/*返回0发送成功 * -1失败 */ int http_do_get(http_client_t http_client, const char *host, const char *path)/* 用get命令请求远程服务器的网页*/ { char tempbuf[1024]; char req[1024]; int flag; sprintf(tempbuf,"GET %s HTTP/1.0\r\n",path); memcpy(req,tempbuf,strlen(tempbuf)); req[strlen(tempbuf)] = '\0'; sprintf(tempbuf,"Host: %s\r\n",host); strcat(req,tempbuf); strcat(req,"Content-Type: application/x-www-form-urlencoded\r\n"); strcat(req,"User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4\r\n"); strcat(req,"\r\n"); /* printf("ooooooooooooooooooooooooooooooooooooooooooooooooooooooo\n"); printf("%s",req); printf("ooooooooooooooooooooooooooooooooooooooooooooooooooooooo\n"); */ flag = nsend(req, http_client.network); if(flag < 0) return -1; else return flag; //fprintf(stderr, "http do_get success!\n"); }
/*-------------------------------------------------------------------------*/ static int forward (int in, int out) { static char *buf = NULL; static int bufsz = 0; int len; int type; if (internal_recv (in, &buf, &bufsz, &type) < 0) return -1; if (type & INTERNAL_COMM_MSG_TYPE_CTRL) { errno = type & ~INTERNAL_COMM_MSG_TYPE_CTRL; return -1; } else if ((type & INTERNAL_COMM_MSG_TYPE_DATA) == 0) { log_write ("hosts.c:forward(): bad msg type (%d)\n", type); return -1; } len = strlen (buf); if (out > 0) { int n; for (n = 0; n < len;) { int e; e = nsend (out, buf + n, len - n, 0); if (e < 0 && errno == EINTR) continue; else if (e <= 0) return -1; else n += e; } } if (bufsz > 65535) { efree (&buf); buf = NULL; bufsz = 0; } return 0; }
tree_cell * nasl_end_denial(lex_ctxt * lexic) { int port = (int)arg_get_value(lexic->script_infos, "denial_port"); int soc; int to = lexic->recv_timeout; struct arglist * script_infos = lexic->script_infos; tree_cell * retc = NULL; /* * We must wait the time the DoS does its effect */ Sleep(10); if(!port) { int ping = (int)arg_get_value(script_infos, "tcp_ping_result"); if(ping) return nasl_tcp_ping(lexic); else { retc = alloc_tree_cell(0, NULL); retc->type = CONST_INT; retc->x.i_val = 1; return retc; } } else { retc = alloc_tree_cell(0, NULL); retc->type = CONST_INT; soc = open_stream_connection(script_infos, port, NESSUS_ENCAPS_IP, to); if(soc > 0) { /* Send some data */ #define BOGUS "are you dead ?" if((nsend(soc, BOGUS, sizeof(BOGUS)-1, 0))>=0) { retc->x.i_val = 1; close_stream_connection(soc); return retc; } } } retc->x.i_val = 0; return retc; }
tree_cell * nasl_send (lex_ctxt * lexic) { int soc = get_int_local_var_by_name (lexic, "socket", 0); char *data = get_str_local_var_by_name (lexic, "data"); int option = get_int_local_var_by_name (lexic, "option", 0); int length = get_int_local_var_by_name (lexic, "length", 0); int data_length = get_var_size_by_name (lexic, "data"); int n; tree_cell *retc; int type; unsigned int type_len = sizeof (type); if (soc <= 0 || data == NULL) { nasl_perror (lexic, "Syntax error with the send() function\n"); nasl_perror (lexic, "Correct syntax is : send(socket:<soc>, data:<data>\n"); return NULL; } if (length <= 0 || length > data_length) length = data_length; if (!fd_is_stream (soc) && getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &type_len) == 0 && type == SOCK_DGRAM) { n = send (soc, data, length, option); add_udp_data (lexic->script_infos, soc, data, length); } else n = nsend (soc, data, length, option); retc = alloc_tree_cell (0, NULL); retc->type = CONST_INT; retc->x.i_val = n; return retc; }
int http_do_get(http_client_t *http_client, char *path) { char http_request[REQ_SIZE]; bzero(http_request, REQ_SIZE); int size; /* send or recv timeout more than 3 times will stop */ sprintf(http_request, "GET %s HTTP/1.0\r\n" "Host: %s\r\n" "User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.11 " "(KH| TML, like Gecko) Ubuntu/11.10 Chromium/17.0.963.79 Chrome/17.0.963.79 Saf " "| ari/535.11\r\n" "Content-Type: application/x-www-form-urlencoded\r\n\r\n", path, http_client->connection.host); size = nsend(&http_client->connection, http_request, strlen(http_request)); if(size < 0) { fprintf(stderr, "Http Request failed, error code: %d\n", size); return REQUEST_FAILED; } char buf[BUFFER_SIZE]; http_res_t *response = &http_client->response; int entity_body_size, recv_body_length = 0; entity_body_size = ENTITY_BODY_SIZE_DEFAULT; /* recv http response */ response->enti_body.buffer = (char *) malloc(ENTITY_BODY_SIZE_DEFAULT); if(response->enti_body.buffer == NULL) { response->enti_body.len = 0; fprintf(stderr, "Error: allocate memory failed in func 'do_get'.\n"); return RESPONSE_FAILED; } else { response->enti_body.len = entity_body_size; bzero(response->enti_body.buffer, entity_body_size); do { bzero(buf, BUFFER_SIZE); size = nrecv(&http_client->connection, buf, LIMIT); if(size > 0) { if(recv_body_length + size > entity_body_size) { entity_body_size *= 2; response->enti_body.buffer = (char *)realloc(response->enti_body.buffer, entity_body_size); if(response->enti_body.buffer == NULL) { response->enti_body.len = 0; return RESPONSE_FAILED; } else { response->enti_body.len =entity_body_size; } } memcpy(response->enti_body.buffer + recv_body_length, buf, size); recv_body_length += size; } else if(size == 0) { response->enti_body.buffer[recv_body_length] = '\0'; return RESPONSE_OK; }else { return RESPONSE_FAILED; } } while(1); } return RESPONSE_FAILED; }