so i have been trying to create a script for a capture the flag level, and lately i have been completely stumped as to how this has not been working out.
#
# Connect to alien server ('localhost', 10000)
#
# Then send each of these values...
# USER
# aliensignal
# PASS
# unlockserver
# SEND
# moonbase
# END
# ...and receive the response from each.
#
# Note: You must receive data back from the server after you send each value
#
from signal import signal, SIGPIPE, SIG_DFL
signal(SIGPIPE,SIG_DFL)
import socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect(('localhost', 10000))
header = "USER: aliensignal"
header1 = "PASS: unlockserver"
header2 = "SEND: moonbase"
header3 = "END"
req = "POST / HTTP/1.1\r\{}\r\n\r\n".format(header)
req1 = "POST / HTTP/1.1\r\{}\r\n\r\n".format(header1)
req3 = "POST / HTTP/1.1\r\{}\r\n\r\n".format(header2)
req4 = "POST / HTTP/1.1\r\{} \r\n\r\n".format(header3)
request1 = bytes(req, "utf-8")
sock.send(request1)
response = sock.recv(2048)
print(response)
request2 = bytes(req1, "utf-8")
sock.send(request2)
response2 = sock.recv(2048)
print(response2)
request3 = bytes(req3, "utf-8")
sock.send(request3)
response3 = sock.recv(2048)
print(response3)
request4 = bytes(req4, "utf-8")
sock.send(request4)
response4 = sock.recv(2048)
print(response4)
sock.close()
I try to setup the socks variable to be used to call to for socket operations, and then i try to define all of the requests that will be made, and type-cast them into bytes type. and i send the requests while waiting for a response, however none is given, and the output just remains blankscreenshot of code editor
ive tried to combine the type-casted request values into a single byte value and then using the socks.sendall(val) to no avail, ive tried to put the values itself into a single string to no avail
Related
import socket
server=port = 2160
client_socket = socket.socket(AF_INET, socket.SOCK_DGRAM)
input_s = 'hello, server!' # the message
client_socket.sendto(bytes(inpus_s, encoding='utf8'),('127.0.0.1', server_port)) # sending message
input_s_modified, adress = client_socket.recvfrom(65535) # receiving from server
print ('[CLIENT] Response from server {}, is: "{}"'.format(adress, str(input_s_modified.decode('utf8'))))
client_socket.close() # closing socket
You can get the time difference by sending the current timestamp, then having the server send back the difference between the server time and the time that it received in its data.
On the client side, you can prepend the data like so:
# Import the time module
from time import time
...
# Add prefix with client timestamp
input_s = str(time()) + '|hello, server!' # the message
And in the backend / server side code, you can modify the data like so:
# Get the client time
client_time = data.split(b"|")[0]
# Get the time difference
tiime_dif = time() - float(client_time)
# Modify the send data to include the time difference
connection.sendall(str(time_dif).encode() + "|".encode() + data)
When you put all of this info together, you end up with something like this:
# CLIENT
import socket
# Import the time module
from time import time
server=port = 2160
client_socket = socket.socket(AF_INET, socket.SOCK_DGRAM)
# Add prefix with client timestamp
input_s = str(time()) + '|hello, server!' # the message
client_socket.sendto(bytes(inpus_s, encoding='utf8'),('127.0.0.1', server_port)) # sending message
input_s_modified, adress = client_socket.recvfrom(65535) # receiving from server
print ('[CLIENT] Response from server {}, is: "{}"'.format(adress, str(input_s_modified.decode('utf8'))))
client_socket.close() # closing socket
# SERVER
# Get the client time
client_time = data.split(b"|")[0]
# Get the time difference
tiime_dif = time() - float(client_time)
# Modify the send data to include the time difference
connection.sendall(str(time_dif).encode() + "|".encode() + data)
# import socket
# Import the time module
from time import time
server_port = 2160
client_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
# Add prefix with client timestamp
input_s = str(time()) + '|hello, server!' # the message
client_socket.sendto(bytes(input_s, encoding='utf8'),('127.0.0.1', server_port)) #
sending message
input_s_modified, adress = client_socket.recvfrom(65535) # receiving from server
print ('[CLIENT] Response from server {}, is: "{}"'.format(adress,
str(input_s_modified.decode('utf8'))))
client_socket.close() # closing socket
I am trying to send a string encoded in utf to a server and get a response from it.However I am not able to get any response as i think the string I'm sending from the client has not been encoded properly.
