After a hard day, I finally got it done! A windows application written in C # is used to scan 20 known vulnerabilities in asp and display the source program. In this application, two methods are used to obtain the http page. One is to directly use the httpwebrequest class, and the other is to establish a socket connection with the server through TCP/IP, directly query port 80. For this reason, I have written the following two functions. The first one is relatively simple. There is only one parameter, that is, the requested url. The other one is complex and common, you can not only request http pages, but also communicate with other ports, such as whois on Port 43, smtp on port 25, ftp on port 21, or pop3. The three parameters are host names, request commands and ports. Okay. Check the program.
// Obtain the http page Function
Private string Get_Http (string a_strUrl)
{
String strResult;
HttpWebRequest myReq = (HttpWebRequest)
WebRequestFactory. Create (a_strUrl );
Try
{
HttpWebResponse HttpWResp = (HttpWebResponse) myReq. GetResponse ();
Stream myStream = HttpWResp. GetResponseStream ();
StreamReader sr = new StreamReader (myStream, Encoding. Default );
StringBuilder strBuilder = new StringBuilder ();
While (-1! = Sr. Peek ())
{
StrBuilder. Append (sr. ReadLine () + "");
}
StrResult = strBuilder. ToString ();
}
Catch (Exception exp)
{
StrResult = "error:" + exp. Message;
}
Return strResult;
}
// Establish a TCP/IP connection with the server and send the socket command
Private string Get_Socket_Request (string a_strServer, string a_strRequest, Int32 a_intPort)
{
// Set up variables and String to write to the server
Encoding ASCII = Encoding. Default;
String Get = a_strRequest + "Connection: Close ";
// String Get =
Byte [] ByteGet = ASCII. GetBytes (Get );
Byte [] RecvBytes = new Byte [1, 256];
String strRetPage = null;
// IPAddress and IPEndPoint represent the endpoint that will
// Receive the request
IPAddress hostadd = DNS. Resolve (a_strServer.Substring (7, a_strServer.Length-7 ));
IPEndPoint EPhost = new IPEndPoint (hostadd, a_intPort );
// Create the Socket for sending data over TCP
Socket s = new Socket (AddressFamily. AfINet, SocketType. SockStream,
ProtocolType. ProtTCP );
// Connect to host using IPEndPoint
If (s. Connect (EPhost )! = 0)
{
StrRetPage = "Unable to connect to host ";
Return strRetPage;
}
// Sent the GET text to the host
S. Send (ByteGet, ByteGet. Length, 0 );
// Receive the page, loop until all bytes are stored ed
Int32 bytes = s. Receive (RecvBytes, RecvBytes. Length, 0 );
StrRetPage = strRetPage + ASCII. GetString (RecvBytes, 0, bytes );
While (bytes> 0)
{
Bytes = s. Receive (RecvBytes, RecvBytes. Length, 0 );
StrRetPage = strRetPage + ASCII. GetString (RecvBytes, 0, bytes );
}
Return strRetPage;
}
The application that scans for vulnerabilities includes the source code. I will sort it out and put it on my site. If you need it, you can download it.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
