Overview
This is a continuation of my articles on the TCPUtil code. The origional control was designed to simplify socket communications from within a scripting environment. This time round I decided to simplify the code further by re-writing the ActiveX control that handles the socket connections to also handle connection timeouts. In a scripting context this is the most difficult aspect of socket programming, because one has to include complex tests in a script to handle the timeouts appropriately. I also wanted to obvaite the need for relying on events (which the previous version did) because this made the code unnececarily complex.
As an example of the new ActiveX control I am going to show you how simple it is to retrieve real-time currency conversion information from the XE Converter programmatically using the control.
Previous articles in this series:
Scripting Internet Connections Under Window$
Search Engine submission 'exploit'
Google 'exploit' - TCPUtil pt III
Cloaked Exploit Scanner Part I and Part II
Instantiation of the control
First compile and register the ntsa.ocx control (source is included in the zip file at the end of this tutorial). If you don't have a copy of VB6 to compile the control you can use the pre-compiled version that is also included in the zip file.
When you have compiled the control (or if you are just using the one included in the zip) you will need to register the control with regsvr32 (ie regsvr32 c:\path\ntsa.ocx where c:\path is the full path to the ocx file.)
Now the control is registered you can include it in you scripts like this:
Using the TCPUtil ActiveXCode:'Load an instance of the control Set tcputil =WScript.CreateObject("ntsa.tcputil")
Once you have an instance of the control in your script you can use the following methods to connect and send data to the server. All timouts are handled from within the control, returning control to the calling application when appropriate. Because of this the control is ideal for performing IP operations from within a scripting environment where the main battle is ensuring that your script does not terminate prematurely.
The XE Converter example scriptCode:' Set connection time out (in milliseconds) tcputil.ConnectionTimeout = 2000 ' Set time out for inactivity (in milliseconds) tcputil.GetDataTimeout = 1000 'Set the server that we wish to connect to tcputil.RemoteHost = "127.0.0.1" 'Set the port we are going to connect on tcputil.RemotePort = 80 'Attempt a connection If tcputil.IPConnect Then 'Connected sucsessfully 'Loop while connected 'This is so you can test a connection 'in a stated environment (ie pop3/smtp/etc) Do While tcputil.Connected 'Fill the read buffer with the results 'of the PostStr query tcputil.GetBuffer CStr("GET / HTTP/1.1" & VBCRLF & "HOST:www.myweb.co.uk" & vbcrlf & vbcrlf) 'Read the contents of the buffer HTML = tcputil.ReadBuffer 'Empty the buffer '(You need to do this before issuing 'further commands in a stated service) tcputil.ClearBuffer 'Close the Socket '(But you could send more if the service 'you are connecting to is stated) tcputil.IPClose 'Loop until the socket is closed Loop end if
This script is designed for use in the Windows script host. I have also included this vbs file in the zip file at the end of this tutorial. Usage is as follows:
Usage: xtcputil
[--Amount|-a] Amount to convert
[--From|-f] convert from currency
[--To|-t] Convert to currency
