d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Question About Sockets, Http, Get/post, Etc...
Add Reply New Topic New Poll
Member
Posts: 894
Joined: Aug 30 2008
Gold: 383.04
Jun 9 2013 01:55pm
I'm not doing anything malicious the forum in the example is just to test logging into a server without opening the browser. I edited a lot of the urls out too.

Code
import java.io.BufferedReader;import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.*;




public class WorkingAOPSLogin {
   private static URL urlObj;
   private static URLConnection connect;




   public static void main(String[]args){
       try {
           urlObj = new URL("somewebsite/Forum/ucp.php?mode=login&redirect=/Forum/index.php");
       } catch (MalformedURLException e) {e.printStackTrace();}
       try {
           connect = urlObj.openConnection();
           connect.setDoOutput(true);




           BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(connect.getOutputStream()));
           writer.write("username=MYUSERNAME&password=MYPASSWORD&login=Login");
           
           /*connect = (new URL("somewebsite/Forum/posting.php?mode=post&f=224")).openConnection();
           connect.setDoOutput(true);
           writer = new BufferedWriter(new OutputStreamWriter(connect.getOutputStream()));
           writer.write("subject=hello&post=Submit");
           */
           writer.close();




           BufferedReader reader = new BufferedReader(new InputStreamReader(connect.getInputStream()));
           String lineRead = "";




           while((lineRead = reader.readLine()) != null){
               System.out.println(lineRead);
           }
           reader.close();
       } catch (IOException e) {e.printStackTrace();}
       System.out.println("\n\n here \n\n");
       
       String headerName;
       for (int i=1; (headerName = connect.getHeaderFieldKey(i)) != null; i++) {
           if(headerName.equals("Set-Cookie")){
               String cookie = connect.getHeaderField(i);
               System.out.println(cookie);
           }
       }
   }
}



When I run this code I get the following output:
Code
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "w3site/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="w3site/1999/xhtml" dir="ltr" lang="en-gb" xml:lang="en-gb">




<head>
   <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
   <meta http-equiv="content-language" content="en-gb" />
   <meta http-equiv="content-style-type" content="text/css" />
   <meta http-equiv="imagetoolbar" content="no" />
   <meta name="resource-type" content="document" />
   <meta name="distribution" content="global" />
   <meta name="keywords" content="" />
   <meta name="description" content="" />




   <meta name="viewport" content="width=device-width,height=device-height,user-scalable=yes" />
   <meta http-equiv="refresh" content="3;url=website/Forum/index.php?" />
   <title>Art of Problem Solving &bull; User Control Panel &bull; Welcome to Art of Problem Solving</title>




   <script type="text/javascript" src="googleapis/ajax/libs/jquery/1.3/jquery.min.js"></script>
   <script type="text/javascript" src="/system/js/aops.js?r=4"></script>
   <script type="text/javascript" src="./styles/aops/template/forum_fn.js"></script>
   <script type="text/javascript">
       var HOST = '';
       var USERNAME = '';
       var USER_ID = 1;
   </script>




   
</head>



<body class="ltr">




   <div style="width: 100%;background-color: #e1e8f5;border-bottom:1px solid #bbb;height:28px;margin: 0;">
       <div style="padding:5px 10px">
           <div style="float:right;line-height:18px;">
           </div>
           <div style="float:left;font-size:14px;">
               Art of Problem Solving
           </div>
       </div>
   </div>




   <div id="main">
<div style="text-align:center;margin-top:30px;">
<h1>Welcome to Art of Problem Solving</h1>

</div>
</div>
</body>
</html>



here



PHPSESSID=hvi9ivjsiek8qoijiagskmqg4sirv8au; path=/
phpbb3_3oerp_u=1; expires=Tue, 09-Jul-2013 18:23:01 GMT; path=/; domain=.website; HttpOnly
phpbb3_3oerp_k=; expires=Tue, 09-Jul-2013 18:23:01 GMT; path=/; domain=.website; HttpOnly
phpbb3_3oerp_sid=714e8054b89f05c75d43658b84e1e843; expires=Tue, 09-Jul-2013 18:23:01 GMT; path=/; domain=.website; HttpOnly
phpbb3_3oerp_hidden=; expires=Sun, 09-Jun-2013 15:59:41 GMT; path=/; domain=.website; HttpOnly
phpbb3_3oerp_collapsed=; expires=Sun, 09-Jun-2013 15:59:41 GMT; path=/; domain=.website; HttpOnly
__umtu=a%3A1%3A%7Bi%3A0%3Bs%3A9%3A%MYUSERNAME%22%3B%7D; expires=Mon, 09-Jun-2014 18:23:01 GMT; path=/; domain=.website; httponly
phpbb3_3oerp_u=74281; expires=Tue, 09-Jul-2013 18:23:01 GMT; path=/; domain=.website; HttpOnly
phpbb3_3oerp_k=; expires=Tue, 09-Jul-2013 18:23:01 GMT; path=/; domain=.website; HttpOnly
phpbb3_3oerp_sid=8122fba012d8807aa2bbd976609ec3f7; expires=Tue, 09-Jul-2013 18:23:01 GMT; path=/; domain=.website; HttpOnly



