We Keep Coding

Scrapy+Splash returning wrong headers

When using Splash with Scrapy the headers are returned from the Splash server instead of the website Splash renders.
response.headers returns:
{b'Server': [b'TwistedWeb/19.7.0'], b'Date': [b'Sun, 11 Jul 2021 07:31:32 GMT'], b'Content-Type': [b'text/html; charset=utf-8']}
And I'm trying to get the headers of the actual website:
Connection: Keep-Alive
Content-Length: 5
Content-Type: text/html
Date: Sun, 11 Jul 2021 07:05:49 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
X-Cache: HIT
How can I get the headers of the website instead of the Splash server?

I got it to work with this:
splash_lua_script = """
function main(splash, args)
assert(splash:go(args.url))
assert(splash:wait(0.5))
local entries = splash:history()
local last_response = entries[#entries].response
return {
html = splash:html(),
headers = last_response.headers
}
end
"""
And then refer it to response.headers with Scrapy.

fail2ban: apache-auth isn't banning failed login attempts

Trying to implement fail2ban on a Linux Mint 17.1 and cant seem to get it to ban me after multiple login attempts against apache-auth.
I followed this guide to get started.
I think its a problem with the apache-auth regex but cant get it right.
jail.local
[apache]
enabled = true
port = 80,443
filter = apache-auth
logpath = /var/log/apache2/*error.log
maxretry = 3
bantime = 600
##ignoreip = 192.168.3.70
##To block the remote host that is trying to request suspicious URLs, use the below jail.
[apache-overflows]
enabled = true
port = http,https
filter = apache-overflows
logpath = /var/log/apache2/*error.log
maxretry = 3
bantime = 600
ignoreip = 192.168.3.70
##To block the remote host that is trying to search for scripts on the website to execute, use the below jail.
[apache-noscript]
enabled = true
port = http,https
filter = apache-noscript
logpath = /var/log/apache2/*error.log
maxretry = 3
bantime = 600
ignoreip = 192.168.3.70
##To block the remote host that is trying to request malicious bot, use below jail.
[apache-badbots]
enabled = true
port = http,https
filter = apache-badbots
logpath = /var/log/apache2/*error.log
maxretry = 3
bantime = 600
ignoreip = 192.168.3.70
##To stop DOS attack from remote host.
[http-get-dos]
enabled = true
port = http,https
filter = http-get-dos
logpath = /var/log/apache*/access.log
maxretry = 400
findtime = 400
bantime = 200
##ignoreip = 192.168.3.70
action = iptables[name=HTTP, port=http, protocol=tcp]
apache-auth.conf
[INCLUDES]
before = apache-common.conf
[Definition]
failregex = ^%(_apache_error_client)s (AH01797: )?client denied by server configuration: (uri )?\S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01617: )?user .*? authentication failure for "\S*": Password Mismatch(, referer: \S+)?$
^%(_apache_error_client)s (AH01618: )?user .*? not found(: )?\S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01614: )?client used wrong authentication scheme: \S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH\d+: )?Authorization of user \S+ to access \S* failed, reason: .*$
^%(_apache_error_client)s (AH0179[24]: )?(Digest: )?user .*?: password mismatch: \S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH0179[01]: |Digest: )user `.*?' in realm `.+' (not found|denied by provider): \S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01631: )?user .*?: authorization failure for "\S*":(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01775: )?(Digest: )?invalid nonce .* received - length is not \S+(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01788: )?(Digest: )?realm mismatch - got `.*?' but expected `.+'(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01789: )?(Digest: )?unknown algorithm `.*?' received: \S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01793: )?invalid qop `.*?' received: \S*(, referer: \S+)?\s*$
^%(_apache_error_client)s (AH01777: )?(Digest: )?invalid nonce .*? received - user attempted time travel(, referer: \S+)?\s*$
apache-common.conf
_apache_error_client = \[[^]]*\] \[(error|\S+:\S+)\]( \[pid \d+:\S+\d+\])? \[client <HOST>(:\d{1,5})?\]
/var/log/apache2/error.log
[Thu Aug 02 23:03:42.143209 2018] [auth_basic:error] [pid 8025] [client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:43.216097 2018] [auth_basic:error] [pid 8025] [client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:44.124570 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:45.104747 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:46.001161 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:46.871802 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
[Thu Aug 02 23:03:47.843740 2018] [auth_basic:error] [pid 8025][client 192.168.3.60:54788] AH01618: user aaa not found: /SEC/test.php
As I said I think the problem is in the regex, since the http-get-dos jail worked fine. The regex for apache-common.conf doesn't look right since my log files seem to follow a different standard, BUT I'm not sure if that's true or how to properly format the regex.
ANy help is appreciated.

Found my problem
I had to change the line in apache-common.conf to the following;
_apache_error_client = \[[^]]*\] \[(error|\S+:\S+)\]( \[pid \d+\])? \[client <HOST>(:\d{1,5})?\]
The difference being in the PID section. I used Regex101 to work the expression until it matched.

