applicationlayer

use LWP::UserAgent;
$ua = LWP::UserAgent->new;
require HTTP::Request;
require HTTP::Response;
if( $#ARGV != 1 )
  { die "Usage: geturireq.pl [target IP] [FileName]\nEx: geturireq.pl 192.168.1.20 Query.txt\n"; }
$ipaddress = $ARGV[0];
$fileName = $ARGV[1] ;
if( -d $fileName )
  { die "$fileName is a directory.\n"; }
-e $fileName || die "$fileName is not exist.\n";
-T $fileName || die "$fileName is not a text file.\n";
open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$i = 1;
while($aLine =<fileHandle>)
{
  if($aLine=~/(?<=GET\s).*(?=\sHTTP\/\d\.\d)/)
  {
  $qu = 'http://'.$ipaddress.$&;
  $req = HTTP::Request->new(GET => $qu);
  $res = $ua->request($req);
  print $i.'. '.$qu."\r\n";
  $i=$i+1;
  }
}

현재 실행 중인 기능함수와 그 기능함수를 호출한 기능함수에 대한 인수를 나타내는 개체이다

 

함수가 호출되면 그 함수에 대한 Arguments 객체가 생성된다. Arguments 객체는 원칙적으로 배열이 아니지만 번호 붙은 속성들이 있어서 이들이 배열 원소처럼 작동하며, 이러한 배열 원소의 수를 나타내는 length 속성도 있다.

 

functionObj.length는 기능함수에서 정의된 인수의 갯수이고
functionObj.arguments.length는 기능함수가 호출될 때 전달받은 인수의 갯수이다.

 

MS09-045에서 Arguments라는 이름을 함수로써 사용하는 경우 메모리충돌이 발생하는 취약점이 발견되었다.

 

출처: koxo

 

wireshark export packet details-All expanded 에 대한 파싱스크립트

 

* HTTP GET *

==========================================================================================

if( $#ARGV < 0 )
  { die "Supply a file name, please.\n"; }
if( $#ARGV > 0 )
  { die "Too many parameter.\n"; }

$fileName = shift( @ARGV );

if( -d $fileName )
  { die "$fileName is a directory.\n"; }

-e $fileName || die "$fileName is not exist.\n";

-T $fileName || die "$fileName is not a text file.\n";

open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$matching = 0;
$i=1;
while($aLine =<fileHandle>)
{
  if($aLine =~/^\s*?GET \//)
  {
    print $i.'.'.$aLine;
    $i = $i+1;
  }
}
close(fileHandle);
==========================================================================================

 

* HTTP Header *

==========================================================================================

if( $#ARGV < 0 )
  { die "Supply a file name, please.\n"; }
if( $#ARGV > 0 )
  { die "Too many parameter.\n"; }

$fileName = shift( @ARGV );

if( -d $fileName )
  { die "$fileName is a directory.\n"; }

-e $fileName || die "$fileName is not exist.\n";

-T $fileName || die "$fileName is not a text file.\n";

open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$matching = 0;
$i=0;
while($aLine =<fileHandle>)
{
  if($aLine =~/^\s{4}\\r\\n/)
  {

    $matching = 0;
  }
  if($matching == 1)
  {
    print $i.'.'.$aLine;

   }
  if($aLine =~/Request Version: HTTP\/1\./)
  {
    $matching = 1;
    $i = $i+1;
  }

}
close(fileHandle);

==========================================================================================

* HTTP GET *

==========================================================================================

use LWP::UserAgent;
$ua = LWP::UserAgent->new;
require HTTP::Request;
require HTTP::Response;
if( $#ARGV != 1 )
  { die "Usage: geturireq.pl [target IP] [FileName]\nEx: geturireq.pl 192.168.1.20 Query.txt\n"; }
$ipaddress = $ARGV[0];
$fileName = $ARGV[1] ;
if( -d $fileName )
  { die "$fileName is a directory.\n"; }
-e $fileName || die "$fileName is not exist.\n";
-T $fileName || die "$fileName is not a text file.\n";
open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$i = 1;
while($aLine =<fileHandle>)
{
  $qu = 'http://'.$ipaddress.$aLine;
  $req = HTTP::Request->new(GET => $qu);
  $res = $ua->request($req);
  print $i.'. '.$qu;
  $i=$i+1;
}

==========================================================================================

 

* HTTP Header *

==========================================================================================

use LWP::UserAgent;
$ua = LWP::UserAgent->new;
require HTTP::Request;
require HTTP::Response;
if( $#ARGV != 1 )
  { die "Usage: geturireq.pl [target IP] [FileName]\nEx: geturireq.pl 192.168.1.20 Query.txt\n"; }
$ipaddress = $ARGV[0];
$fileName = $ARGV[1] ;
if( -d $fileName )
  { die "$fileName is a directory.\n"; }
-e $fileName || die "$fileName is not exist.\n";
-T $fileName || die "$fileName is not a text file.\n";
open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$i = 1;
while($aLine =<fileHandle>)
{
   $aLine=~/[\w_-]{1,30}(?=:\s)/;
   $fieldname = $&;
  
   $aLine=~/(?<=[\w_-]{4}:\s).+/;
   $fielddata=$&;
  $qu = 'http://'.$ipaddress.'_'.$i;
  $req = HTTP::Request->new(GET => $qu);
  $req->header($fieldname=>$fielddata);
  $res = $ua->request($req);
print $i." OK!\r\n";
$i=$i+1;
print $fieldname."\r\n".$fielddata."\r\n";
}

==========================================================================================

 

* HTTP Post Data *

==========================================================================================

use LWP::UserAgent;
$ua = LWP::UserAgent->new;
require HTTP::Request;
require HTTP::Response;
if( $#ARGV != 1 )
  { die "Usage: geturireq.pl [target IP] [FileName]\nEx: geturireq.pl 192.168.1.20 Query.txt\n"; }
$ipaddress = $ARGV[0];
$fileName = $ARGV[1] ;
if( -d $fileName )
  { die "$fileName is a directory.\n"; }

-e $fileName || die "$fileName is not exist.\n";

-T $fileName || die "$fileName is not a text file.\n";
open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$i = 1;
while($aLine =<fileHandle>)
{
  $qu = 'http://'.$ipaddress.'/post_'.$i;
  $req = HTTP::Request->new(POST => $qu);
$req->content_type('application/x-www-form-urlencoded');
$req->content($aLine);
  $res = $ua->request($req);
  print $i."\x0d\x0a";
  $i=$i+1;
}

==========================================================================================