flat assembler
Message board for the users of flat assembler.
Index
> Windows > Winsock Send Without Closing Connection. Goto page 1, 2 Next |
Author |
|
Overflowz 06 Dec 2010, 11:12
Just someone ask this question if don't know what I mean. Connection is being closed after socket is closed right ? and I'm not closing sockets so connection must be still alive.. Anyone reply please.
|
|||
06 Dec 2010, 11:12 |
|
SFeLi 06 Dec 2010, 11:40
Overflowz wrote: I'm trying to send 1024 byte packet to 512 byte buffer to receive 2 times Here you go. Overflowz wrote: I've tried also on my http server for testing but failed. When connected it just closes connection automatically when data is sent. And here. Overflowz wrote: req db "HEAD / HTTP/1.1",CR,LF,CR,LF,0 You're not using this data as C-string. And winsock doesn't know about C-strings – it operates on data. So you absolutely don't need terminating 0. Either remove it or use sizeof.req - 1 when sending. |
|||
06 Dec 2010, 11:40 |
|
Overflowz 06 Dec 2010, 12:24
SFeLi
Thanks for reply. I know how to receive 1024 byte into 512 byte buffer. I know Connection:Keep-Alive thing and I've tried also removing 0 byte from req but still same problem. I'm not trying only for HTTP server. I'm trying also for testing another protocols like ftp or etc. But connection is still closed. How can I use send() function with any data what I want not only HEAD / HTTP/1.1 it was just for testing. And connection would be still alive ? Thanks. |
|||
06 Dec 2010, 12:24 |
|
SFeLi 06 Dec 2010, 12:43
I don't understand your question.
Overflowz wrote: How can I use send() function with any data what I want not only HEAD / HTTP/1.1 it was just for testing. It depends on the protocol you're using and server logic. What are you trying to do? Edit: are you trying to write malware with DDoS function? |
|||
06 Dec 2010, 12:43 |
|
drobole 06 Dec 2010, 15:52
When you connect to a http server you must follow the rules described in the http protocol. For example, sending the string "HEAD / HTTP/1.1", is legal (according to the http protocol) and means that you want to retrieve the default web page from the server.
The http protocol states that the connection is stateless, among other things this means that once the client has sent a command, and the server has sent a response back, they are both supposed to disconnect. You can use the Keep-Alive flag, but that is for special cases, and is not supposed to be used in general. Back in the days this was a genius thing as it saves the internet and computers connected to it from wasting bandwidth and resources, making the world wide web possible! If you are connecting to a ftp server, sending that string has no meaning to the server, and the server will probably send back an error message and possibly close as well. You can look here to see some examples of valid strings you can send to a ftp server: http://www.webdigi.co.uk/blog/2009/ftp-using-raw-commands-and-telnet/ In that example he is using telnet, but the commands you send (USER, PASS, CWD, ...) are the same. However, the default socket behavior is to stay connected so if you write your own server you can send whatever you like in whatever order you like. So, as soon as the client has successfully used the connect function, and the server has successfully used the accept function, you can start sending and receiving between them as you like. |
|||
06 Dec 2010, 15:52 |
|
Overflowz 06 Dec 2010, 18:51
SFeLi
Something like that for testing and I'm not that kind of person to do things like that I'm just interested how those things work. Yep I'm trying to understand how DDoS works. I understand how flood works just sending data connecting and closing connection and same and same. But I don't understand how DDoS works. Can't find any source for that. 1 I've found was just spamming send but It's just flood I guess. How can I keep connection alive thats my question. Thank you drobole Thank you for valuable info I'll learn that too! |
|||
06 Dec 2010, 18:51 |
|
drobole 07 Dec 2010, 05:30
Quote:
I can only imagine the news headlines: "England has been unable to prevail today due to an intense flooding of the backbone infrastructure by a hacker named Overflowz..." |
|||
07 Dec 2010, 05:30 |
|
Overflowz 07 Dec 2010, 10:11
drobole
Well.. I'M NOT HACKER AND NOT GONNA BE THAT! I want to be a security professional and just interesting how that things work! Fine if you dont believe me close this thread I don't care. I'm just asking for info not for copy/paste code damnit! I need to understand how that works. Is that hard to understand ? |
|||
07 Dec 2010, 10:11 |
|
Overflowz 07 Dec 2010, 17:04
1 more question. I found SOL_SOCKET and SO_KEEPALIVE functions for use of function setsockopt. How can I find value numbers of SOL_SOCKET and SO_KEEPALIVE cause I can't find in google and FASM tells it is undefined..
|
|||
07 Dec 2010, 17:04 |
|
drobole 07 Dec 2010, 19:29
I was just kidding
Look here http://www.google.com/#sclient=psy&hl=en&q=%23define+sol_socket&aq=f&aqi=g-sv1g-o1&aql=&oq=&gs_rfai=&pbx=1&fp=cc7ad1a43d378bba Code: #if defined(__alpha__) || defined(__mips__) #define SOL_SOCKET 0xffff ... #else #define SOL_SOCKET 1 ... #endif so SOL_SOCKET should be 0xffff on alpha and mips architectures, and 1 on all others, like x86 and x86-64. and look here http://www.unixguide.net/network/socketfaq/4.7.shtml AFAIK you don't need to do anything to keep an existing connection alive. There is probably another reason your socket is disconnected. It could be becouse of an error, or it could be because you are connecting to a HTTP server, which is designed to disconnect after one send/receive cycle. edit: I was looking at the winsock2.h file that comes with windows, and it says: Code: /* * Level number for (get/set)sockopt() to apply to socket itself. */ #define SOL_SOCKET 0xffff /* options for socket level */ ... so I guess windows uses 0xffff |
|||
07 Dec 2010, 19:29 |
|
DarkAlchemist 07 Dec 2010, 20:12
drobole wrote:
It still bugs me to this day seeing Bill Gates, back in the day, say about the W3 standard..."We don't follow standards, we set them." Grrrrrrrrrrrr. |
|||
07 Dec 2010, 20:12 |
|
f0dder 07 Dec 2010, 20:25
drobole wrote: The http protocol states that the connection is stateless, among other things this means that once the client has sent a command, and the server has sent a response back, they are both supposed to disconnect. You can use the Keep-Alive flag, but that is for special cases, and is not supposed to be used in general. Of course there's a shitload of broken software out there on the internet, so you can never depend on anything - HTTP/1.1 servers might close your connection even though you didn't ask for it, and clients might close their connection even though they didn't specify "Connection: Close". Follow the robustness principle: Be conservative in what you send; be liberal in what you accept.. _________________ - carpe noctem |
|||
07 Dec 2010, 20:25 |
|
drobole 07 Dec 2010, 21:17
f0dder wrote:
I didn't know that, but I guess it makes sense somehow. Thanks for clearing up the issue |
|||
07 Dec 2010, 21:17 |
|
drobole 07 Dec 2010, 21:22
DarkAlchemist wrote:
Yea, its a shame how some people think everything must be competition. Including standards |
|||
07 Dec 2010, 21:22 |
|
DarkAlchemist 09 Dec 2010, 02:08
Standards are supposed to be followed or they wouldn't be a standard. Everyone else follows W3, for example, except MS.
|
|||
09 Dec 2010, 02:08 |
|
Overflowz 09 Dec 2010, 08:52
Well, I guess SOL_SOCKET and SO_KEEPALIVE doesn't required for that. I've tried but no result.. I've tried multithreading but it sucks I guess. (I don't know why but its limited sometimes..). does anybody know other techniques ? like normal ?
|
|||
09 Dec 2010, 08:52 |
|
drobole 09 Dec 2010, 12:59
Hi Owerflows,
I didn't have time to reply to your pm this morning but I was going to ask you what are you trying to do again? Make a program to test DDoS attack on your web server? |
|||
09 Dec 2010, 12:59 |
|
Overflowz 09 Dec 2010, 18:16
drobole
Yes right that but also I'm interested how DDoS works too. I've tried with multithreading and works fine but I'm now interested how I should do it without multithreading ? I don't know how to explain. having problems in real life now so.. I'll post later. |
|||
09 Dec 2010, 18:16 |
|
drobole 10 Dec 2010, 01:55
I'm not an expert on this but if you look here
http://en.wikipedia.org/wiki/Denial-of-service_attack there is many different ways to make a DDoS attack. One way is SYN flood Quote:
To make this work we need to use raw sockets and we must create a datagram package ourself. Its not the easiest thing to do but its quite interesting imo. Here is a C example http://mixter.void.ru/rawip.html This example show pretty much what it takes to make a small SYN flooding program. Here is a WinSock example http://tangentsoft.net/wskfaq/examples/rawping.html This one does more than we are interested in so its not the best example, but it is for windows so its a good cross reference for the other example, which is *nix based. Of course, if you just want to DDoS your web server quick and easy, you can do that with certain ping programs (I think hping is sometimes used), or you can use a program like LOIC, which is designed for that kind of thing. Thats pretty much all I know about it |
|||
10 Dec 2010, 01:55 |
|
Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.