There's a file that I know it's packed with NSIS,and the logic of download file and then Exec highly possible using the NSIS functions like ExecWait in NSIS,
The Problem is :
I'm try to replace the file that NSIS downloaded from web so I could do some tests, first I changed the hosts and made a http server with web.py,so the original url hijacked to myself server and I put a redirect download file link with,and on server I saw 200 but in the client I use some tool find out it returning 400.(I direct print the url in a browser and it worked well download the hijacked file) I don't know what's wrong.
web.py Codes
def GET(self, name):
raise web.redirect('/static/test.exe')
Logs 4 the file download
GET 302 240 Redirect url1,url2
GET 302 300 Redirec url2,url3
GET 200 1.27 M application/octet-stream url3
So I want to know
what may cause the problem of 400 code,even in my python webpy server it showed 200? (sry I'm not familiar with http)
anyone familiar with NSIS,Is there some other solution I could do this hijack? I've tried with R3 hook,But seems failed,since I don't know with API to hook.
In the past I heard of Fiddler could help me with my task,But that traffic just don't show in Fiddler,Maybe The NSis download Fiddler can't capture? And with HttpAnalyze I could see that traffic(the log upon),but I can't do what I want,So Is there any other tool could feed my needs(maybe Made a rule with when xxurl then replace it with myurl)?
There are different download plug-ins for NSIS, some are custom HTTP clients and some use WinINet.
The two most popular plug-ins are NSISdl and INetC. NSISdl is a custom HTTP client but it should support 301 and 302 redirects and INetC uses WinINet and should work if Internet Explorer works.
I would suggest that you just redirect the domain name to 127.0.0.1 in your hosts file and run a simple HTTP file server locally without any kind of redirection, just recreate the required folder structure and use the filename requested by the installer. If that works then you might have to use WireShark to figure out why the redirect fails...
#Anders give me some good advices.But since the url is not static(\xx.exe xx is random),so I can't made a local path same as the Url folder structure :(
Finally I find out it may dued to Http header in past web.py response.
I was wrong to direcly redirect to a static file on webpy server
web.redirect('/static/test.exe'),even in the past I could download it in browser.but it's header may not feeds original exe needs.
Here's my Solution
Redirect the domain name to 127.0.0.1 in hosts file and run a simple HTTP file server locally.Then still using web.py but change the redirect with
web.HTTPError('301', {'Location': 'http://myfileurl'})
And It worked :)
Related
I have configured a webserver on localhost with https using Microsoft IIS Administration. I am able to browse directory with files with browsers and Visual Studio using localhost prefixed with https, such as https://localhost/trial etc.
I wish to upload a file to the said directory, ie., trial, using Libcurl to test some features. Unfortunately I'm unable to do so.
Using the same Libcurl example as given on
Libcurl File Upload
-modified for https, the console window tells me that the following has occurred, upon running the code :
IIS 10.0 Detailed Error - 405.0 - Method Not Allowed
HTTP Error 405.0 - Method Not Allowed The page you are
looking for cannot be displayed because an invalid method (HTTP verb)
is being used.
I checked the IIS Administrator and saw that all authorizations are allowed. I suppose the fact that it is flagging a HTTP verb issue rather than HTTPS as I'd enabled and used as URL in code isn't a big thing?
Libcurl uses PUT for uploading files, so should be an allowed verb.
I am quite new to this, so I'm not certain I did something incorrect with the setting up of the webserver, or whether there are security issues or permission issues which are causing a problem here.
As far as I know, there is impossible to use http put or post a file to a IIS web application's folder without writing server-side code. Otherwise, configure an FTP site on your IIS installation. Then you could use ftp command to upload the file.
If you really need using HTTP put or post to upload the file, you could consider using WebDav.
More details about what is webdev and how to use it, you could refer to below article.
https://learn.microsoft.com/en-us/iis/install/installing-publishing-technologies/installing-and-configuring-webdav-on-iis
https://learn.microsoft.com/en-us/iis/get-started/whats-new-in-iis-7/what39s-new-for-webdav-and-iis-7
Try hostname instead of localhost
Add a trailing slash (/) for the directory.
