HTTP Protocol
The web is run on port 80. You are probably wondering what "port 80" is, right (whether you actually are or not is irrelevant)? Well, the answer is easy (not really). See, the Internet and the web are different. The Internet is the infrastructure (ie the physical wires, the server hardware, etc) and the web is the ideas and the software. I say ideas because before the web the Internet was a mess of wires and powerful computers using POP3 and SMTP for communication, FTP for file transfer, and TELNET for remote shell access, among others. Then the web came along, and Internet use spread to the home and all across the world. See, in plain terms, a web server broadcasts HTML to all connected clients on port 80, so port 80 is the "HTTP port." HTTP is the protocol, or set of standards for port 80 and its software. The client software is your browser, (ie probably Internet Explorer but hopefully Firefox), and the server is something like Apache or IIS(uug). This relates to hacking, as you will see later, but first you need to know more about HTTP. (the spaces before the < & > are put in so this isnt thought of as HTML)
< html >
< body >
< img src="image.png" >< br >
< div align="center" >text< /div >
< /body >
< /html >
If Apache is serving that, and Firefox picks it up, It will replace the < img src... etc with the image found at image.png relative to the working directory of the page requested, (ie ./, current dir), and the < div... is turned into text printed in the middle of the page. Since the code is processed from top to bottom, the br means that the browser should skip down one line and start the rest from there. The top two and bottom two lines tell the browser what part of the page it is reading. You migh have noticed the < /div >, the < /body >, etc. They "close" the tag. Tag is a term for anything in s, and they must be opened (ie introduced) and closed (ie < /tag >). If you want to learn HTML tagging, just head over to our close friend Google and do a search.
Since you haven't gotten to the programming section, and currently I have not even wrote it, I will show you a web server example in the simplest form I can think of that will work on any OS you are currently using. So the obvious choice is JAVA:
import java.net.*; import java.io.*; import java.util.*;
public class jhttp extends Thread {
Socket theConnection;
static File docroot;
static String indexfile = "index.html";
public jhttp(Socket s) {
theConnection = s;
}
public static void main(String[] args) {
int thePort;
ServerSocket ss;
// get the Document root
try {
docroot = new File(args[0]);
}
catch (Exception e) {
docroot = new File(".");
}
// set the port to listen on
try {
thePort = Integer.parseInt(args[1]);
if (thePort < 0 || thePort > 65535) thePort = 80;
}
catch (Exception e) {
thePort = 80;
}
try {
ss = new ServerSocket(thePort);
System.out.println("Accepting connections on port "
+ ss.getLocalPort());
System.out.println("Document Root:" + docroot);
while (true) {
jhttp j = new jhttp(ss.accept());
j.start();
}
}
catch (IOException e) {
System.err.println("Server aborted prematurely");
}
}
public void run() {
String method;
String ct;
String version = "";
File theFile;
try {
PrintStream os = new PrintStream(theConnection.getOutputStream());
DataInputStream is = new DataInputStream(theConnection.getInputStream());
String get = is.readLine();
StringTokenizer st = new StringTokenizer(get);
method = st.nextToken();
if (method.equals("GET")) {
String file = st.nextToken();
if (file.endsWith("/")) file += indexfile;
ct = guessContentTypeFromName(file);
if (st.hasMoreTokens()) {
version = st.nextToken();
}
// loop through the rest of the input li
// nes
while ((get = is.readLine()) != null) {
if (get.trim().equals("")) break;
}
try {
theFile = new File(docroot, file.substring(1,file.length()));
FileInputStream fis = new FileInputStream(theFile);
byte[] theData = new byte[(int) theFile.length()];
// need to check the number of bytes rea
// d here
fis.read(theData);
fis.close();
if (version.startsWith("HTTP/")) { // send a MIME header
os.print("HTTP/1.0 200 OKrn");
Date now = new Date();
os.print("Date: " + now + "rn");
os.print("Server: jhttp 1.0rn");
os.print("Content-length: " + theData.length + "rn");
os.print("Content-type: " + ct + "rnrn");
} // end try
// send the file
os.write(theData);
os.close();
} // end try
catch (IOException e) { // can't find the file
if (version.startsWith("HTTP/")) { // send a MIME header
os.print("HTTP/1.0 404 File Not Foundrn");
Date now = new Date();
os.print("Date: " + now + "rn");
os.print("Server: jhttp 1.0rn");
os.print("Content-type: text/html" + "rnrn");
}
os.println("< HTML >< HEAD >< TITLE >File Not Found< /TITLE >< /HEAD >");
os.println("< BODY >< H1 >HTTP Error 404: File Not Found< /H1 >< /BODY >< /HTML >");
os.close();
}
}
else { // method does not equal "GET" if (version.startsWith("HTTP/")) { // send a MIME header os.print("HTTP/1.0 501 Not Implementedrn"); Date now = new Date(); os.print("Date: " + now + "rn"); os.print("Server: jhttp 1.0rn"); os.print("Content-type: text/html" + "rnrn"); }
os.println("< HTML >< HEAD >< TITLE >Not Implemented< /TITLE >"); os.println("< BODY >< H1 >HTTP Error 501: Not Implemented< /H1 >< /BODY >< /HTML >"); os.close(); }
}
catch (IOException e) {
}
try { theConnection.close(); }
catch (IOException e) { }
}
public String guessContentTypeFromName(String name) { if (name.endsWith(".html") || name.endsWith(".htm")) return "text/html"; else if (name.endsWith(".txt") || name.endsWith(".java")) return "text/plain"; else if (name.endsWith(".gif") ) return "image/gif"; else if (name.endsWith(".class") ) return "application/octet-stream"; else if (name.endsWith(".jpg") || name.endsWith(".jpeg")) return "image/jpeg"; else return "text/plain"; }
}
I learned the basics of JAVA web server programming from "JAVA Network Programming" by Elliotte Rusty Harold. Now you don't need to know JAVA to be able to understand that, even though it might not seem like that at first. The important thing to look for when examining the code it the os.print("") commands. There is nothing fancy being used to get the data to the browser, you don't have to mutate the data, its sending plain HTML via a simple command. The plain and simple truth is that the browser is doing the majority of the difficult stuff, when speaking about this simple server. But in complicated servers there is server-side scripting, etc. Webs are much more complicated than just a simple server and Internet Explorer, such as Flash and JAVA Applets (run on clients machine in browser) and server-side stuff like PHP and PEARL (displayed on clients browser as plain HTML but executed as scripting on the server). T
he code above is a good way to learn the HTTP standards, even though the program itself ignores most of the regulations. The web browser not only understands HTML but also knows that incoming connection starting with 404 means that the page is missing, etc. It also knows that when "image/gif" is returned the file is an image of type gif. These are not terms the stupid server made up. They are web standards. Generally speaking, there are two standards. There is the w3 standard (ie the real standard based on the first web servers and browsers) and the Microsoft standard (ie the Internet Explorer, IIS and NT standards). The standards are there so anyone can make a server or client and have it be compatible with (nearly) everything else.
Hiding your Connection
If you have a copy of Visual Basic 6, making a web browser is easy, thanks to Winsock and the code templates included, so I will not put in an example of that. Instead I will explain cool and potentially dangerous things you can do to keep yourself safe. I know those words put together doesn't make sense (ie potentially dangerous and safe), but you will see in a moment. I'm talking about PROXIES. (anonymous proxy servers, to be exact). You connect to the internet on port 80 through the proxy server, thus hiding your real IP. There are many obvious applications for this, but it is also the only really potentially dangerous thing so far, so I will restate what I have written at the top: Whatever you do with this info is your responsibility. I provide information and nothing more. With that said, there is nothing illegal about using an anonymous proxy server as long as it is free and you are harming no one by using it. But if you think you are completely safe using one, you are deadly wrong. They can simply ask the owners of the proxy what your IP is if they really want to find you. If you join a high anonymous server, the chance of them releasing your IP is pretty low for something like stealing music, but if you do something that would actually warrant jail time, they probably will be able to find you. www.publicproxyservers.com is a good site for finding these servers.
