I've written a c socket program in c (cygwin) and I want to send some html code to my browser.
I've written the server and if i run it and type in my browser localhost:8888. My program says it sends the correct amount of bytes but my browser seems to receive nothing.
send code:
#include<stdio.h>
#include<string.h> //strlen
#include<sys/socket.h>
#include<arpa/inet.h> //inet_addr
#include<unistd.h> //write
int main(int argc , char *argv[])
{
int socket_desc , new_socket , c;
struct sockaddr_in server , client;
char *message;
//Create socket
socket_desc = socket(AF_INET , SOCK_STREAM , 0);
if (socket_desc == -1)
{
printf("Could not create socket");
}
//Prepare the sockaddr_in structure
server.sin_family = AF_INET;
server.sin_addr.s_addr = INADDR_ANY;
server.sin_port = htons( 8888 );
//Bind
if( bind(socket_desc,(struct sockaddr *)&server , sizeof(server)) < 0)
{
puts("bind failed");
return 1;
}
puts("bind done");
//Listen
listen(socket_desc , 1);
//Accept and incoming connection
puts("Waiting for incoming connections...");
c = sizeof(struct sockaddr_in);
new_socket = accept(socket_desc, (struct sockaddr *)&client, (socklen_t*)&c);
if (new_socket<0)
{
perror("accept failed");
return 1;
}
puts("Connection accepted");
char *reply =
"HTTP/1.1 200 OK\r\n<Content-Type: text/html\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n<body>\r\n<h1>My First Heading</h1>\r\n<p>My first paragraph.</p>\r\n</body>\r\n</html>";
int i = send(new_socket,reply,strlen(reply),0);
printf("%d",i);
shutdown(new_socket,2);
return 0;
}
Output program:
bind done
Waiting for incoming connections
Connection accepted
98
Output browser:
Error 103 (net::ERR_CONNECTION_ABORTED): Unknown Error
What is wrong ?
Chances are that, unless there's some more code you aren't showing us, your program isn't generating appropriate HTTP headers on the response. A minimal HTTP response would look like:
HTTP/1.1 200 OK
Content-Type: text/html
Your HTML code goes here
Each line should be terminated by CR+LF (\r\n), and there must be two CR+LF pairs (e.g, \r\n\r\n) between the last header and the start of the body.
Here is an example web server in C that you should take a look at.
It shows how the HTTP protocol, transported via TCP, is used to communicate between the browser and the web server.
In order to send data to a browser your server needs to implement the HTTP protocol. This means waiting for a request from the browser, parsing it and then sending a response containing your data back to the browser.
Take a look at these useful resources about HTTP:
HTTP Made Really Easy
HTTP Protocol Standard
The first one in particular provides very easy to understand information.
Related
I am trying to make a translator in C using Google's translator API.
So far i've been able to create sockets, initialize them and connect them.
I've sent the url that is supposed to be translating the text, but the reply size is zero bytes. The objective is to perhaps receive it as a text file or just a string.
This is the code so far.
#include<stdio.h>
#include<winsock2.h>
#include "count.c"
#pragma comment(lib,"ws2_32.lib") //Winsock Library
int main(int argc , char *argv[])
{
WSADATA wsa;
SOCKET s;
struct sockaddr_in server;
char *message , server_reply[2000];
int recv_size;
printf("\nInitialising Winsock...");
if (WSAStartup(MAKEWORD(2,2),&wsa) != 0)
{
printf("Failed. Error Code : %d",WSAGetLastError());
return 1;
}
printf("Initialised.\n");
// Create a socket
if((s = socket(AF_INET , SOCK_STREAM , 0 )) == INVALID_SOCKET)
{
printf("Could not create socket : %d" , WSAGetLastError());
}
printf("Socket created.\n");
system("ping translate.googleapis.com");
const char* ipadress;
printf("Enter IP adress of Hostname\n");
scanf("%s",ipadress);
server.sin_addr.s_addr = inet_addr(ipadress);
server.sin_family = AF_INET;
server.sin_port = htons( 80 );
// Connect to remote server
if (connect(s , (struct sockaddr *)&server , sizeof(server)) < 0)
{
puts("connect error");
return 1;
}
puts("Connected");
// Send some data
message = "https://translate.googleapis.com/translate_a/single?client=gtx&sl=en&tl=da&dt=t&q=Hello";
if( send(s , message , strlen(message) , 0) < 0)
{
puts("Send failed");
return 1;
}
puts("Data Send\n");
// Receive a reply from the server
if((recv_size = recv(s , server_reply , 2000 , 0)) == SOCKET_ERROR)
{
puts("recv failed");
}
puts("Reply received\n");
// Add a NULL terminating character to make it a proper string before printing
server_reply[recv_size] = '\0';
printf("size: %d\n",recv_size);
puts(server_reply);
return 0;
}
Two problems. Firstly, you can't just send the URL by itself; you need to make an HTTP request. The best way to do this is often to use a third-party library like LibCURL, but for very simple cases you might prefer to do it by hand. At the very least you'd need a GET line, a Host: header and a blank line. See the HTTP RFC for how to format a request and parse the response.
