I was wondering, what would be the easiest way to encrypt a message, into a 128-bit with a key. I wanted to code something on my personal computer, that would use LuaSocket, and based on what is sent to my PC, the computer executes X command. This is just something easy, and something for me to code, so I can remotely access my computer, from another computer. I want to make the script first require a password, before granting access to ANY command. But, if someone is spying on the connection, they can take the password, and abuse my PC. So, is there a simple way to securely communicate between MY PC, and the PC that is connecting with my PC (dunno much about encryption)? (somewhat-off-topic: how do you get LuaSocket to reply to the client? lua.org explains client-to-server, but how do you do server-to-client?)
how do you get LuaSocket to reply to the client?
The server obtains the request using client:receive and sends its response using client:send. Please note that even if the documentation calls the variable "client", it doesn't mean the client side of the connection. Instead it means the "connection to the client" from the server's point of view, returned by client:accept.
See http://w3.impa.br/~diego/software/luasocket/old/luasocket-2.0-beta/introduction.html
Related
I'm trying to use AT commands to setup a BGS2-W modem on a custom board to connect to a site over TLS, but the modem is not reacting to my commands and no certificates are being set.
I'm using the command
AT^SBNW
to send the commands as documented in Transport Layer Security for Client
TCP/IP Services doc (https://ptelectronics.ru/wp-content/uploads/organizatsiya_bezopasnogo_ssl-soedineniya.pdf#page=8).
Unfortunately, the document provides no examples, and I haven't been able to find any samples showing the usage of this command online.
The document linked has a java commandline tool attached that will send a cert from a PC, however I am unable to use this tool (I don't have the connection to the modem).
If anyone has any idea's on how to use this command I could very much use the help.
Note: I'm trying to set the certificates from within code running on a PIC18 - this isn't a final incarnation, I just need the certificates loaded so I can connect to our secure server.
Well, guess this one isn't going to find an answer anytime soon :)
So, its fairly easy to capture the output from the javatool - I'm using Com0Com to emulate 2 connected ports, then using termite to manually input on one port while telling the java app to connect to the other.
The first query from the java app expects an "OK" response, I find it easiest to send the response before starting the java app (I guess it gets cached in the recv buffer of the emulated port).
The javatool then sends "AT^SBNW=is_cert,1\r", and you can type in the reply in termite "SECURE CMD READY: SEND COMMAND ..."
After this a large binary dump comes through. You can decode the dump using the structure described in Application Note 62 (https://ptelectronics.ru/wp-content/uploads/organizatsiya_bezopasnogo_ssl-soedineniya.pdf). That should get all the data required to generate the same binary within code.
I'm writing a port scanner in C and i want to detect what service is running on an open port and its version.I've already wrote the scanner code but now i have no idea about how to detect running service.
What can i do?
If you are determined to do it in your own code, you can connect to the port, see if you get any data on it, if nothing then send a few bytes, and check again.
Then match that against expected response.
to get an idea what you are looking for, you can connect manually to the port with telnet and poke at it. In many cases (a web server is an easy example) you must send some correctly formatted data in order to get a usable response.
nmap has done all this and much more (e.g. extensive checks such as looking for byte order and timing of arp traffic)
UPDATE: several people have mentioned well known ports, but that won't help you discover standard services running on nonstandard ports, such as ssh or http servers running on custom ports.
If server sends something first, use that to identify protocol.
If not, send something according to some protocol, such as http, and see what server sends back (valid response or error). You may need to make several attempts with different protocols, and a good order is important to minimize connection count.
Some protocols may be very hard to identify, and it is easy to make custom server with unique protocol you don't know about, or even hide real server under simple fake server of other proto such as http.
If you just want to know what the port usually is, check "well known ports" and official reserved ports.
Also check nmap source code.
I have to develop 1 FTP (simple) server in C.
What do i mean with simple??
I mean that FTP server has to support:
authentication (USER, PASS, PORT)
change directory (CD)
file listing (LIST)
file retrive (RETR)
I have just developed as "split part" the numbers 1-2-3-4 and i have to merge them into main.c. So no problem with them.
What i don't understand is how to "receive" communications from the client.I mean how can implement what the client wants (USER, PASS, CD, LIST, RETR)?
I've read the rfc959 but i have not totally understood the communication between client and sever.
Summary:
client connect to server (so into the server this part is the socket "accept(..)"), rigth?
