Lines Matching +full:uri +full:- +full:js
7 # cmake .. -DCMAKE_BUILD_TYPE=DEBUG -DLWS_WITH_MINIMAL_EXAMPLES=1
12 echo "----------------------------------------------"
13 echo "------- tests: lws attack.sh"
20 A=`which libwebsockets-test-server`
23 SHAREDIR=$INSTALLED/../share/libwebsockets-test-server
26 LWS_NC=./bin/lws-minimal-raw-netcat
32 kill -0 $CPID
33 if [ $? -ne 0 ] ; then
41 if [ $? -ne 0 ] ; then
48 …-e -n "HTTP/1.0 403 Forbidden\x0d\x0acontent-type: text/html\x0d\x0acontent-length: 173\x0d\x0a\x0…
50 if [ $? -ne 0 ] ; then
53 …-e -n "HTTP/1.1 403 Forbidden\x0d\x0acontent-type: text/html\x0d\x0acontent-length: 173\x0d\x0a\x0…
55 if [ $? -ne 0 ] ; then
58 tail -n 10 /tmp/lwscap
59 tail -n 100 $LOG
66 if [ -z "`grep '<h1>403</h1>' /tmp/lwscap`" ] ; then
73 if [ -z "`grep '<h1>404</h1>' /tmp/lwscap`" ] ; then
81 if [ -z "`grep '<h1>404</h1>' /tmp/lwscap`" ] ; then
89 if [ -z "`grep '<h1>404</h1>' /tmp/lwscap`" ] ; then
96 a="`dd if=$LOG bs=1 skip=$LEN 2>/dev/null |grep "get\ \ =" | tr -s ' ' | cut -d' ' -f4-`"
104 a="`dd if=$LOG bs=1 skip=$LEN 2>/dev/null |grep URI\ Arg\ 1\: | tr -s ' ' | cut -d' ' -f7-`"
112 a="`dd if=$LOG bs=1 skip=$LEN 2>/dev/null |grep URI\ Arg\ 2\: | tr -s ' ' | cut -d' ' -f7-`"
119 a="`dd if=$LOG bs=1 skip=$LEN 2>/dev/null |grep URI\ Arg\ 3\: | tr -s ' ' | cut -d' ' -f7-`"
126 if [ -z "$1" ] ; then
127 LEN=`stat $LOG -c %s`
132 rm -rf $LOG
133 killall libwebsockets-test-server 2>/dev/null
134 libwebsockets-test-server -d15 2>> $LOG >/dev/null &
139 while [ -z "`grep ort\ 7681 $LOG`" ] ; do
145 echo "---- /cgi-bin/settingsjs?UPDATE_SETTINGS=1&Root_Channels_1_Channel_name_http_post=%3F&Root_Ch…
146 rm -f /tmp/lwscap
147 …-n -e "GET /cgi-bin/settingsjs?UPDATE_SETTINGS=1&Root_Channels_1_Channel_name_http_post=%3F&Root_C…
155 echo "---- ? processing (/cgi-bin/settings.js?key1=value1)"
156 rm -f /tmp/lwscap
157 echo -n -e "GET /cgi-bin/settings.js?key1=value1 HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERV…
162 echo "---- ? processing (/t%3dest?key1%3d2=value1)"
163 rm -f /tmp/lwscap
164 echo -n -e "GET /t%3dest?key1%3d2=value1 HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --por…
170 echo "---- ? processing (%2f%2e%2e%2f%2e./xxtest.html?arg=1)"
171 rm -f /tmp/lwscap
172 echo -n -e "GET %2f%2e%2e%2f%2e./xxtest.html?arg=1 HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $S…
177 echo "---- ? processing (%2f%2e%2e%2f%2e./xxtest.html?arg=/../.)"
