App-DubiousHTTP
3 results

 view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN 

    - FF, Chrome accept "," before and after chunked|gzip|deflate
  - \000 is nearly everywhere in the header ignored by Chrome (inside, before
    and after key and value...)
  - broken status lines
    - "HTTP/1.1foobar" (no status code etc) gets accepted by Chrome, Opera and
      Firefox.
  - various tests with invalid characters or UTF-8
  - extend compression tests with various kinds of sync between deflated parts

2015/11/12 0.029
- bulk testing of iframe tags with HTML inside
2015/11/08 0.028
- bulk testing of behavior regarding Javascript and Image loading (instead
  of only XHR)
2015/10/31 0.027
- way more tests of broken responses
- add tests for gzip compression flags and features
- add support for lzma compression, supported by at least Opera
- option --fast-feedback so that results  gets submitted in parts once they grow to big
- new script bin/normalize-logs.pl to normalize log files
2015/10/01 0.026

Changes  view on Meta::CPAN 

- better color coding of responses for non-ajax tests
2015/06/18 0.014
- add tests for more broken stacks, check for HTTP/0.9
2015/05/13 0.013
- add even more tests for dubious content-length
2015/05/03 0.012
- add more tests with chunking and more dubious content-length
2013/07/09 0.011
- added tests with dubious content-length
2013/07/02 0.010
- add script to ping back within iframe to see, if iframe was loaded unchanged
2013/07/02 0.009
- simplify code, remove redundant code
- log access with timestamp 
- add ping back via xmlhttrequest to check if script can get loaded
2013/07/02 0.008
- added tests with unknown content-encodings
2013/07/01 0.007
- added tests with multiple content-encodings
2013/07/01 0.006
- added tests with content-encoding and transfer-encoding with various

lib/App/DubiousHTTP/Tests.pm  view on Meta::CPAN 

and if a bypass of the protection would be possible.
More information about bypassing firewalls using interpretation differences can
be found <a href="http://noxxi.de/research/semantic-gap.html">here</a>.
</p>

<ul>
<li><a href=#xhr_eicar>Firewall evasion test - Bulk test with virus payload using XMLHttpRequest</a></li>
<li><a href=#xhr_novirus>Bulk test with innocent payload using XMLHttpRequest</a></li>
<li><a href=#js>Bulk test with innocent payload using script tag</a></li>
<li><a href=#img>Bulk test with innocent payload using img tag</a></li>
<li><a href=#iframe>Bulk test with innocent payload using iframe tag</a></li>
<li><a href=#other>Various non-bulk tests</a></li>
</ul>

<hr>

<a name=xhr_eicar>
<h2>Firewall evasion test - Bulk test with virus payload (XHR)</h2>
</a>

<p>

lib/App/DubiousHTTP/Tests.pm  view on Meta::CPAN 

<h2>Bulk test with innocent Image</h2>
</a>

<p>
This bulk test will use "img" tags to download an innocent image to check which
uncommon responses can be used to load images.
</p>
<p id=test_js class=runtest><a href="/autoimg/all/ok.png">Run Test with
innocent image payload</a></p>

<a name=iframe>
<h2>Bulk test with innocent Iframe</h2>
</a>

<p>
This bulk test will use "iframe" tags to download an innocent HTML to check which
uncommon responses can be used to load iframes. <b>Warning!</b>: IE and Edge seem
to have serious problems with some test cases here and will render the page
unresponsive.
</p>
<p id=test_iframe class=runtest><a href="/autohtml/all/parent_set_success.html">Run Test with
innocent iframe payload</a></p>