And I take "You have been successfully logged in." to be a good sign. However, when I try to do the same thing purely using sockets (without the java URLConnection class which also uses sockets but is more limiting) I can't seem to make it work. Here's my code for that:


Code
//java socket client exampleimport java.io.*;
import javanet.*;




public class SocketTest
{
   public static void main(String[] args) throws IOException
   {
       Socket s = new Socket();
       String host = "www website com";
       PrintWriter s_out = null;
       BufferedReader s_in = null;
       
       try
       {
           s.connect(new InetSocketAddress(host , 80));
           System.out.println("Connected");




           //writer for socket
           s_out = new PrintWriter( s.getOutputStream(), true);
           //reader for socket
           s_in = new BufferedReader(new InputStreamReader(s.getInputStream()));
       }




       //Host not found
       catch (UnknownHostException e)
       {
           System.err.println("Don't know about host : " + host);
           System.exit(1);
       }




       //Send message to server
       
       
       s_out.println("GET /Forum/ucp.php?mode=login&username=MYUSERNAME&password=MYPASSWORD&login=Login&redirect=/Forum/ucp.php?mode=logout HTTP/1.1\r\nHost: www website com\r\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n");
   
   
       System.out.println("Message send");




       //Get response from server
       String response;
       while ((response = s_in.readLine()) != null)
       {
           System.out.println( response );
       }
       
       //close the i/o streams
       s_out.close();
       s_in.close();
               
       //close the socket
       s.close();
       System.out.println("Program Done");
   }
}

This code gives the following output:
Code
Connected
Message send
HTTP/1.1 302 Found
Date: Sun, 09 Jun 2013 18:26:28 GMT
Server: ApacheSet-Cookie: PHPSESSID=s05jir45nq8rtlairradv2054si0vuns; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: www website com/Forum/ucp.php?mode=login&username=MYUSERNAME&password=MYPASSWORD&login=Login&redirect=/Forum/ucp.php?mode=logout
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8




Program Done

It's giving a 302 Found error for some reason? When I run my Live HTTP Headers tool and I login I get the following:
Code
website/Forum/ucp.php?mode=login


POST /Forum/ucp.php?mode=login HTTP/1.1
Host: website
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: www website com/Forum/ucp.php?mode=login&redirect=/Forum/ucp.php%3fmode=logout
Cookie: PHPSESSID=j7neuj0r2imvtnbhmj9pv92tona0mg09; __utma=119266009.1728699164.1370785148.1370794501.1370802682.4; __utmc=119266009; __utmz=119266009.1370802682.4.3.utmccn=(organic)|utmcsr=google|utmctr=|utmcmd=organic; __umtu=a%3A1%3A%7Bi%3A0%3Bs%3A9%3A%22MYUSERNAME%22%3B%7D; __utmb=119266009; phpbb3_3oerp_u=1; phpbb3_3oerp_k=; phpbb3_3oerp_sid=0d14419aef16b5096f1d3c22b18fe236
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 129
username=MYUSERNAME&password=MYPASSWORD&login=Login&sid=0d14419aef16b5096f1d3c22b18fe236&redirect=%2FForum%2Fucp.php%3Fmode%3Dlogout



Shouldn't I be able to copy the exact GET/POST message that Live HTTP Headers gives for any request and send that through the buffered writer? (and I get the same output when I change the GET message to POST). Sorry this post is so long but thanks for reading if you did!

This post was edited by layhooo3 on Jun 9 2013 01:55pm
Member
Posts: 4,605
Joined: Sep 15 2011
Gold: 9,464.00
Jun 9 2013 03:13pm
you got redirected, probably because you did a GET instead of a POST
Member
Posts: 894
Joined: Aug 30 2008
Gold: 383.04
Jun 9 2013 04:00pm
post gives the same output though
Member
Posts: 4,605
Joined: Sep 15 2011
Gold: 9,464.00
Jun 9 2013 10:00pm
your live http headers logs are incomplete since you're only showing the request that your browser sent to the server. how does it respond?

ideally i'd like to see the http headers from you using your browser to do the exact same thing as your code. without that, it could be anything.

