Search
Left Quote    You have to THINK anyway, so why not think BIG?
- Donald Trump    
Right Quote
 
[login] | [Register]
 

Coding a Webserver

by: Common Exploit
Page: 1 of 4
(View All)

Introduction



In this tutorial I am going to be describing how to build a basic web server application. To be more precise, an application that listens on a TCP/IP port, authenticates incoming connections and serves data to authenticated clients. The code examples given below were written in VB6. I have tried to pick a simple case study for this article, but with a little work you can add all sorts of whistles and bells once you have the basic theory.


The 'Log Server' case study.

I have a control called TRON. TRON sits beneath all the other controls in my toolkit with the sole purpose of accepting debugging data from controls above it and outputting that data in some way so I can view it. That might be direct to screen or console, or appended to a text file for later examination.

I also wanted my TRON control to provide data to a basic web server. This basic web server would serve debugging information to developers working on any software that includes the TRON control. My web server app would then allow me (and other developers) to telnet into the box and see debug information in real time. I also wanted multiple clients to be able to connect simultaneously and for connecting clients to be authenticated prior to receiving any debug information.


How does it work?

I used 2 MSWinsock controls, one called WSock to handle incoming requests on port 255 from clients wishing to view debug information and one called PLink for TRON to send debug information on port 1. The PLink Winsock control accepts data sent to it on port 1 from my TRON control and relays that information to each of the connected and authenticated clients. Of course your firewall should be set to disallow incoming connections on port 1, because the connections to PLINK are not authenticated. Data sent to a PLink socket simply adds itself to the buffer value in the Log Server, which is then relayed to authenticated clients.

For the internal communications on the local machine between TRON controls and the Log Server I could have used DDE (I'm showing my age here) or Dynamic(?) Data Exchange that provides an async methodology for communication between running programs. However my TRON control is in fact an ActiveX component and DDE does not work from within ActiveX.

Creating the project

In VB6 you will need:
  • 1 Form
  • 1 Module

Under the components menu add a reference to MS Winsock. Place 2 Winsock controls on the form and call them WSock and PLink. Set the index of both the Winsock controls as 0 (so that they are instantiated as an array and we can load new instances of them at runtime). Now add a timer control called timer to the form and set the interval to 250 and enabled to false. When we receive incoming data from a PLink socket (i.e. from TRON) the timer is activated. The code for the timer event distributes the incoming data from the buffer to authenticated clients. A DoEvents command in the timer code allows new data to be added to the buffer as it arrives.


In the module add the following code:


Our tState type allows us to set the mode for our connection and deal with incoming/outgoing data accordingly - we don't want to send log data to a client unless their connection state is authenticated. We also need to know what information we expect next from the client. We also want to have a command set for authenticated and unauthenticated connections. Because our connection has a state we would refer to this a 'Stated Service'. FTP, SMTP and POP3 all fall into the category of Stated services. HTTP on the other hand is a stateless service, in that it records no information about the user from connection to connection and closes the connection when it finishes sending the requested data. Therefore all client data has to be stored on the client, which is why we need to use cookies (or variant thereof) with HTTP.

This Type Connection declares the properties of a connection, and includes a value for the connection state, as defined by the tState type. In our web server we are going to assign a connection to each client that logs into port 255. In our main code the CN array holds an array of connections that we can use to access the properties for each connection at runtime.

The Log Server Code

Add the following code to your form. The internal documentation is (for me) quite good so the code should be quite readable.


code:


Running the code

Once you have a complied version of the above up and running you will want to log into your new web server. to do that we telnet to the IP of the machine the log server is running on (e.g. 127.0.0.1) with netcat or similar telnet app. We get a log in screen that should look something like this:


quote:

==================================================
Log Server v1.0 by Simon Barnett.
Connected to Log Server at 03/10/2002 10:14:34 AM
Your Connection ID is: 4
There are currently : 3 sessions open.
==================================================

Now we log in (in the same format as a pop3 login) using the format: quote:
user username
pass password

If our login validates (in the code above the ValidPassword function should be linked to a password list) then the client sees:

quote:
Authenticated.

Now that the connection has been authenticated any information sent to the log server by a TRON control will be relayed to the client. For example when a program references an c:test.ini file to find the value of color for the fruit.apple key the following debugging messages are relayed to TRON. TRON send the messages on port 1 to the Log Server and the Log Server distributes the following data to the clients on port 255:

quote:



To test the Log Server you can telnet into port 1 and poke data into the log buffer. It will be relayed to authenticated clients connected on port 255.


Conclusion

Maybe it's just me - but I thought that was kinda neat Till next time - look both ways and don't talk to strangers.

by: Common_Exploit

1  |  2  |  3  |  4  |  
Next »


No Comments for this page.

You Must be logged in or a member to comment.


Tutorial Stats

Tutorial Stats

19,770 Views
0 Total Comments
0 Rating of 5 ( Votes)

Options

Tutorial Options

· Login to Rate This Article
· Login to Post a Comment
· Read more by this author
Digg This Article! Del.icio.us: Bookmark This Article Reddit: Bookmark This Article BlinkList: Blink This Article! YahooMyWeb BlogMarks: Add This Mark! Furl: Save This Article Spurl: Mark This Article

Articles

Related    

· Getting Started with VB 6.0
· Using Crystal Reports in VB
Your Article Here



"AllSyntax.com" Copyright © 2002-2018; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank