LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 04-07-2007, 06:25 AM   #16
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Rep: Reputation: 30

NOTE:


Your code will not work if the site that you wish to log onto
uses cookies in the validation process of logging in.

As a side note,
As a HTTP/1.1 implementation your code should be able to
handle HTTP re-directs,i.e status 30x return codes.

Also all HTTP/1.1 implementations should also be able to
handle the chunked transfer-encoding scheme
when retrieving documents which means that to be able to
properly retrieve such encoded docs you can't just read from
the socket until an error or EOF is seen.
The encoding scheme is not differcult but you need to be aware of it.
I re-direct your attention again to the HTTP/1.1 rfc

:0)

Anyway here is a successful POST / request capture using
cookies.
ta
Code:
192.168.1.105:43022 -> 8x.xx.xx.xx:80 [AP]
  POST /takelogin.php HTTP/1.1..Connection: Keep-Alive..User-Agent: Mozilla/5
  .0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like Gecko)..Referer: ht
  tp://www.xxxxxxxx.org/login.php..Pragma: no-cache..Cache-control: no-cache.
  .Accept: text/html, image/jpeg, image/png, text/*, image/*, */*..Accept-Enc
  oding: x-gzip, x-deflate, gzip, deflate..Accept-Charset: iso-8859-1, utf-8;
  q=0.5, *;q=0.5..Accept-Language: en..Host: www.xxxxxxxx.org..Content-Type:
  application/x-www-form-urlencoded..
######
T 8x.xx.xx.xx:80 -> 192.168.1.105:43022 [AP]
  HTTP/1.1 302 Found..Date: Sat, 07 Apr 2007 07:47:51 GMT..Server: Apache/1.3
  .33 (Unix) PHP/4.4.1..X-Powered-By: PHP/4.4.1..Set-Cookie: uid=549021; expi
  res=Tue, 19 Jan 2038 03:14:07 GMT; path=/..Set-Cookie: pass=f54152e374049cd
  4f0b98805c11ace3d; expires=Tue, 19 Jan 2038 03:14:07 GMT; path=/..Location:
   http://www.xxxxxxxx.org/my.php..Keep-Alive: timeout=6, max=200..Connection
  : Keep-Alive..Transfer-Encoding: chunked..Content-Type: text/html....0....
#########
T 192.168.1.105:43023 -> 8xxxxxxxxxx:80 [AP]
  GET /my.php HTTP/1.1..Connection: Keep-Alive..User-Agent: Mozilla/5.0 (comp
  atible; Konqueror/3.4; Linux) KHTML/3.4.2 (like Gecko)..Referer: http://www
  .xxxxxxxx.org/login.php..Pragma: no-cache..Cache-control: no-cache..Accept:
   text/html, image/jpeg, image/png, text/*, image/*, */*..Accept-Encoding: x
  -gzip, x-deflate, gzip, deflate..Accept-Charset: iso-8859-1, utf-8;q=0.5, *
  ;q=0.5..Accept-Language: en..Host: www.xxxxxxxx.org..Cookie: pass=f54152e37
  4049cd4f0b98805c11ace3d; uid=549021....
##
T 8x.xx.xx.xx:80 -> 192.168.1.105:43023 [A]
  HTTP/1.1 200 OK..Date: Sat, 07 Apr 2007 07:47:51 GMT..Server: Apache/1.3.33
   (Unix) PHP/4.4.1..X-Powered-By: PHP/4.4.1..Keep-Alive: timeout=6, max=200.
  .Connection: Keep-Alive..Transfer-Encoding: chunked..Content-Type: text/htm
  l; charset=iso-8859-1....
 
Old 04-07-2007, 08:33 AM   #17
haxpor
Member
 
Registered: Dec 2006
Distribution: Ubuntu 9.10
Posts: 86

Original Poster
Rep: Reputation: 15
If the case for loging in involve cookie, it shouldn't be so hard.
When server reply (as you can see in capture header, you can use Proxomitron in windows to capturing the header too), it will include "Set-Cookie:" header section that tell the piece of data of the loging in session.
So you can use this data to access other page that require it by request the file you want on the server side with 'Cookie: username=something; PHPSESSID=somthing\n" include in your header.
And you can see the authorized page.

As for redirect, maybe we just read the header sending back from the server that tell us to redirect to other page, and then call the process for connecting to that server again, if that server reply with redirect again we follow the same again.

For read the encode data, we must see http's rfc as per slzckboy said. TO see the method for encoding and decoding (of course the sender that encoding data want receiver to see the actual data so the decoding method should exist).

TO this point I think, we now can code get, post method and read header from server also sending header and data to server, i think we can create our own Proxy Program hmm!

slzckboy what program do you use to capture that header, is it on Linux? I am trying to find that kind of program except SQUID to run on linux for a while now.
 
