Full Disclosure mailing list archives

looking for this tools

From: 김무성 <kimms () infosec co kr>
Date: Thu, 14 Jan 2010 18:02:51 +0900

Hello list.

 

I’m pen testing IPTV.

 

Example)

 

Monitor - IPTV STB - PC(attacker) - VDSL modem - internet

PC has two NIC

Two NIC are bridge mode

 

IPTV STB sends request packet for knowing that where is specific file for playing.

 

To server port 8080.

POST /VoD/whereisvod.cgi

a1d1.mpg

 

 

Server’s response is 

 

HTTP/1.1 200 OK

192.168.10.10

 

And then

IPTV STB sends RTSP packet to 192.168.10.10.

 

To server port 554

           DESCRIBE a1d1.mpg

 

And play.

 

I wanna edit this file name. (a1d1.mpg is free, a1d2.mpg not free)

 

POST /VoD/whereisvod.cgi

a1d2.mpg

 

DESCRIBE a1d2.mpg

 

For this, I have to packet sniffing and blocking them and manipulation packet and resend.

Are there tools?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

looking for this tools 김무성 (Jan 14)
- Re: looking for this tools Christoph Gruber (Jan 14)
- Re: looking for this tools Marek Lukaszuk (Jan 14)