tags:

views:

513

answers:

0

Hello.

Basically, I want to know how can I intercept/sniff all tcp/udp network traffic for some specific application like the tunneling applications do? For example ProxyCap allows to tunnel all traffic for specific application to some proxy. So as I can understand those programs can intercept all traffic before they change/reroute it.

I've tried using winpcap but even Wireshark. But it doesn't work if you have proxycap installed. I mean, it does not capture application traffic:

  1. Traffic from my program intercepted by the ProxyCap
  2. ProxyCap redirects it all to localhost proxy
  3. My localhost proxy is actually a Your-Freedom gateway proxy
  4. Your-freedom proxy sends traffic to their servers (traffic goes to internet).

When I start Wireshark sniffing (which is based on winpcap driver) I see only traffic from step #4 (when it goes to the internet). And this traffic is not raw (it's packed/encoded) so it doesn't work for me to sniff it.

So since I need to sniff all the traffic I thought that I either find a way to sniff before ProxyCap (or after it, but I don't think it's possible since traffic redirected to the loopback proxy).

I want to ask you guys - is there a way to intercept/sniff traffic like ProxyCap (or other tunneling applications) do?