Jump to content


Photo

GET Response?


  • Please log in to reply
13 replies to this topic

#1 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 04 October 2006 - 05:21 PM

I'm trying to access our copier at the office which tracks copy jobs, it is using post/get to send and retrieve.  I think I see how it is doing it but I need to try and figure out how to GET the information back from it.  I ran a packet sniffer on it and returned this and trying to find how I can retreive this in php or html?

***GET***
GET /acct/get_acct HTTP/1.1
Host: 192.168.100.35
Content-Type: application/xrx-acct-data
Content-Length: 0
Authorization: Basic YWNjb3VudDpqYm****==

***Response***
HTTP/1.1 200 OK
Date: Wed, 04 Oct 2006 17:35:31 GMT
Server: Webserver
Cache-Control: max-age=0, no-store
Content-Length: 3555
Content-Type: application/xrx-acct-data

4590 1 4594
Thu Jul 27 09:53:10 2006

"XRX_7665:4613"
    accounting-information = 41 4c 41 22 31 36 33 36 36
    accounting-information-avp = "XRX_USERID,ALA"
    accounting-information-avp = "XRX_ACCTID,16366"
    jba-device-name = "VDR538399 "
    job-identifier = "XRX_7665:4613"
    job-owner = "Local User"
    completion-time = 20061004113524
    job-name = "Copy Job 691"
    finishing = "none"
    job-type = copy
    lakes-number-of-images = 1
    job-copies-completed = 1
    media-sheets-completed = 1
    jba-media-block-1 = "cardstock, white, 234 X 285, 1, , 0, 1"
    jba-media-other-pages = 0
    jba-total-simplex-sheets = 1
    jba-total-duplex-sheets = 0
    jba-image-block-1 = "279 X 215, 1, , , 0, 1"
    jba-image-other-size = 0
    jba-completed-reasons = "completed-normal"
"XRX_7665:4612"
    accounting-information = 41 4c 41 22 31 36 33 36 36
    accounting-information-avp = "XRX_USERID,ALA"
    accounting-information-avp = "XRX_ACCTID,16366"
    jba-device-name = "VDR538399 "
    job-identifier = "XRX_7665:4612"
    job-owner = "Local User"
    completion-time = 20061004113456
    job-name = "Copy Job 690"
    finishing = "none"
    job-type = copy
    lakes-number-of-images = 1
    job-copies-completed = 1
    media-sheets-completed = 1
    jba-media-block-1 = "cardstock, white, 234 X 285, 1, , 1, 0"
    jba-media-other-pages = 0
    jba-total-simplex-sheets = 1
    jba-total-duplex-sheets = 0
    jba-image-block-1 = "279 X 215, 1, , , 1, 0"
    jba-image-other-size = 0
    jba-completed-reasons = "completed-normal"
"XRX_7665:4609"
    accounting-information = 41 4c 41 22 31 36 33 36 36
    accounting-information-avp = "XRX_USERID,ALA"
    accounting-information-avp = "XRX_ACCTID,16366"
    jba-device-name = "VDR538399 "
    job-identifier = "XRX_7665:4609"
    job-owner = "Aarmer"
    completion-time = 20061004113426
    job-name = "Microsoft Word - Covers.doc"
    finishing = "none"
    job-type = print
    lakes-number-of-images = 0
    job-copies-completed = 0
    media-sheets-completed = 0
    jba-media-block-1 = ""
    jba-media-other-pages = 0
    jba-total-simplex-sheets = 0
    jba-total-duplex-sheets = 0
    jba-completed-reasons = "deleted"
"XRX_7665:4608"
    accounting-information = 41 4c 41 22 31 36 33 36 36
    accounting-information-avp = "XRX_USERID,ALA"
    accounting-information-avp = "XRX_ACCTID,16366"
    jba-device-name = "VDR538399 "
    job-identifier = "XRX_7665:4608"
    job-owner = "Aarmer"
    completion-time = 20061004113416
    job-name = "Microsoft Word - Covers.doc"
    finishing = "none"
    job-type = print
    lakes-number-of-images = 0
    job-copies-completed = 0
    media-sheets-completed = 0
    jba-media-block-1 = ""
    jba-media-other-pages = 0
    jba-total-simplex-sheets = 0
    jba-total-duplex-sheets = 0
    jba-completed-reasons = "deleted"
"XRX_7665:4611"
    accounting-information = 41 4c 41 22 31 36 33 36 36
    accounting-information-avp = "XRX_USERID,ALA"
    accounting-information-avp = "XRX_ACCTID,16366"
    jba-device-name = "VDR538399 "
    job-identifier = "XRX_7665:4611"
    job-owner = "Aarmer"
    completion-time = 20061004113026
    job-name = "Microsoft Word - Covers.doc"
    finishing = "none"
    job-type = print
    lakes-number-of-images = 2
    job-copies-completed = 1
    media-sheets-completed = 2
    jba-media-block-1 = "standard, white, 216 X 279, 2, , 1, 1"
    jba-media-other-pages = 0
    jba-total-simplex-sheets = 2
    jba-total-duplex-sheets = 0
    jba-completed-reasons = "completed-normal"





#2 JaGeK

JaGeK
  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 04 October 2006 - 06:07 PM

I ran a packet sniffer on it and returned this and trying to find how I can retreive this in php or html?