[--Help|/?]>Code:Dim PostStr, Pst Dim HTML Dim Amount, cFrom, cTo WScript.Echo "-- XE Converter Hack." WScript.Echo "-- by NTSA 2002" WScript.Echo "-- www.ntsa.org.uk" WScript.Echo "" 'Load an instance of the control Set tcputil =WScript.CreateObject("ntsa.tcputil") 'Check for errors if err.number > 0 then WScript.Echo "Could not create an instance of the TCPUtil control." WScript.Echo "You need to register ntsa.ocx using the regsvr32" WScript.Echo "command. (ie regsvr32 c:\path\ntsa.ocx where c:\path" WScript.Echo "is the full path to the ocx file.)",flgEcho wscript.quit end if 'Get user input from the command line Set oArgs = WScript.Arguments ArgNum = 0 While ArgNum < oArgs.Count Select Case RemoveDel(LCase(oArgs(ArgNum))) Case "amount","a": ArgNum = ArgNum + 1 amount = oArgs(ArgNum) Case "from","f": ArgNum = ArgNum + 1 cFrom = oArgs(ArgNum) Case "to","t": ArgNum = ArgNum + 1 cTo = oArgs(ArgNum) Case "help","?": DisplayUsage wscript.quit End Select ArgNum = ArgNum + 1 Wend 'Check that we have all the required parameters if isempty(Amount) or isempty(cFrom) or isempty(cTo) then 'Else quit wscript.echo "Missing parameter" DisplayUsage end if 'Output the conversion using the convert function wscript.echo amount & " " & ucase(cfrom) & " = " & convert & " " & ucase(cto) function Convert 'PST is the data we are actually posting Pst = "Amount=" & Amount & "&From=" & UCase(cFrom) & "&To=" & UCase(cTo) 'Build the string that we are going to send PostStr = "" PostStr = PostStr & "POST /ucc/convert.cgi HTTP/1.1" & vbCrLf PostStr = PostStr & "Accept-Language: en-gb" & vbCrLf PostStr = PostStr & "Content-Type: application/x-www-form-urlencoded" & vbCrLf PostStr = PostStr & "Accept-Encoding: gzip, deflate" & vbCrLf PostStr = PostStr & "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" & vbCrLf PostStr = PostStr & "Host: www.xe.com" & vbCrLf 'Set the content length according to the length of PST PostStr = PostStr & "Content-Length: " & CStr(Len(Pst)) & vbCrLf PostStr = PostStr & "Connection: Keep-Alive" & vbCrLf PostStr = PostStr & "Cache-Control: no-cache" & vbCrLf PostStr = PostStr & "" & vbCrLf PostStr = PostStr & Pst & vbCrLf & vbCrLf ' Set connection time out (in milliseconds) tcputil.ConnectionTimeout = 2000 ' Set time out for inactivity (in milliseconds) tcputil.GetDataTimeout = 1000 'Set the server that we wish to connect to tcputil.RemoteHost = "216.220.38.20" 'Set the port we are going to connect on tcputil.RemotePort = 80 'Attempt a connection If tcputil.IPConnect Then 'Connected sucsessfully 'Loop while connected 'This is so you can test a connection 'in a stated environment (ie pop3/smtp/etc) Do While tcputil.Connected 'Fill the read buffer with the results 'of the PostStr query tcputil.GetBuffer CStr(PostStr) 'Read the contents of the buffer HTML = tcputil.ReadBuffer 'Empty the buffer '(You need to do this before issuing 'further commands in a stated service) tcputil.ClearBuffer 'Close the Socket tcputil.IPClose 'Loop until the socket is closed Loop 'This is where it gets dirty - 'We want to cut a certain section 'out of the returned html with 'split commands. Dim flds If Len(HTML) > 0 Then flds = Split(HTML, "<!XERC-UCC2-P1.4-R1>") HTML = LCase(flds(1)) flds = Split(HTML, "</tr") HTML = flds(0) flds = Split(HTML, "<td") HTML = flds(6) flds = Split(HTML, "") HTML = flds(1) flds = Split(HTML, "") HTML = flds(0) HTML = Left(Trim(HTML), Len(HTML) - 4) convert = HTML Else wscript.echo "An error occured." wscript.echo "CConvert", "No data returned" End If Else wscript.echo "An error occured." wscript.echo "CConvert", "Could not connect" End If end function Sub DisplayUsage WScript.Echo "Usage: xtcputil" WScript.Echo " [--Amount|-a] Amount to convert" WScript.Echo " [--From|-f] convert from currency" WScript.Echo " [--To|-t] Convert to currency" WScript.Echo " [--Help|/?]>" WScript.Echo "" WScript.Quit (1) End Sub function RemoveDel(str) RemoveDel = replace(str,"/","") RemoveDel = replace(RemoveDel,"-","") RemoveDel = replace(RemoveDel,"--","") end function function IsEmpty(str) if str & "" = "" then isempty = true else isempty = false end if end function
Reply With Quote