<a name=other>
<h2>Non-Bulk tests</h2>
</a>

<p>
The following tests analyze the behavior of browsers in specific cases, like
loading an image, loading a script and loading HTML into an iframe. They offer a
download for the EICAR test virus. The subtests in these tests all follow the
same style: If the browser behaves like expected (i.e. fails or succeeds) the
relevant element (IMAGE, SCRIPT or HTML) will turn green, if it behaves
differently it will turn red. Yellow is similar successful as green but marks an
uncommon behavior. If this uncommon behavior is not implemented (i.e. load of
image or script failed) the element will be grey. 
When trying to load HTML into an iframe it can happen that the iframe stays
empty or contains some error message or garbage instead of "HTML". In this case
it failed to load the content.
</p>
<p>
Which behavior is expected can be seen from the header preceding
the relevant section of subtests: if it says that the following requests are
VALID it is expected that loading succeeds, on INVALID requests it is expected
that they fail. In other words: anything turning red is bad and more so if it is
for INVALID requests. Because in this case the browser executes the payload even
if the HTTP response was invalid which might often be used to bypass firewalls

lib/App/DubiousHTTP/Tests.pm  view on Meta::CPAN 

    s.setAttribute('onreadystatechange','set_load(\"$id\",\"js\");');
    s.setAttribute('onerror','set_fail(\"$id\",\"js\");');
    div.appendChild(s);
}
JS
    });
}

sub auto_html {
    my ($self,$cat) = @_;
    _auto_imgjshtml($cat, 'Browser behavior test with iframe including HTML', 'parent_set_success.html', sub {
	my ($url,$id) = @_;
	return "<iframe id='$id' src='$url' onload='set_load(\"$id\",\"html\");' onerror='set_fail(\"$id\",\"html\");' onreadystatechange='set_load(\"$id\",\"html\");'></iframe>";
    });
}

sub _auto_imgjshtml {
    my ($cat,$title,$page,$mkhtml) = @_;

    my $jsglob = '';
    $jsglob .= sprintf("reference='%x' + Math.floor(time()/1000).toString(16);\n", rand(2**32));
    $jsglob .= "fast_feedback = 16384;\n" if $FAST_FEEDBACK;
    my $rand = rand();

lib/App/DubiousHTTP/Tests/Common.pm  view on Meta::CPAN 

	    $body .= "<tr><td colspan=6><h2>$test->[0]</h2></td></tr>";
	    next;
	} 
	my $valid = $test->VALID;
	my $base = $valid>0 ? 'ok' : $valid<0 ? 'warn' : 'bad';
	my $bg = $valid>0 ? '#e30e2c' : $valid<0 ? '#d0cfd1' : '#00e800';
	$body .= "<tr>";
	$body .= "<td>". html_escape($test->DESCRIPTION) ."</td>";
	$body .= "<td><div style='height: 2em; border-style: solid; border-width: 1px; width: 6em; text-align: center; background: $bg url(\"".$test->url("$base.png"). "\");'><span style='vertical-align: middle;'>IMAGE</span></div></td>";
	$body .= "<td><div id='".$test->LONG_ID."' style='height: 2em; border-style: solid; border-width: 1px; width: 6em; text-align: center; background: $bg'><span style='vertical-align: middle;'>SCRIPT</span></div></td>";
	$body .= "<td><iframe seamless=seamless scrolling=no style='border-style: solid; border-width: 1px; width: 6em; height: 2em; overflow: hidden;' src=". $test->url("$base.html"). "></iframe></td>";
	$body .= "<td>&nbsp;<a class=button download='eicar.com' href=". $test->url('eicar.txt').">load EICAR</a>&nbsp;</td>";
	$body .= "<td>&nbsp;<a class=button download='eicar.zip' href=". $test->url('eicar.zip').">load eicar.zip</a>&nbsp;</td>";
	$body .= "</tr>";
	$body .= "<script src=".$test->url("$base.js")."></script>";
	$body .= "<tr><td colspan=5><hr></td></tr>";
    }
    $body .= "</table>";
    $body .= "</body></html>";
    return "HTTP/1.0 200 Ok\r\n".
        "Content-type: text/html\r\n".



( run in 0.602 second using v1.01-cache-2.11-cpan-e1769b4cff6 )