Capturing traffic from Genymotion or any other virtual box based emulator without a proxy!

    No Comments

     

    I was asked how one could capture traffic for Android applications that ignore proxy settings such as WhatsApp! Fortunately using the Genymotion or Xamarin emulator make it easy by doing a little virtual network plumbing. J

    In summary the steps are as follows

    1. Create a new host only virtual box network adaptor
    2. Attach this new adaptor to the 2nd (WiFI ) interface of the emulator
    3. Bridge the new host adaptor with your internet connection
    4. Run wireshark and capture the traffic

     

    Run virtualbox and go to File -> Preferences, this will bring up the settings menu

    Click on the add icon and create a new Host Only Ethernet Adaptor

     

    Click OK and save

    Now we need to create the bridge between the Host Only virtual adaptor and the real Ethernet adaptor (or the WIFI if you want)

     

    Go to adaptor settings in windows

    Select the two adaptors to be bridged, use CTRL right click to individually select

    Right Click on one of the selected adaptor s then select bridge connections

     

    Let this run for a minute at which point a bridge adaptor will appear

     

     

    You are now all set to capture

     

    Run the emulator and track with a Wireshark capture on the physical adaptor

     

     

    Have fun!

    Categories: Uncategorised

    Interfacing physical OTG devices to Genymotion Android VM

    No Comments

    Using a virtual Android device does NOT mean you can’t interface real devices to it.

    In this example I will show how to configure a Genymotion Android VM to interface to an ANT+ usb dongle and receive Heart rate information from an ANT+ enabled heart rate monitor

    The key to interfacing USB devices to a Genymotion Android VM is to be familiar with the USB device filters of the Oracle Virtual Box Product which is the host for the Genymotion VM

    Open Virtual Box, Highlight the target VM and Select Settings

    Select USB

    Select USB and make sure USB Controller is enabled. You will see a list of detected devices in the Device Filter Dialog, Select the Device you wish the virtual machine to have access to.

    The usb filter works by matching various parameters such as vendor ID, Product ID and Serial number.

    This can be seen by editing the Filter as follows

    The filter will list the parameters that need to be matched to connect the device. The trick is to use as few parameters as possible as the filter can be buggy!

     

    Once the filter is enabled, fire up the Genymotion machine, THEN plug in the device

    I use the “USB device info” App installed on the VM to check the status of the USB device

    AS you can see the device is seen by the Genymotion VM and can be used with the appropriate App

    Have fun using your emulator as USB enabled device.

    Categories: Uncategorised

    Reverse Engineering a SOAP web service in .NET (WCF)

    No Comments

    As much as we complain about SOAP web services. SOAP has the great advantage in that everything we need to know to know is contained in the WSDL file. Also if you are interfacing to SAP and other ERP systems you can be sure that they will have a SOAP implementation

    WDSL stands for (Web Service Definition Language) and provides us all the information we need, especially our method prototypes and data types that need to be serialised

    The procedure to reverse engineer a SOAP web service is as follows

    1. Obtain the WSDL file describing the service
    2. Run SVCUTIL.exe on the WSDL to generate the interface class source and the output.config
    3. Inherit the interface class in your service class
    4. Implement the action methods in your service class
    5. Incorporate the channel binding in output.config into the web.config file

    Let’s look at a simple example. A soap service that returns a GUID.

    First create an empty WSDL service:

    In visual studio 2013

    File -> new project ->WCF->WCF Service Application

     

    Copy the WSDL file from the original service to into the directory containing the service source files

    Now run svcutil on the wsdl file.

    Note that the ScvUtil.exe resides in the .NET tools directory. Two files will be created, guidService.cs and output.config

    The guidService.cs file contains the service and operations contracts decorations and the interface class for the service.Replace the service and Operations contracts in your Iservice.cs file with these definitions.

    This is where a lot of time and pain is saved.(If any of the method definitions has a misspelt parameter this will cause an error when interfacing to the service and can be quite difficult to find. Same goes for the Namespace and configuration name)

    Incorporate the binding information from the output.config file to your web.config file.

    Finally in your service.svc file inherit the interface class and implement the methods required

    And now you have your own implementation of the original web service.

    To test your reverse engineered web service take the original wsdl and load this into SOAP UI, if you can connect and operate the service with the original wsdl you are worthy J

    Hope this helps with your testing J

     

     

     

    Categories: Uncategorised

    TCP multiplexing for normal people

    No Comments

    TCP is a connection oriented protocol, meaning that the protocol guarantees the order of information delivery in the same way a telephone connection ensures that the information in transmitted in correct order as compared to UDP where order and delivery are not guaranteed. (similar to sending postcards)

    Establishing a connection

    A three way handshake is used to establish a connection as follows

     

    Once a connection is made then information can be transferred

    Similarly several packets are required to tear down a connection as follows

    As can be seen each connect has an overhead of 7 packets each with associated network latency.

    Consider the bad old days of http 1.0. Every resource on a web page required a separate connection so multiple connection setups and tear downs slowed page loading. Also each connection would require memory and an entry in the session table reducing the scalability of the server

    One of the major improvements in http 1.1 was to allow persistent connections

    A persistent connection is one where the connection is not torn down once the client has received a response from the host. A webpage being served over http 1.1 would use a single connection for all resources both text and images.

    Another example of this optimisation is with the SMPP (Short Message Peer to Peer) protocol. This is a protocol running over IP allowing hosts to transmit SMS messages to a telecommunications SMS controller. An example might be a bank which sends SMS messages as a client progresses through a loan application. This protocol uses the concept of “Binds” which are long lived TCP connections. An SMPP client will send an open bind command to the SMS controller and then send SMS messages ad hoc also sending keep alive packets to maintain the connection. Using this strategy a single connection can transmit thousands of sms messages.

    TCP Multiplexing takes this further. In the previous examples each IP source IP would need a separate connection to the server to be able to transfer information. In home networking a single public IP address is used to provide internet access to a host of home devices using network address translation (NAT)

    In the above example the NAT router uses a single public IP address 14.1.23.5 to serve 4 internal PCs. This is done by the router maintaining a natp table

    A load balancer can use a similar strategy to allow many clients to share a single TCP connection on a webserver

    The load balance will then terminate the connections from the client , translate the source port and IP address and multiplex requests down

    a single connection. This frees the webserver of the overhead of continual TCP connection and teardown, allowing a large number of clients to be

    serviced by a single server

    Categories: Uncategorised