BotHack

BotHack makes getting things done easy and fun. Delving deep into the technoweb, BotHack brings back simple and totally life-altering tips and tricks for managing your information and time. At this wild moment in the development of human-oriented technology, BotHack is your own personal early adopter, here to guide you through the onslaught of the new. The world is full of fascinating problems waiting to be solved: BotHack can help.

Friday, September 09, 2005

Redirecting Connections

The Theory:

Redirecting a connection can sometimes be a troublesome process. For this article, I’m going to use AIM as an example. Let’s say we wish to redirect AIM.exe to connect to our computer. Well, apart from actually modifying the exe file or the memory, how could you tell AIM to connect to a different IP than normal? Simple, most all clients use a domain name instead of a direct IP. For instants, AIM uses “login.oscar.aol.com” (and probably some other servers) to connect to its main server. The domain name “login.oscar.aol.com” can be resolved to an IP like “64.12.161.185”. However, we don’t want it to resolve an IP like “64.12.161.185”; we want it to resolve an IP like “127.0.0.1” or “192.168.X.X” (our own computer). When any program wishes to resolve a domain name’s IP it looks to our DNS (Domain Name System/Server). What we have to do is simply fake the IPs that are included in the DNS packets.


Down And Dirty:

This is how we go about faking IPs and such. First get yourself a good DNS Server, I found that http://www.simpledns.com/ (Simple DNS Plus) works very well for a 14 day trial. Load your DNS program up and enter in “login.oscar.aol.com” and the IP “127.0.0.1”. In Simple DNS Plus just go to the DNS Records section and click Quick Domain Wizard. Under Domain Name put “login.oscar.aol.com” and you’re done; unless you want to add an alternative IP in there where it says “127.0.0.1” or “192.168.X.X”. Now, go into your Network Connections in Windows (right click Network Places and hit Properties). In there, right click on your main Local Area Connection and hit Properties. In the properties window, look for a setting called “Internet Protocol (TCP/IP)” and double click it. It should bring up yet another Properties window, but this is where we’re going to specify our new DNS Server (ourselves!). Hit the radio button that says “Use the following DNS server addresses:” and in those two IP boxes, type “127.0.0.1” and whatever your network address is (or if you don’t have one leave it blank). Now click OK on both Properties windows and close out of Network Connections. Note: You will have internet but you won’t be able to browse websites (because it can’t resolve the IPs for the website names). Now when you try to login to AIM, Simple DNS Plus should get a request for “login.oscar.aol.com” and it should send back the IP “127.0.0.1”, AIM will then think that its supposed to connect to “127.0.0.1” and it will attempt to. From there on you can do anything, like make a fake server, or make a Man In The Middle program.


Die Dulci Fruere

posted by Nitterbog @ 11:12 AM 

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home