Home > IT, Tools > “Hex Dump Port Forwarding Network Proxy Server”

“Hex Dump Port Forwarding Network Proxy Server”

April 10th, 2007 Leave a comment Go to comments

I know, it's a mouthful and a little repetitive  but I didn't name it. One of the RSS feeds that I subscribe to is the ASPN Python Cookbook. The recipe (source as text here) that was listed today was quite cool and useful. It's a small proxy server that dumps the hex output of the traffic that passes through it. It relies on the twisted network libraries and may be a little rough around the edges but it's looks quite interesting. It's like combining simpleproxy and tcpdump, without the ability to generate nice pcap files to load into Wireshark.

Sample Output:

you@oslo $ hexproxy.py 8080:www.google.com:80

2007-02-18 17:47:11,217 INFO listening on 8080 -> www.google.com:80
2007-02-18 17:47:11,217 INFO ready (Ctrl+C to stop)
2007-02-18 17:47:18,265 INFO client 11389528 opened connection -> server www.google.com:80
2007-02-18 17:47:18,312 INFO client 11389528 -> server www.google.com:80 (401 bytes)
-> 0000   47 45 54 20 2F 20 48 54 54 50 2F 31 2E 31 0D 0A    GET / HTTP/1.1..
-> 0010   48 6F 73 74 3A 20 6F 73 6C 6F 3A 38 30 38 30 0D    Host: oslo:8080.
-> 0020   0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A    .User-Agent: Moz
-> 0030   69 6C 6C 61 2F 35 2E 30 20 28 57 69 6E 64 6F 77    illa/5.0 (Window
-> 0040   73 3B 20 55 3B 20 57 69 6E 64 6F 77 73 20 4E 54    s; U; Windows NT
-> 0050   20 35 2E 30 3B 20 65 6E 2D 55 53 3B 20 72 76 3A     5.0; en-US; rv:
-> 0060   31 2E 38 2E 31 2E 31 29 20 47 65 63 6B 6F 2F 32    1.8.1.1) Gecko/2
-> 0070   30 30 36 31 32 30 34 20 46 69 72 65 66 6F 78 2F    0061204 Firefox/
-> 0080   32 2E 30 2E 30 2E 31 0D 0A 41 63 63 65 70 74 3A    2.0.0.1..Accept:
-> 0090   20 74 65 78 74 2F 78 6D 6C 2C 61 70 70 6C 69 63     text/xml,applic
-> 00A0   61 74 69 6F 6E 2F 78 6D 6C 2C 61 70 70 6C 69 63    ation/xml,applic
-> 00B0   61 74 69 6F 6E 2F 78 68 74 6D 6C 2B 78 6D 6C 2C    ation/xhtml+xml,
-> 00C0   74 65 78 74 2F 68 74 6D 6C 3B 71 3D 30 2E 39 2C    text/html;q=0.9,
-> 00D0   74 65 78 74 2F 70 6C 61 69 6E 3B 71 3D 30 2E 38    text/plain;q=0.8
-> 00E0   2C 69 6D 61 67 65 2F 70 6E 67 2C 2A 2F 2A 3B 71    ,image/png,*/*;q
-> 00F0   3D 30 2E 35 0D 0A 41 63 63 65 70 74 2D 4C 61 6E    =0.5..Accept-Lan
-> 0100   67 75 61 67 65 3A 20 65 6E 2D 75 73 2C 65 6E 3B    guage: en-us,en;
-> 0110   71 3D 30 2E 35 0D 0A 41 63 63 65 70 74 2D 45 6E    q=0.5..Accept-En
-> 0120   63 6F 64 69 6E 67 3A 20 67 7A 69 70 2C 64 65 66    coding: gzip,def
-> 0130   6C 61 74 65 0D 0A 41 63 63 65 70 74 2D 43 68 61    late..Accept-Cha
-> 0140   72 73 65 74 3A 20 49 53 4F 2D 38 38 35 39 2D 31    rset: ISO-8859-1
-> 0150   2C 75 74 66 2D 38 3B 71 3D 30 2E 37 2C 2A 3B 71    ,utf-8;q=0.7,*;q
-> 0160   3D 30 2E 37 0D 0A 4B 65 65 70 2D 41 6C 69 76 65    =0.7..Keep-Alive
-> 0170   3A 20 33 30 30 0D 0A 43 6F 6E 6E 65 63 74 69 6F    : 300..Connectio
-> 0180   6E 3A 20 6B 65 65 70 2D 61 6C 69 76 65 0D 0A 0D    n: keep-alive...
-> 0190   0A                                                 .

2007-02-18 17:47:18,453 INFO client 192.168.1.12:1722 < - server www.google.com:80 (1357 bytes)
<- 0000   48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D    HTTP/1.1 200 OK.
<- 0010   0A 43 61 63 68 65 2D 43 6F 6E 74 72 6F 6C 3A 20    .Cache-Control:
<- 0020   70 72 69 76 61 74 65 0D 0A 43 6F 6E 74 65 6E 74    private..Content
<- 0030   2D 54 79 70 65 3A 20 74 65 78 74 2F 68 74 6D 6C    -Type: text/html
<- 0040   0D 0A 53 65 74 2D 43 6F 6F 6B 69 65 3A 20 50 52    ..Set-Cookie: PR
...

			

		

		

			Categories: IT,  Tools			Tags: 		

	


	
		

		

	

		
This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

		










	
	
    
			
  1. 
			No comments yet.		
    2. 
		

	


	
			
    
							
  1. 
					No trackbacks yet.				
    2.