Hello.
Basically, I want to know how can I intercept/sniff all tcp/udp network traffic for some specific application like the tunneling applications do? For example ProxyCap allows to tunnel all traffic for specific application to some proxy. So as I can understand those programs can intercept all traffic before they change/reroute it.
I've tried using winpcap but even Wireshark. But it doesn't work if you have proxycap installed. I mean, it does not capture application traffic:
- Traffic from my program intercepted by the ProxyCap
- ProxyCap redirects it all to localhost proxy
- My localhost proxy is actually a Your-Freedom gateway proxy
- Your-freedom proxy sends traffic to their servers (traffic goes to internet).
When I start Wireshark sniffing (which is based on winpcap driver) I see only traffic from step #4 (when it goes to the internet). And this traffic is not raw (it's packed/encoded) so it doesn't work for me to sniff it.
So since I need to sniff all the traffic I thought that I either find a way to sniff before ProxyCap (or after it, but I don't think it's possible since traffic redirected to the loopback proxy).
I want to ask you guys - is there a way to intercept/sniff traffic like ProxyCap (or other tunneling applications) do?