/*返回0发送成功
* -1失败
*/
int http_do_get(http_client_t http_client, const char *host, const char *path)/* 用get命令请求远程服务器的网页*/
{
char tempbuf[1024];
char req[1024];
int flag;
sprintf(tempbuf,"GET %s HTTP/1.0\r\n",path);
memcpy(req,tempbuf,strlen(tempbuf));
req[strlen(tempbuf)] = '\0';
sprintf(tempbuf,"Host: %s\r\n",host);
strcat(req,tempbuf);
strcat(req,"Content-Type: application/x-www-form-urlencoded\r\n");
strcat(req,"User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4\r\n");
strcat(req,"\r\n");
/*
printf("ooooooooooooooooooooooooooooooooooooooooooooooooooooooo\n");
printf("%s",req);
printf("ooooooooooooooooooooooooooooooooooooooooooooooooooooooo\n");
*/
flag = nsend(req, http_client.network);
if(flag < 0)
return -1;
else
return flag;
//fprintf(stderr, "http do_get success!\n");
}
/*-------------------------------------------------------------------------*/
static int
forward (int in, int out)
{
static char *buf = NULL;
static int bufsz = 0;
int len;
int type;
if (internal_recv (in, &buf, &bufsz, &type) < 0)
return -1;
if (type & INTERNAL_COMM_MSG_TYPE_CTRL)
{
errno = type & ~INTERNAL_COMM_MSG_TYPE_CTRL;
return -1;
}
else if ((type & INTERNAL_COMM_MSG_TYPE_DATA) == 0)
{
log_write ("hosts.c:forward(): bad msg type (%d)\n", type);
return -1;
}
len = strlen (buf);
if (out > 0)
{
int n;
for (n = 0; n < len;)
{
int e;
e = nsend (out, buf + n, len - n, 0);
if (e < 0 && errno == EINTR)
continue;
else if (e <= 0)
return -1;
else
n += e;
}
}
if (bufsz > 65535)
{
efree (&buf);
buf = NULL;
bufsz = 0;
}
return 0;
}
tree_cell * nasl_end_denial(lex_ctxt * lexic)
{
int port = (int)arg_get_value(lexic->script_infos, "denial_port");
int soc;
int to = lexic->recv_timeout;
struct arglist * script_infos = lexic->script_infos;
tree_cell * retc = NULL;
/*
* We must wait the time the DoS does its effect
*/
Sleep(10);
if(!port)
{
int ping = (int)arg_get_value(script_infos, "tcp_ping_result");
if(ping) return nasl_tcp_ping(lexic);
else
{
retc = alloc_tree_cell(0, NULL);
retc->type = CONST_INT;
retc->x.i_val = 1;
return retc;
}
}
else
{
retc = alloc_tree_cell(0, NULL);
retc->type = CONST_INT;
soc = open_stream_connection(script_infos, port, NESSUS_ENCAPS_IP, to);
if(soc > 0)
{
/* Send some data */
#define BOGUS "are you dead ?"
if((nsend(soc, BOGUS, sizeof(BOGUS)-1, 0))>=0)
{
retc->x.i_val = 1;
close_stream_connection(soc);
return retc;
}
}
}
retc->x.i_val = 0;
return retc;
}
tree_cell *
nasl_send (lex_ctxt * lexic)
{
int soc = get_int_local_var_by_name (lexic, "socket", 0);
char *data = get_str_local_var_by_name (lexic, "data");
int option = get_int_local_var_by_name (lexic, "option", 0);
int length = get_int_local_var_by_name (lexic, "length", 0);
int data_length = get_var_size_by_name (lexic, "data");
int n;
tree_cell *retc;
int type;
unsigned int type_len = sizeof (type);
if (soc <= 0 || data == NULL)
{
nasl_perror (lexic, "Syntax error with the send() function\n");
nasl_perror (lexic,
"Correct syntax is : send(socket:<soc>, data:<data>\n");
return NULL;
}
if (length <= 0 || length > data_length)
length = data_length;
if (!fd_is_stream (soc)
&& getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &type_len) == 0
&& type == SOCK_DGRAM)
{
n = send (soc, data, length, option);
add_udp_data (lexic->script_infos, soc, data, length);
}
else
n = nsend (soc, data, length, option);
retc = alloc_tree_cell (0, NULL);
retc->type = CONST_INT;
retc->x.i_val = n;
return retc;
}
int http_do_get(http_client_t *http_client, char *path)
{
char http_request[REQ_SIZE];
bzero(http_request, REQ_SIZE);
int size; /* send or recv timeout more than 3 times will stop */
sprintf(http_request, "GET %s HTTP/1.0\r\n"
"Host: %s\r\n"
"User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.11 "
"(KH| TML, like Gecko) Ubuntu/11.10 Chromium/17.0.963.79 Chrome/17.0.963.79 Saf "
"| ari/535.11\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n\r\n", path, http_client->connection.host);
size = nsend(&http_client->connection, http_request, strlen(http_request));
if(size < 0) {
fprintf(stderr, "Http Request failed, error code: %d\n", size);
return REQUEST_FAILED;
}
char buf[BUFFER_SIZE];
http_res_t *response = &http_client->response;
int entity_body_size, recv_body_length = 0;
entity_body_size = ENTITY_BODY_SIZE_DEFAULT;
/* recv http response */
response->enti_body.buffer = (char *) malloc(ENTITY_BODY_SIZE_DEFAULT);
if(response->enti_body.buffer == NULL) {
response->enti_body.len = 0;
fprintf(stderr, "Error: allocate memory failed in func 'do_get'.\n");
return RESPONSE_FAILED;
} else {
response->enti_body.len = entity_body_size;
bzero(response->enti_body.buffer, entity_body_size);
do {
bzero(buf, BUFFER_SIZE);
size = nrecv(&http_client->connection, buf, LIMIT);
if(size > 0) {
if(recv_body_length + size > entity_body_size) {
entity_body_size *= 2;
response->enti_body.buffer = (char *)realloc(response->enti_body.buffer, entity_body_size);
if(response->enti_body.buffer == NULL) {
response->enti_body.len = 0;
return RESPONSE_FAILED;
} else {
response->enti_body.len =entity_body_size;
}
}
memcpy(response->enti_body.buffer + recv_body_length, buf, size);
recv_body_length += size;
} else if(size == 0) {
response->enti_body.buffer[recv_body_length] = '\0';
return RESPONSE_OK;
}else {
return RESPONSE_FAILED;
}
} while(1);
}
return RESPONSE_FAILED;
}