178 rm -f /tmp/lwscap
179 echo -n -e "GET %2f%2e%2e%2f%2e./xxtest.html?arg=/../. HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server…
184 echo "---- spam enough crap to not be GET"
185 echo "not GET" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null > /tmp/lwscap
189 echo "---- spam more than the name buffer of crap"
190 dd if=/dev/urandom bs=1 count=80 2>/dev/null | $LWS_NC --server $SERVER --port $PORT 2>/dev/null > …
194 echo "---- spam 10MB of crap"
195 dd if=/dev/urandom bs=1 count=655360 | $LWS_NC --server $SERVER --port $PORT 2>/dev/null > /tmp/lws…
199 echo "---- malformed URI"
201 | $LWS_NC --server $SERVER --port $PORT 2>/dev/null > /tmp/lwscap
205 echo "---- missing URI"
206 echo -n -e "GET HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null >/tmp…
210 echo "---- repeated method"
211 echo -n -e "GET blah HTTP/1.0\x0d\x0aGET blah HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER …
215 echo "---- crazy header name part"
216 echo -n -e "GET blah HTTP/1.0\x0d\x0a..............................................................…
233 | $LWS_NC --server $SERVER --port $PORT 2>/dev/null
237 echo "---- excessive uri content"
238 echo -n -e "GET ...................................................................................…
255 | $LWS_NC --server $SERVER --port $PORT 2>/dev/null
259 echo "---- good request but http payload coming too (test.html served then forbidden)"
260 echo -n -e "GET /test.html HTTP/1.1\x0d\x0a\x0d\x0aILLEGAL-PAYLOAD.................................…
261 | $LWS_NC --server $SERVER --port $PORT 2>/dev/null | sed '1,/^\r$/d'> /tmp/lwscap
266 echo "---- nonexistent file"
267 rm -f /tmp/lwscap
268 echo -n -e "GET /nope HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null…
274 echo "---- relative uri path"
275 rm -f /tmp/lwscap
276 echo -n -e "GET nope HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null …
281 echo "---- directory attack 1 (/../../../../etc/passwd should be /etc/passswd)"
282 rm -f /tmp/lwscap
283 echo -n -e "GET /../../../../etc/passwd HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port…
288 echo "---- directory attack 2 (/../ should be /)"
289 rm -f /tmp/lwscap
290 echo -e -n "GET /../ HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null …
295 echo "---- directory attack 3 (/./ should be /)"
296 rm -f /tmp/lwscap
297 echo -e -n "GET /./ HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null |…
302 echo "---- directory attack 4 (/blah/.. should be /)"
303 rm -f /tmp/lwscap
304 echo -e -n "GET /blah/.. HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/n…
309 echo "---- directory attack 5 (/blah/../ should be /)"
310 rm -f /tmp/lwscap
311 echo -e -n "GET /blah/../ HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev/…
316 echo "---- directory attack 6 (/blah/../. should be /)"
317 rm -f /tmp/lwscap
318 echo -e -n "GET /blah/../. HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER --port $PORT 2>/dev…
323 echo "---- directory attack 7 (/%2e%2e%2f../../../etc/passwd should be /etc/passswd)"
324 rm -f /tmp/lwscap
325 echo -e -n "GET /%2e%2e%2f../../../etc/passwd HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --server $SERVER …
330 echo "---- directory attack 8 (%2f%2e%2e%2f%2e./.%2e/.%2e%2fetc/passwd should be /etc/passswd)"
331 rm -f /tmp/lwscap
332 echo -e -n "GET %2f%2e%2e%2f%2e./.%2e/.%2e%2fetc/passwd HTTP/1.0\x0d\x0a\x0d\x0a" | $LWS_NC --serve…
337 echo "---- http/1.1 pipelining"
338 rm -f /tmp/lwscap
339 wget -O/tmp/lwsdump http://localhost:7681/test.html http://localhost:7681/test.html http://localhos…
340 good=`cat $CORPUS $CORPUS $CORPUS $CORPUS $CORPUS $CORPUS $CORPUS $CORPUS | md5sum | cut -d' ' -f1`
341 if [ "$good" != "`md5sum /tmp/lwsdump | cut -d' ' -f 1`" ] ; then
347 echo "---- mass testing uri variations"
349 rm -f /tmp/results
557 LEN=`stat $LOG -c %s`
558 rm -f /tmp/lwscap1
559 echo -n -e "GET $i HTTP/1.0\r\n\r\n" | $LWS_NC --server $SERVER --port $PORT 2>/dev/null > /tmp/lws…
560 R=`cat /tmp/lwscap1| head -n 1 | cut -d' ' -f 2`
566 U=`dd if=$LOG bs=1 skip=$LEN 2>/dev/null| grep "Method:" | tr -s ' ' | cut -d"'" -f4`
568 echo "- \"$i\" -> $R \"$U\"" >>/tmp/results
570 echo "- \"$i\" -> $R" >>/tmp/results
575 - "/..../" -> 404 "/..../"
576 - "/.../." -> 404 "/.../"
577 - "/...//" -> 404 "/.../"
578 - "/.../a" -> 404 "/.../a"
579 - "/.../w" -> 404 "/.../w"
580 - "/.../?" -> 404 "/.../"
581 - "/.../%" -> 403
582 - "/../.." -> 200 "/"
583 - "/.././" -> 200 "/"
584 - "/../.a" -> 404 "/.a"
585 - "/../.w" -> 404 "/.w"
586 - "/../.." -> 200 "/"
587 - "/../.%" -> 403
588 - "/..//." -> 200 "/"
589 - "/..///" -> 200 "/"
590 - "/..//a" -> 404 "/a"
591 - "/..//w" -> 404 "/w"
592 - "/..//?" -> 200 "/"
593 - "/..//%" -> 403
594 - "/../a." -> 404 "/a."
595 - "/../a/" -> 404 "/a/"
596 - "/../aa" -> 404 "/aa"
597 - "/../aw" -> 404 "/aw"
598 - "/../a?" -> 404 "/a"
599 - "/../a%" -> 403
600 - "/../w." -> 404 "/w."
601 - "/../w/" -> 404 "/w/"
602 - "/../wa" -> 404 "/wa"
603 - "/../ww" -> 404 "/ww"
604 - "/../w?" -> 404 "/w"
605 - "/../w%" -> 403
606 - "/../?." -> 200 "/"
607 - "/../?/" -> 200 "/"
608 - "/../?a" -> 200 "/"
609 - "/../?w" -> 200 "/"
610 - "/../??" -> 200 "/"
611 - "/../?%" -> 403
612 - "/../%." -> 403
613 - "/../%/" -> 403
614 - "/../%a" -> 403
615 - "/../%w" -> 403
616 - "/../%?" -> 403
617 - "/../%%" -> 403
618 - "/./..." -> 404 "/..."
619 - "/./../" -> 200 "/"
620 - "/./..a" -> 404 "/..a"
621 - "/./..w" -> 404 "/..w"
622 - "/./..?" -> 200 "/"
623 - "/./..%" -> 403
624 - "/.//.." -> 200 "/"
625 - "/.a../" -> 404 "/.a../"
626 - "/.a/.." -> 200 "/"
627 - "/.w../" -> 404 "/.w../"
628 - "/.w/.." -> 200 "/"
629 - "/.?../" -> 404 "/."
630 - "/../.." -> 200 "/"
631 - "/.%../" -> 403
632 - "/.%/.." -> 403
633 - "//...." -> 404 "/...."
634 - "//.../" -> 404 "/.../"
635 - "//...a" -> 404 "/...a"
636 - "//...w" -> 404 "/...w"
637 - "//...?" -> 404 "/..."
638 - "//...%" -> 403
639 - "//../." -> 200 "/"
640 - "//..//" -> 200 "/"
641 - "//../a" -> 404 "/a"
642 - "//../w" -> 404 "/w"
643 - "//../?" -> 200 "/"
644 - "//../%" -> 403
645 - "//..a." -> 404 "/..a."
646 - "//..a/" -> 404 "/..a/"
647 - "//..aa" -> 404 "/..aa"
648 - "//..aw" -> 404 "/..aw"
649 - "//..a?" -> 404 "/..a"
650 - "//..a%" -> 403
651 - "//..w." -> 404 "/..w."
652 - "//..w/" -> 404 "/..w/"
653 - "//..wa" -> 404 "/..wa"
654 - "//..ww" -> 404 "/..ww"
655 - "//..w?" -> 404 "/..w"
656 - "//..w%" -> 403
657 - "//..?." -> 200 "/"
658 - "//..?/" -> 200 "/"
659 - "//..?a" -> 404 "/a"
660 - "//..?w" -> 404 "/w"
661 - "//..??" -> 200 "/"
662 - "//..?%" -> 403
663 - "//..%." -> 403
664 - "//..%/" -> 403
665 - "//..%a" -> 403
666 - "//..%w" -> 403
667 - "//..%?" -> 403
668 - "//..%%" -> 403
669 - "//./.." -> 200 "/"
670 - "///..." -> 404 "/..."
671 - "///../" -> 200 "/"
672 - "///..a" -> 404 "/..a"
673 - "///..w" -> 404 "/..w"
674 - "///..?" -> 200 "/"
675 - "///..%" -> 403
676 - "////.." -> 200 "/"
677 - "//a../" -> 404 "/a../"
678 - "//a/.." -> 200 "/"
679 - "//w../" -> 404 "/w../"
680 - "//w/.." -> 200 "/"
681 - "//?../" -> 200 "/"
682 - "//?/.." -> 200 "/"
683 - "//%../" -> 403
684 - "//%/.." -> 403
685 - "/a.../" -> 404 "/a.../"
686 - "/a../." -> 404 "/a../"
687 - "/a..//" -> 404 "/a../"
688 - "/a../a" -> 404 "/a../a"
689 - "/a../w" -> 404 "/a../w"
690 - "/a../?" -> 404 "/a../"
691 - "/a../%" -> 403
692 - "/a./.." -> 200 "/"
693 - "/a/..." -> 404 "/a/..."
