Jump to content


Photo
- - - - -

HTTP Get command terminates telnet.


  • Please log in to reply
16 replies to this topic

#1 Octal

Octal

    Dangerous free thinker

  • Members
  • 886 posts

Posted 20 August 2006 - 10:52 PM

When I connect to a website using telnet, and type "get / HTTP/1.1" the telnet window closes. I hit enter twice too.

I am running ubuntu 6.06 Dapper, if that changes anything.

#2 Alk3

Alk3

    "I Hack, therefore, I am"

  • Binrev Financier
  • 1,003 posts
  • Gender:Not Telling
  • Location:312 Chi-town

Posted 20 August 2006 - 11:00 PM

Be VERY careful which web site you telnet to... Could have a bad outcome.

Alk3

#3 Octal

Octal

    Dangerous free thinker

  • Members
  • 886 posts

Posted 20 August 2006 - 11:21 PM

Be VERY careful which web site you telnet to... Could have a bad outcome.

Alk3

As in police?

Or as in, that is what is terminating the window.

#4 Perf-149

Perf-149

    Hakker addict

  • Members
  • 502 posts
  • Location:Location is key!

Posted 20 August 2006 - 11:26 PM


Be VERY careful which web site you telnet to... Could have a bad outcome.

Alk3

As in police?

Or as in, that is what is terminating the window.



As in if you don't have permission from the website you telnet to, some people can count that as a computer crime.

#5 tehbizz

tehbizz

    Progenitor of noob slaying

  • Members
  • 2,039 posts
  • Gender:Male

Posted 20 August 2006 - 11:39 PM

Once you issue the GET command, it's just going to output some of the header HTML and then close the connection, that's normal as GET is just a short command.

#6 Seal

Seal

    Not a fan of clubs.

  • Agents of the Revolution
  • 2,440 posts
  • Country:
  • Gender:Male
  • Location:Canada

Posted 21 August 2006 - 06:05 AM



Be VERY careful which web site you telnet to... Could have a bad outcome.

Alk3

As in police?

Or as in, that is what is terminating the window.



As in if you don't have permission from the website you telnet to, some people can count that as a computer crime.


But on their end, they can't tell the difference between you telnetting there, and you surfing them through Internet Explorer. This isn't accessing unauthorized ressources, but publicly released webpages. So I'm surprised to see you write that. :huh:

#7 Octal

Octal

    Dangerous free thinker

  • Members
  • 886 posts

Posted 21 August 2006 - 08:25 PM




Be VERY careful which web site you telnet to... Could have a bad outcome.

Alk3

As in police?

Or as in, that is what is terminating the window.



As in if you don't have permission from the website you telnet to, some people can count that as a computer crime.


But on their end, they can't tell the difference between you telnetting there, and you surfing them through Internet Explorer. This isn't accessing unauthorized ressources, but publicly released webpages. So I'm surprised to see you write that. :huh:

Yes, that may be, but for starting, I will get the permission from the web administrator which I do have.

Edit: Thanks tehbiz. I missed your post earlier.

Edited by Octal, 21 August 2006 - 08:27 PM.


#8 stderr

stderr

    SUP3R 31337

  • Members
  • 166 posts
  • Location:USA

Posted 22 August 2006 - 11:08 AM

When telnetting in, you could always enter in fake HTTP fields, so that it looks like a standard web
browser, instead of a telnet connection, but it's probably not a big deal... at all.

User-Agent: Mozilla/5.0

Edited by stderr, 22 August 2006 - 11:10 AM.


#9 n3xg3n

n3xg3n

    "I Hack, therefore, I am"

  • Members
  • 960 posts
  • Country:
  • Gender:Male
  • Location:(703)

Posted 22 August 2006 - 01:40 PM

type:

get / HTTP/1.1 *enter*
connection: keepalive (or keep-alive or something, i forget) *enter*
*enter*

and it wont terminate

#10 chapeau_gris

chapeau_gris

    SCRiPT KiDDie

  • Members
  • 26 posts
  • Location:Qu├ębec

Posted 22 August 2006 - 02:05 PM

Be VERY careful which web site you telnet to... Could have a bad outcome.


There is nothing wrong with telnetting to port 80 on a WebServer and interacting with the web server.

There could be a bad outcome if the telnet port was left open on the webserver and you happen to use it for malicious activity.