This post was edited by irimi on Jun 9 2013 10:00pm
Member
Posts: 894
Joined: Aug 30 2008
Gold: 383.04
Jun 10 2013 08:23am
No I'm only putting the responses from the server actually the last quote is from Live HTTP Headers
Member
Posts: 10,812
Joined: Oct 15 2009
Gold: Locked
Warn: 20%
Jun 10 2013 11:25am
from abduct.

you code is flawed on so many levels. i will just skip pass your lack of accurate error reporting and just skip to the meat and potatoes.

your get and post requests are wrong.

all get and post requests must be ended in dual \r\n.

aka

Code
GET /Forum/ucp.php?mode=login&username=MYUSERNAME&password=MYPASSWORD&login=Login&redirect=/Forum/ucp.php?mode=logout HTTP/1.1\r\n
Host: www.website.com\r\n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n\r\n


this tells the web server it is the end of the request.

as for posting data, you do not need to initiate a stream builder to send a post request. just send it all as one packet.

Code
POST /Forum/ucp.php HTTP/1.1\r\n
Host: www.website.com\r\n
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0\r\n
Content-length: SIZEOFDATA\r\n
Content-type: application/x-www-form-urlencoded\r\n\r\n

username=MYUSERNAME&password=MYPASSWORD&login=Login\r\n\r\n


it appears to me you have no idea how the http protocol works and you are just trying to pull it out of your ass. go search around the internet or go take look at the RFC for the http protocol.

you are better off looking for a http class which allows you to add headers and get/post data easily via methods rather than setting this up yourself via sockets.
Member
Posts: 4,605
Joined: Sep 15 2011
Gold: 9,464.00
Jun 10 2013 01:39pm
Quote (layhooo3 @ Jun 10 2013 07:23am)
No I'm only putting the responses from the server actually the last quote is from Live HTTP Headers


that last quote from LiveHTTPHeaders isn't the response from the server. it's the POST being done from your browser. it even has a User Agent header, FFS.

nobody's going to be able to help you if you're unwilling to post up all the relevant data. since you have no clue what the hell you're doing, you're better off not trying to filter any of the data you're posting because your idea of what you're filtering is most likely going to be wrong. no, scratch that. it IS wrong.

This post was edited by irimi on Jun 10 2013 01:41pm
Member
Posts: 894
Joined: Aug 30 2008
Gold: 383.04
Jun 10 2013 01:56pm
I just told you it was from Live HTTP Protocol and not a response from the server... I realize the way I organized my post is convoluted, but if you're just going to insult me without putting any effort into understanding it, even trying to understand one line posts (my previous one), then your "help" is not wanted.

"No I'm only putting the responses from the server actually the last quote is from Live HTTP Headers"
Maybe I forgot a period. Here you go.
No I'm only putting the responses from the server. Actually, the last quote is from Live HTTP Headers.

Thank you Azrad. Yes, I'm "pulling it out of my ass". I just began learning this yesterday without any guidance for peet sake.. I do appreciate that amidst your insults you actually added some value to your post, however. I didn't know that they had to end in dual \r\n
"as for posting data, you do not need to initiate a stream builder to send a post request. just send it all as one packet."
This is what I'm asking how to do in my post.

EDIT: Actually maybe it's not what I was asking now that I read back. I thought you had to use input and output streams but it would be interesting to know how to go around this. Your post isn't informative on how to do it though so now I'm wondering how.
-----------


This is the full Live HTTP Headers output (The request and response, for some reason you seem to think that I think the request was the response). The point I was making is why can't I just make the same request that the Live HTTP Headers output box shows (I guess this is the request Mozilla is sending)? When I do it gives me the 302 Found error

Code
https://www.artofproblemsolving.com/Forum/ucp.php?mode=login

POST /Forum/ucp.php?mode=login HTTP/1.1
Host: www.artofproblemsolving.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://www.artofproblemsolving.com/Forum/ucp.php?mode=login&redirect=/index.php
Cookie: PHPSESSID=j7neuj0r2imvtnbhmj9pv92tona0mg09; __utma=119266009.1728699164.1370785148.1370818752.1370895313.6; __utmc=119266009; __utmz=119266009.1370802682.4.3.utmccn=(organic)|utmcsr=google|utmctr=|utmcmd=organic; __umtu=a%3A1%3A%7Bi%3A0%3Bs%3A9%3A%USERNAME%22%3B%7D; phpbb3_3oerp_u=1; phpbb3_3oerp_k=; phpbb3_3oerp_sid=1d42318661904c8d692fc9906c86a6d7; __utmb=119266009
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 107
username=USERNAME&password=PASSWORD&login=Login&sid=1d42318661904c8d692fc9906c86a6d7&redirect=%2Findex.php

