tags:

views:

260

answers:

3
Q: 

Socket send question

Is there any reason why this shouldn't work?

[PseudoCode]
    main() {
       for (int i = 0; i < 10000; ++i) {
          send(i, "abc", 3, 0);
       }
    }

I mean, to send "abc" through every number from 0 to 10000, aren't we passing in theory by a lot of different sockets? Most numbers between 0 and 10000 will not correspond to any socket, but some will. Is this correct?

edit: The desired goal is to have "abc" sent through every application that has an open socket.

+1  A: 

This won't work. File descriptor 0 in your process won't give you access to file descriptor 0 in some other application's process.

To answer your followup questions: Socket IDs are local to each process. They behave a lot like file descriptors -- there are many processes running at once, and of course the operating system keeps track of which process has which files open. But within each process, file descriptors 0, 1, and 2 will refer to its own, private, stdin, stdout, and stderr streams respectively. When a socket is created, the file descriptor it's assigned to is also only accessible from within that process.

Jim Lewis  2009-08-22 00:50:22
Could you explain a bit better how it does indeed work? I know that what is written in memory in one process can't be accessed (at least without Write/ReadProcessMemory) by other processes. But if for example I do hook the application that's using the socket to get the correct socket id, shouldn't it work if I tried it from mine? I mean, is the socket id local to the process (residing in its memory), or global, residing in an shared windows memory?
devoured elysium  2009-08-22 01:45:53
+2  A: 

That will never work. File descriptors are useful only within the same process (and its children).

You have to create a socket (this will get you a file descriptor you own and can use), connect it to an end point (which of course has to be open and listening) and only then you can send something through it.

For example:

struct sockaddr_in pin;
struct hostent *hp;

/* go find out about the desired host machine */
if ((hp = gethostbyname("foobar.com")) == 0) {
 exit(1);
}

/* fill in the socket structure with host information */
memset(&pin, 0, sizeof(pin));
pin.sin_family = AF_INET;
pin.sin_addr.s_addr = ((struct in_addr *)(hp->h_addr))->s_addr;
pin.sin_port = htons(PORT);

/* grab an Internet domain socket: sd is the file descriptor */
if ((sd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
 exit(1);
}

/* connect to PORT on HOST */
if (connect(sd,(struct sockaddr *)  &pin, sizeof(pin)) == -1) {
 exit(1);
}

/* send a message to the server PORT on machine HOST */
if (send(sd, argv[1], strlen(argv[1]), 0) == -1) {
 exit(1);
}

The other side of the coin is to create a listening socket (what servers do) which will receive connections. The process is similar but the calls change, they are socket(), bind(), listen(), accept(). Still, you have to create a socket to get the file descriptor in your own process and know where would you want to listen or connect to.

Vinko Vrsalovic  2009-08-22 00:53:46
Is there a way to, having a given socket id(first param of send()) of a given process, send it through my application without having to do dll injection?
devoured elysium  2009-08-22 01:31:14
So to continue the example. If you want to send "ABC" to every listening port on your machine, take that code and stick it in your loop. Only increment the PORT instead of trying to call send with an uninitialized socket. Also change "foobar.com" to "localhost", or the name of whatever machine you want to connect to. Also change the exit's to simple continues. That will loop through port 0 to 10000, attempt to connect to it, and on a successful connection send "ABC" (assuming you replace argv[1] with "ABC"). Also don't forget to close the connection: close(sd);
Daniel Bingham  2009-08-22 01:32:59
I don't want to send it to every listening port. I want to send it to an already created connection of an application X.
devoured elysium  2009-08-22 01:38:11
Then what you need is to figure out on what port is application X listening. If you do not know that and cannot find it out, you have to do what Alcon says, you have to try to connect to a lot of ports until you get the connection and then the expected answer. I don't know why do you need to connect to a specific "socket id" instead of a port. Maybe you are confusing the two terms? Or maybe you need to be more specific in your question?
Vinko Vrsalovic  2009-08-22 01:51:49
I am currently hooking an application's send() function so I can see all the info it is sending outside. Now that I understand its protocol, I'd like to use its already created socket to send my own info through that same socket.
devoured elysium  2009-08-22 01:57:04
You'd have to be in the same process space than the application you are hooking into. As we've all said file descriptors are private.
Vinko Vrsalovic  2009-08-22 06:43:12
A: 

So, based on your replies to other people...

You have program A running on your machine which has opened a socket connection to some other program B, which could be running anywhere. But neither of these programs are the one you're trying to write here. And so you want your program to be able to send data through program A's socket connection to program B.

If this is roughly what you're trying to do, then no, you probably cannot do this. At least not without dll injection to get into the process of program A.

Furthermore, even if you could find a way to send through program A's socket, you would have to know the exact details of the communication protocol that program A and B are using. If you don't, then you'll run the risk of sending data to program B that it doesn't expect, in which case it could terminate the connection, crash, or do any number of bad things depending on how it was written.

And if you are really trying to send a particular piece of data not just through a single program A but through every program on the computer with a socket connection open, then you are highly likely to encounter what I just described. Even if the data you want to send would work for one particular program, other programs are almost certainly using entirely different communication protocols and thus will most likely have problems handling your data.

Without knowing what you're really trying to achieve, I can't say whether your goal is just going to be complicated and time-consuming to accomplish or if it is simply a bad idea that you shouldn't ever be trying to do. But whatever it is, I would suggest trying to find a different and better way than trying to send data through another program's socket.

TheUndeadFish  2009-08-22 02:13:15

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS