Re: HTTP Manipulation
From: cdowns (cdowns_at_drippingdead.com)
Date: 04/21/04
- Previous message: Arthur Clune: "HTTP Manipulation"
- In reply to: Jeremy Junginger: "HTTP Manipulation"
- Next in thread: Kenneth Peiruza: "Re: HTTP Manipulation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 Apr 2004 10:04:49 -0500 To: Jeremy Junginger <jj@act.com>
Jeremy,
One way is to match what you are looking for.... Like so...
while($response = <$sock>) {
chomp($response);
if($response =~ /\d$/) {
print "$response\n";
return($response);
}
}
close($sock);
}
Hope this helps.
~!>D
Jeremy Junginger wrote:
>Hey guys,
>
>I'm putting together a perl script to do some HTTP manipulation (Methods,
>versions, overflow strings, etc), and am having some trouble reading from the
>socket. From tcpdump, I can see that it is completing the TCP three way
>handshake, and successfully GETting the default page with a 200 OK response,
>but I'm not sure how to capture this data from the socket prior to closing
>it. Could any of you PERL gurus see if I've missed something important here?
>Thanks,
>
>#!c:\Perl\bin\Perl.exe
>use CGI qw(:standard);
>#use strict;
>use Socket;
>
>#Initialize the host, port, and protocols
>$host = shift||'ip.address.of.remote.host';
>$port = shift||80;
>$proto = getprotobyname('tcp');
>
>#Get the port address
>$remoteip = inet_aton($host);
>$remoteport = sockaddr_in($port,$remoteip);
>
>#$localhost = pack('S n a4 x8', AF_INET, 0, "\0\0\0\0");
>#$remotehost = pack('S n a4 x8', AF_INET, $port, $host);
>
>#Create the socket and connect to the port
>socket(SOCKET,PF_INET,SOCK_STREAM,$proto) or die "socket:$!";
>connect(SOCKET,$remoteport) or die "connect:$!";
>
>print SOCKET "GET / HTTP/1.0\n\n";
>
>select(SOCK); $| = 1; select(STDOUT);
>
>
>
>------------------------------------------------------------------------------
>Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
>any course! All of our class sizes are guaranteed to be 10 students or less
>to facilitate one-on-one interaction with one of our expert instructors.
>Attend a course taught by an expert instructor with years of in-the-field
>pen testing experience in our state of the art hacking lab. Master the skills
>of an Ethical Hacker to better assess the security of your organization.
>Visit us at:
>http://www.infosecinstitute.com/courses/ethical_hacking_training.html
>-------------------------------------------------------------------------------
>
>
>
>
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
- Previous message: Arthur Clune: "HTTP Manipulation"
- In reply to: Jeremy Junginger: "HTTP Manipulation"
- Next in thread: Kenneth Peiruza: "Re: HTTP Manipulation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