Secondly, if you want to use HTTPS, you can't just send plain text to a socket, there is also an encryption layer. Again, you will need a library. (On Linux I would use OpenSSL or libCURL, which also exist on Windows but there may be other choices there.) By the way, by default HTTP uses port 80 but HTTPS uses port 443.
#include<stdio.h>
#include<winsock2.h>
#pragma comment(lib,"ws2_32.lib") //Winsock Library
int main(int argc , char *argv[])
{
WSADATA wsa;
SOCKET s;
struct sockaddr_in server;
char *message , server_reply[2000];
int recv_size;
printf("\nInitialising Winsock...");
if (WSAStartup(MAKEWORD(2,2),&wsa) != 0)
{
printf("Failed. Error Code : %d",WSAGetLastError());
return 1;
}
printf("Initialised.\n");
//Create a socket
if((s = socket(AF_INET , SOCK_STREAM , 0 )) == INVALID_SOCKET)
{
printf("Could not create socket : %d" , WSAGetLastError());
}
printf("Socket created.\n");
server.sin_addr.s_addr = inet_addr("74.125.235.20");
server.sin_family = AF_INET;
server.sin_port = htons( 80 );
//Connect to remote server
if (connect(s , (struct sockaddr *)&server , sizeof(server)) < 0)
{
puts("connect error");
return 1;
}
puts("Connected");
//Send some data
message = "GET / HTTP/1.1\r\n\r\n";
if( send(s , message , strlen(message) , 0) < 0)
{
puts("Send failed");
return 1;
}
puts("Data Send\n");
//Receive a reply from the server
if((recv_size = recv(s , server_reply , 2000 , 0)) == SOCKET_ERROR)
{
puts("recv failed");
}
puts("Reply received\n");
//Add a NULL terminating character to make it a proper string before printing
server_reply[recv_size] = '\0';
puts(server_reply);
return 0;
}
My output
Your output shows that your code passed the "Socket created", but didn't reach the "Connected". As you have no "connect error", connect() didn't yet fail. As you have no abort either, it is highly probable that you're stuck waiting for the connection to be established.
One way to test it would be to try open the address directly in the browser with http://<ip address> (equivalent to talking to port 80)
According to this site, the address you are talking to belongs to google, but has its port 80 closed. It is possible that security measures on google side make the rejection of the connection to be filtered. THis could explain why you experience a long timeout instead of a quick failure message.
So another way to test your code would be to use the address of a valid http server. TO find one, run your command line, type "ping google.com" and take the address that is displayed for the ping requests in your programme. The connection will then succeed.
Quoting from wikipedia:
The range of port numbers from 1024 to 49151 are the registered ports.
They are assigned by IANA for specific service upon application by a
requesting entity.[1] On most systems, registered ports can be used by
ordinary users.
That means that any port bellow 1024 will not work as they are already assigned.
I am really new to C and especially with socket programming so basically I have setup apache server on my local machine where I am hosting multiple audio/video/txt files.
Now I want to display those files using C. (just like ls -l in linux but it should be from the server)
I am able to fetch the html content of local server but that is something not I am looking for.
Here is my code for getting html content from the localhost
#include<stdio.h>
#include<string.h>
#include<sys/socket.h>
#include<arpa/inet.h>
int main()
{
int socket_desc;
struct sockaddr_in server;
char *message , server_reply[6000];
//Create socket
socket_desc = socket(AF_INET , SOCK_STREAM , 0);
if (socket_desc == -1)
{
printf("Could not create socket");
}
server.sin_addr.s_addr = inet_addr("192.168.1.3"); // localhost ip
server.sin_family = AF_INET;
server.sin_port = htons( 80 );
//Connect to remote server
if (connect(socket_desc , (struct sockaddr *)&server , sizeof(server)) < 0)
{
puts("connect error");
return 1;
}
puts("Connected\n");
//Send some data
message = "GET /?st=1 HTTP/1.1\r\nHost: 192.168.1.3\r\n\r\n";
if( send(socket_desc , message , strlen(message) , 0) < 0)
{
puts("Send failed");
return 1;
}
puts("Data Send\n");
//Receive a reply from the server
if( recv(socket_desc, server_reply , 6000 , 0) < 0)
{
puts("recv failed");
}
puts("Reply received\n");
puts(server_reply);
return 0;
}
Q: Are you trying to run this application on "Server A" and get a listing of files on "Server B"?
--
Thanks for the update to that.
Here is the problem, you are not going to be able to get a directory listing from one server to the other just by sending a standard http request. You will need a reciprocal application on "Server B". Do you have direct access to that server, or is this a public server and you are trying to mirror it?
Hello and thanks in advance for any help.I am trying to make simple socket connecting programs in C.After every connect() function with correct parameters,i have a printf("connected").But even though i get no error for the connection attempt,i don't see the "connected" message either.All i see is a black console,no messages,no errors and it never exits
Could this be caused because i'm running the application from virtualbox?
ok added code directly,this is taken right from a tutorial website so it should work.But in my case it just waits forever for connection i guess
#include<stdio.h>
#include<sys/socket.h>
#include<arpa/inet.h> //inet_addr
int main(int argc , char *argv[])
{
int socket_desc;
struct sockaddr_in server;
//Create socket
socket_desc = socket(AF_INET , SOCK_STREAM , 0);
if (socket_desc == -1)
{
printf("Could not create socket");
}
server.sin_addr.s_addr = inet_addr("74.125.235.20");
server.sin_family = AF_INET;
server.sin_port = htons( 80 );
//Connect to remote server
if (connect(socket_desc , (struct sockaddr *)&server , sizeof(server)) < 0)
{
puts("connect error");
return 1;
}
puts("Connected");
return 0;
}
connect function can have a freeze-like comportment (but always timeout after some time) if you are trying to connect to an address that doesn't exists or that is not listening on this port. It appears to be the case.
Try to run a simple server using nc -lk [your port here] and to connect to 127.0.0.1 (localhost) to your port.
EDIT: Do not use a port from 0 to 1023. You need to be a root user to bind these. Try another one, like 4242.
For a class assignment, I am told to use a xss attack to steal a cookie. We are given a VM to work on and a client from which to steal the cookie. We have the ability to use telnet to make the client go to any url we want, but are unable to view directly what happens. We were given a website that is on another server that is vulnerable. Since the network is closed and the client is only able to visit sites hosted by either the provided server or my VM, my professor suggested that I write a simple C server, have it listen on a specific port, and send the cookie through to allow my server to print it.
Here is the server I am using. It is listening on port 8888.
#include<stdio.h>
#include<string.h> //strlen
#include<sys/socket.h>
#include<arpa/inet.h> //inet_addr
#include<unistd.h> //write
int main(int argc , char *argv[])
{
int socket_desc , client_sock , c , read_size;
struct sockaddr_in server , client;
char client_message[2000];
//Create socket
socket_desc = socket(AF_INET , SOCK_STREAM , 0);
if (socket_desc == -1)
{
printf("Could not create socket");
}
puts("Socket created");
//Prepare the sockaddr_in structure
server.sin_family = AF_INET;
server.sin_addr.s_addr = INADDR_ANY;
server.sin_port = htons( 8888 );
//Bind
if( bind(socket_desc,(struct sockaddr *)&server , sizeof(server)) < 0)
{
//print the error message
perror("bind failed. Error");
return 1;
}
puts("bind done");
//Listen
listen(socket_desc , 3);
//Accept and incoming connection
puts("Waiting for incoming connections...");
c = sizeof(struct sockaddr_in);
//accept connection from an incoming client
client_sock = accept(socket_desc, (struct sockaddr *)&client, (socklen_t*)&c);
if (client_sock < 0)
{
perror("accept failed");
return 1;
}
puts("Connection accepted");
//Receive a message from client
while( (read_size = recv(client_sock , client_message , 2000 , 0)) > 0 )
{
//Send the message back to client
//write(client_sock , client_message , strlen(client_message));
printf("%s \n",client_message);
}
if(read_size == 0)
{
puts("Client disconnected");
fflush(stdout);
}
else if(read_size == -1)
{
perror("recv failed");
}
return 0;
}
I have gotten to where I can use an XSS attack to get connected to my server, but do not know how to send across the cookie. I know it is stored in document.cookie. Trying ...WEBSITEURL...?user="><script>window.open("http://localhost:8888")</script> with the url of the vulnerable site establishes a connection to my server (my server says so), but I do not know what to do from here.Do I need to modify my server in some way to accept a certain kind of input? I have tried ..localhost:8888?test" and I get a 404 error.
IN SHORT: How can I use a xss attack to send a cookie to a C server?