2
0
Requests originating from a program. I've managed to track the particular requests via wireshark, they are HTTP requests.
This is the image below on wireshark.
This is the request it's a POST
POST http://site.com/?login=null HTTP/1.0
Host: 55.32.33.11
Connection: Close
Content-Length: 16
Cache-Control: no-cache
//password
This is the response
HTTP/1.1 200 OK
Date: Fri, 09 Nov 2012 13:06:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Content-Length: 12
Connection: close
Content-Type: text/html; charset=UTF-8
unauthorized
The request itself is a bit confusing, I would appreciate a clarification.
Surprisingly as this is A HTTP request, it doesn't show up on fiddler. So, how can I make a response to this? Is it possible via wireshark? Make the response go from unauthorized to authorized?
What tools are there to do this?
I have also tried editing the windows host file
but it just ignores it.
Thanks
==========================================
Edit, how can I direct all requests to a particular IP to my localhost? 127.0.0.1
Bounty added
So you want to make the program think it was authenticated at the server when it actually wasn't? In what way did you edit the HOSTS file in attempts to facilitate what you're asking for (changing the response)? What exactly do you find confusing about the POST? – Ƭᴇcʜιᴇ007 – 2012-11-09T15:14:04.140
@techie007 Thank you immensely for your response.
I put this rule in my hosts file
127.0.0.1 webpay.site.com
So the request gets sent to my localhost, where I return a simple "authorized". But it seems to ignore the new rule and proceeds to wait from a response from the server itself. – Mob – 2012-11-09T15:20:02.687I find it confusing because it wasn't showing up in fiddler. – Mob – 2012-11-09T15:20:52.047