How to type header in Header Forward Text Box
Posted: Mon Sep 05, 2011 7:19 am
Some protocol using plain text as data header, like http, MSSQL. You simply type this line can do.
MSSQLServer,192.168.1.2,1433
of course, change the forward ip and port according to your network.
Some protocol using non keyboard characters as data header. Whatever you type from keyboard, output will not same as header. Therefore by using number from 0 to 255 to present the character, and + symbol to add all character together.
For example, starting Magic Routing with listen port = 3388, to host = 127.0.0.1, to port = 3389. Click start(0) to start routing. Then go to tools > log data, select 5 min and click start to capture data from mstsc (terminal service clie, nt). Run mstsc from command prompt and input 127.0.0.1:3388. If mstsc successfully connected to local terminal server (can see the login screen), then there will be some data captured in Datalog.txt file. Using hex editor to view the Datalog.txt, analyse it. You will find some characters are very strange or non empty string, this must be the protocol identifier. Take mstsc as an example, there is 3 characters, 19+14+224. Therefore the rule you input in Header forward text box is: 19+14+224,192.168.1.2,3389
MSSQLServer,192.168.1.2,1433
of course, change the forward ip and port according to your network.
Some protocol using non keyboard characters as data header. Whatever you type from keyboard, output will not same as header. Therefore by using number from 0 to 255 to present the character, and + symbol to add all character together.
For example, starting Magic Routing with listen port = 3388, to host = 127.0.0.1, to port = 3389. Click start(0) to start routing. Then go to tools > log data, select 5 min and click start to capture data from mstsc (terminal service clie, nt). Run mstsc from command prompt and input 127.0.0.1:3388. If mstsc successfully connected to local terminal server (can see the login screen), then there will be some data captured in Datalog.txt file. Using hex editor to view the Datalog.txt, analyse it. You will find some characters are very strange or non empty string, this must be the protocol identifier. Take mstsc as an example, there is 3 characters, 19+14+224. Therefore the rule you input in Header forward text box is: 19+14+224,192.168.1.2,3389