Testing with gmail account

I try to test schema integration with rails application. I used my personal Gmail account to configure SMTP :
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = {
address: 'smtp.gmail.com',
port: 587,
domain: 'gmail.com',
user_name: 'XXXX#gmail.com',
password: 'XXXX',
authentication: 'plain',
enable_starttls_auto: true
}
I test to send it to my own account. But it's seems that doesn't work..
I test with example code from :
PS : The mail pass validation
Thank you
EDIT : Header of my mail
Return-Path: <XXX#gmail.com>
Received: from gmail.com (84-74-24-22.dclient.hispeed.ch. [84.74.24.22])
by mx.google.com with ESMTPSA id m8sm9364668eeg.11.2014.04.23.13.34.35
for <XXX#gmail.com>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 23 Apr 2014 13:34:35 -0700 (PDT)
Date: Wed, 23 Apr 2014 22:34:34 +0200
From: XXX#gmail.com
To: XXX#gmail.com
Message-ID: <535823da92e7c_3d223ffc2442dbe093598#WS-39.local.mail>
Subject: =?UTF-8?Q?Merci_d'avoir_command=C3=A9_!?=
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="--==_mimepart_535823da916a1_3d223ffc2442dbe0934a9";
charset=UTF-8
Content-Transfer-Encoding: 7bit

Programmatically configure WCF client binding to access SSL + Soap 1.1 + Basic Auth

I'm trying to write a C# WCF client (generated by svcutil from wsdl) to access a CXF (java) service implementing the same wsdl.
The service is working fine but I'm having trouble connecting to it on my C# client because the CXF is configured with SSL + Soap 1.1 + Basic Auth.
So far I've tried the following:
Why would Basic Auth not work with my WCF client to Java SOAP Web Service?
new BasicHttpBinding()
{
Security =
{
Mode = BasicHttpSecurityMode.Transport,
Transport =
{
ClientCredentialType = HttpClientCredentialType.Basic,
ProxyCredentialType = HttpProxyCredentialType.None
},
Message =
{
ClientCredentialType = BasicHttpMessageCredentialType.UserName,
AlgorithmSuite = SecurityAlgorithmSuite.Default
}
}
}
var client = new WebServiceClient(binding, endpoint);
client.ClientCredentials.UserName.UserName = username;
client.ClientCredentials.UserName.Password = password;
But it doesn't seem to send the Auth Header correctly.
I've also tried adding the header manually as outlined by http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/4f8ab001-dafa-4347-bc41-95255ecc9230. but I am not satisfied that this being the best solution.
Can any WCF expert outline a way of creating a binding programmatically that supports SSL + Soap 1.1 + Basic Auth?
Following is the header sent with WCF
System.Net Information: 0 : [13620] ConnectStream#64929093 - Sending headers
{
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://api.test.com/services/GetThings"
Host: api.test.com
Content-Length: 552
Expect: 100-continue
Accept-Encoding: gzip, deflate
}
While this is the proper header sent by SoapUI
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Content-Type: text/xml;charset=UTF-8[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "SOAPAction: "http://api.test.com/services/GetThings"[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Authorization: Basic bXliVlcHJpbQbWwOTkxMjg=[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Content-Length: 317[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Host: api.test.com[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Connection: Keep-Alive[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"

SSLSocket blocks mostly over 3G but works over wifi

I have a very strange problem regarding networking. I created an andorid app which connects securely to a server running on a PC. Note that though the PC is behind NAT, the respective port has been forwarded. Also PC was placed into DMZ to avoid any port forwarding issue.
The problem is that when I use the code over WIFI, it works perfectly, however, over 3G it almost always (29 out of 30) blocks in the SSLSocket's getOutputStream method (on server side the accept happens).
Can you please assist me what the issue can be?
Thank you
Client code:
E.log("establishing connection: trying to create context");
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[]{new X509TrustManager(){
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}}}, new SecureRandom());
E.log("establishing connection: trying to create socket factory");
SSLSocketFactory factory = (SSLSocketFactory) context.getSocketFactory ();
E.log("establishing connection: trying to create socket");
kkSocket = (SSLSocket)
factory.createSocket(host, Integer.parseInt(port));
E.log("establishing connection: trying to create out writer");
out = new PrintWriter(kkSocket.getOutputStream(), true);
E.log("establishing connection: trying to create in reader");
in = new BufferedReader(new InputStreamReader
(kkSocket.getInputStream()));
Failing log:
04-15 00:07:59.066: E/Bubu(17340): starting thread
04-15 00:07:59.076: I/System.out(17340): Mon Apr 15 00:07:59 CEST 2013 - establishing connection: trying to create context
04-15 00:07:59.076: I/System.out(17340): Mon Apr 15 00:07:59 CEST 2013 - establishing connection: trying to create socket factory
04-15 00:07:59.076: I/System.out(17340): Mon Apr 15 00:07:59 CEST 2013 - establishing connection: trying to create socket
04-15 00:07:59.146: D/dalvikvm(17340): GC_CONCURRENT freed 190K, 5% free 7530K/7880K, paused 4ms+2ms, total 23ms
04-15 00:08:01.056: I/System.out(17340): Mon Apr 15 00:08:01 CEST 2013 - establishing connection: trying to create out writer
Success:
04-15 00:13:15.506: E/Bubu(17750): starting thread
04-15 00:13:15.526: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create context
04-15 00:13:15.536: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create socket factory
04-15 00:13:15.536: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create socket
04-15 00:13:15.556: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create out writer
04-15 00:13:15.746: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create in reader
04-15 00:13:15.746: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - from server:bubu