I'm working on a Qt/C++ project, and one of its functions is setting up a MySQL database. That particular bit of code works fine, but one of the things that the user must provide to make it work is the port that the MySQL process is currently listening on. This is usually 3306 or 5432, (depending on OS... MySQL usually wants to use 3306 first but I’ve had it try to use the Postgres port on one occasion) but I feel like I need to account for strange configurations. Many users will have no idea what to put in that field unless they know enough about MySQL to know what ports it uses. (most people don't) My target audience for the program is everyone who might want to keep a computerized diary, so it would be nice if the program can find the correct port on its own.
I could have the program run through a list of commonly-used ports until it finds the right one, (which should work in most setups) but it would be better if it could actually figure out which port to use. That way, there won't be any problems if the user has a bizarre configuration for some reason.
Any idea how I would go about doing this? I've tried googling and I found nothing relevant.
I can see of two methods to go about doing this. One: a simple port scanner. Like you said scanning all normally used ports, if nothing is found you can scan all the ports, it shouldn't be that hard to implement, you scan the ports and ask for a response only MYSQL will give to a particular method, this way you know that it is indeed MySQL on that port.
Secondly, you could attempt to figure out what the port is through the registry. Assuming this is a windows OS you could find that in the registry (hopefully), if it were linux OS you'd find it in MySQL's settings files, ect...
But I see no "UNIVERSAL CONSTANT" for this, I think it would be easiest to implement a simple port scanner.
The registry probably won't be needed actually, Searching my MySQL directory on Windows 7 I found a "my.ini" searched for port and its right there "port=theport"
Thus you can probably search for the mySQL directory and the .ini file to find the port.
Related
Recently I've been dabbling with networking and specifically libssh.
I've been connecting to a server, and everything works pretty well but now I would like to find out some kind of way to discover what (if any) compression a server uses. I've tried the ssh_options_get() function with SSH_OPTIONS_COMPRESSION:
ssh_options_get(s_session, SSH_OPTIONS_COMPRESSION, comp);
but it doesn't seem to do anything at all.
The documentation doesn't say anything about recieving the compression level with any of these commands. If someone could point me in the right direction, I would be very thankful!
I would like to ask if there is a way to read DHCP option in Qt or c++ (Qt would be better) on linux. I have my own cups backend and would like to read option 9 - LPR Servers (all of the listed IP addresses) and use it as device uri.
So I want to know how to get specific (or all) option(s) informations from the DHCP lease.
I've looked to Qt's documentation but wasn't able to find anything useful and couldn't find any c++ libraries for linux.
I had exactly the same problem. I have found a library called Libcrafter which has a lot of features including DHCP support. There is a good example of DHCP usage in their examples. It is example #8.
This requirement is quite specific. I don't know there's such individual library for mere DHCP options.
So my suggestion is that, down one DHCP implementation(http://en.wikipedia.org/wiki/Comparison_of_DHCP_server_software), study how it handles the options.
Take dnsmasq_2.72 as an example, in file src/dhcp-common.c, there's function lookup_dhcp_opt().
I need to capture network traffic that is going in/out of a particular application. The main issue is that I would like to do this in a blocking fashion -- i.e. capture the traffic, perform some analysis and encryption/decryption on it and then forward it along its regular route. So, it must use some sort of a blocking mechanism.
Is there some code or a library that makes this easy to do on Windows (Server 2008 or Win7 will do)? Any C++ (or Python/Java) classes or libraries that already exist?
I intend for the solution to also execute on the same machine as the target app and have administrative privileges.
Any pointers to code samples would be greatly appreciated.
Thanks for your help.
p.s.: I have been looking at WinPcap but from my (limited) understanding, it can't filter/block based on specific applications. Is that right, or did I miss something? Any other solutions out there?
For this you should look at WinDivert. Unlike regular packet sniffers (like winpcap), WinDivert also has the ability to block/filter packets, so it might be what you are looking for. Disclosure: WinDivert is my own project.
I know DNS is typically handled by the operating system, but I'm working under the assumption that DNS has been broken on the target system (this is a tool to diagnose DNS misconfiguration). I therefore need to implement DNS myself, to check the results I get back from the system against a known good DNS server.
You can do this with the NSLookup or Dig tools, specifying a DNS server address manually, but it appears the Windows API calls for doing this (e.g. GetAddressByName) don't allow me to specify a server to query, and use the system's configured target instead.
I tried to look for the RFCs on DNS, but unfortunately they are clear as mud to me -- they make the HTTP spec look like the clearest and most well written spec ever produced.
I also don't want to reinvent something that someone else has already done several times before.
