commit a8872467a8a38e445db19548fb9d89cb8b576d66 Author: Arturo Filastò <art@fuffa.org> Date: Thu Nov 29 17:19:13 2012 +0100 Rename documentation for HTTP Invalid Request Line --- docs/source/tests/http_invalid_request_line.rst | 164 +++++++++++++++++++++++ docs/source/tests/http_invalid_requests.rst | 164 ----------------------- 2 files changed, 164 insertions(+), 164 deletions(-) diff --git a/docs/source/tests/http_invalid_request_line.rst b/docs/source/tests/http_invalid_request_line.rst new file mode 100644 index 0000000..f14a18d --- /dev/null +++ b/docs/source/tests/http_invalid_request_line.rst @@ -0,0 +1,164 @@ +Details +======= + +*Test Name*: HTTP Invalid Request Line + +*Current version*: 0.1.3 + +*NetTest*: HTTP Invalid Request Line (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/nettests/manipulatio...) + +*Test Helper*: TCPEchoHelper (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/oonib/testhelpers/tc...) + +*Test Type*: Traffic Manipulation + +*Requires Root*: No + +*WARNING*: This test is more dangerous to run than any other one and you +should do it only if you know what you are doing. + +Description +=========== + +The goal of this test is to do some very basic and not very noisy fuzzing +on the HTTP request line. We generate a series of requests that are not +valid HTTP requests. + +The remote backend runs a TCP echo server. If the response from the backend +does not match with what we have sent then we say that tampering is occuring. + +The idea behind this is that certain transparent HTTP proxies may not be +properly parsing the HTTP request line. + +Unless elsewhere stated 'Xx'\*N refers to N\*2 random upper or lowercase ascii +letters or numbers ('XxXx' will be 4). + +What we fuzz is the following: + +test random invalid method +************************** + +This sends random 4 letter HTTP request method. + +The request on the wire will look like this: + +:: + XxXxX / HTTP/1.1\n\r + + +test random invalid field count +****************************** + +This generates a request that looks like this: + +:: + XxXxX XxXxX XxXxX XxXxX + + This may trigger some bugs in the HTTP parsers of transparent HTTP + proxies. + + +test random big request method +****************************** + +This generates a request that looks like this: + +:: + + Xx*512 / HTTP/1.1 + + +test random invalid version number +********************************** + +This generates a request that looks like this: + +:: + GET / HTTP/XxX + +This attemps to trigger bugs in the parsing of the HTTP version number, that +is usually being split on the `.`. + +How to run the test +=================== + +`./bin/ooniprobe nettests/manipulation/http_invalid_request_line.py -b <address of backend>` + +*address of the backend* is the hostname or IP address of a backend that runs +a TCP echo server on port 80. + +Sample report +============= + +From running: + +`./bin/ooniprobe nettests/manipulation/http_invalid_request_line.py -b 127.0.0.1 -p 57002` + +:: + + ########################################### + # OONI Probe Report for HTTP Invalid Request Line test + # Thu Nov 29 16:41:15 2012 + ########################################### + --- + options: + collector: null + help: 0 + logfile: null + pcapfile: null + reportfile: null + resume: 0 + subargs: [-b, 127.0.0.1, -p, '57002'] + test: nettests/manipulation/http_invalid_request_line.py + probe_asn: null + probe_cc: null + probe_ip: 127.0.0.1 + software_name: ooniprobe + software_version: 0.0.7.1-alpha + start_time: 1354200075.0 + test_name: HTTP Invalid Request Line + test_version: 0.1.3 + ... + --- + input: null + report: + received: ["L3F6 / HTTP/1.1\n\r"] + sent: ["L3F6 / HTTP/1.1\n\r"] + tampering: false + test_name: test_random_invalid_method + test_runtime: 5.011919021606445 + test_started: 1354203675.481258 + ... + --- + input: null + report: + received: ["GET / HTTP/Ayo\n\r"] + sent: ["GET / HTTP/Ayo\n\r"] + tampering: false + test_name: test_random_invalid_version_number + test_runtime: 5.019288063049316 + test_started: 1354203675.48221 + ... + --- + input: null + report: + received: ["RZRcu OyLtu Jtu2T cs0ER\n\r"] + sent: ["RZRcu OyLtu Jtu2T cs0ER\n\r"] + tampering: false + test_name: test_random_invalid_field_count + test_runtime: 5.022854804992676 + test_started: 1354203675.483127 + ... + --- + input: null + report: + received: ["iB2HrwJeB512y5CrAAaIpETZ5RMprmGO4RCex24Kmqkjguc2XsOrGXR3qJIERw1IX13uGWVs1kOd96Y0zsR4ufcktGFnP0gYakTq7GA63rNNOmlG9tNXABnBEHfkHYhrwdrewAKdqZ2lGls66NBY7fbL9xkOsHBjXq7TkvS8MOeTb74wcxKymp1NLOa8u7C8XP9qpafQtWBrC4dkEVjppjlFyetg1tu8zomDUCBx9y2tB411d8lw7WOSMfDiQWG327aVanxaOj9WgZ2u2eu0595UiJxZxMk1LYa96vHvmB1DrX0DoJUkUg2fcEOlia3pVoFfcpbd3TQ0GwEoewU3F48Qvpf2AuOIcPgrYa1XszLCyUoToygc5J6WgIH7f1phsEpmmZ6my9KChZdnazc7mNbCwLB3Z1wMwcoFW1XuDvAhTr8OYoY17360SYkAqEBhYh8uiD4xdIq0T0KJzsJW5wghjCMjRjFyfk3wyDXaPLp7vkeeqbA3FNFatFQlUCTIkqqqM3EjAojynvCDVyrThGlmsauS9Ejhc9TaDojeT3s8HZY3KIDHwCRvpGgpwFie2NyhzmwY2y4YFMcnGXT2jlwsVE1K2fZZ7yGbKqbciuh5Q32JNvQBdGy3N63PWyZIxWhfythHOVBE9GXAr99DqEXUeiRkfNer5aVRt87rDBuLx13IrbCE6runHdoZEq0iXs7IySfw5qqt00fExbaN9UlSDyxyYIrIymrSTSUWWprTqiezn1toQZpxEl53pv4ZnLx00CSMYxWTzMDNSHLpovdAI9A27ugY2uHmPETKHbaLsTzNRtNiZAS9WidDi0oAxdICB47dnJA2CXvBaXeq2nsRasgQ9qqNl0RbTC8vhXgIq8nZZQn0iehXsP5mPXshpALyfAhoLwiChRif8FODkKdAgciLviTvyadpecb6HqRVfM8rLzMPkuXT2I21yB7NVQQLraJOeDO TvmtsV2gw2I2ON8xKtHO78VQfo357yBryndTQTRTk9FPnijwcwusn\ + \ / HTTP/1.1\n\r"] + sent: ["iB2HrwJeB512y5CrAAaIpETZ5RMprmGO4RCex24Kmqkjguc2XsOrGXR3qJIERw1IX13uGWVs1kOd96Y0zsR4ufcktGFnP0gYakTq7GA63rNNOmlG9tNXABnBEHfkHYhrwdrewAKdqZ2lGls66NBY7fbL9xkOsHBjXq7TkvS8MOeTb74wcxKymp1NLOa8u7C8XP9qpafQtWBrC4dkEVjppjlFyetg1tu8zomDUCBx9y2tB411d8lw7WOSMfDiQWG327aVanxaOj9WgZ2u2eu0595UiJxZxMk1LYa96vHvmB1DrX0DoJUkUg2fcEOlia3pVoFfcpbd3TQ0GwEoewU3F48Qvpf2AuOIcPgrYa1XszLCyUoToygc5J6WgIH7f1phsEpmmZ6my9KChZdnazc7mNbCwLB3Z1wMwcoFW1XuDvAhTr8OYoY17360SYkAqEBhYh8uiD4xdIq0T0KJzsJW5wghjCMjRjFyfk3wyDXaPLp7vkeeqbA3FNFatFQlUCTIkqqqM3EjAojynvCDVyrThGlmsauS9Ejhc9TaDojeT3s8HZY3KIDHwCRvpGgpwFie2NyhzmwY2y4YFMcnGXT2jlwsVE1K2fZZ7yGbKqbciuh5Q32JNvQBdGy3N63PWyZIxWhfythHOVBE9GXAr99DqEXUeiRkfNer5aVRt87rDBuLx13IrbCE6runHdoZEq0iXs7IySfw5qqt00fExbaN9UlSDyxyYIrIymrSTSUWWprTqiezn1toQZpxEl53pv4ZnLx00CSMYxWTzMDNSHLpovdAI9A27ugY2uHmPETKHbaLsTzNRtNiZAS9WidDi0oAxdICB47dnJA2CXvBaXeq2nsRasgQ9qqNl0RbTC8vhXgIq8nZZQn0iehXsP5mPXshpALyfAhoLwiChRif8FODkKdAgciLviTvyadpecb6HqRVfM8rLzMPkuXT2I21yB7NVQQLraJOeDOTvmt