As a side-project, I've been working on hooking function calls for linux applications. I have managed to hook all the typical socket layer function calls successfully such as connect(), socket(), send(), recv(), close(), gethostbyname(), etc.
I am able to monitor the network traffic going in/out of apps (such as a browser), but now I would like to actually redirect the traffic. For example, if the user navigates to "www.google.com" in their browser, I would like to intercept the "connect()" to google and redirect them to "yahoo" (for example).
Is there a common way to redirect traffic using function hooks? One issue I see (which I have yet to resolve) is that in the connect() call, all I get is an ip address and a port. Only given this information, I am not sure how I can map the input ip address to "www.google.com" for example. The other issue I see is that simply replacing the ip address (google -> yahoo) in the connect() call might not work because SSL traffic is supposed to be validated and so the ip addresses to point to a different server might mess up the certificate validation.
Any help would be greatly appreciated.
Aucun commentaire:
Enregistrer un commentaire