You might try: http://25thandclement.com/~william/projects/dns.c.html . Also, see Need To Build Simple DNS Resolver in C
Actually, a Google search of "DNS resolver C" reveals several possibilities.
Try the c-ares library, which as I understand it does implement its own DNS stack. I've used it successfully on linux, and they say that it supports Windows, though I haven't tried it myself. It isn't C++, just plain C, but you can easily enough write a C++ wrapper for it.
It gets bonus points for being asynchronous, and providing hooks by which you can integrate it with an existing event loop.
I know that the question is old, but I haven't found good answer for me here.
I have found poslib as the best dns library with very easy interface.
http://www.vantage-points.org/libvdns.html
http://directory.fsf.org/project/FireDNS/
Did never use this, but maybe that helps you?
I'd suggest libunbound which (together with ldns) is a standalone library included with the Unbound recursive resolver.
It has DNSSEC validation support too, which will become useful as DNSSEC continues to get deployed.
See http://unbound.net/
djbdns contains a DNS client library which you could use:
http://cr.yp.to/djbdns/dns.html
This is independent of the system DNS resolver libraries and will generate the right UDP packets. If you really wanted to get clever, you could combine it with dnscache, or look at the dnstrace utility to resolve names from root servers and see what is really going on.
You'd need to make it work on Windows, of course. Shouldn't be that hard.
I'm looking to write a small program which will intercept network packets (on the local machine) and modify them before they go out on the network. I need to be able to modify the headers as well, not just the data.
I've already looked through several possibilities but am unsure which one is best to pursue. There are open source packet filters out there, but filtering only seems to be able to either allow or reject packets, not much else.
The other solution would be to write an NDIS intermediate driver, but writing drivers is a beyond me. Even the simple pass-thru example in the WinDDK is thousands of lines. I'm also not looking forward to having to constantly reinstall a driver and reboot to test my code.
I'd ideally like the program to be self contained, and not rely on the installation of 3rd party drivers/software/whatever.
So if you people could point me in the right direction, throw some helpful links my way, whatever, I'd appreciate it.
Depends what kind of packets do you want to filter/modify.
If you're after application-level filtering, and want to get your hands on HTTP or similar packets, your best bet would probably be an LSP. Note however, following this path has certain disadvantages. First MS seems to be trying to get rid of this technology, and IIRC a part of Windows 7 logo requirements is "no LSP in your product", they seem to be promoting the Windows Filtering Platform. Second, you'd be very surprised with how much trouble you're getting into in terms of 3rd party LSP compatibility. Third, a very dummy LSP is still around 2 KLOC :)
If you're after an IP level packet filtering you'd need to go for a driver.
Windows Filtering Platform provides you with functionality needed in either case. However, it's only available on Windows Vista and later products, so no XP there. Another thing to take into consideration, WFP was only capable of allow/reject packets in user-land, and if you need to modify them, you'd need to go kernel-mode. (At least that what the situation was at the time it appeared, maybe they've improved something by now).
IMHO, If you want to modify packets you'll need something to talk to the hardware, a driver of some kind. If you do not want to use your own, you should get a 3rd party driver to inter-operate with.
For filtering there's libraries like: winpcap or libpcap.
Also have a look here: http://www.ntkernel.com/w&p.php?id=7
Another link: http://bittwist.sourceforge.net/
Hope this helps!
winpcap is only able to filter packets with precompiled conditions. What you need is to write LSP-level network driver. You won't need to reboot every time you reinstall it, but it can really modify packets before they go out to the network.
More info here: http://blogs.msdn.com/wndp/archive/2006/02/09/529031.aspx or here: http://www.microsoft.com/msj/0599/LayeredService/LayeredService.aspx
I'm no expert but I'm looking to do something similar on my LAN. I want to intercept packets form one single fixed IP and modify them before they go to my router then out onto the internet. I also want to capture and modify the returning packets prior to allowing them through to my host. The method I had envisaged was something like this...
ARP poison the host and router so my sniffing machine was having all packets passed through it.
Analyse the packets that I will want to modify in future and look for unique characteristics to those packets so I can catch just them.
Write a macro/script that looked for said characteristic in real-time and then modified it on the fly before sending it on its' way.
I know Cain&Abel for Windows is able (haha) to ARP poison but I'm not sure if it can provide raw dump of packet contents. Wireshark is able to dump all but not sure if it can ARP poison so as just to get what I'm after, if not then I can easily connect the host I want to intercept to my sniffer machine via ethernet and then share the internet via the sniffer so that all packets will go through the sniffer machine anyway.
So step 1 can be accomplished, I don't know if said programs have the ability to filter based on specifics yet but I'm guessing they do.
That's as far as I am with it. Hope this is of help to someone and maybe someone else can take this further?