1a server send to client "you are connected" right?
client send to server user,password (file 1, auth.c but i don't know how to read when client send to the server the user and password request)
after successful login the server send file list (part 3, list.c, no problem)
the client send to the server the file it wants to download or the changedir command (again, how to read this info from client's request?)
i hope you have understand :)
EDIT: i'm on GNU/Linux
Although your question is little confusing, I am trying to answer it. Take command line parameters like "Username Password" and pass these argv[] through send to Server and receive using recv at Server end. For better understanding, refer the link Client.cpp
Hope this solves your confusion.
If you're using the Berkeley sockets API (your mentioning accept() implies that you are), you typically use recv() to read data from a socket. You need to read from the socket the client is connecting to, then inspect what you got to determine if it's a valid command that you can handle.
I was looking for a code to learn the workings of ftp with sockets and found filework on google code and the code clear and simple.
URL: http://code.google.com/p/ifilework
First of all, the environment I'm working on is Windows 7 and Visual Studio 2010.
I already wrote a server that uses the select method to retrieve data from more than one client.
Also I wrote a client that connected to the server above, by running (client.exe localhost 4444 Peter). "Peter" is the username that this user wants to use.
Now let's say we have two users connected on the server. Each of them has the ability to run the command /help. This returns some other commands that the user can use. One command of these is /listusr that returns all the users on the server.
One other command is the /talk2 and here is where my problem-question begins. I want to let the user choose to which of the other users want to talk. E.g if you want to talk to Peter, you give /talk2 Peter.
How am I going to start something like this? How will the server send the message from me to Peter (I have to add here that when a new user connects, the server saves his/her username and his/her socket number in a struct)?
Do I need to create new threads for each conversation or new processes? Can someone give me some hint or advice to continue my project? I'm little confused on how to manage at this point.
Neither. Your server should maintain some kind of data structure that matches a user id to a client socket handle. When a request comes in with the /talk2 command, the server should look up the corresponding socket handle for that userid and should simply relay that message using send().
A scalable way would be your sever is just responsible to tell both clients the IP address of the other side, and then Peter and you establish the connection so you can talk.
If you really want to have the sever transfer the conversation, you need to consider the following to gain a better scalability:
Use UDP instead of TCP
Use thread instead of process
Spawning a new process would be an ordeal for the server if the number of users interacting at a time are high. But on the other hand it will be simpler to code.
Threads do provide scalability, but then you must be extra careful in your code not to do anything silly. (For example, sending wrong chats to the wrong guys.)
Use select/poll techniques (I am not sure how they perform in the Windows environment, but it works cool with Linux.)
UDP will reduce transmission time, but I am not too sure if it's a good idea. Since you said you already have a code, it would be great pain to switch to UDP.
Just sending the address of required client is also a feasible idea. It reduces a lot of effort from the server, but now you will require dedicated clients.
Try each of them and check which one works best for you. It's a design problem, so there can't be a hard and fast solution. It will depend on the usage of your application. You may also want to use (may be you are already using) the sendto and recvfrom functions.
I am using Rabbit single board computer. I would like to save the data I/O which is connected to another Rabbit single board computer through a wireless connection. Is it able to save the data inside the PC in a .txt file for example?
If you can establish a connection to a PC, and the PC is running some server to log data, yes, you could save to a PC. For example, the PC could run a TFTP server or FTP server on the same wireless network, and you could connect to it from the rabbit SBC and save whatever data you need to.
Yes, this is possible.
There are two parts to this scenario. Your embedded app needs to know how to connect to a server application running on the PC or network, and you must, of course, have said server application running on the target machine.
If you're sending entire files, FTP, as bdonlan suggested, is a good way to go. The protocol is well-understood and you can probably find a library to wrap it for you.
If you need to log data real-time, you'll need to have some sort of application which can receive messages or accept a socket connection, and a protocol to get the text across the wire(less). A web server may be a good way to do this, because you can POST chunks of data to the server with a simple HTTP request, and the server app can decide how to organize and store the information. Once you have a web server running, you may find it beneficial to build some pages that provide basic reporting functionality, so you can see the logged data from any web browser.
This could be less restrictive than FTP, but will require some web development expertise on your part.
Any reasonable solution is going to require that you already have a connection to the wireless network with a correctly-configured and functioning IP stack. Without that, you're probably out of luck connecting to any networked resources.