Skip to main content

Multi-Protocol Proxy Over TCP & UDP

By admin

Many years ago I programed a console based multi protocol proxy (the sha0proxy) lately I created in dotnet a graphical verison of the tool, but due to the form referesh speed finally I implemented it in C++ with Qt.

This tool useful for reversing, exploiting & pentesting was finally called rproxy, and its a multi-protocol proxy over TCP or UDP.





Being in the middle of the communication you can view and modify the bytes before being sent to the client or server.

In the tools tab right now its possible to open the blob on radare2 for further reversing of the data structures or code.


A basic mutation based fuzzer is implemented for bug-hunting, just set the % ratio of mutation and the bytes will be modified during specific communications phase.

One of the powerful things of this tool is the scripting, it is possible to automate a modification in specific moment of the traffic flow.



For example a script with a single line: "IN 3 20 3F" will write a 0x3f on the offset 20 only on the third packet received from the server. I have used this feature for triggering vulnerabilities.

Regarding the saving and loading data from disk, it's possible to save and load data in raw and hex formats. Also can be configured for save all the communications or only specific emission.


Find the source code and binaries at github: https://github.com/sha0coder/reproxy



Related links


Comments

Post a Comment

Popular posts from this blog

Reversing C++ String And QString

By admin
After the rust string overview of its internal substructures, let's see if c++ QString storage is more light, but first we'r going to take a look to the c++ standard string object: At first sight we can see the allocation and deallocation created by the clang++ compiler, and the DAT_00400d34 is the string. If we use same algorithm than the rust code but in c++: We have a different decompilation layout. Note that the Ghidra scans very fast the c++ binaries, and with  rust binaries gets crazy for a while. Locating main is also very simple in a c++ compiled binary, indeed is more  low-level than rust. The byte array is initialized with a simply move instruction:         00400c4b 48 b8 68        MOV        RAX,0x6f77206f6c6c6568 And basic_string generates the string, in the case of  rust this was carazy endless set of calls, detected by ghidra as a runtime, but nevertheless the basic_str...
Post a Comment
Read more

5 Costly Crypto Investing Mistakes to Avoid in Choppy Markets

By admin
Crypto markets can be a wild ride, with exhilarating highs often followed by gut-wrenching lows. Many investors see massive gains during bullish trends only to watch them evaporate in sideways or bearish phases. The key to preserving your portfolio lies in avoiding common pitfalls that trap even seasoned traders. This article dives into five critical mistakes crypto investors make in choppy markets and offers actionable strategies to steer clear of them. Whether you're a beginner or a veteran, these insights will help you navigate the volatile crypto landscape with discipline and confidence. The Perils of Slow Decision-Making In crypto, hesitation can be costly. Opportunities often arise from compelling setups — whether it's a promising chart pattern, a groundbreaking technological innovation, or strong on-chain signals like whale wallet activity. However, in dull or sideways markets, investors often become lethargic, missing the window to act. By the time social media buzz ign...
Post a Comment
Read more

דף הבית | הטכניון - מכון טכנולוגי לישראל

By admin
https://technion.ac.il http://library.technion.ac.il/he https://www.technion.ac.il/%D7%A8%D7%A9%D7%99%D7%9E%D7%AA-%D7%94%D7%A4%D7%A7%D7%95%D7%9C%D7%98%D7%95%D7%AA-2/ http://www.admin.technion.ac.il/dpcalendar/ https://www.technion.ac.il/%D7%94%D7%A0%D7%94%D7%9C%D7%94-%D7%91%D7%9B%D7%99%D7%A8%D7%94/ https://www.technion.ac.il/%D7%A1%D7%9E%D7%99%D7%A0%D7%A8%D7%99%D7%9D/ https://dean.web.technion.ac.il/%D7%A7%D7%9E%D7%A4%D7%95%D7%A1-%D7%AA%D7%95%D7%A1%D7%A1/ http://www.dmag.co.il/pub/technion/tmag.html http://moodle.technion.ac.il/ https://tender-logistics.web3.technion.ac.il http://cis.technion.ac.il/ http://video.technion.ac.il/ https://portal.technion.ac.il/irj/portal https://www.technion.ac.il/ https://www.technion.ac.il/en/home-2/ http://arabic.net.technion.ac.il https://www.technion.ac.il/%d7%97%d7%96%d7%95%d7%9f-%d7%94%d7%98%d7%9b%d7%a0%d7%99%d7%95%d7%9f/ https://www.technion.ac.il/%d7%94%d7%99%d7%a1%d7%98%d7%95%d7%a8%d7%99%d7%99%d7%aa-%d7%94%d7%98%d7%9b%d7%a0%d7%99%d7%95%d7%9f/ ht...
Post a Comment
Read more