Here is what I've done to encode the string:
a= "!##$%"
u = a.encode('utf-8')
s=socket.socket()
s.connect((ipAddr,portNum))
a=s.recv(1024)
print (a)//prints ok
s.send(u)
s.recv(1024)#blank
print (s.recv(1024))
JAVA:
Socket smtpSocket = new Socket(ipAddr,portNum);
smtpSocket.setSoTimeout(1000*30);
is = new BufferedReader(new InputStreamReader(smtpSocket.getInputStream()));
service=new DataOutputStream(smtpSocket.getOutputStream());
String response = is.readLine();
System.out.println(response);
if(response.startsWith("okE"))
{
service.writeUTF(x);
}
response = is.readLine();
System.out.println(response);
It seems that you server is writen in Java, I have write some server code that fit for you Java client.
ServerSocket serverSocket = new ServerSocket(50001);
serverSocket.setSoTimeout(3 * 1000);
Socket socket = serverSocket.accept();
System.out.println("Receive new connection: " + socket.getInetAddress());
BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
DataInputStream in = new DataInputStream(socket.getInputStream());
out.write("ok");
// out.newLine();
out.flush();
String input = in.readUTF();
System.out.println(input);
out.write(input);
// out.newLine();
out.flush();
And the reason of getting nothing response in Python client is in.readUTF(), According to https://stackoverflow.com/a/48266697/7944150, you should send the length of message before.
import socket
ipAddr = 'localhost'
portNum = 50001
a = "!##$%"
u = a.encode('utf-8')
s = socket.socket()
s.connect((ipAddr, portNum))
a = s.recv(1024)
print(a)
s.send(len(u).to_bytes(2, byteorder='big'))
s.send(u)
a = s.recv(1024)
print(a)
And I get the response:
b'ok'
b'!##$%'
I use python's socket and epoll to make a web server.
My operating system is Linux CentOS 6,
My python version is python 2.7.8.
My source code is:
# -*-coding:utf-8-*-
import socket
import select
import time
EOL1 = b'\n\n'
EOL2 = b'\n\r\n'
response = b'HTTP/1.0 200 OK\r\nDate: Mon, 1 Jan 1996 01:01:01 GMT\r\n'
response += b'Content-Type: text/plain\r\nContent-Length: 13\r\n\r\n'
response += b'<html><head><title>title</title></head><body><p>Hello, world!</p></body></html>'
serversocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
serversocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
serversocket.bind(('0.0.0.0', 8080))
serversocket.listen(1) # the number of client that connect to server
serversocket.setblocking(0) # set 0 not block other block
serversocket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
epoll = select.epoll()
epoll.register(serversocket.fileno(), select.EPOLLIN)
try:
connections = {}
requests = {}
responses = {}
while True:
events = epoll.poll(1)
for fileno, event in events:
if fileno == serversocket.fileno(): # if request come
connection, address = serversocket.accept() # waiting income connection
connection.setblocking(0) # none block
epoll.register(connection.fileno(), select.EPOLLIN) # register socket read event to epoll
connections[connection.fileno()] = connection # add connection to connections dict
requests[connection.fileno()] = b''
responses[connection.fileno()] = response # write data to responses dict
elif event & select.EPOLLIN: # when data in os's read buffer area
requests[fileno] += connections[fileno].recv(1024) # read data from connections
if EOL1 in requests[fileno] or EOL2 in requests[fileno]: # if http message
print('-' * 40 + '\n' + requests[fileno].decode()[:-2])
responses[fileno] += str(time.time())
epoll.modify(fileno, select.EPOLLOUT) # change file number to epoll out mode
elif event & select.EPOLLOUT: # if out mode
byteswritten = connections[fileno].send(responses[fileno]) # write data to os's write buffer
responses[fileno] = responses[fileno][byteswritten:] # get http response message
if len(responses[fileno]) == 0: # if file sent
epoll.modify(fileno, 0) # change file number to hup mode
connections[fileno].shutdown(socket.SHUT_RDWR) # set socket read and write mode shutdown
elif event & select.EPOLLHUP: # if message sent and file number in epoll is hup
epoll.unregister(fileno) # remove file number from epoll
connections[fileno].close() # close connection
del connections[fileno] # delete connection from connections dict
finally:
epoll.unregister(serversocket.fileno())
epoll.close()
serversocket.close()
But when I open web browser and visit "http://localhost:8080/", I get some data like these <html><head><,it is not full data, it just a part of my data.What's the matter in my project.
view more info please look this picture.
You have "Content-Length: 13" in your code and hence only first 13 characters are showing up!
I have set up an experiment where I pass Modbus traffic over a SSL tunnel (this being the first thing I've ever done in python). I am able to send and receive data but when I send one request numerous requests are actually sent (see screenshot)
I've tried numerous configurations including (in both client and server):
send()--no change
sendall() --no change
setblocking(1)
setblocking(0)--doesn't read all the data
On the server side:
if data == Read_Coils_Answer-- I don't think I'm converting the big endian properly for comparison and this didn't work
while data: --the while loop seems to be the only way to prevent either side from stopping short with a "Broken Pipe" error. So this is what I'm using.
I eventually plan to use a for loop (now commented out and set to 4).
My Server code:
from ModLib import *
import socket, ssl, sys, pprint
try:
bindsocket = socket.socket()
bindsocket.bind(('', 502))
bindsocket.listen(5)
bindsocket.setblocking(1)
def do_something(connstream, data):
readCoilsReq = str('\x01\x01\x00')
answer = str(ModbusPDU01_Read_Coils_Answer)
while data:
print ("Request Recevied from Client:")
print pprint.pformat(data)
connstream.send(answer)
print ("Answer Sent to Client")
print pprint.pformat(answer)
return False
def deal_with_client(connstream):
data = connstream.recv(64)
while data:
if not do_something(connstream, data):
break
data = connstream.recv(64)
while True:
newsocket, fromaddr = bindsocket.accept()
connstream = ssl.wrap_socket(newsocket,
server_side=True,
certfile="server.crt",
keyfile="server.key",
ssl_version=ssl.PROTOCOL_TLSv1)
try:
deal_with_client(connstream)
finally:
connstream.shutdown(socket.SHUT_RDWR)
connstream.close()
except KeyboardInterrupt:
print ("\nTerminating Session at User Request")
print ("No More Data Will be Sent/Recieved\n")
sys.exit(1)
My Client Side code:
from ModLib import *
from time import sleep
import socket, ssl, pprint
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = ssl.wrap_socket(s,
ca_certs="server.crt",
cert_reqs=ssl.CERT_REQUIRED)
ssl_sock.connect(('localhost', 502))
ssl_sock.setblocking(1)
readCoils = ModbusPDU01_Read_Coils()
#for i in range(4):
sleep(2)
ssl_sock.sendall(str(readCoils))
print ("Request for Read Coils Sent")
#start receive
data = ssl_sock.recv(64)
print ("Response from Server:")
print pprint.pformat(data)
if False: #from the python docs
ssl_sock.write("""GET / HTTP/1.0\r
Host: www.verisign.com\n\n""")
data = ssl_sock.read()
ssl_sock.close()
The do_something() loop was not necessary, as the deal_with_client() loop was doing the same thing. I removed do_something() and put the code in deal_with_client() which allows me to keep the connection open (see below)
from ModLib import *
import socket, ssl, sys, pprint
try:
bindsocket = socket.socket()
bindsocket.bind(('', 502))
bindsocket.listen(5)
bindsocket.setblocking(1)
def deal_with_client(connstream):
data = connstream.recv(1120)
answer = str(ModbusPDU01_Read_Coils_Answer())
while data:
print ("Request Received from Client:")
print pprint.pformat(data)
connstream.send(answer)
print ("Answer Sent to Client")
print pprint.pformat(answer)
data = connstream.recv(1120)
while True:
newsocket, fromaddr = bindsocket.accept()
connstream = ssl.wrap_socket(newsocket,
server_side=True,
certfile="server.crt",
keyfile="server.key",
ssl_version=ssl.PROTOCOL_TLSv1)
try:
deal_with_client(connstream)
finally:
connstream.shutdown(socket.SHUT_RDWR)
connstream.close()
except KeyboardInterrupt:
print ("\nTerminating Session at User Request")
print ("No More Data Will be Sent/Received\n")
sys.exit(1)
I'm trying to make a Python server that I can call from other applications to request Twitter data. I usually work with Python as a scripting language, so if there are any red flags anyone sees in my code, I'm all ears!
This is basically what I have so far, which works well when I ping the server, it gets 10 tweets from my timeline and sends them back to my other applications. My main issue is that I'd like to combine streaming and searching. That way I can have the stream open for a specific hash tag that I'd like to have sent to my other applications in real-time, but then I'd periodically search for other things that don't need to be coming down to me in real-time.
I've had success using both separately, but not sure where to start if I wanted to implement both, which in this case I'd like to bring the stream functionality into this.
I'm using Python Twitter Tools 1.10.2 - http://mike.verdone.ca/twitter/
and Python 3.3
Code below, thanks!
EDIT:I was able to get a step further by adding the twitter streaming connection after the if data == "SEARCH_NOW" if statement. But this brings up the original issue I was having. Once the twitter stream is open, the code seems to just wait there. If i put it before timeline lookup, then I can never call the timeline lookup. Updated code to reflect.
EDIT 2: Putting the search request inside of the twitter stream loop gets a little closer. I can now have the stream open and every time I get a tweet that matches the search term, then I can also do a request. But still not independently...
File: network_settings.py
#!/usr/bin/env python
#network settings
import socket
#set server variables
TCP_IP = '127.0.0.1'
TCP_PORT = 7001
BUFFER_SIZE = 20
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((TCP_IP, TCP_PORT))
s.listen(1)
conn, addr = s.accept()
#print connection address when someone connects
print ('Connection address:', addr)
File: twitter_settings.py
from twitter import *
import re
OAUTH_TOKEN = ''
OAUTH_SECRET = ''
CONSUMER_KEY = ''
CONSUMER_SECRET = ''
t = Twitter(auth=OAuth(OAUTH_TOKEN, OAUTH_SECRET, CONSUMER_KEY, CONSUMER_SECRET))
auth = OAuth(OAUTH_TOKEN, OAUTH_SECRET, CONSUMER_KEY, CONSUMER_SECRET)
stream = TwitterStream(auth = auth, secure = True)
File: python_server.py
#python server
import json
from network_settings import *
from twitter_settings import *
search_term = 'test'
while 1:
tweet_iter = stream.statuses.filter(track = search_term)
for tweet in tweet_iter:
# check whether this is a valid tweet
if tweet.get('text'):
userName = tweet["user"]["screen_name"]
userTweet = tweet["text"]
# now print our tweet
print ('user: ', userName)
print ('tweet: ', userTweet)
#send data back
delivery1 = json.dumps({'type':'showdown','userName':userName,'userTweet':userTweet})
conn.send(delivery1.encode('utf-8'))
data = conn.recv(BUFFER_SIZE)
data = data.decode('utf-8')
if data == "SEARCH_NOW":
print ('request newest IDS tweets')
x = t.statuses.home_timeline(count=10)
for i in range(10):
try:
#print(x[i])
userName = x[i]['entities']['user_mentions'][0]['screen_name']
userTweet = x[i]['text']
print('username: ', userName)
print('tweet: ', userTweet)
delivery = json.dumps({'type':'display','userName':userName,'userTweet':userTweet})
conn.send(delivery.encode('utf-8'))
except:
print('not valid tweet')
conn.close()
So finally have figured out a solution for this. I ended up using threading to run the stream in it's own thread, then I open another thread every time I do a search. Not sure if I need to close each thread, or if the return takes care of that. If anyone has any thing they thing could be improved, I'm all ears!
Code below:
#!/usr/bin/env python
#python server
import json
import threading
import time
import socket
from twitter import *
import re
#get thread lock ready
thread_lock = threading.Lock()
#set server variables
TCP_IP = '127.0.0.1'
TCP_PORT = 7001
BUFFER_SIZE = 20
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((TCP_IP, TCP_PORT))
s.listen(1)
conn, addr = s.accept()
#print connection address when someone connects
print ('Connection address:', addr)
#fill these in your app!
#twitter auth keys
OAUTH_TOKEN = ''
OAUTH_SECRET = ''
CONSUMER_KEY = ''
CONSUMER_SECRET = ''
t = Twitter(auth=OAuth(OAUTH_TOKEN, OAUTH_SECRET, CONSUMER_KEY, CONSUMER_SECRET))
auth = OAuth(OAUTH_TOKEN, OAUTH_SECRET, CONSUMER_KEY, CONSUMER_SECRET)
stream = TwitterStream(auth = auth, secure = True)
#twitter functions
def pythonSearch():
#lock thread to not interrupt search results
thread_lock.acquire()
print ('request newest tweets')
#get 10 things from timeline
x = t.statuses.home_timeline(count=10)
for i in range(10):
try:
#get username and tweet
userName = x[i]['entities']['user_mentions'][0]['screen_name']
userTweet = x[i]['text']
#print out values
print('username: ', userName)
print('tweet: ', userTweet)
#send json back
delivery = json.dumps({'type':'display','userName':userName,'userTweet':userTweet})
conn.send(delivery.encode('utf-8'))
except:
#not a retweet
print('not valid tweet')
#unlock thread when finished
thread_lock.release()
return
def pythonStream():
#open stream looking for search_term
search_term = 'TESTING'
tweet_iter = stream.statuses.filter(track = search_term)
for tweet in tweet_iter:
# check whether this is a valid tweet
if tweet.get('text'):
#get username and tweet
userName = tweet["user"]["screen_name"]
userTweet = tweet["text"]
# now print our tweet
print ('user: ', userName)
print ('tweet: ', userTweet)
#send json back
delivery1 = json.dumps({'type':'showdown','userName':userName,'userTweet':userTweet})
conn.send(delivery1.encode('utf-8'))
#start main loop
while 1:
#listen for calls
data = conn.recv(BUFFER_SIZE)
data = data.decode('utf-8')
#if someone calls search, do a search
if data == 'SEARCH':
threading.Thread(target = pythonSearch).start()
if data == 'STREAM':
threading.Thread(target = pythonStream).start()
conn.close()