1
00:00:00,410 --> 00:00:03,140
In numerous instances during penetration tests.

2
00:00:03,170 --> 00:00:10,970
We as hackers have found ourselves in situations where we urgently required a TCP client, whether it

3
00:00:10,970 --> 00:00:17,060
was to test services, send malformed data, perform fuzzing or tackle a range of other tasks.

4
00:00:17,060 --> 00:00:21,050
So the need for TCP client has been prevalent.

5
00:00:21,080 --> 00:00:27,290
However, operating within the confines of large enterprise environments often means forfeiting the

6
00:00:27,290 --> 00:00:30,140
luxury of creating our tools.

7
00:00:30,230 --> 00:00:35,080
So now we will write our code and I will explain.

8
00:00:35,090 --> 00:00:38,120
First, we will import the sockets here.

9
00:00:38,720 --> 00:00:44,030
Socket is a socket here and we will, for example, let's make the target host.

10
00:00:44,060 --> 00:00:45,800
Target host.

11
00:00:45,830 --> 00:00:50,280
Let's make the google w-w-w dot google.com.

12
00:00:50,300 --> 00:01:01,320
Of course, the port of Http is 80 target target port here is 80 http protocol.

13
00:01:01,320 --> 00:01:04,020
And now we will create a socket object.

14
00:01:04,020 --> 00:01:08,560
So client here we will socket dot socket here.

15
00:01:08,580 --> 00:01:12,030
So firstly we will here, let's try it.

16
00:01:12,030 --> 00:01:16,530
And the second first that it gets address family and then socket kind.

17
00:01:16,530 --> 00:01:17,040
Right.

18
00:01:17,040 --> 00:01:18,330
So socket.

19
00:01:19,470 --> 00:01:24,690
That a of init here and socket.

20
00:01:26,920 --> 00:01:28,690
But sock stream.

21
00:01:28,900 --> 00:01:32,230
And here then we will connect the client.

22
00:01:32,230 --> 00:01:34,720
So client dot.

23
00:01:36,520 --> 00:01:37,600
Connect.

24
00:01:39,750 --> 00:01:42,270
Connect here and now.

25
00:01:42,270 --> 00:01:47,100
Firstly, we will enter the target host and target port, right?

26
00:01:47,850 --> 00:01:50,580
And here we will send some data.

27
00:01:51,180 --> 00:02:00,480
In order to do that, we will use the client dot send method and here we will get we will enter B here

28
00:02:00,510 --> 00:02:01,350
get.

29
00:02:03,480 --> 00:02:09,930
Http and 1.1 R and n host.

30
00:02:11,800 --> 00:02:17,950
Now we will enter Google.com and after that we will inside this.

31
00:02:18,860 --> 00:02:19,450
Print.

32
00:02:19,880 --> 00:02:21,560
N r n here.

33
00:02:21,770 --> 00:02:26,960
And after that we will after sending, we will need to receive data to show print on the screen.

34
00:02:26,960 --> 00:02:27,380
Right?

35
00:02:27,380 --> 00:02:30,560
So now we will print the response.

36
00:02:30,590 --> 00:02:33,470
Response dot decode.

37
00:02:33,470 --> 00:02:35,240
And after that.

38
00:02:36,100 --> 00:02:38,110
It will add another here.

39
00:02:38,960 --> 00:02:40,580
Client that clause.

40
00:02:40,610 --> 00:02:41,480
That's it.

41
00:02:42,100 --> 00:02:46,200
So here we after that we send sending some data.

42
00:02:46,210 --> 00:02:49,450
Of course, we need to get the create this response here.

43
00:02:49,450 --> 00:02:55,870
And in order to do that, of course, we need to personally do this like that.

44
00:02:55,870 --> 00:03:00,580
And after that, getting the response from the client.

45
00:03:00,610 --> 00:03:04,570
We will open the here and now we will get the response.

46
00:03:04,570 --> 00:03:06,460
So response.

47
00:03:06,460 --> 00:03:09,040
Client client.

48
00:03:10,680 --> 00:03:13,860
Client that rests here.

