Encapsulating UDP in a TCP protocol

Question

I'm not quite sure where to start with all of this, but im assuming im going to need some sort of network driver to capture all of the UDP traffic. (Please tell me which one is best documented and works)

After i am capturing UDP packets in C# successfully, i will be sending them over a TCP connection to my server, at which i need to send out the UDP to the destination, and then transmit the response BACK to the client machine (that is capturing the packets) and then send the response to the program as if it was directly from the server in question.

So basically my connection is below:

Client running UDP program <<==TCP connection==>> Conversion Server <<==UDP connection==>> UDP Server 

Points I need help with:

• Capturing the UDP packets from the programs (using a network driver)
• Sending the response I get from the server back to the programs (using the same network driver????)

Edit #1

Alright, let me clarify. I have a program on my computer, that I have no control over. I dont have its source, there is not way to modify the source, and I cant use injection techniques to tell it to do something different. And of course, it uses UDP to connect with a server, and i NEED that to work.

Now, I need to get that program working, however I am behind a secure network, that does not allow UDP traffic (dont ask). I need to create a network driver that captures all of the UDP traffic generated by ALL the programs on my computer, send it to a dedicated server (in which i would have coded a server daemon to translate the TCP to UDP and send it to the original destination).

Answer 1

You need to write an LSP (Layered Service Provider) and instal it. When implementing the LSP, your code will get the actual packet received from UDP port and then it will send it to TCP server which will make some modifications. After that is done, you can send the modified packet from the LSP code instead of the actual one to the application program. You can find some details here.

Resources:

• WinSock LSP Sample
• Layered Service Provider (LSP) Best Practices Whitepaper

Answer 2

You need to set your network card to promiscuous mode (like Ethereal/Wireshark) does. You need to filter all UDP packets by certain pattern to identify that it is the application in question that is sending those (maybe by destination address, maybe by payload). That will take care of the catching.

Then you create a server with UDP server (inside the firewall) on one side and TCP client on the other which will encapsulate UDP traffic in TCP and send it to the your other server (outside of the firewall) that will do the opposite.

Overall this is doable and not rocket science just need a good understanding of networks.

P.S. It reminds me how a guy got access to a banking system once and it only had ICPM (ping) out. So he wrote TCP-over-PING and was able to telnet in that way. Funny.