Exception

[GoogleCodeExporter]

What steps will reproduce the problem?

Following guide from 
http://penturalabs.wordpress.com/2012/06/07/introduction-to-pen-testing-android-
applications-part-1/

Windows XP:

emulator @Test -http-proxy http://localhost:8007 -dns-server localhost
Burpsuite web proxy running on 8080

What is the expected output? What do you see instead?

        ==== Android Proxy Up and Running ====

DNS: 2.android.pool.ntp.org -> 1.1.1.2
DNS: www.google.com -> 1.1.1.3
INCOMING TCP CONN: > CONNECT 1.1.1.3:443 HTTP/1.1
<
Unhandled Error
Traceback (most recent call last):
  File "C:\Python27\lib\site-packages\twisted\python\log.py", line 84, in callWi
thLogger
    return callWithContext({"system": lp}, func, *args, **kw)
  File "C:\Python27\lib\site-packages\twisted\python\log.py", line 69, in callWi
thContext
    return context.call({ILogContext: newCtx}, func, *args, **kw)
  File "C:\Python27\lib\site-packages\twisted\python\context.py", line 118, in c
allWithContext
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "C:\Python27\lib\site-packages\twisted\python\context.py", line 81, in ca
llWithContext
    return func(*args,**kw)
--- <exception caught here> ---
  File "C:\Python27\lib\site-packages\twisted\internet\selectreactor.py", line 1
50, in _doReadOrWrite
    why = getattr(selectable, method)()
  File "C:\Python27\lib\site-packages\twisted\internet\tcp.py", line 203, in doR
ead
    return self._dataReceived(data)
  File "C:\Python27\lib\site-packages\twisted\internet\tcp.py", line 209, in _da
taReceived
    rval = self.protocol.dataReceived(data)
  File "C:\Documents and Settings\user\Desktop\main.py", line 88, in dataReceive
d
    dst = socket.getsockopt(self.transport.socket, SOL_IP, SO_ORIGINAL_DST, 16)
  File "C:\Python27\lib\socket.py", line 224, in meth
    return getattr(self._sock,name)(*args)
socket.error: [Errno 10042] An unknown, invalid, or unsupported option or level
was specified in a getsockopt or setsockopt call

Original issue reported on code.google.com by a.ben.ca...@gmail.com on 7 Aug 2012 at 4:23

[GoogleCodeExporter]

Similarly in Nix:

    ==== Android Proxy Up and Running ====

DNS: 2.android.pool.ntp.org -> 1.1.1.2
DNS: www.google.com -> 1.1.1.3
INCOMING TCP CONN: > CONNECT 1.1.1.3:443 HTTP/1.1
<
Unhandled Error
Traceback (most recent call last):
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/python/log.py", line 84, in callWithLogger
    return callWithContext({"system": lp}, func, *args, **kw)
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/python/log.py", line 69, in callWithContext
    return context.call({ILogContext: newCtx}, func, *args, **kw)
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/python/context.py", line 118, in callWithContext
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/python/context.py", line 81, in callWithContext
    return func(*args,**kw)
--- <exception caught here> ---
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/internet/posixbase.py", line 614, in _doReadOrWrite
    why = selectable.doRead()
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/internet/tcp.py", line 203, in doRead
    return self._dataReceived(data)
  File "/usr/local/lib/python2.6/dist-packages/Twisted-12.1.0-py2.6-linux-i686.egg/twisted/internet/tcp.py", line 209, in _dataReceived
    rval = self.protocol.dataReceived(data)
  File "main.py", line 88, in dataReceived
    dst = socket.getsockopt(self.transport.socket, SOL_IP, SO_ORIGINAL_DST, 16)
  File "<string>", line 1, in getsockopt

socket.error: [Errno 92] Protocol not available

Original comment by a.ben.ca...@gmail.com on 7 Aug 2012 at 4:44

[GoogleCodeExporter]

This seems to fix it, looking at the actual data to work it out rather than 
socket properties? 

            blah = data.split(" ")
            dah = blah[1].split(":")
            srv_port = dah[1]
            srv_ip = dah[0]
            print srv_port
            print srv_ip

Original comment by a.ben.ca...@gmail.com on 7 Aug 2012 at 5:11

[GoogleCodeExporter]

I have the same issue Commentor 2 I do not understand you fix. Can you please 
explain it in more detail?

Original comment by brianna....@gmail.com on 14 Aug 2012 at 8:39

[GoogleCodeExporter]

Sure.

On line 88-89 the code looks like it is inspecting the current open socket to 
find the server port and the server ip that we are trying to connect to, 
unfortunately this is where the exception occurs, and I'm not sure how to fix 
it.

dst = socket.getsockopt(self.transport.socket, SOL_IP, SO_ORIGINAL_DST,16)      

srv_port, srv_ip = struct.unpack("!2xH4s8x", dst)

Instead we can retrieve the srv_port and the srv_ip by looking at the actual 
data which contains a HTTP CONNECT request (e.g. CONNECT 192.168.1.1:80 
HTTP/1.1) containing the ip and port.

So replacing lines 88 and 89 with the following code will retrieve these values 
and seemed to work in my limited testing:

connect_request = data.split(" ")
ip_and_port = connect_request[1].split(":")
srv_ip = ip_and_port[0]
srv_port = ip_and_port[1]

However, burpsuite pro has been updated recently to calculate the certificate 
name based on the IP which means this isn't required and therefore I haven't 
been too worried about it.

Original comment by a.ben.ca...@gmail.com on 14 Aug 2012 at 9:56

[GoogleCodeExporter]

It started working when I first made the change, but my proxy got overwhelmed 
with requests that the emulator kept sending and then crashed. Since then it 
hasn't been picking up any traffic from the emulator at all. I tried restarting 
a few times but no luck. 

Original comment by brianna....@gmail.com on 15 Aug 2012 at 2:22

[GoogleCodeExporter]

I'm having the same issue, with this script. 

Original comment by Securein...@googlemail.com on 17 Oct 2012 at 10:10

[GoogleCodeExporter]

Original comment by vanho...@gmail.com on 10 Feb 2013 at 2:42

• Changed state: Started