694 - "/a/../" -> 200 "/"
695 - "/a/..a" -> 404 "/a/..a"
696 - "/a/..w" -> 404 "/a/..w"
697 - "/a/..?" -> 200 "/"
698 - "/a/..%" -> 403
699 - "/a//.." -> 200 "/"
700 - "/aa../" -> 404 "/aa../"
701 - "/aa/.." -> 200 "/"
702 - "/aw../" -> 404 "/aw../"
703 - "/aw/.." -> 200 "/"
704 - "/a?../" -> 404 "/a"
705 - "/a?/.." -> 404 "/a"
706 - "/a%../" -> 403
707 - "/a%/.." -> 403
708 - "/w.../" -> 404 "/w.../"
709 - "/w../." -> 404 "/w../"
710 - "/w..//" -> 404 "/w../"
711 - "/w../a" -> 404 "/w../a"
712 - "/w../w" -> 404 "/w../w"
713 - "/w../?" -> 404 "/w../"
714 - "/w../%" -> 403
715 - "/w./.." -> 200 "/"
716 - "/w/..." -> 404 "/w/..."
717 - "/w/../" -> 200 "/"
718 - "/w/..a" -> 404 "/w/..a"
719 - "/w/..w" -> 404 "/w/..w"
720 - "/w/..?" -> 200 "/"
721 - "/w/..%" -> 403
722 - "/w//.." -> 200 "/"
723 - "/wa../" -> 404 "/wa../"
724 - "/wa/.." -> 200 "/"
725 - "/ww../" -> 404 "/ww../"
726 - "/ww/.." -> 200 "/"
727 - "/w?../" -> 404 "/w"
728 - "/w?/.." -> 404 "/w"
729 - "/w%../" -> 403
730 - "/w%/.." -> 403
731 - "/?.../" -> 200 "/"
732 - "/?../." -> 200 "/"
733 - "/?..//" -> 200 "/"
734 - "/?../a" -> 200 "/"
735 - "/?../w" -> 200 "/"
736 - "/?../?" -> 200 "/"
737 - "/?../%" -> 403
738 - "/?./.." -> 200 "/"
739 - "/?/..." -> 200 "/"
740 - "/?/../" -> 200 "/"
741 - "/?/..a" -> 200 "/"
742 - "/?/..w" -> 200 "/"
743 - "/?/..?" -> 200 "/"
744 - "/?/..%" -> 403
745 - "/?//.." -> 200 "/"
746 - "/?a../" -> 200 "/"
747 - "/?a/.." -> 200 "/"
748 - "/?w../" -> 200 "/"
749 - "/?w/.." -> 200 "/"
750 - "/??../" -> 200 "/"
751 - "/??/.." -> 200 "/"
752 - "/?%../" -> 403
753 - "/?%/.." -> 403
754 - "/%.../" -> 403
755 - "/%../." -> 403
756 - "/%..//" -> 403
757 - "/%../a" -> 403
758 - "/%../w" -> 403
759 - "/%../?" -> 403
760 - "/%../%" -> 403
761 - "/%./.." -> 403
762 - "/%/..." -> 403
763 - "/%/../" -> 403
764 - "/%/..a" -> 403
765 - "/%/..w" -> 403
766 - "/%/..?" -> 403
767 - "/%/..%" -> 403
768 - "/%//.." -> 403
769 - "/%a../" -> 403
770 - "/%a/.." -> 403
771 - "/%w../" -> 403
772 - "/%w/.." -> 403
773 - "/%?../" -> 403
774 - "/%?/.." -> 403
775 - "/%%../" -> 403
776 - "/%%/.." -> 403
777 - "/a/w/../a" -> 404 "/a/a"
778 - "/path/to/dir/../other/dir" -> 404 "/path/to/other/dir"
781 if [ "`md5sum /tmp/results | cut -d' ' -f 1`" != "`md5sum /tmp/lwsresult1 | cut -d' ' -f1`" ] ; then
783 diff -urN /tmp/lwsresult1 /tmp/results
785 ls -l /tmp/results
795 echo "--- survived OK ---"
796 kill -2 $CPID
802 killall libwebsockets-test-server 2>/dev/null
803 libwebsockets-test-server -s 2>> $LOG &
806 libwebsockets-test-client 127.0.0.1 -s -O
809 curl -v -F text=hello -F send=SEND -F upload=@../README.md https://127.0.0.1:7681/formtest -k
811 kill -2 $CPID