Old 04-07-2007, 08:52 AM   #18
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Rep: Reputation: 30
I just use tshark(use to be tethereal) and pipe the output into ngrep.

i.e

tshark -x host www.somewebsite.com | ngrep "HTTP"

In Linux.

I don't do windows
:0)
 
Old 04-08-2007, 03:18 PM   #19
haxpor
Member
 
Registered: Dec 2006
Distribution: Ubuntu 9.10
Posts: 86

Original Poster
Rep: Reputation: 15
As i said about calculating size of post data, forget what I said this is the correct one.

Example
'username=user1&password=pass1' the size is 30, that is you fill in the http header with 'Content-Type: 30'.
REMEMBER calculate the length of string data and PLUS 1 for null-terminate.
 
Old 04-08-2007, 03:38 PM   #20
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Rep: Reputation: 30
you mean Content-length = 30!?


I just used strlen() to calculate the entity length.
The server is not going to be looking for the null terminator,its just going to read Content-Length bytes.
Thats what the Content-Length field is for.

This is how I built my header.
I have been able to login to a number of sites that I have a membership with ok.

Code:
......

#define POSTENTITY \
"username=%s&password=%s"

......

#define POSTHEADER \
"POST %s HTTP/1.1\r\nHost: %s\r\nConnection:"\
" keep-alive\r\nAccept: text/html\r\nAccept: image/gif\r\nAccept: image/x-xbitmap\r\n"\
"Content-Type: application/x-www-form-urlencoded\r\nContent-length: %d\r\n"\
"%s"\                                                                           /* Cookie header field */
"Accept: image/jpeg\r\nAccept: image/png\r\n\r\n"\
"%s"                                                                            /*entity*

..................

int login(POST *post){


        if((snprintf(post->entity,MAX,POSTENTITY,post->username,post->password)>=MAX))
                return -1;

        else
                return 0;


}

...................

if((snprintf(sendbuff,MAX,POSTHEADER,head->resource,head->dns_name,(int)strlen(head->entity),head->cookie,head->ent
ity) >=MAX)){
                puts("WARNING:Outputbuffer too small for last write");
                return -1;
        }
 
Old 04-09-2007, 02:39 PM   #21
haxpor
Member
 
Registered: Dec 2006
Distribution: Ubuntu 9.10
Posts: 86

Original Poster
Rep: Reputation: 15
I am sorry, I mean 'Content-Length'.
That's great to hear the code work.
 
Old 04-11-2007, 07:25 AM   #22
belhifet
LQ Newbie
 
Registered: Apr 2007
Distribution: Arch
Posts: 8

Rep: Reputation: 0
slzckboy, could you post the whole thing?
 
Old 04-11-2007, 08:05 AM   #23
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Rep: Reputation: 30
Sorry,over 1000 lines of code not including the ssl lib I am working on for it.

It's too big.

One day I will release it once I have worked out all the kinks.


There is the curl project as stated earlier in this post if you need a http lib
Apparently it does ftp and other stuff too.




Are you working on something similar?
 
Old 04-11-2007, 08:19 AM   #24
belhifet
LQ Newbie
 
Registered: Apr 2007
Distribution: Arch
Posts: 8

Rep: Reputation: 0
Ah ok.

Yes, but I'm close to giving up, it's too damn difficult to do using C.
I'm already aware of cURL.

When you' re ready to release it, please drop me a PM, I'm interested in seeing how you worked it out.
 
Old 04-11-2007, 08:34 AM   #25
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Rep: Reputation: 30
I have to agree,it was tricky in C although i did it as a
learning aid really to know more about www,C programming etc etc..


If your serious about it you have to get to grips with the
HTTP RFC first,which is unfortunately a bit boring,but it makes life easier in the long run.

The basics of it it easy enough,just reading and writing to a socket.
Then its just message parsing.

There's a whole lot of parsing strings.
C dosn't give you much help with this sort of thing.

<thinking out loud>

I think I'm going to learn a new language soon....

Maybe C++?!!
</thinking out loud>
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Method Not Allowed: The requested method POST is not allowed for the URL /writedhcp.p WiWa Linux - Networking 15 01-06-2011 01:20 PM
squid: getting data from post method hiren_bhatt Linux - Software 0 09-11-2006 11:44 AM
SlackWare :Method Not Allowed The requested method POST is not allowed for the URL slack31337 Linux - Software 0 04-08-2006 06:09 PM
Problem with POST method in BOA estratos Linux - Networking 0 03-13-2006 03:49 PM
PHP Post and GET method dai Programming 4 02-26-2003 09:45 AM


All times are GMT -5. The time now is 09:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration