I'm currently playing around with WebRTC on Chrome behind a company firewall, using Google's demo app at: https://apprtc.appspot.com. Is there any sure-fire way to determine whether the connection being made to another app user outside my company firewall is via UDP or streaming TCP through Google's STUN/TURN server? chrome://webrtc-internals provides a lot of stats, but nothing obvious to me. Or is there an API call I can make during the session to determine the transport type? Thanks
=========== UPDATE ==============
FYI, this provides more information - press 'i' when using the demo app will show if using a TURN server (but not if using tcp/udp).
Wireshark will work fine for that. On Firefox, you can go to about:webrtc, click on the peerconnection, and see which candidates from ICE were selected (and if they're TCP or UDP, etc).
[edit - added]
Programmatically, you can look at the type of candidates using statistics reports, such as in this example and this PR and using the type property. You may have to parse the SDP to get the priority from the Candidates in Firefox. (thanks to Fippo for pointing this out).
Related
I'm trying to figure out the communication between an iOS app, and an online server. To my knowledge, a REST service is used.
With a tricky setup with two macs, an ethernet hub and an iPhone, I manage to capture the traffic between the device and the server.
So far so good. However, when I fire up the app, a trace is shown in Wireshark (also very good), but all that is listed is in TCP protocol, where I am expecting HTTP protocol.
Now, I'm running out of knowledge.
Does this mean, that there is no HTTP communication going on at all, or am I seeing raw TCP packages that need to be assembled into HTTP? If the latter, how do I approach that, and will I ever see readable xml?
Thanks for your insights!
Actually, this question became obsolete, since I found exactly what I wanted to do here:
http://nickfishman.com/post/50557873036/reverse-engineering-native-apps-by-intercepting-network
Since I'm not happy with the functionality of an iPhone App that operates my Actioncam, I would like to write an app that improves on that functionality.
In order to do that, by lack of proper documentation, I need to reverse engineer the communication between the App and the Device.
What I know, is that the Device only responds on ports 21, 554 and 15740.
I managed to create a setup including an iPhone, the Device and two Macs, and traffic analyzing software called Charles (but likely I could also use Wireshark), that shows me all HTTP(S) traffic.
This is where my knowledge ends. What I hoped to see, was that Charles would report something like
rtsp://[my device ip, which is known to me]:554/[unknown to me path]
Potentially it would even involve a login and password in that URL.
Could any of you give me a hint on how to proceed? Aforementioned software seems to be limited to HTTP traffic.
What excatly do you want to reverse engineer? The video feed or control logic? From what you mentioned it seems that 21 could be used for FTP, 554 for RTSP and 15740 for some custom TCP protocol. If you have no idea about the format of the data that is sent over to the port 15740 it will be quite hard to reverse engineer (except if it is some kind of plain text ascii protocol).
For the video feed - I'd suggest setting up Wireshark to monitor the port 554 and then you should be able to see the url of the video location from the DESCRIBE command.
I'm looking for the name of a protocol and example code that permits handing off IP/port connections to establish unmediated P2P after introduction through a server.
Simple example:
You and I both start chat programs that connect to chatintroduce.com (fictional server). I send you a "Hi! Wanna chat?" message. It doesn't get sent. Instead my chat program tells chatintroduce to send your chat program a request for connection. You respond to a prompt and your chat program tells chatintroduce to broker the connection. Chatintroduce establishes an initial two-way connection between us. Now, this final step is important, chatintroduce releases control and our two chat programs now talk directly to each other without any traffic through chatintroduce.
In other words, I construct packets which have your IP address and you receive them without interference from firewalls, NATs or any other technologies. In other words, true peer-to-peer connection independent of intermediate server.
I need to know what search terms to use to find appropriate technology. An RFC name would suffice. I've been searching for days without success.
I think what you are looking for is TCP/UDP hole punching which typically coordinates the P2P connection using a STUN server to determine the "capabilities" of the firewalls (e.g. is it a full cone nat? symmetric?).
https://en.wikipedia.org/wiki/Hole_punching_(networking)
We employed this at a company I worked for to create a kind of BitTorrent that could circumvent firewalls for streaming video between two peers.
Note that sometimes it is NOT possible to establish a connection without the intermediary.
What you are looking for is ICE protocol. RFC 5245. This protocol is used for connecting two peers through NAT traversal. There are some open source libraries and also some proprietary libraries for this. You can search google with ICE implementation.
You will also need to read about some additional protocols. These are used with ICE protocol. They are STUN and TURN.
For some cases you can't make P2P call 100% time. You will have to use a relay server. Like if the NAT combination of two peers are Symmetric vs Symmetric/PRC. That relay server is called TURN server.
Some technique like Port forwarding and TCP/UDP hole punching will help you to increase P2P rates.
See this answer for more information about which combination of NAT will require a relay server and which don't.
Thank you. I will be looking further into ICE, STUN, TURN, and hole-punching.
I also found n2n which looks like almost exactly what I wanted.
https://github.com/meyerd/n2n
http://xmodulo.com/configure-peer-to-peer-vpn-linux.html
With n2n, one makes a VPN with a super node that all other edge nodes know.
But once the introductions are made, the super node can be absent.
This was exactly what I wanted. I hope it works across platforms (linux, MacOS, Windows).
Again, I am still researching before implementation, so your advice was very important to me.
Thank you.
Use PJNATH. Its open source.
http://www.pjsip.org/pjnath/docs/html/
There is not much open source on NAT Traversal. As far as I know PJNATH is good.
For server you can use Google's Open source STUN and TURN server.
After googling thoroughly I finally decided to post my problem which is really giving me nightmares.