HTTP/1.1 200 OK
Date: Mon, 10 Jun 2013 20:15:22 GMT
Server: Apache
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
Set-Cookie: phpbb3_3oerp_hidden=; expires=Mon, 10-Jun-2013 17:52:02 GMT; path=/; domain=.artofproblemsolving.com; HttpOnly
Set-Cookie: phpbb3_3oerp_collapsed=; expires=Mon, 10-Jun-2013 17:52:02 GMT; path=/; domain=.artofproblemsolving.com; HttpOnly
Set-Cookie: __umtu=a%3A1%3A%7Bi%3A0%3Bs%3A9%3A%USERNAME%22%3B%7D; expires=Tue, 10-Jun-2014 20:15:22 GMT; path=/; domain=.artofproblemsolving.com; httponly
Set-Cookie: phpbb3_3oerp_u=74281; expires=Wed, 10-Jul-2013 20:15:22 GMT; path=/; domain=.artofproblemsolving.com; HttpOnly
Set-Cookie: phpbb3_3oerp_k=; expires=Wed, 10-Jul-2013 20:15:22 GMT; path=/; domain=.artofproblemsolving.com; HttpOnly
Set-Cookie: phpbb3_3oerp_sid=a59cdd54ec46c5e92c9618e11aaa1a15; expires=Wed, 10-Jul-2013 20:15:22 GMT; path=/; domain=.artofproblemsolving.com; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3385
Keep-Alive: timeout=15, max=597
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8


This post was edited by layhooo3 on Jun 10 2013 02:21pm
Member
Posts: 14,133
Joined: Aug 30 2009
Gold: 454.45
Jun 10 2013 02:47pm
from abduct:

open a connection to www.artofproblemsolving.com

send this post request

Code

POST /Forum/ucp.php?mode=login HTTP/1.1\r\n
Host: www.artofproblemsolving.com\r\n
Accept-Encoding: gzip, deflate\r\n
Referer: https://www.artofproblemsolving.com/Forum/ucp.php?mode=login&redirect=/index.php\r\n
Cookie: PHPSESSID=j7neuj0r2imvtnbhmj9pv92tona0mg09; __utma=119266009.1728699164.1370785148.1370818752.1370895313.6; __utmc=119266009; __utmz=119266009.1370802682.4.3.utmccn=(organic)|utmcsr=google|utmctr=|utmcmd=organic; __umtu=a%3A1%3A%7Bi%3A0%3Bs%3A9%3A%USERNAME%22%3B%7D; phpbb3_3oerp_u=1; phpbb3_3oerp_k=; phpbb3_3oerp_sid=1d42318661904c8d692fc9906c86a6d7; __utmb=119266009\r\n
Connection: keep-alive\r\n
Content-Type: application/x-www-form-urlencoded\r\n
Content-Length: 107\r\n\r\n
username=USERNAME&password=PASSWORD&login=Login&sid=1d42318661904c8d692fc9906c86a6d7&redirect=%2Findex.php\r\n\r\n


you can send the entire post request as one giant string as long as you have placed the dual CRNL's in the right spots. there is no need for a stream builder or w/e java uses. just append it in one string and fire it at the web server.

alterntivly i would look into a class that does this for you such as this example with 'net/http' in ruby

Code

require 'net/http'

uri = URI.parse( 'http://www.artofproblemsolving.com' )
http = Net::HTTP.new( uri.host, uri.port )

request = Net::HTTP::Post.new( '/Forum/ucp.php?mode=login' )

data = 'username=USERNAME&password=PASSWORD&login=Login&sid=1d42318661904c8d692fc9906c86a6d7&redirect=%2Findex.php'

request.add_field( 'Accept-Encoding', 'gzip, deflate' )
request.add_field( 'Referer', 'https://www.artofproblemsolving.com/Forum/ucp.php?mode=login&redirect=/index.php' )

request.add_field( 'Cookie', 'PHPSESSID=j7neuj0r2imvtnbhmj9pv92tona0mg09; __utma=119266009.1728699164.1370785148.1370818752.1370895313.6; __utmc=119266009; __utmz=119266009.1370802682.4.3.utmccn=(organic)|utmcsr=google|utmctr=|utmcmd=organic; __umtu=a%3A1%3A%7Bi%3A0%3Bs%3A9%3A%USERNAME%22%3B%7D; phpbb3_3oerp_u=1; phpbb3_3oerp_k=; phpbb3_3oerp_sid=1d42318661904c8d692fc9906c86a6d7; __utmb=119266009' )

request.add_field( 'Connection', 'keep-alive' )
request.add_field( 'content-Type', 'applicaiton/x-www-form-urlencoded' )
request.add_field( 'Content-Length', data.length.to_s )
request.body = data

response = hyyp.request( request )


both the string in the above code block and this ruby code are equivilent although i prefer using an HTTP class due to the fact that it's easier to read as well as does most of the hard work for me. i very much dislike working with raw sockets unless i absolutly have to.
Go Back To Programming & Development Topic List
Add Reply New Topic New Poll