I ran a packet sniffer on it and returned this and trying to find how I can retreive this in php or html?

If allow_url_fopen got the value "on", it is possible to use fopen()  and the other file functions to connect to the server, send a HTTP request and retrieve the response.

-> http://de3.php.net/m...appers.http.php

Alternatively, you can use fsockopen()  to get more control of what is done. In this case, the cURL extension or a package which allows you to perform HTTP requests (such as PEAR::HTML_Request) might be a good choice, too.

-> http://php.net/fsockopen
-> http://php.net/curl
-> http://pear.php.net/...ge/HTTP_Request

#3 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 04 October 2006 - 07:11 PM

Cool, I'll look into that. Hopefully I can get it figured out.  Thanks

Looking at the line Authorization: Basic YWNjb3VudDpqYmF****==

is the "YWNjb3VudDpqYmFzZXJ2ZQ==" a password being sent?  I don't see it sending a username


#4 JaGeK

JaGeK
  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 04 October 2006 - 07:46 PM

is the "..." a password being sent?  I don't see it sending a username


It is both: password and username encoded with base64. So, if you're going to use fsockopen(), see http://php.net/base64_encode. Otherwise, PHP will do it for you. Easily write fopen('http://user:pass@host/path') and everything should work.

Btw: If you don't want everybody to know the password used above, better remove it... ;-)

#5 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 04 October 2006 - 08:29 PM

Thanks, ok then so it is both of them encoded.  That is my problem I don't know what they are so can I decode it or pass it straight to it already encoded. 

I can remove but they'd have a tough time getting to my copier but you never know.

#6 JaGeK

JaGeK
  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 04 October 2006 - 08:35 PM

That is my problem I don't know what they are so can I decode it or pass it straight to it already encoded.


Yes, you can decode it. The username is "account" and the password "jbaserve" - doesn't sound very secret... ::)

#7 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 04 October 2006 - 08:46 PM

one more dumb question.  I can't access it directly of course I don't see a page name or anything but I see

GET /acct/get_acct HTTP/1.1
Host: 192.168.100.35

is the /acct/get_acct a directory on the webserver?  so it would be 192.168.100.35/acct/get_acct

I appreciate the help


#8 JaGeK

JaGeK
  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 04 October 2006 - 08:54 PM

is the /acct/get_acct a directory on the webserver?


Probably. Just give it a try and check whether the following retrieves the expected data.

<?php
  $contents = file_get_contents('http://account:jbaserve@192.168.100.35/acct/get_acct');
  echo $contents;
?>


#9 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 04 October 2006 - 09:02 PM

Looks like I may need to dig deeper. 

Warning: file_get_contents(http://...@192.168.1...5/acct/get_acct) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in C:\Inetpub\intranet\TestXerox.php on line 3

#10 JaGeK

JaGeK
  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 05 October 2006 - 03:14 PM

HTTP request failed! HTTP/1.1 404 Not Found

Strange. I expected it to  work, because the request PHP sends should be nearly the same as the one you've posted above.

Perhaps, there's another webserver running on a different port (your sniffer should tell you)!? Otherwise, a 404 status code seems to be inexplicable since the file/script actually exists.

Does it succeed in case of sending the sniffed request data with telnet or the like?

#11 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 05 October 2006 - 04:24 PM

I'm going to run a file monitor on the exe also but from what I remember from the sniffer it was sending to port 80 but I'll rerun.

Don't know whow to send sniffed request back to it and be able to read results.  I figured they had this tucked back somewhere in their server and I assumed since they sniffed packets didn't contain a page name it was just using a default page in that dir.

#12 JaGeK

JaGeK
  • Members
  • PipPip
  • Member
  • 20 posts
  • LocationNRW, Germany

Posted 05 October 2006 - 04:40 PM

I assumed since they sniffed packets didn't contain a page name it was just using a default page in that dir.


Don't care how they handle your request. acct/get_acct needn't to be a file or even a directory in the server's document root. But this is not of any interest.

Don't know whow to send sniffed request back to it and be able to read results.


Start a console, type telnet 192.168.100.35:80 and after that paste the sniffed request.

#13 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 05 October 2006 - 06:22 PM

This is too weird if I access from the browser at http://192.168.100.35 it works fine and opens but I cannot telnet to 80

Here is what I get from the sniffer
client server client port server port
My-Server 192.168.100.35 1467 80

When I telnet I get:
telnet 192.168.100:35:80
Connecting To 192.168.100:35:80...Could not open connection to the host, on port 23: Connect failed

You'd think this would be a bit easier but I guess the manufacturer has figured out a better way to keep me out.  Looks straight forward.

#14 barkster

barkster
  • Members
  • PipPipPip
  • Advanced Member
  • 194 posts

Posted 16 May 2007 - 04:32 PM

Well it has been 8 months since I visted this project.  I'm trying to get back into this and develop and application to resolve this.  I finally was able to go over a few things again and here are my results:

<?php
  $contents = file_get_contents('http://account:jbaserve@192.168.100.35/acct/get_acct');
  echo $contents;
?>

above failed when I tried to run it - failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in C:\Inetpub\intranet\TestXerox.php on line 3

Telneting to the webserver on port 80 and pasting the get request DID work?  Any suggestions on how to retrieve this correctly using html?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users