Description
Hi,
I would like to say this is by far the best and most practical non-HTTP proxy that I’ve used!
I am currently doing research on thick client testing. The app that I’m testing uses the TCP protocol to connect to a remote database. One of the requests that the app sends contains a SELECT query that dynamically generates a SQL statement based on the credentials provided in the login form.
I would like to change the SQL query’s …WHERE username = ‘admin’ clause to …WHERE username = ‘bob’
I am able to replace admin with bob using the following script:
def handle_request(client_request):
#'admin' is '61646d696e' in HEX
#'bob' is '626f62' in HEX
modified_request = client_request.replace('\x00\x61\x00\x64\x00\x6d\x00\x69\x00\x6e\x00', '\x00\x62\x00\x6f\x00\x62\x00')
return modified_request
However, due to the fact that the length of the modified TCP packet is different to the original packet the thick client that I’m testing just crashes after I receive the FIN, ACK response from the database server.
Your MySQL demo states that the corresponding fields in the TCP protocol will have to be changed if I make changes to the length of the SQL message. Do you have any ideas/suggestions how I should do that? I presume I will have to add some python code to the above script that I’m sending using your tool? I am not fluent in Python so I'm not sure how easy it will be to achieve this task.
Thank you!