BIN: analyse-headers: Will attempt to decode F5 Cookies

Thanks <Huw Edwards> for the idea and help implementing it.
master
Jonathan Hodgson 4 years ago
parent 0fec84e1f1
commit c6a0909917
  1. 19
      bin/.bin/webtest/analyse-headers

@ -222,6 +222,10 @@ attacks (XSS).\n\n"
This prevents the content security policy from effectively mitigating against This prevents the content security policy from effectively mitigating against
DOM based XSS attacks\n\n" DOM based XSS attacks\n\n"
fi fi
# TODO, I'd like to check for more CSP issues.
# See https://csp-evaluator.withgoogle.com/
# https://www.securing.pl/en/why-should-you-care-about-content-security-policy/
# https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa/
fi fi
if [ -n "$message" ]; then if [ -n "$message" ]; then
echo "Content-Security-Policy" | drawInBox echo "Content-Security-Policy" | drawInBox
@ -299,6 +303,21 @@ Strict means the browser sends the cookie only for same-site requests\n\n"
ret=$((ret>1 ? ret : 1)) ret=$((ret>1 ? ret : 1))
fi fi
if echo "$value" | grep -iq "bigipserver"; then
local ip_enc="$(echo "$value" | cut -d '=' -f 2 | cut -d '.' -f 1)"
local port_enc="$(echo "$value" | cut -d '=' -f 2 | cut -d '.' -f 2)"
local ip="$(echo "ibase=10;obase=16;$ip_enc"| bc | grep -o .. | tac |
while read -r part; do echo -n "$((0x$part))."; done)"
local port="$((0x$(echo "ibase=10;obase=16;$port_enc" | bc | grep -o .. | tac | tr -d '\n') ))"
if echo "$ip" | grep -Eq '([0-9]{1,3}[\.]){3}[0-9]{1,3}'; then
output+="The Cookie discloses internal IP addresses used by the load ballencer\n"
output+="IP: $ip\n"
output+="Port: $port\n\n"
output+="Remediate this by enabling cookie encryption\n\
https://support.f5.com/csp/article/K7784?sr=14607726"
ret=$((ret>1 ? ret : 1))
fi
fi
if [ "$ret" -gt 0 ]; then if [ "$ret" -gt 0 ]; then

Loading…
Cancel
Save