Penetration Testing mailing list archives
HTTP Manipulation
From: "Jeremy Junginger" <jj () act com>
Date: Tue, 20 Apr 2004 11:14:51 -0700
Hey guys, I'm putting together a perl script to do some HTTP manipulation (Methods, versions, overflow strings, etc), and am having some trouble reading from the socket. From tcpdump, I can see that it is completing the TCP three way handshake, and successfully GETting the default page with a 200 OK response, but I'm not sure how to capture this data from the socket prior to closing it. Could any of you PERL gurus see if I've missed something important here? Thanks, #!c:\Perl\bin\Perl.exe use CGI qw(:standard); #use strict; use Socket; #Initialize the host, port, and protocols $host = shift||'ip.address.of.remote.host'; $port = shift||80; $proto = getprotobyname('tcp'); #Get the port address $remoteip = inet_aton($host); $remoteport = sockaddr_in($port,$remoteip); #$localhost = pack('S n a4 x8', AF_INET, 0, "\0\0\0\0"); #$remotehost = pack('S n a4 x8', AF_INET, $port, $host); #Create the socket and connect to the port socket(SOCKET,PF_INET,SOCK_STREAM,$proto) or die "socket:$!"; connect(SOCKET,$remoteport) or die "connect:$!"; print SOCKET "GET / HTTP/1.0\n\n"; select(SOCK); $| = 1; select(STDOUT); ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- HTTP Manipulation Jeremy Junginger (Apr 21)
- Re: HTTP Manipulation Kenneth Peiruza (Apr 21)
- Re: HTTP Manipulation cdowns (Apr 21)
- Re: HTTP Manipulation Rogan Dawes (Apr 21)
- <Possible follow-ups>
- HTTP Manipulation Arthur Clune (Apr 21)