Menu
Home
Log in / Register
 
Home arrow Computer Science arrow Understanding Network Hacks
< Prev   CONTENTS   Next >

3.8 Exceptions

Exceptions treat as the name implies exceptions such as a full hard disk, unavailable file or a broken network connection, but also errors like SyntaxError (misuse of the languages grammar), NameError (you tried to call an unavailable attribute) or ImportError (importing a module or function from a module that doesn't exist).

When an exception doesn't get caught by your program code it will be presented to the poor fellow that is sitting before the screen. It describes the cause, the exact place it occurred and the call stack that led to it. As a programmer such a stack trace is of great importance to identify and fix the error, but you should avoid presenting it to the user and therefore try to catch common exceptions especially if you could react on them like trying to reconnect after a short timeout if the network wasn't reachable. To catch an exception you use a try/except block around the code that might throw the expected exception. The name of the exception follows the except keyword and afterwards comes the code that gets executed in a case of failure.

try:

fh = open("somefile", "r")

except IOError:

print "Cannot read somefile"

3.9 Regular Expressions

With the aid of regular expressions you are able to express complex search as well as search and replace patterns. They can be a curse and mercy at the same time, because its quite easy to construct such unreadable complex patterns that introduce a security risk or cannot be debugged by normal mankind, but if you master them and keep it simple they are a very cool tool.

So how do regular expressions work in Python? First of all you need to import the module re that among others provides the two functions search and sub. Search as the name implies serves to search for something and sub to replace something. Here is an example:

>>> import re

>>> test="<a href='datenterrorist.de'>Click</a>"

>>> match = re.search(r"href=['"](.+)['"]", test)

>>> match.group(1) 'datenterrorist.de'

The above example shows how quick a regular expression can get harder to read, but let's face it line by line. After importing the re module we declare the variable test that includes a HTML link as string.

In the next line we use a regular expression to search in the variable test for something that follows the keyword href, an equal sign and stands between either single or double quotes.

Round paranthesis form a group. The search function returns a matching object with the method group and the index of the group so group(1) or group(2) returns the first or the second content of a group, but only if the regular expression did match. You can give a group a name and use that rather than the index number. To see an example please point your browser at docs.python.org/library/re.html.

The expression inside of the round parenthesis .+ defines that anything (.) must appear at least one time till indefinitely (+).

An overview over the most important expressions and their meaning can be found in Table 3.1.

Now let's search and replace the link with springer.com.

>>> re.sub(match.group(1), "springer.com", test, re.DOTALL | re.MULTILINE)

"<a href='springer.com'>Click</a>"

Table 3.1 Regular expressions

Character

Meaning

.

Any character

d

Only digits

D

Everything except digits

w

Alphabetic characters and special signs

W

All except alphabetic characters and special signs

s

Space and tabulator

[a-z]

A character from the list a-z

*

The prepending character or expression can occur zero to one times

+

The prepending character or expression can occur one to unlimited times

?

The prepending character or expression must occur zero to one times

1, 4

The prepending character or expression must occur one to four times

Voila the only difference is the usage of the sub function together with the two options re.DOTALL and re.MULTILINE. Normally you wouldn't need them for this easy example, but they are so commonly used that they should be mentioned here. re.DOTALL takes care that the . operator matches all characters including newlines and thanks to re.MULTILINE the expression can spread more than one line.

3.10 Sockets

Sockets are the operating system interface to the network. Every action you take in a network (and not only in the TCP/IP universe) sooner or later passes through a socket into kernel space. Most application programmers nowadays use quite high leveled libraries that hide the low level socket code from their users and most of the time you wont need to directly program with sockets, but hey this is a network hacking book isn't it? Therefore we must play with the lowest layer the kernel provides us :)

To keep the example as simple as possible but to write both server and client code let us program an echo server that just sends back every bit of information it receives.

1 #!/usr/bin/python

2

3 import socket

4

5 HOST = 'localhost'

6 PORT = 1337

7

8 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

9 s.bind((HOST, PORT))

10 s.listen(1)

11

12 conn, addr = s.accept()

13

14 print 'Connected by', addr

15

16 while 1:

17 data = conn.recv(1024)

18 if not data: break

19 conn.send(data)

20

21 conn.close()

The method socket.socket(socket.AF_INET, socket.SOCK_STREAM) creates a new TCP socket, binds it to the IP of localhost and port 1337 with the help of the method bind(). The function accept() waits until someone connects and returns a new socket to that client and its IP address.

The following while loop reads 1024 byte by using recv() as long as there is data on the socket and sends it back to the client by applying the function send(). If there isn't any data left on the socket the loop will stop and the socket gets cleanly disconnected and closed by calling close() on it.

To test the functionality of our echo server of course we also need a client. You could just lazily use the famous network swiss knife GNU-Netcat (netcat. sourceforge.net) or join the fun in quickly coding it on your own. As this is a introduction you should of course choose the last option.

1 #!/usr/bin/python

2

3 import socket

4

5 HOST = 'localhost'

6 PORT = 1337

7

8 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

9 s.connect((HOST, PORT))

10

11 s.send('Hello, world')

12 data = s.recv(1024)

13

14 s.close()

15 print 'Received', repr(data)

Again a new socket gets created with the function socket() but this time we use the method connect() to let it connect to the host localhost on port 1337. The rest of the code should be understandable with the explanations from the previous example.

 
Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
 
Subjects
Accounting
Business & Finance
Communication
Computer Science
Economics
Education
Engineering
Environment
Geography
Health
History
Language & Literature
Law
Management
Marketing
Philosophy
Political science
Psychology
Religion
Sociology
Travel