[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Strange netcat behavior

To: <allan.vanleeuwen@orangemail.nl>
Subject: RE: [Full-Disclosure] Strange netcat behavior
From: "thalm" <thalm@netcabo.pt>
Date: Fri, 17 Oct 2003 15:11:44 +0100

Yes, that is correct.
But my point is why does netcat defaults to a LF behavior (don't know if there 
is the option of sending CRLF instead of LF) and telnet defaults defaults to 
CRLF ?
 
netcat is very much used to "talk" to HTTP servers. So why does netcat does not 
use by default CRLF ?
Again, this breaks HTTP RFC rules concerning HTTP server and HTTP client 
behavior...

        -----Original Message----- 
        From: allan.vanleeuwen@orangemail.nl 
[mailto:allan.vanleeuwen@orangemail.nl] 
        Sent: Fri 10/17/2003 2:58 PM 
        To: thalm 
        Cc: 
        Subject: RE: [Full-Disclosure] Strange netcat behavior
        
        

        I could be mistaken, but isn't sending a CR optional in telnet ??
        
        
        -------------------------------------------------------------
        Microsoft Windows 2000 [Version 5.00.2195]
        (C) Copyright 1985-2000 Microsoft Corp.
        
        C:\WINNT>telnet
        
        Microsoft Telnet> SET /?
        
        NTLM            Turn ON NTLM Authentication.
        LOCAL_ECHO      Turn ON LOCAL_ECHO.
        TERM x          (where x is ANSI, VT100, VT52, or VTNT)
        CRLF            Send both CR and LF
        
        Microsoft Telnet>
        -------------------------------------------------------------
        
        
        
        
        
        -----Original Message-----
        From: thalm [mailto:thalm@netcabo.pt]
        Sent: vrijdag 17 oktober 2003 14:56
        To: full-disclosure@lists.netsys.com
        Subject: [Full-Disclosure] Strange netcat behavior
        
        
        Since netcat is a widely used network tool, this may have been discussed
        already, but since I wasn't able to found such discussion, here goes:
        
        When using netcat (Windows and Linux versions) to connect to a web 
server,
        and everytime ENTER is pressed in the command line, netcat only sends LF
        (0x0A) instead of CRLF (0x0D 0x0A).
        ex: GET / HTTP/1.0[LF][LF]
        
        when using telnet, the behavior is different:
        ex: GET / HTTP/1.0[CRLF][CRLF]
        
        Although webservers (IIS and probably Apache) don't mind such behavior 
and
        accept it (LF) as if it was CRLF, RFC 2616 clearly states that the HTTP
        Request/Response Line and HTTP Headers *MUST* be separated by a CRLF 
and not
        only by a LF.
        
        Why is there such a difference between netcat and telnet behavior?
        
        NOTE: I'm wondering if sometimes a webserver exploit works when HTTP 
"lines"
        are separated by [CRLF] and does not work when HTTP "lines" are 
separated
        only by [LF].
        This is actually the point I am refering to...
        
        Tiago Halm
        http://www.kodeit.org
        
        
        
        

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Strange netcat behavior
  - From: Dan Wilder <dan@ssc.com>
- RE: [Full-Disclosure] Strange netcat behavior
  - From: "Bill Scherr IV, GSEC, GCIA" <bschnzl@cotse.net>

Prev by Date: Re: [Full-Disclosure] SSL Filtering
Next by Date: Re: [Full-Disclosure] Strange netcat behavior
Previous by thread: RE: [Full-Disclosure] Strange netcat behavior
Next by thread: Re: [Full-Disclosure] Strange netcat behavior
Index(es):
- Date
- Thread