0

So I have an apache web server installed on a vm. I want to write a simple script that will get the home page of the website using a socket. I was able to do it without ssl, but I recently installed ssl and thought I should try using the ssl version. This is the code I have, based off of another question Opening a SSL socket connection in Python

import socket, ssl
s = socket.socket()
wrappedSocket = ssl.wrap_socket(s)
wrappedSocket.connect(('127.0.0.1', 443))
wrappedSocket.sendall(
    'GET / HTTP/1.1\r\n'
    'Host: vulnerable\r\n'
    'User-Agent: sslsocket.py\r\n'
    'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
    'Accept-Language: en-US,en;q=0.5\r\n'
    'Accept-Encoding: gzip, deflate\r\n'
    'Connection: keep-alive\r\n'
    '\r\n'

)
ans = wrappedSocket.recv(4096)
print ans

The script keeps on running and never outputs anything. Upon further debugging, I found out it breaks on the connect() function call, but am unable to figure out why it happens.

Edit- After some help in the comments, I realised that the domain name is 127.0.1.1. However, now I get the HTTP headers as output, but it doesn't actually give me the HTML of the page. What is wrong this time?

Community
  • 1
  • 1
chilliefiber
  • 571
  • 2
  • 7
  • 18
  • 1
    what is the error code ? – AlokThakur Feb 13 '16 at 15:11
  • @AlokThakur thanks for commenting! There is no error code unfortunately which is just pissing me off, all I get is a blank output and the program runs forever :( I'm really stuck, I debugged by putting each logical line of code in the terminal by typing python and then running the code and when I type `wrappedSocket.connect(('127.0.0.1', 443))` it runs forever and never outputs anything any idea? – chilliefiber Feb 13 '16 at 15:17
  • 1
    You have verified that connecting with a browser/curl to https://127.0.0.1:443 works as expected? To me it sounds like the TCP connection succeeds, but the SSL handshake hangs waiting for input from the server. – Henrik Gustafsson Feb 13 '16 at 15:18
  • @HenrikGustafsson I'm checking on that, I assumed it was my code that was wrong thanks for the tip I believe it might be that. – chilliefiber Feb 13 '16 at 15:26
  • @HenrikGustafsson you are right, I'm having issues with server configuration (namely, pid conflicts, what ever that is. I know how to fix them and am researching how to prevent them) and apparently it switched from 127.0.0.1 to 127.0.1.1 as the domain name :) Now it connects, but it only gives me half the message. – chilliefiber Feb 13 '16 at 15:32
  • Why don't just use requests? – Ashalynd Feb 13 '16 at 15:44
  • @Ashalynd learning purposes – chilliefiber Feb 13 '16 at 16:30

1 Answers1

2

It seems liike you're really close, and Henrik has already addressed the issues about your connection.

If you are only recieving half of the message, it is probably due to the limit you put on recv. Try increasing that, or using the makefile method so you don't have to worry about the limit.

Edit: To show what makefile is and can do.

my_socket = socket.socket()
my_socket_input = my_socket.makefile('r')
my_socket_output = my_socket.makefile('w')

These new tools make doing things much simpler, as if you were writing and reading to a file. With your new socket_input variable, you can call methods like readline, and with socket_output, you can call methods like write.

some_text = my_socket_input.readline()

One of the details you don't need to worry about your is the buffer size on recv, as the makefile handles that for you

David Jay Brady
  • 1,034
  • 8
  • 20