The last trick related to web servers and port 80 is a simple one. First, find a free website host that supports PHP and use the following code:
If the address of this file is http://file.com/script.php, to download the latest Fedora DVD you would go to the following address: http://file.com/script.php?destfile=linuxiso.org/download.php/611/FC3-i386-DVD.iso &password=passwd
You can change "passwd" to whatever password you want. This will make any onlookers think you are connected to http://file.com. You are still limited to the speed of your connection, but you are using the bandwidth of the web host
Whatever you do with the above information is solely your responsibility.
Mike Vollmer --- eblivion
http://eblivion.sitesled.com
IntroductionMac OS X is the most technologically advanced operating system... Read More
Below you will find some useful information and comments about... Read More
The battle is heating up for market share, home movie... Read More
Feeling overwhelmed in selecting a new TV? With all the... Read More
I got my eyes set on a iPod mini, as... Read More
You use Ctrl+Alt+Del to see what's running on your PC,... Read More
Heading off on vacation soon?Then perhaps you're tempted to take... Read More
Time is money. And when you constantly have to divide... Read More
OK, so you caught a computer virus and your system... Read More
Music lovers have been carrying around radios and other bulky... Read More
BIOS - Basic Input Output SystemThe central processing unit of... Read More
Have you ever thought about building your own computer system?... Read More
This is not your typical lost data story. I was... Read More
Cookies, not the kind that Mom makes, but the computer... Read More
I have a love-hate relationship with my computer.In fact, often... Read More
Are you thinking of buying an Apple iPod? Or have... Read More
HTTP ProtocolThe web is run on port 80. You are... Read More
In the first part of this home lab tutorial, CCNA... Read More
Yes, it's true. You may have inadvertently invited a spy... Read More
I met an entrepreneur who hole heartedly disagree with an... Read More
Simone is exasperated. She has to work on her university... Read More
You don't have to fork out $250 for a super-diggy-whizbang... Read More
In this era of Internet, most people are frequent users... Read More
With the new technology used to transfer information to from... Read More
The best way to get the gaming computer that you... Read More
O'Hare Chicago prom limo ..The Internet can be a dangerous place.While you're enjoying the... Read More
ASR (Automated System Recovery) is a feature available on the... Read More
If you ask most people what frustrates them most about... Read More
For six years, my Samsung PC 13.8 inch SyncMaster conventional... Read More
"Automated Testing" is automating the manual testing process currently in... Read More
A computer needs a certain amount of information to operate;... Read More
If you have a computer for home use or for... Read More
Enhanced Definition Television ? also known as EDTV ? is... Read More
When browsing the internet you are likely to come across... Read More
In Windows Xp, you can install two operating systems on... Read More
Tech support tells me to type 'regedt32' as opposed to... Read More
JPEG, GIFF/JIFF, BMP, and TIFF are the most commonly used... Read More
Nothing is worse than having to negotiate all kinds of... Read More
World War II - Germany decided to attack Poland. Poland... Read More
About mail-mergingMail-merging is the process of merging variable data and... Read More
How long do you think DVDs have around? 20 years?... Read More
In my humble opinion nothing makes a long trip easier... Read More
The following practice, if done regularly, may help you to... Read More
Millions have enjoyed recorded music since 1877 when Thomas Edison... Read More
1. Let your PC boot up completely before opening any... Read More
CCNAs and CCNA candidates hear it all the time: ???Get... Read More
Occupational Therapy Made EasierMedical downloads for the pda have improved... Read More
Unless you place your faith in internal search engine software... Read More
Most people download and save so much information on their... Read More
We have just entered the time of year that most... Read More
Personal Technology |