Reputation: 405
how to intercept and modify tcp packets sent and received by a certain process?
Assuming there is a process under my control (I can run it and send it commands) that sends and receives tcp packets (maybe some other types of protocol)
How can I intercept its outgoing packets and change their payload? Netfilter was suggested as a solution in another question (Intercepting/Rerouting TCP SYN packets to C++ program in linux)
For incoming packets, I only need to read them so that problem can be solved with wireshark or something along that line.
I am trying to understand if there is any better way of doing it given my particular use case (particular known and controlled process).
The final goal is to effectively alter the payload of a packet sent by a process right after it is sent and monitor the rest of the packets.
Thanks
Upvotes: 2
Views: 2770
Answers (1)
Reputation: 405
Eventually, for my particular use case, proxies solved my issue.
I got the process under my control to use a socks5 proxy.
For incoming connections, I used a reverse proxy.
This allows me to view/tamper with the packets.
Upvotes: 1
Related Questions
- How can I review and possibly alter all raw packets going through my system?
- Howto intercept tcp packet and modify in the fly?
- Intercepting and modifying specific packets (IPv4/TCP)
- How to intercept packet on TCP layer in kernel to analyze data?
- how to intercept IP packets on linux
- intercepting network data from a particular program
- Intercept traffic above the transport layer
- Intercepting/Rerouting TCP SYN packets to C++ program in linux
- How to analyze/intercept packets before they are sent/received by the OS?
- How do I hook the TCP stack in Windows to sniff and modify packets?