#11 n3xg3n

n3xg3n

    "I Hack, therefore, I am"

  • Members
  • 960 posts
  • Country:
  • Gender:Male
  • Location:(703)

Posted 23 August 2006 - 09:10 AM

a web browser connects to the server in almost exactally the same way telnet does, except that it is automated to fill in forms and get the data to interpret, no computer crime here telnet away

#12 Octal

Octal

    Dangerous free thinker

  • Members
  • 886 posts

Posted 23 August 2006 - 09:28 AM

type:

get / HTTP/1.1 *enter*
connection: keepalive (or keep-alive or something, i forget) *enter*
*enter*

and it wont terminate

That helped, but both of them still terminated the telnet window. I'm going to search around for articles about this though.

#13 replax

replax

    Hakker addict

  • Members
  • 505 posts

Posted 23 August 2006 - 02:47 PM

It is within the HTTP 1.1 standard that all clients must supply a host field in the headers. This allows one server to host multiple websites in a virtualhost. Otherwise every single domain would need its own IP, that would get old fast. If you're not supplying one then you're giving an invalid request which may or may not be completely ignored. Also in HTTP 1.1 all connecetions are assumed to be keep-alive unless stated otherwise.

Here's a full set of headers based on my default firefox ones that I have used in php

$host would be the domain and $path would be the URI of the specific page you want to request.

$out = "GET " . $path . " HTTP/1.1\r\n"
				. "Host: " . $host . "\r\n"
				. "Connection: Close\r\n"
				. "Accept: text/xml,application/xml,application/xhtml xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\n"
				. "Accept-Language: en-us,en;q=0.5\r\n"
				. "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n"
				. "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6\r\n";


#14 rEph

rEph

    mad 1337

  • Members
  • 145 posts
  • Location:Huntsville, AL

Posted 23 August 2006 - 04:04 PM

first, make sure when you're telnetting to a webserver you mean THE webserver ie address:80 and not simply the URI/IP that points to the server itself....cos then it'd be just corky and get wouldn't work anyhow.

That being said; whatever telnet application you are using sounds like it closes the window automagically when it closes off connection, try using the consol version of telnet as the "window" will remain open even when the connection is severed.

As far as law is concerned you needn't any permission, by running a webserver they have given implicit agreement to your accessing their system ON port 80 for the purpose of retrieving the files related to the site, html, php output, etc. so you needn't get any permission, they won't know the difference, if this was a cause for legal action google's proprieters would be in a deep dark dungeon, cos google surely doesn't use IE to access webservers ;p....

Edited by rEph, 23 August 2006 - 04:05 PM.


#15 Alk3

Alk3

    "I Hack, therefore, I am"

  • Binrev Financier
  • 1,003 posts
  • Gender:Not Telling
  • Location:312 Chi-town

Posted 23 August 2006 - 05:25 PM

first, make sure when you're telnetting to a webserver you mean THE webserver ie address:80 and not simply the URI/IP that points to the server itself....cos then it'd be just corky and get wouldn't work anyhow.

That being said; whatever telnet application you are using sounds like it closes the window automagically when it closes off connection, try using the consol version of telnet as the "window" will remain open even when the connection is severed.

As far as law is concerned you needn't any permission, by running a webserver they have given implicit agreement to your accessing their system ON port 80 for the purpose of retrieving the files related to the site, html, php output, etc. so you needn't get any permission, they won't know the difference, if this was a cause for legal action google's proprieters would be in a deep dark dungeon, cos google surely doesn't use IE to access webservers ;p....


Thanks for everyone's replies... I know I didnt create this thread, but it is very informing. :devil:

Edited by Alk3, 23 August 2006 - 05:26 PM.


#16 DarkCow

DarkCow

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 18 posts

Posted 26 August 2006 - 07:09 PM

From what you're doing, it sounds like you're running telnet directly.
Try doing "Start > Run > cmd" first, then doing "telnet servername 80". Normally, once it's got the web page, telnet exits, and if you had it running standalone, then the window would also close. Running it from under cmd means that when it exits, you can still see everything.

#17 tehbizz

tehbizz

    Progenitor of noob slaying

  • Members
  • 2,039 posts
  • Gender:Male

Posted 26 August 2006 - 07:23 PM

From what you're doing, it sounds like you're running telnet directly.
Try doing "Start > Run > cmd" first, then doing "telnet servername 80". Normally, once it's got the web page, telnet exits, and if you had it running standalone, then the window would also close. Running it from under cmd means that when it exits, you can still see everything.


I think you missed the part about the parent running UBUNTU and not Windows.




BinRev is hosted by the great people at Lunarpages!