49
00:03:13,860 --> 00:03:16,110
And 4096.

50
00:03:16,440 --> 00:03:17,250
That's it.

51
00:03:18,560 --> 00:03:20,270
So here, let's run this.

52
00:03:22,190 --> 00:03:24,140
And as you can see here, we got this.

53
00:03:24,140 --> 00:03:28,460
Let's actually change this to double, double, double dot.

54
00:03:29,540 --> 00:03:30,140
Auxilia.

55
00:03:30,170 --> 00:03:32,930
Com and here.

56
00:03:37,790 --> 00:03:38,150
House.

57
00:03:42,980 --> 00:03:46,520
And as you can see here, we got a bad request here.

58
00:03:47,270 --> 00:03:49,340
We have a firewall on our website.

59
00:03:49,460 --> 00:03:53,860
So to create a TCP client, we begin by initializing this.

60
00:03:53,870 --> 00:03:58,130
Actually, I'll get my pen, my pen here, and I will draw things on the screen.

61
00:03:58,720 --> 00:04:01,600
So to create a TCP client.

62
00:04:02,510 --> 00:04:05,420
We begin by initializing.

63
00:04:06,080 --> 00:04:07,550
A socket object.

64
00:04:08,210 --> 00:04:10,850
A socket object with n parameters.

65
00:04:10,880 --> 00:04:14,780
A if init and sock stream.

66
00:04:16,270 --> 00:04:29,560
And the af init parameter signifies the use of the standard IPV four ipv four protocol and the address

67
00:04:29,560 --> 00:04:30,220
or hostname.

68
00:04:30,220 --> 00:04:38,680
While the SOC stream here indicates that this is t c p protocol.

69
00:04:38,800 --> 00:04:39,640
Right.

70
00:04:39,670 --> 00:04:45,310
So and indicates that the client will operate over TCP.

71
00:04:45,520 --> 00:04:50,560
Next, we establish a connection between the client and server here.

72
00:04:50,590 --> 00:04:53,380
Connect with this code here.

73
00:04:54,940 --> 00:04:55,330
Actually.

74
00:04:55,690 --> 00:04:56,280
Yes.

75
00:04:56,290 --> 00:05:02,590
So we next we establish the connection with client and server, ensuring that they can communicate to

76
00:05:02,590 --> 00:05:04,120
send data to the server.

77
00:05:04,120 --> 00:05:10,000
We convert the we convert data into bytes by bytes and transmitted.

78
00:05:10,000 --> 00:05:14,830
So the final statement was receiving a response from the server which is here.

79
00:05:15,640 --> 00:05:20,020
So the and after that we are printing out here, right?

80
00:05:20,020 --> 00:05:23,110
So and after that we are closing that.

81
00:05:23,460 --> 00:05:28,240
So the code here provides a simple and commonly used form of TCP client.

82
00:05:28,240 --> 00:05:34,150
However, it's important to acknowledge that certain assumptions made by these quotes, this code here

83
00:05:34,150 --> 00:05:36,130
regarding sockets here.

84
00:05:36,130 --> 00:05:39,670
So firstly, it assumes that the connection will always succeed.

85
00:05:39,670 --> 00:05:45,430
Secondly, it assumes that the server expects the client to send data first, even though some servers

86
00:05:45,430 --> 00:05:48,910
may anticipate sending data to the client and the waiting a response.

87
00:05:48,940 --> 00:05:56,560
Lastly, it assumes that the server will consistently return data promptly so these assumptions are

88
00:05:56,560 --> 00:05:58,570
primarily made for the sake of simplicity.

89
00:05:58,570 --> 00:06:03,670
So while there are various approaches to handling, blocking sockets, exception handling and similar

90
00:06:03,670 --> 00:06:09,940
aspects, penetration testers often prioritize efficiency and expedience when building quick and dirty

91
00:06:09,970 --> 00:06:13,150
tools for reconnaissance or exploitation purposes.

92
00:06:13,180 --> 00:06:18,940
Consequently, in this lecture we will omit the inclusion inclusion for more advanced socket handling

93
00:06:18,970 --> 00:06:19,720
techniques.