-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcurlstuff
85 lines (73 loc) · 4.97 KB
/
curlstuff
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#CURL COMMANDS and SSH ( POST at the bottom json )
quick-n-dirty curl examples out of the blue:
11:31
root@kali:/home/ec2-user# cat bwaf_login.sh
curl $1/restapi/v3.1/login -X POST -H Content-Type:application/json -d '{"username":"'$2'", "password":"'$3'"}' > blah.txt
sed 's/"/ /g' < blah.txt | awk '{print "-u \"" $4 ":\"" }' > token.txt
echo "Your Token Is: "
cat token.txt
echo "Example of using this token to get the services on the waf: curl -K token.txt <waf url>/restapi/v3.1/services"
root@kali:/home/ec2-user# ./bwaf_login.sh http://bwaf99.eastus.cloudapp.azure.com:8000 admin REDACTED
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 168 0 124 100 44 733 260 --:--:-- --:--:-- --:--:-- 994
Your Token Is:
-u "eyJldCI6IjE2MDQ5NjI5MTgiLCJwYXNzd29yZCI6IjUwYjc1MDM5MGIzZWFhNDNhMzdiNDU2ODBj\nMjBjNmRmIiwidXNlciI6ImFkbWluIn0=\n:"
Example of using this token to get the services on the waf: curl -K token.txt <waf url>/restapi/v3.1/services (edited)
11:31
root@kali:/home/ec2-user# curl -K token.txt http://bwaf99.eastus.cloudapp.azure.com:8000/restapi/v3.1/services
{"token":"eyJ1c2VyIjoiYWRtaW4iLCJwYXNzd29yZCI6IjNiNTViMzZjZTk1YTAxYTg2ZjI1NzdlMTJmMGZl\nMGYxIiwiZXQiOiIxNjA0OTYyMTkxIn0=\n","data":{"web1":{"SSL Client Auth
entication":{"enforce-client-certificate":"Yes","trusted-certificates":[],"client-certificate-for-rule":[],"client-authentication":"Disable"},"Adaptive Prof
iling":{"content-types":["text/html","text/css"],"trusted-host-group":"","ignore-parameters":[],"request-learning":"Successes and Redirects","response-learn
ing":"Successes and Redirects","navigation-parameters":[],"status":"Off"},"Comment Spam":{"exception-patterns":[],"parameter":[]},"URL Encryption":{"status"
:"On"},"Basic Security":{"web-firewall-log-level":"5-Notice","mode":"Active","ignore-case":"Yes","rate-control-pool":"NONE","rate-control-status":"Off","tru
sted-hosts-action":"Default","trust < ETC ETC ETC >
curl http://<your BWAF public IP>:8000/restapi/v3.1/login -X POST -H Content-Type:application/json -d '{"username": "admin", "password": "Hello123456!"}'
curl -X POST "http://<your BWAF public IP>:8000/restapi/v3.1/services " -H "accept: application/json" -u "eyJldCI6IjE1NzkzOTE3NTAiLCJ1c2VyIjoiYWRtaW4iLCJwYXNzd29yZCI6IjNkYWMwMDMzNTI2\nZGFjMDUxZThmZmM0YzY4ZWEzZmU0In0=\n:" -H "Content-Type: application/json" -d '{ "address-version": "IPv4", "app-id": "curl_app_id", "ip-address": "10.0.1.5", "name": "curl_service", "port": 80, "status": "On", "type": "HTTP"}'
curl -X POST "http://<your BWAF public IP>:8000/restapi/v3.1/services/curl_service/servers " -H "accept: application/json" -u "eyJldCI6IjE1NzkzOTE3NzMiLCJwYXNzd29yZCI6ImZkZTczYzNlNTMzM2JlOWRkZmQwNTQ1NmE4\nZDViMWI5IiwidXNlciI6ImFkbWluIn0=\n:" -H "Content-Type: application/json" -d '{ "ip-address": "10.0.1.4", "status": "In Service", "comments": "string", "port": 8080, "address-version": "IPv4", "identifier": "IP Address", "name": "curl_server"}'
ssh azureuser@<your ubuntu public IP>
sudo su
apt-get --yes --force-yes update
apt install docker.io --yes --force-yes
docker run -d --rm -it -p 8080:80 vulnerables/web-dvwa
for ((i=1;i<=10000;i++)); do curl -v -k "http://webgoat.wolmarans.com/WebGoat/login/"; sleep 10; done
curl -i -X POST -d username='<script>alert("Hello!!!");</script>' -d password=pass http://alb1-1319124074.us-east-1.elb.amazonaws.com/WebGoat/login
for ((i=1;i<=10000;i++)); do curl -i -X POST -d username='<script>alert("Hello!!!");</script>' -d password=pass http://alb1-1319124074.us-east-1.elb.amazonaws.com/WebGoat/login; sleep 10; done ← GOLDEN CALF!
root@kali:/home/ec2-user# cat bwaf_exported_snippet.json
{
"config": [
{
"operation": "EDIT",
"type": "client-profile",
"payload": {
"high-risk-score": "80",
"medium-risk-score": "60",
"exception-client-fingerprints": [],
"client-profile": "Yes"
},
"parent": "/restapi/v3/security-policies/default"
}
],
"Metadata": {
"Hostname": "barracuda",
"Serial Number": "1321665",
"System IP Address": "10.5.2.6",
"Firmware Version": "10.1.1.006",
"Number of Objects": 1,
"Generation Time": "2020-11-22_07-56-06"
}
}
root@kali:/home/ec2-user# cat bwaf_json_
bwaf_json_encoded.txt bwaf_json_post.sh
root@kali:/home/ec2-user# cat bwaf_json_post.sh
curl $1/restapi/v3.1/login -X POST -H Content-Type:application/json -d '{"username":"'$2'", "password":"'$3'"}' > blah.txt
sed 's/"/ /g' < blah.txt | awk '{print "-u \"" $4 ":\"" }' > bwaf_token.txt
echo "Your Token Is: "
cat bwaf_token.txt
echo -n '{ "json-file-content": "' > bwaf_import_snippet.json
base64 bwaf_exported_snippet.json > bwaf_json_encoded.txt
cat bwaf_json_encoded.txt >> bwaf_import_snippet.json
echo '", "operation": "Validate"}' >> bwaf_import_snippet.json
cat bwaf_import_snippet.json
curl -K bwaf_token.txt -X POST $1/restapi/v3.1/ops/import-configuration -H "accept: application/json" -H "Content-Type: application/json" -d @bwaf_import_snippet.json
root@kali:/home/ec2-user#