将UDP封装在TCP协议中
我不太确定从哪里开始所有这些,但我假设我需要某种网络驱动程序来捕获所有 UDP 流量。 (请告诉我哪个记录最好并且有效)
在我成功捕获 C# 中的 UDP 数据包后,我将通过 TCP 连接将它们发送到我的服务器,此时我需要将 UDP 发送到目的地,然后将响应传输回客户端计算机(即捕获数据包),然后将响应发送到程序,就像直接从相关服务器发送响应一样。
所以基本上我的连接如下:
Client running UDP program <<==TCP connection==>> Conversion Server <<==UDP connection==>> UDP Server
我需要帮助的点:
- 从程序捕获UDP数据包(使用网络驱动程序)
- 将我从服务器获得的响应发送回程序(使用相同的网络驱动程序???)
编辑#1
好吧,让我澄清一下。我的计算机上有一个我无法控制的程序。我没有它的源代码,没有办法修改源代码,而且我无法使用注入技术告诉它做不同的事情。当然,它使用 UDP 与服务器连接,我需要它才能工作。
现在,我需要让该程序正常运行,但是我位于安全网络后面,该网络不允许 UDP 流量(不要问)。我需要创建一个网络驱动程序来捕获计算机上所有程序生成的所有 UDP 流量,将其发送到专用服务器(在其中我将编写一个服务器守护程序来将 TCP 转换为 UDP 并将其发送到原目的地)。
I'm not quite sure where to start with all of this, but im assuming im going to need some sort of network driver to capture all of the UDP traffic. (Please tell me which one is best documented and works)
After i am capturing UDP packets in C# successfully, i will be sending them over a TCP connection to my server, at which i need to send out the UDP to the destination, and then transmit the response BACK to the client machine (that is capturing the packets) and then send the response to the program as if it was directly from the server in question.
So basically my connection is below:
Client running UDP program <<==TCP connection==>> Conversion Server <<==UDP connection==>> UDP Server
Points I need help with:
- Capturing the UDP packets from the programs (using a network driver)
- Sending the response I get from the server back to the programs (using the same network driver????)
Edit #1
Alright, let me clarify. I have a program on my computer, that I have no control over. I dont have its source, there is not way to modify the source, and I cant use injection techniques to tell it to do something different. And of course, it uses UDP to connect with a server, and i NEED that to work.
Now, I need to get that program working, however I am behind a secure network, that does not allow UDP traffic (dont ask). I need to create a network driver that captures all of the UDP traffic generated by ALL the programs on my computer, send it to a dedicated server (in which i would have coded a server daemon to translate the TCP to UDP and send it to the original destination).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您需要编写一个LSP(分层服务提供程序)并安装它。在实现 LSP 时,您的代码将获取从 UDP 端口接收到的实际数据包,然后将其发送到 TCP 服务器,TCP 服务器将进行一些修改。完成此操作后,您可以将 LSP 代码中修改后的数据包而不是实际的数据包发送到应用程序。您可以在此处找到一些详细信息。
资源:
You need to write an LSP (Layered Service Provider) and instal it. When implementing the LSP, your code will get the actual packet received from UDP port and then it will send it to TCP server which will make some modifications. After that is done, you can send the modified packet from the LSP code instead of the actual one to the application program. You can find some details here.
Resources:
您需要将网卡设置为混杂模式(如 Ethereal/Wireshark)。您需要按某种模式过滤所有 UDP 数据包,以识别正在发送这些数据包的应用程序(可能通过目标地址,也可能通过有效负载)。这将照顾到捕捉。
然后,您创建一个服务器,一侧为 UDP 服务器(防火墙内),另一侧为 TCP 客户端,该服务器将 UDP 流量封装在 TCP 中,并将其发送到另一台服务器(防火墙外),该服务器将执行相反的操作。
总的来说,这是可行的,而不是火箭科学,只需要对网络有很好的了解。
PS 这让我想起了一个人如何访问银行系统一次,但只有 ICPM (ping) 出来。因此他编写了 TCP-over-PING,并能够以这种方式进行 telnet。有趣的。
You need to set your network card to promiscuous mode (like Ethereal/Wireshark) does. You need to filter all UDP packets by certain pattern to identify that it is the application in question that is sending those (maybe by destination address, maybe by payload). That will take care of the catching.
Then you create a server with UDP server (inside the firewall) on one side and TCP client on the other which will encapsulate UDP traffic in TCP and send it to the your other server (outside of the firewall) that will do the opposite.
Overall this is doable and not rocket science just need a good understanding of networks.
P.S. It reminds me how a guy got access to a banking system once and it only had ICPM (ping) out. So he wrote TCP-over-PING and was able to telnet in that way. Funny.