Re: HTTP Manipulation

• Previous message: Lovrien, Scott: "RE: Why eEye Retina (was MBSA scanner)"
• In reply to: Jeremy Junginger: "HTTP Manipulation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 21 Apr 2004 18:19:37 +0200
To: Jeremy Junginger <jj@act.com>

Jeremy Junginger wrote:

> Hey guys,
>
> I'm putting together a perl script to do some HTTP manipulation (Methods,
> versions, overflow strings, etc), and am having some trouble reading from the
> socket. From tcpdump, I can see that it is completing the TCP three way
> handshake, and successfully GETting the default page with a 200 OK response,
> but I'm not sure how to capture this data from the socket prior to closing
> it. Could any of you PERL gurus see if I've missed something important here?
> Thanks,
>
> #!c:\Perl\bin\Perl.exe
> use CGI qw(:standard);
> #use strict;
> use Socket;
>
> #Initialize the host, port, and protocols
> $host = shift||'ip.address.of.remote.host';
> $port = shift||80;
> $proto = getprotobyname('tcp');
>
> #Get the port address
> $remoteip = inet_aton($host);
> $remoteport = sockaddr_in($port,$remoteip);
>
> #$localhost = pack('S n a4 x8', AF_INET, 0, "\0\0\0\0");
> #$remotehost = pack('S n a4 x8', AF_INET, $port, $host);
>
> #Create the socket and connect to the port
> socket(SOCKET,PF_INET,SOCK_STREAM,$proto) or die "socket:$!";
> connect(SOCKET,$remoteport) or die "connect:$!";
>
> print SOCKET "GET / HTTP/1.0\n\n";

while (<SOCKET>) {
   print $_;
}

You should also rather be doing
print SOCKET "GET / HTTP/1.0\r\n\r\n";

according to the RFC's

For something like this, libwhisker is probably a good starting point,
or just use LWP, rather.

Regards

Rogan

-- 
Rogan Dawes
email: lists AT dawes DOT za DOT net
"Using encryption on the Internet is the equivalent of arranging an
armored car to deliver credit card information from someone living
in a cardboard box to someone living on a park bench."
- Gene Spafford
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Previous message: Lovrien, Scott: "RE: Why eEye Retina (was MBSA scanner)"
• In reply to: Jeremy Junginger: "HTTP Manipulation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]