stanislav5000 has asked for the wisdom of the Perl Monks concerning the following question:

I'm using the following code, and need a bit lower level access to send the GET request slowly: 
use LWP::Simple;
my $url = 'http://www.example.com';
my $content = get $url;

[download]
By slowly, I mean one character every X number of seconds. How do you override the socket class of LWP that would allow you to dribble the GET request? Thanks!

Replies are listed 'Best First'.
Re: LWP Slow Get
by perrin (Chancellor) on Apr 03, 2007 at 16:56 UTC
    Planning a denial of service attack?
[reply]
      IDS Evasion for Pen-Test. Any other ethics questions? ;-P
[reply]

        Have you stopped beating your wife?

        Seriously though, you show up out of nowhere and start asking a series of very black-hat-y questions right out of the blocks. Given a history of people who've tried to abuse the largess of the monastery in the past in order to implement their nefarious (well, at least not well intentioned) schemes (e.g. the particularly persistent yet dense sequence documented in "freak" and recent threads), you have to understand that there's going to be some . . . shall we say, hesitation at the least to helping you.

        (And as for your original question, take a read through LWP::UserAgent and it should take less than 5 minutes to sort out how it interfaces with the lower level socket modules.)

[reply]
Re: LWP Slow Get
by nega (Scribe) on Apr 03, 2007 at 19:12 UTC
[reply]
Re: LWP Slow Get
by xorl (Deacon) on Apr 03, 2007 at 18:46 UTC
    What's wrong with going through $content one character at a time with a loop and substr or something? Why do you need to download it from the server slowly one character at a time?
[reply]

      That's on the wrong end, if I understand the remark about IDS penetration testing. He wants to send the HTTP GET request slowly over a long time to see if the remote side notices the suspicious request or not (although I'd think that any sane IDS would be reconstructing things on the TCP connection level and looking at the stream as a whole regardless of how long it takes (of course that ups the resource requirements in that you've got to maintain that context until it is a complete request, or complete enough to tell if it's hostile or not) in order to avoid this sort of weakness; but then maybe that's what they're trying to ascertain).

[reply]
        You're right on, Fletch. Check this out. It appears to work, but I have to take a quick capture to verify: 
        #!/usr/bin/perl -w
use IO::Socket;
unless (@ARGV > 1) { die "usage: $0 host document ..." }
$host = shift(@ARGV);
$get = "GET / HTTP/1.0\n\n";
    $remote = IO::Socket::INET->new( Proto     => "tcp",
                                     PeerAddr  => $host,
                                     PeerPort  => "http(80)",
                                    );
    unless ($remote) { die "cannot connect to http daemon on $host" }
    $remote->autoflush(1);
    @lines = split(//,$get);
    foreach $singlechar (@lines) {
    print $remote $singlechar;
    sleep(1);
    #while ( <$remote> ) { print }
    }
    close $remote;

        [download]
[reply]
[d/l]

Back to Seekers of Perl Wisdom