how TCP or UDP would work. I don't see what is different about what you are doing from standard networking.
    My usual boring signature: Nothing

  3. #3
    Member
    Join Date
    Jun 2019
    Posts
    35

    Re: Packet sniffer .net for secret messages (Need help, i'm stupid)

    As Shaggy Hiker noted, it sounds like network connection between applications on same or different computers.

    It can be done the hard and long way by implementing own server and client code with all the problems that may occur and will require troubleshooting and fixing.

    Another very simple way is to use intermediate service using publish-subscribe pattern. For example such service is provided by NATS and Redis servers, which both work very well under Windows (well, Redis runs old 3.2.x version), but also can be installed on other operating systems.

    Publish-subscribe allows clients to subscribe to a topic (like chat channel). Other clients (called publishers) can send messages to the channel so the subscribers will receive the message.

    The mentioned above servers - NATS and Redis (which has pub-sub as a feature to its main purpose - memory cache and in general - NoSQL key-value database) are also having possibility to run them as cluster on several computers so even if one computer (server) is not available (failure, restart, some problems, etc.), the clients will automatically switch to another server in the cluster and the communication will continue working.

    Another very good feature to use such communication is that clients know only server(s) IP address and nothing about the other clients. Compared to own written client-server based approach, the use of such communication layer will provide automatic discovery of other pub-sub clients without the need of configuration for IP address, port, etc.

    The most simple example is chat application where different clients connect (subscribe) to channel (topic) and users can send messages to the channel and everyone subscribed will receive it.

    If it is interesting the topic about such type of clients communication (which in general is the principle how many "cloud" applications are working), I can write some more details and short routines which can make the required by the OP client-server communication with few lines of code.

    Some links about NATS, which primary purpose is the messaging (and much more):
    NATS web site
    C# client source with examples

  4. #4
    Sinecure devotee
    Join Date
    Aug 2013
    Location
    Southern Tier NY
    Posts
    5,333

    Re: Packet sniffer .net for secret messages (Need help, i'm stupid)

    Quote Originally Posted by Shaggy Hiker View Post
    It sounds like you are really just talking about sending messages between computers. That's how TCP or UDP would work. I don't see what is different about what you are doing from standard networking.
    Standard networking, you would open a port and listen.
    He wants to capture and display data as Wireshark would, i.e. capture and display any network traffic, or perhaps in his case, specific traffic, like declaring a capture filter in Wireshark, without opening a port, i.e. monitoring existing traffic.
    He also mentions pinging, which would be a lower level (network layer) rather than UDP, TCP which are Transport Layer.

    The way Wireshark does that is by using the pcap utility that was installed as part of wireshark. Pcap will capture traffic at level 2 IP protocol, i.e. lower level than the TCP or UDP, or even the level that ping is at. I believe you can use the Pcap API yourself, although I haven't done it.

  5. #5
    Member
    Join Date
    Jun 2019
    Posts
    35

    Re: Packet sniffer .net for secret messages (Need help, i'm stupid)

    The requirement sounds that something should be "like this", which usually shows that the real requirement could be simplified to much easier task, e.g. "ping" another computer and send specific data.

    Pinging itself is not only lower layer thing, because it could be not ICMP packet, but just a heartbeat signal which can utilize TCP protocol. For example such "pings" can be used to monitor computers in the network to know which are online and which are not. Also such "ping" can be used to send other information - again in computers monitoring the ping data can contain computer name, ip, uptime, CPU and RAM utilization, free disk space, etc. The monitor application will receive this information and show in summarized or detailed form so admins will know what happens on their network.

    Another usage of pings is used in floating licensing where limited number of licenses are used by bigger number of client computers. Again clients send "ping" to server which keeps track of used licenses. When client disconnects - server removes decreases licenses used. At the same time the server sends ping to clients which may go into another state when license server is down, e.g. allow the user to complete current job (save work) and continue in demo mode.

    Above examples are for normal Windows applications written in .NET, but there are many other use cases in network environment.

    So the question is: what is expected - sniff (hard) or just send info and receive it by another computer.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Featured


Click Here to Expand Forum to Full Width