In my app I am trying to connect to a TCP server using the Network Carrier internet and using following connection string:
url="socket://"+ip+":"+port+";deviceside=true;connectionTimeout=30000;apn=;tunnelauthusername=;tunnelauthpassword=;";
I am able to connect to internet through the phone's browser but not able to connect to TCP server through app.
In my device APN authentication is disabled by default and APN,Userid/Password fields are blank thats why i have taken these parameters as blank valued in the connection string.
When i try to connect through wifi network using the string below:
url="socket://"+ip+":"+port+";deviceside=true;interface=wifi;connectionTimeout=30000";
I am able to connect to server but not in the case via APN.
Please help me out.
I am just stuck here and finding no way out.
Thanks
There are a variety of methods of connecting to a Server. What you are doing is specifying the method to use in the connection suffix which you set. The options that you can use in the connection suffix are documented in the BB KB article here:
Different-ways-to-make-an-HTTP-or-socket-connection
If you are supporting really old phones (pre OS 5.0), then this is the only option you have. But the trick with this is that you have to figure out what connection method is going to work on your device at the time you make the request. There is a load of code floating round the internet to do this, most of it dubious.
If you are OS 5.0 or above, then you can use a more advanced API, the ConnectionFactory, to make this easier, and in OS 6.0 even more advanced features. These are all documented on the BB Java microsite, see here:
BB OS Networking
The option you are using is the GCF framework. I recommend you investigate the "Network API" if you are supporting OS 5.0 and later only. You might also investigate the "Network API alternative for legacy OS".
This does not answer the frequent question, "how come the Browser can connect and I can't in my app?". This is because the Browser uses a special BlackBerry connectivity method referred to as BIS-B. The good thing about BIS-B is that it will work for any BB phone that has a BlackBerry tariff, and requires no configuration. The bad thing is that you do not get access to it as of right. To get access to it, the easiest thing to do is to ask for Push support, even if you are not planning on using it immediately but might in the future. This is documented on the page above.
But back to your question. The APN values in your TCP configuration being not set, does NOT mean you don't have to set them. The values specified in the Options are used as the default values should someone code ";deviceside=true" as a connection string - the idea being that users can set these for themselves and application developers don't code anything. These values are specific to your carrier. So search to find out what values you need to use. You will either put these values in the TCP Options (and so don't code them in your connection suffix), or put in your connection suffix. If you can't find out what you should put in there, you need to ask your carrier.
On most BlackBerry tariffs, using direct TCP through the APN may cost the user something for the data, and will also require configuration. Alternatively, you can use WAP 2, which may also cost for data, but doesn't require any configuration. The advantage of both these is that they will work on phones that are not using a BlackBerry tariff.
My recommendation is to look at connecting using ConnectionFactory (Network API), but this will only work for OS 5.0 and above.
I am trying to build an application that can inform a user about website specific information whenever they are visiting a website that is present in my database. This must be done in a browser independent way so the user will always see the information when visiting a website (no matter what browser or other tool he or she is using to visit the website).
My first (partially successful) approach was by looking at the data packets using the System.Net.Sockets.Socket class etc. Unfortunately I discoverd that this approach only works when the user has administrator rights. And of course, that is not what I want. My goal is that the user can install one relatively simple program that can be used right away.
After this I went looking for alternatives and found a lot about WinPcap and some of it's .NET wrappers (did I tell you I am programming c# .NET already?). But with WinPcap I found out that this must be installed on the user's pc and there is nog way to just reference some dll files and code away. I already looked at including WinPcap as a prerequisite in my installer but that is also to cumbersome.
Well, long story short. I want to know in my application what website my user is visiting at the moment it is happening. I think it must be done by looking at the data packets of the network but can't find a good solution for this. My application is build in C# .NET (4.0).
You could use Fiddler to monitor Internet traffic.
It is
a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.
It's scriptable and can be readily used from .NET.
One simple idea: Instead of monitoring the traffic directly, what about installing a browser extension that sends you the current url of the page. Then you can check if that url is in your database and optionally show the user a message using the browser extension.
This is how extensions like Invisible Hand work... It scans the current page and sends relevant data back to the server for processing. If it finds anything, it uses the browser extension framework to communicate those results back to the user. (Using an alert, or a bar across the top of the window, etc.)
for a good start, wireshark will do what you want.
you can specify a filter to isolate and view http streams.
best part is wireshark is open source, and built opon another program api, winpcap which is open source.
I'm guessing this is what you want.
capture network data off the wire
view the tcp traffic of a computer, isolate and save(in part or in hole) http data.
store information about the http connections
number 1 there is easy, you can google for a winpcap tutorial, or just use some of their sample programs to capture the data.
I recomend you study up on the pcap file format, everything with winpcap uses this basic format and its structers.
now you have to learn how to take a tcp stream and turn it into a solid data stream without curoption, or disorginized parts. (sorry for the spelling)
again, a very good example can be found in the wireshark source code.
then with your data stream, you can simple read the http format, and html data, or what ever your dealing with.
Hope that helps
If the user is cooperating, you could have them set their browser(s) to use a proxy service you provide. This would intercept all web traffic, do whatever you want with it (look up in your database, notify the user, etc), and then pass it on to the original location. Run the proxy on the local system, or on a remote system if that fits your case better.
If the user is not cooperating, or you don't want to make them change their browser settings, you could use one of the packet sniffing solutions, such as fiddler.
A simple stright forward way is to change the comupter DNS to point to your application.
this will cause all DNS traffic to pass though your app which can be sniffed and then redirected to the real DNS server.
it will also save you the hussel of filtering out emule/torrent traffic as it normally work with pure IP address (which also might be a problem as it can be circumvented by using IP address to browse).
-How to change windows DNS Servers
-DNS resolver
Another simple way is to configure (programmaticly) the browsers proxy to pass through your server this will make your life easier but will be more obvious to users.
How to create a simple proxy in C#?