sV2gw2I2ON8xKtHO78VQfo357yBryndTQTRTk9FPnijwcwusn\ + \ / HTTP/1.1\n\r"] + tampering: false + test_name: test_random_big_request_method + test_runtime: 5.026142120361328 + test_started: 1354203675.484211 + ... + + diff --git a/docs/source/tests/http_invalid_requests.rst b/docs/source/tests/http_invalid_requests.rst deleted file mode 100644 index f14a18d..0000000 --- a/docs/source/tests/http_invalid_requests.rst +++ /dev/null @@ -1,164 +0,0 @@ -Details -======= - -*Test Name*: HTTP Invalid Request Line - -*Current version*: 0.1.3 - -*NetTest*: HTTP Invalid Request Line (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/nettests/manipulatio...) - -*Test Helper*: TCPEchoHelper (https://gitweb.torproject.org/ooni-probe.git/blob/HEAD:/oonib/testhelpers/tc...) - -*Test Type*: Traffic Manipulation - -*Requires Root*: No - -*WARNING*: This test is more dangerous to run than any other one and you -should do it only if you know what you are doing. - -Description -=========== - -The goal of this test is to do some very basic and not very noisy fuzzing -on the HTTP request line. We generate a series of requests that are not -valid HTTP requests. - -The remote backend runs a TCP echo server. If the response from the backend -does not match with what we have sent then we say that tampering is occuring. - -The idea behind this is that certain transparent HTTP proxies may not be -properly parsing the HTTP request line. - -Unless elsewhere stated 'Xx'\*N refers to N\*2 random upper or lowercase ascii -letters or numbers ('XxXx' will be 4). - -What we fuzz is the following: - -test random invalid method -************************** - -This sends random 4 letter HTTP request method. - -The request on the wire will look like this: - -:: - XxXxX / HTTP/1.1\n\r - - -test random invalid field count -****************************** - -This generates a request that looks like this: - -:: - XxXxX XxXxX XxXxX XxXxX - - This may trigger some bugs in the HTTP parsers of transparent HTTP - proxies. - - -test random big request method -****************************** - -This generates a request that looks like this: - -:: - - Xx*512 / HTTP/1.1 - - -test random invalid version number -********************************** - -This generates a request that looks like this: - -:: - GET / HTTP/XxX - -This attemps to trigger bugs in the parsing of the HTTP version number, that -is usually being split on the `.`. - -How to run the test -=================== - -`./bin/ooniprobe nettests/manipulation/http_invalid_request_line.py -b <address of backend>` - -*address of the backend* is the hostname or IP address of a backend that runs -a TCP echo server on port 80. - -Sample report -============= - -From running: - -`./bin/ooniprobe nettests/manipulation/http_invalid_request_line.py -b 127.0.0.1 -p 57002` - -:: - - ########################################### - # OONI Probe Report for HTTP Invalid Request Line test - # Thu Nov 29 16:41:15 2012 - ########################################### - --- - options: - collector: null - help: 0 - logfile: null - pcapfile: null - reportfile: null - resume: 0 - subargs: [-b, 127.0.0.1, -p, '57002'] - test: nettests/manipulation/http_invalid_request_line.py - probe_asn: null - probe_cc: null - probe_ip: 127.0.0.1 - software_name: ooniprobe - software_version: 0.0.7.1-alpha - start_time: 1354200075.0 - test_name: HTTP Invalid Request Line - test_version: 0.1.3 - ... - --- - input: null - report: - received: ["L3F6 / HTTP/1.1\n\r"] - sent: ["L3F6 / HTTP/1.1\n\r"] - tampering: false - test_name: test_random_invalid_method - test_runtime: 5.011919021606445 - test_started: 1354203675.481258 - ... - --- - input: null - report: - received: ["GET / HTTP/Ayo\n\r"] - sent: ["GET / HTTP/Ayo\n\r"] - tampering: false - test_name: test_random_invalid_version_number - test_runtime: 5.019288063049316 - test_started: 1354203675.48221 - ... - --- - input: null - report: - received: ["RZRcu OyLtu Jtu2T cs0ER\n\r"] - sent: ["RZRcu OyLtu Jtu2T cs0ER\n\r"] - tampering: false - test_name: test_random_invalid_field_count - test_runtime: 5.022854804992676 - test_started: 1354203675.483127 - ... - --- - input: null - report: - received: ["iB2HrwJeB512y5CrAAaIpETZ5RMprmGO4RCex24Kmqkjguc2XsOrGXR3qJIERw1IX13uGWVs1kOd96Y0zsR4ufcktGFnP0gYakTq7GA63rNNOmlG9tNXABnBEHfkHYhrwdrewAKdqZ2lGls66NBY7fbL9xkOsHBjXq7TkvS8MOeTb74wcxKymp1NLOa8u7C8XP9qpafQtWBrC4dkEVjppjlFyetg1tu8zomDUCBx9y2tB411d8lw7WOSMfDiQWG327aVanxaOj9WgZ2u2eu0595UiJxZxMk1LYa96vHvmB1DrX0DoJUkUg2fcEOlia3pVoFfcpbd3TQ0GwEoewU3F48Qvpf2AuOIcPgrYa1XszLCyUoToygc5J6WgIH7f1phsEpmmZ6my9KChZdnazc7mNbCwLB3Z1wMwcoFW1XuDvAhTr8OYoY17360SYkAqEBhYh8uiD4xdIq0T0KJzsJW5wghjCMjRjFyfk3wyDXaPLp7vkeeqbA3FNFatFQlUCTIkqqqM3EjAojynvCDVyrThGlmsauS9Ejhc9TaDojeT3s8HZY3KIDHwCRvpGgpwFie2NyhzmwY2y4YFMcnGXT2jlwsVE1K2fZZ7yGbKqbciuh5Q32JNvQBdGy3N63PWyZIxWhfythHOVBE9GXAr99DqEXUeiRkfNer5aVRt87rDBuLx13IrbCE6runHdoZEq0iXs7IySfw5qqt00fExbaN9UlSDyxyYIrIymrSTSUWWprTqiezn1toQZpxEl53pv4ZnLx00CSMYxWTzMDNSHLpovdAI9A27ugY2uHmPETKHbaLsTzNRtNiZAS9WidDi0oAxdICB47dnJA2CXvBaXeq2nsRasgQ9qqNl0RbTC8vhXgIq8nZZQn0iehXsP5mPXshpALyfAhoLwiChRif8FODkKdAgciLviTvyadpecb6HqRVfM8rLzMPkuXT2I21yB7NVQQLraJOeDO TvmtsV2gw2I2ON8xKtHO78VQfo357yBryndTQTRTk9FPnijwcwusn\ - \ / HTTP/1.1\n\r"] - sent: ["iB2HrwJeB512y5CrAAaIpETZ5RMprmGO4RCex24Kmqkjguc2XsOrGXR3qJIERw1IX13uGWVs1kOd96Y0zsR4ufcktGFnP0gYakTq7GA63rNNOmlG9tNXABnBEHfkHYhrwdrewAKdqZ2lGls66NBY7fbL9xkOsHBjXq7TkvS8MOeTb74wcxKymp1NLOa8u7C8XP9qpafQtWBrC4dkEVjppjlFyetg1tu8zomDUCBx9y2tB411d8lw7WOSMfDiQWG327aVanxaOj9WgZ2u2eu0595UiJxZxMk1LYa96vHvmB1DrX0DoJUkUg2fcEOlia3pVoFfcpbd3TQ0GwEoewU3F48Qvpf2AuOIcPgrYa1XszLCyUoToygc5J6WgIH7f1phsEpmmZ6my9KChZdnazc7mNbCwLB3Z1wMwcoFW1XuDvAhTr8OYoY17360SYkAqEBhYh8uiD4xdIq0T0KJzsJW5wghjCMjRjFyfk3wyDXaPLp7vkeeqbA3FNFatFQlUCTIkqqqM3EjAojynvCDVyrThGlmsauS9Ejhc9TaDojeT3s8HZY3KIDHwCRvpGgpwFie2NyhzmwY2y4YFMcnGXT2jlwsVE1K2fZZ7yGbKqbciuh5Q32JNvQBdGy3N63PWyZIxWhfythHOVBE9GXAr99DqEXUeiRkfNer5aVRt87rDBuLx13IrbCE6runHdoZEq0iXs7IySfw5qqt00fExbaN9UlSDyxyYIrIymrSTSUWWprTqiezn1toQZpxEl53pv4ZnLx00CSMYxWTzMDNSHLpovdAI9A27ugY2uHmPETKHbaLsTzNRtNiZAS9WidDi0oAxdICB47dnJA2CXvBaXeq2nsRasgQ9qqNl0RbTC8vhXgIq8nZZQn0iehXsP5mPXshpALyfAhoLwiChRif8FODkKdAgciLviTvyadpecb6HqRVfM8rLzMPkuXT2I21yB7NVQQLraJOeDOTvmt sV2gw2I2ON8xKtHO78VQfo357yBryndTQTRTk9FPnijwcwusn\ - \ / HTTP/1.1\n\r"] - tampering: false - test_name: test_random_big_request_method - test_runtime: 5.026142120361328 - test_started: 1354203675.484211 - ... - -