-
Notifications
You must be signed in to change notification settings - Fork 12
Quick Start Examples
Mohammad Amin Nasiri edited this page Oct 31, 2023
·
24 revisions
In this wiki you can see some examples for working with this library.
Before anything to do, you have to set up the connection and then work with different methods:
from h2spacex import H2OnTlsConnection
h2_conn = H2OnTlsConnection(
hostname='http2.github.io',
port_number=443
)
h2_conn.setup_connection()Steps:
- Define Headers & Body for Requests
- Generate Stream IDs to Invoke Requests
- Create Header Frames & Data Frame Containing Last Byte
- Concatenate Header Frames (All frames except the last-byte for each request)
- Concatenate Data Frames (All frames which have last-byte for previous requests)
- Send Concatenated Header Frames
- Wait Some time (any scenario you have)
- Send Ping Frame (warming up connection)
- Send Concatenated Data Frames
- Hopefully Get a Successful Race Condition on H2
from h2spacex import H2OnTlsConnection
from time import sleep
h2_conn = H2OnTlsConnection(
hostname='http2.github.io',
port_number=443
)
h2_conn.setup_connection()
headers = """accept: */*
content-type: application/x-www-form-urlencoded
...
"""
body = """BODY
DATA...
...
"""
stream_ids_list = h2_conn.generate_stream_ids(number_of_streams=5)
all_headers_frames = [] # all headers frame + data frames which have not the last byte
all_data_frames = [] # all data frames which contain the last byte
for s_id in stream_ids_list:
header_frames_without_last_byte, last_data_frame_with_last_byte = h2_conn.create_single_packet_http2_post_request_frames(
method='POST',
headers_string=headers,
scheme='https',
stream_id=s_id,
authority="http2.github.io",
body=body,
path='/somePath'
)
all_headers_frames.append(header_frames_without_last_byte)
all_data_frames.append(last_data_frame_with_last_byte)
# concatenate all headers bytes
temp_headers_bytes = b''
for h in all_headers_frames:
temp_headers_bytes += bytes(h)
# concatenate all data frames which have last byte
temp_data_bytes = b''
for d in all_data_frames:
temp_data_bytes += bytes(d)
# send header frames
h2_conn.send_frames(temp_headers_bytes)
# wait some time
sleep(0.1)
# send ping frame to warm up connection
h2_conn.send_ping_frame()
# send remaining data frames
h2_conn.send_frames(temp_headers_bytes)I also got some ideas from a previous developed library h2tinker.
Finally, thanks again to James Kettle for directly helping and pointing some other techniques.
- Single Packet Attack - POST &...
- implement
- Single Packet Attack - GET
- Remove END_STREAM flag
- Content-Length: 1 Method
- POST Request with x-override-method: GET header
- Response Parsing
- implement
- implement threaded response parser
- Body Decompression
- gzip
- br
- deflate
-
Proxy
- Socks5 Proxy