Software to track what my programs send on the internet

Discussion in 'BlackHat Lounge' started by MoneyMafia, May 11, 2010.

  1. MoneyMafia

    MoneyMafia Regular Member

    Joined:
    Dec 2, 2007
    Messages:
    291
    Likes Received:
    310
    Heya guys.

    Im playing now with a trial version of software that every time I run it checks main website to see if my trial hasn't ended so I'm planning to redirect the server's IP to localhost and create a script that will show the same result (response) every time .this way the software will think Im still on trial..

    Now the question is... how can I monitor what strings the software is sending and receiving from the main website?
    I need a software tht does that on Windows

    Help is appreciated.
     
  2. xhpdx

    xhpdx Regular Member

    Joined:
    Sep 21, 2008
    Messages:
    331
    Likes Received:
    2,160
    Occupation:
    Coder
    Location:
    EU
    You can try with wireshark(free) or httpanalyzer(paid). The software probably calls home on port 80, so you should see exactly what it sends(GET/POST) and make your script based on that
     
    • Thanks Thanks x 1
  3. MoneyMafia

    MoneyMafia Regular Member

    Joined:
    Dec 2, 2007
    Messages:
    291
    Likes Received:
    310
    Thank you I installed wireshark. and got the packages hoever the software it makes a chekcing like this to make sure the infos are from the main website and not a clone


    DNS Standard query A www.{SOFTWARECREATORSITE}.com
    DNS Standard query response CNAME {SOFTWARECREATORSITE}.com A {SOFTWARESITEIPADDRESS}

    is there any away to spoof this dns checking ?