Warning
This page is located in archive.

Network protocols, demo

Wireshark rules tcp.port == 110 or tcp.port == 995
TcpDump tcpdump -A -i eth0 port 110 or port 995

HTTP

Hypertext Transfer Protocol

Describe what happens if you enter 'www.google.com' into the browser (DNS, TCP, HTTP).

 telnet <host> <port>
 telnet www.google.com 80

HTTP 1.0

Pozn.: Napriklad stranku google.com ziskame cca po dvou redirectech:

$ telnet www.google.com 80
GET /
✔
HTTP/1.0 302 Found
Location: http://www.google.cz/?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw
====================================================================
$ telnet www.google.cz 80
GET /?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw
✔
HTTP/1.0 302 Found
Location: http://www.google.cz/?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw&gws_rd=cr                                                                    
Set-Cookie: NID=91=DJn6ORMbM...EjgF91g4f; expires=Thu, 01-Jun-2017 14:23:15 GMT; path=/; domain=.google.com; HttpOnly
====================================================================
$ telnet www.google.cz 80
GET /?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw&gws_rd=cr
✔
HTTP/1.0 200 OK
https://www.google.com/support/accounts/answer/151657?hl=en for more info."
Set-Cookie: NID=91=prZTYHBooV5O...tKu_yHeJy; expires=Thu, 01-Jun-2017 14:26:02 GMT; path=/; domain=.google.com; HttpOnly

<!doctype html ...

HTTP 1.1

 GET / HTTP/1.0
 Host: www.asistech.cz
 <EOL>

HTTPS

openssl s_client -connect www.google.com:443

E-mail protocols

SMTP

Simple Mail Transfer Protocol

$ telnet smtp.example.com 25
HELO cvut.cz
EHLO cvut.cz #variant

----------
HELP
MAIL FROM:
RCPT TO:
DATA
   Subject: ....
   ...
   ...
.
HELP
----------------
QUIT

POP3

Post Office Protocol, v. 3

Wireshark: tcp.port==110 and tcp.port==995

$telnet pop3.seznam.cz 110
USER ...
PASS ...
NOOP
STAT
LIST
RETR 1
TOP 1 5 #5 lines from the 1st  msg
QUIT

POP3s

 $ openssl s_client -connect pop3.seznam.cz:995

IMAP

Internet Message Access Protocol

 $ telnet imap.seznam.cz 143
 

//remember session indicator
CAPABILITY
LOGIN <user> <pass>
EXAMINE INBOX
LIST "" INBOX
SEELCT INBOX
SEARCH unseen
FETCH "1:*" FLAGS
FETCH 1 Body[TEXT]
FETCH 1 UID
FETCH 1 FULL
UID SEARCH ALL
UID FETCH <UID> body.peek[header]
UID SEARCH UNSEEN
LOGOUT

also: uid_copy, uid_store, expunge

IMAP/SSL

 $ openssl s_client -connect imap.seznam.cz:995

FTP

File Transfer Protocol

Active Mode

(Client must have a public IP Address)

$ telnet ftp.cvut.cz 21
HELP
530 Please login with USER and PASS.

USER anonymous
PASS none@example.com
230 Login successful.

LIST
425 Use PORT or PASV first.

PORT 147,32,84,225,4,0

  > (in other terminal)
  > (PORT = 4*256+0 = 1024)

  > $ netcat -l -p 1024

LIST

Passive Mode

... (dtto)

PASV
227 Entering Passive Mode (147,32,160,17,193,213)

  > # PORT = 193*256 + 213 = 49408 + 213 = 49621
  > $ telnet 147.32.160.17 49621

LIST
150 Here comes the directory listing.
226 Directory send OK.

  > lrwxrwxrwx    1 0        0              18 May 27  2008 debian -> mirrors/debian.org
  > lwrxrwxrwx ...

courses/ae4b33oss/net_proto_demo.txt · Last modified: 2016/12/01 08:57 by bursam