cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Using curl to retrieve a pic from a netcam

From: jayjwa <jayjwa_at_atr2.ath.cx>
Date: Wed, 9 Feb 2005 04:04:39 -0500

-> Subject: Using curl to retrieve a pic from a netcam

-> I ma trying to retrieve a jpeg file from a netcam. If
-> I use a regular browser with the following URL I can
-> display it in a browser ( Firefox etc ) :
->
-> http://192.168.0.40/__live.jpg?1107587644012&1107587687354&&
->
-> I understand the "?" after jpg turns the request into
-> some form of query, but can anyone tell me what the
-> middle ampersand ( & ) and the final two ampersands (
-> && ) do ?

Many server operators like to play tricks to keep people from downloading
their stuff "directly" or using it themselves thru something refered to as
"hot-linking". Hence, they figure that if they are talking to a browser,
it's probably a regular user using the site as the owner wants you to, but
if it's a downloader (such as curl, wget, whatever) then they try to make
it either impossible, or re-route you someplace else. There are alot of
tricks to this, but so far I've had good luck with curl. One site I needed
to get something off of check not only for an exact user-agent, but also
HTTP version 1.0 (most send 1.1 now). Others rely on qwirks that are only
in one browser, such as MSIE, and nothing else works, period. This gives
the impress, to someone who doesn't know, that it is something they are
not doing right (or a limit of their tools).
Chances are, you're not even downloading what you think is a jpg image,
but rather sending a request to a CGI that runs your request thru it's
little check list. If it passes, here comes the data in a stream, under
the name whatever.jpg, and the user is none the wiser.
? is a seperator to pass data, as to a CGI or a script. & is usually a
prameter delimiter. Probably the number itself is some sort of checksum.

What I find odd is this:

 
-> http://192.168.0.40/__live.jpg?1107587644012&1107587687354&&

Isn't supposed to be Internet routable (192.168.) Or is this internal?
 
-> curl
-> 'http://192.168.0.40/__live.jpg?1107587644012&1107587687354&&'
->
-> and I get "connection refused". I tried to use tcpdump
-> to see what was happening, but tcpdump printed NOTHING
-> out at all. The only time I could see network traffic
-> to the netcam when using tcpdump was when I accessed
-> the URL using a web browser !

Pointing it at the wrong IP/port? Redirection?
 
-> - if anyone knows why this maybe so, please let me
-> know. ( I used tcpdump -i eth0 btw )

tcpdump -s 6000 -N -XX -vv -i ppp0 -p -l dst (your IP address)

will show everything incoming on interface ppp0 to you, regardless of from
where, without putting the interface in promiscuous mode. ->

        0x0350: 8ba0 606a 5b52 417e 8a73 9472 d5e7 e1d1 ..`j[RA~.s.r....
        0x0360: 1593 fe24 ea33 67bb 6e31 f1b9 7523 ea53 ...$.3g.n1..u#.S
        0x0370: 8595 0289 7e0e e549 ee97 3fda 4198 ff91 ....~..I..?.A...
        0x0380: ceed 151f efcf fd48 c748
45 packets captured
45 packets received by filter
0 packets dropped by kernel

-> curl -A "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
-> 5.1; .NET CLR 1.1.4322)"
-> 'http://172.19.27.139/__live.jpg?1107587644012&1107587687354&&'

Different IP? ^^^^^

-> Can anyone possibly point me in the right direction in
-> how to get this to work ?

I'd probably start with something like this, and work from there:

curl --trace trace.log --cookie-jar cookie.log --max-redirs 10 -v -o
session.output -k -A 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
.NET CLR 1.1.4322)' -e
'http://172.19.27.139/__live.jpg?1107587644012&1107587687354&&'
http://172.19.27.139/__live.jpg?1107587644012&1107587687354&&

You might need to change the referer, the URL, or even your IP. I'm
not sure of the situation, but maybe if you know the guy you could just
ask him what's with his links? :P
It might take a few tries, but keep looking in the files it makes and
you'll get a clue of how it's working. Make sure your shell isn't eating
up your "?"'s and "&"'s marks, or the URL will be totally different even
before it's gotten sent. Usually it's \? \& to escape those characters.
Received on 2005-02-09