I have received some weird request URL in my TOMCAT access logs. which is
as follows:-
\x16\x03\x01\x01\"\x01" 200 40788
as clearly seen from above log, the server has given 200(success) response to the client(the one who is accessing above URL from our server).
I am really concerned whether the hacker is trying to post some malicious data on the server?
above request is in which format? is it in hexadecimal?
how should I convert above request URL to text format so that I will get to know
which resource he is trying to access or on which URL he is trying to post?
Related
I am trying to do the performance test for the ASP.Net MVC Web Application,
the Application is working with the Identity Server 5.2 to Login authentication.
I'm facing problem with login through the identity server.
Jmeter Version: 5.1.1
Description of the case:
Open URL of the website.
It will redirect you to the Identity website
Fill username and password
Log in to the application
Final URL will be the same as in point 1.
I was following the instruction below,
https://www.youtube.com/watch?time_continue=10&v=hGkrSFKcj10
base on this I created a Jmeter test plan
Test Plan
Thread Group
First HTTP Req - GET the "https://CorrectURL.com/
Assertion
View result three
Second HTTP Req - Post the username and Password on the https://identity.com/core/identityTokenUniqueForEverySingleLogin
Assertion
View result three
First HTTP request was successful:
I received Sampler Results:
HTTP Request - GET the Identity-0 Response code: 301
HTTP Request - GET the Identity-1 Response code: 302
HTTP Request - GET the Identity-2 Response code: 302
HTTP Request - GET the Identity-3 Response code: 302
HTTP Request - GET the Identity-4 Response code: 200
Second response:
Because every time Identity token is different, I don't know how can I take the token and use it during login.
Also what kind of information do I need to do the HTTP POST?
Can I Find then somewhere in Development tool?
I used also BlazeMeter to record the login process but when I'm running it again I'm receiving:
Response code: 405 Method Not Allowed
Response code: 500 Internal Server Error
Any advice will be appreciated
Looking into Identity Server documentation it appears to be using a cookie therefore my expectation is that adding a HTTP Cookie Manager should solve the problem (at least partially).
Not knowing the details of your Identity Server configuration details and seeing request/response sequence it is hard to come up with the comprehensive instructions, however my expectation is that it is the matter of simple correlation to wit:
Open your application login page (make sure that HTTP Cookie Manager is there)
Open identity server
Extract the token from the response if needed using a suitable JMeter PostProcessor and save the value into a JMeter Variable
Use the JMeter Variable from the step 3 instead of recorded hard-coded token
I have a web server that is currently running my asp.net mvc website. I am making a connection to an external website that sends a request back to the server via a specific URL and attaches the information sent as a query string.
I have no idea if this query string being sent is in the correct format but I do know that the action result function is being called. I need to see what requests are being sent to the server so that I can see the format in which the request was sent.
I know how to view the currently executing requests using the request monitor, but this is not enough since you can miss the request if it happens to fast.
Is it possible to view a history of requests that have occurred on the server? So that I may find the one that I need after the request has occurred.
I need to log the server response body along with the client which requested it.
Tried mod_dumpio which logs the response body but it doesn't reveal
the client IP so I am not able to map the request and response.
The other option was audit log which seemed the exact tool I needed,
but it doesn't support logging actual response body as
yet.
Could anyone please suggest me an appropriate solution?
I am struggling to understand how to implement a Google login. This is currently where I am at:
The client loads a default static HTML page from the server with a login button. Once clicking the login button it redirects them to the /login endpoint on my server. This redirects the user to the Google login and then consent page. Once the user logs into Google it redirects them to the /oauth2callback endpoint on my server. The response from Google contains the token that I need to get all the user info that I need. After I get the info from Google's services I need a way to send this info to the client in a JSON format. This info will be used in order for the client to connect to a websocket endpoint on my server.
I don't understand how I can send this info to the client. The client has been redirected to pages with no GET requests made to my server so I cannot send a JSON response. I don't want the client to make an additional GET request to the server if at all possible. How can I send the data I need to to the client?
I'm guessing your oauth2callback redirects to, or serves a page to your user. How about setting the JSON into a cookie that your JavaScript can then parse.
Whenever I try to call Magento's rest resources via PHP, I get an HTTP 500 Internal Server Error. My link is, in accordance to Magento's REST API, http://mymagento.com/api/rest/products.
Everything is set up properly and whenever I try to access it via the browser, the response is a page with the XML data I want. Same thing goes for the RESTClient plugin for Firefox.
I also get the internal server error whenever I try to do an authorised request as a customer.
Does anyone know why this is happening? I ran out of ideas an hour ago or so.
If you just got that problem (only) then,
500 errors in the HTTP cycle
Any client (e.g. your Web browser or our CheckUpDown robot) goes through the following cycle when it communicates with the Web server:
Obtain an IP address from the IP name of the site (the site URL
without the leading 'http://'). This lookup (conversion of IP name to
IP address) is provided by domain name servers (DNSs).
Open an IP socket connection to that IP address.
Write an HTTP data stream through that socket.
Receive an HTTP data stream back from the Web server in response.
This data stream contains status codes whose values are determined by
the HTTP protocol. Parse this data stream for status codes and other
useful information.
This error occurs in the final step above when the client receives an HTTP status code that it recognises as '500'. (Last updated: March 2012).
Fixing 500 errors - general
This error can only be resolved by fixes to the Web server software. It is not a client-side problem. It is up to the operators of the Web server site to locate and analyse the logs which should give further information about the error.