[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <2305CFC39C15AA4896E06E5C91C509EF0381B1F8@VS2.hdi.tvcabo>
From: thalm at netcabo.pt (thalm)
Subject: Strange netcat behavior
Yes, that is correct.
But my point is why does netcat defaults to a LF behavior (don't know if there is the option of sending CRLF instead of LF) and telnet defaults defaults to CRLF ?
netcat is very much used to "talk" to HTTP servers. So why does netcat does not use by default CRLF ?
Again, this breaks HTTP RFC rules concerning HTTP server and HTTP client behavior...
-----Original Message-----
From: allan.vanleeuwen@...ngemail.nl [mailto:allan.vanleeuwen@...ngemail.nl]
Sent: Fri 10/17/2003 2:58 PM
To: thalm
Cc:
Subject: RE: [Full-Disclosure] Strange netcat behavior
I could be mistaken, but isn't sending a CR optional in telnet ??
-------------------------------------------------------------
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.
C:\WINNT>telnet
Microsoft Telnet> SET /?
NTLM Turn ON NTLM Authentication.
LOCAL_ECHO Turn ON LOCAL_ECHO.
TERM x (where x is ANSI, VT100, VT52, or VTNT)
CRLF Send both CR and LF
Microsoft Telnet>
-------------------------------------------------------------
-----Original Message-----
From: thalm [mailto:thalm@...cabo.pt]
Sent: vrijdag 17 oktober 2003 14:56
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Strange netcat behavior
Since netcat is a widely used network tool, this may have been discussed
already, but since I wasn't able to found such discussion, here goes:
When using netcat (Windows and Linux versions) to connect to a web server,
and everytime ENTER is pressed in the command line, netcat only sends LF
(0x0A) instead of CRLF (0x0D 0x0A).
ex: GET / HTTP/1.0[LF][LF]
when using telnet, the behavior is different:
ex: GET / HTTP/1.0[CRLF][CRLF]
Although webservers (IIS and probably Apache) don't mind such behavior and
accept it (LF) as if it was CRLF, RFC 2616 clearly states that the HTTP
Request/Response Line and HTTP Headers *MUST* be separated by a CRLF and not
only by a LF.
Why is there such a difference between netcat and telnet behavior?
NOTE: I'm wondering if sometimes a webserver exploit works when HTTP "lines"
are separated by [CRLF] and does not work when HTTP "lines" are separated
only by [LF].
This is actually the point I am refering to...
Tiago Halm
http://www.kodeit.org
Powered by blists - more mailing lists