Re: ncat usage

[Dave Henderson <dhenderson () digital-pipe com>]

Good morning James.  I agree that the browser opens up a new connection 
to transmit all the "embedded" document requests (e.g. css and graphics 
files), however, I disagree with your second paragraph below.  As I 
described in my prior reply, after the first connection is established 
by the browser for the HTML, that connection never closes, so when the 
follow-up connection is made by the browser to obtain the graphic file, 
it sends it over the same two named pipes that are still attached to the 
original connection for the HTML because it was never disconnected.  The 
problem lies in ncat not disconnecting each connection as I can clearly 
see this by ncat'ing the ncat web server - it just sits there with the 
connection open after all the data has been sent.  Do you have any 
thoughts on how to close the connection by ncat after it has completed?

Also this project isn't dealing with multiple connections, so I'm not 
really worried about serving 2, 5, 100, or 1,000,000 users 
simultaneously. :)

Thanks,
Dave


On 05/11/2012 07:03 AM, James Rogers wrote:
> OK, you can only use ncat to serve a single page at a time to one web
> browser, using ncat on the command line like you are. Which means you
> cannot embed any images from that same server in the page you are
> serving.  Because every image is a separate connection.
>
> The reason for this is that every connection in to ncat would need
> it's own separate handles for each send and receive, but you just have
> two handles, so everything you send goes into the stream for the first
> client that connects and nothing is ever sent to the second
> simultaneous connection.
>
> This is why the image shows up in the middle of your first web page as
> text.  If 5 clients connected simultaneously the first connection
> would get 5 pages randomly mixed together.
>
> There might be a way using nse scripting to make ncat work like a full
> featured web server, but at that point I would recommend just using a
> small web server like boa or lighthttp.
>
> Thanks,
> James
>
> On Thu, May 10, 2012 at 7:53 PM, Dave Henderson
> <dhenderson () digital-pipe com>  wrote:
> > Ok, I adjusted the script to output the verbatim information you've listed
> > below using the same graphic file (also provided below).  Afterwards, I
> > tried again in the browser, but it still just shows the raw contents of the
> > graphic file as part of the HTML.  As a result, I tried an ncat on the ncat
> > web server to see it's output, and as expected, I got the identical output
> > below.  What I did notice, and later verified as an issue with all requests,
> > is that the connection never closes.  As such, I think the original
> > connection to the web server transmitting the HTML never closes so any
> > output produced afterwards gets added right behind it as part of it (the
> > graphics file request).  This would also explain why the status bar never
> > shows a disconnect from the web server.  So... I changed the script once
> > again to put ncat inside the infinite 'while' loop (and remove the -k
> > parameter) so that it should basically serve the file and then stop running
> > - only this didn't correct the problem!  The connection still stays open
> > when I ncat, the ncat web server!  I've even tried doing an "echo -e '\x04'"
> > (EOT/EOF) after the HTML is transmitted to the server, but it doesn't cause
> > a disconnect either.  Thoughts?
> >
> > Thanks,
> > Dave
> >
> >
> >
> > On 05/10/2012 04:15 PM, James Rogers wrote:
> > > I got it to work on my localhost.   Evidently you have to give a HOST
> > > tag or something similar for some sort of virtual hosting on many
> > > servers.
> > >
> > > ncat -C localhost 80
> > > GET /icons/folder.gif HTTP/1.0
> > >
> > > HTTP/1.1 200 OK
> > > Date: Thu, 10 May 2012 20:12:32 GMT
> > > Server: Apache/2.2.17 (Ubuntu)
> > > Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
> > > ETag: "c6c1d-e1-3e9564c23b600"
> > > Accept-Ranges: bytes
> > > Content-Length: 225
> > > Connection: close
> > > Content-Type: image/gif
> > >
> > > GIF89a  �����̙����f3333!�NThis art is in the public domain. Kevin
> > > Hughes, kevinh@IE�qg<��N"4�IRaV�V���x��l<&����z�#,L��; ;
> > >
> > > On Thu, May 10, 2012 at 3:44 PM, Dave Henderson
> > > <dhenderson () digital-pipe com>    wrote:
> > > > I tried your suggestion below, but constantly get a 404 error when trying
> > > > to
> > > > get a graphic from a remote host even though I know the path and filename
> > > > are correct.  Any other thoughts?
> > > >
> > > > Thanks,
> > > > Dave
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/