Applets listening on Sockets in Java

From: Tim Wright (wrightat_private)
Date: Fri Feb 12 1999 - 12:32:22 PST

Next message: Jordan Ritter: "palmetto.ftpd vulnerability clarification."

Previous message: aleph1at_private: "Microsoft Security Bulletin (MS99-005)"
Next in thread: Lincoln Stein: "Applets listening on Sockets in Java"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

<alxat_private> and I recently explored the "security hole" in Java
where an applet can listen on a port, and accept connections from any
machine, rather than just the machine from which the applet was
down-loaded.

The code which was posted to BugTraq does appear to exhibit this
behavior. However, on closer inspection the posted code only created a
class to listen on a socket, and did not call the method to accept
connections from that socket. It turns out that the SecurityException is
(correctly) thrown during the accept method call.

The server and client code we used follow. It was tested in Netscape 4.06
for WindowsNT. It is important to notice that we hard coded the machine
which the applet would run into the client.

Tim
http://stl.qucis.queensu.ca/~wright

There are no constants in life,
only Variables which haven't changed their value in a while.

There are no Variables in life,
We life in a continuous stream of short lived constants.



// the applet server - listens on the socket

import java.applet.*;
import java.awt.*;
import java.io.*;
import java.net.*;
/**
 * This type was created in VisualAge.
 */
public class SocketListener extends Applet {
	
  /**
   * This method was created in VisualAge.
   */
  public void init() {
    ServerSocket ss;
    try {
      ss = new ServerSocket(7000);
    } catch (IOException ioe) {
      System.err.println("error, cannot create socket");
      return;
    }
    System.err.println("created server socket");
    while (true) {
      try {
	System.err.println("waiting for connection");
	Socket s = ss.accept();
	System.err.println("accepted connection from "+s.getInetAddress());
	DataInputStream pr = new DataInputStream(s.getInputStream());
	System.err.println("read:"+ pr.readLine());
	pr.close();
      } catch (IOException ioe) {
      }
    }
  }
}



// the applet client - connects to the socket
import java.net.*;
import java.io.*;

public class SocketConnector {

  public SocketConnector() {
    super();
  }

  public static void main(java.lang.String[] args) {
    try {
      Socket s=new Socket("stl.qucis.queensu.ca",7000);
      PrintWriter dot=new PrintWriter(s.getOutputStream());
      dot.print("hi there");
      s.close();
    }
    catch (Exception e) {
      System.err.println("exception occured");
      e.printStackTrace();
    }
  }
}

Next message: Jordan Ritter: "palmetto.ftpd vulnerability clarification."
Previous message: aleph1at_private: "Microsoft Security Bulletin (MS99-005)"
Next in thread: Lincoln Stein: "Applets listening on Sockets in Java"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:34:13 PDT