Is there any way to set up IIS in a way that no file can be downloaded? (without xml configuration and using the IIS UI only).
I know I can remove all mime-types but that is inconvenient, I'm looking for a better option.
You cannot stop of css or js as the server cannot differentiate between a normal
request and a download request when it comes to css or js.
Say you have a CSS or js included in your webpage any html page .This css file will need to be downloaded by the browser.So at server side(IIS) you cannot differentiate a normal download request or browser request. You can deny the download request if the referrer is not matching.For example if someone take sthe URL and directly copying and pasting it in another browser,the referrer header will not be present.Similarly if someone else hotlink to your resources(css,js files),you can stop that too.
By deny download based on Referrer using URLRewrite
I am trying to build mu first web application with yii
From what I understood a .htaccess file must be in the project folder
in the localhost every things work fine, but when I upload the whole project my remote server doesn't accept .htaccess files and I get 404 not found (server error not yii error)
there is an alternative to this problem ?
many thanks in advance
There is no alternative when using a Front Controller pattern. Only on the http server you can redirect all wanted requests to a single central point. It is weird though that you cannot use .htaccess.
One more question: are you using apache or something else as a web server? Because .htaccess is apache specific to the best of my knowledge, for other servers you need differend configuration in differend other places.
update
Here is the situation:
I'm working on a website that has no physical folder structure. Nothing had been planned or controlled and there were about 4 consecutive webmasters.
Here is an example of an especially ugly directory
\new\new\pasite-new.asp
most pages are stored in a folder with the same name as the file, for maximum redundancy.
\New\10cap\pasite-10cap.asp
\QL\Address\PAsite-Address.asp
each of these [page directories]? (I don't know what else to call them) has an include folder, the include folder contains the same *.inc files in every case, just copied about 162 times for each page directory. The include folder was duplicated so that the
<!--#include file="urlstring"--> would work correctly due to lack of understanding of relative paths, and the #inclue virtual directive or using server.execute()
Here is a picture if my explanation was lacking.
Here are some of my limitations:
The site is written in ASP classic
Server is Windows Server 2003 R2 SP2 , IIS 6 (According to my resource)
I have no access to the IIS server
I would have to go through a process to add any modules or features to iis
What changes can I make that would allow me to move pages around and rename them while not breaking incoming links from external sites that still use the poorly formed URLs?
To make my question more specific.
How can I move the file 10cap.asp from \new\10cap\ to a better location like \ and rename the file to someting like saveourhomescap.asp and not break any incoming links and finally, not have to leave a dummy 10cap.asp page in the original location with a redirect to the new page.
Wow, that's a lot of limitations to deal with.
Can you setup a custom error page? If so you can add some code into a custom error page that would redirect users to the new page. So maybe you create a custom 404 page, and in that page you grab the query string variable and based on that send the user to the correct "new" page. That would allow you to delete all of the old pages.
Here is a pretty good article on this method: URL Rewriting for Classic ASP
Well, you have a lot of limitations and especially no access to the IIS server hurts. An ISAPI module for URL rewriting is not an option here (IIS) and equally a custom 404 page where you could read the referer and forward with a HTTP 301 won't work (IIS).
I would actually recommend you to go through the process and let them install:
An ISAPI URL rewriting module
or if that doesn't work (for any reason):
Let them point the HTTP 404 of your web to a custom 404.asp, read the referer and redirect with a HTTP 301 (Moved Permanently) to your new location.
If none of this is an option for you, I can think about another possibility. I haven't actually tried that so I'm not 100% sure if it will work, but in theory it sounds good ;)
You could make in your global.asa in the Session_OnStart event a Response.Redirect or change the header of your response to a HTTP 301. This will actually only work for new users and not fix real 404 errors. Sorry, for the pseudo code, but it's a while ago that I had anything to do with classic ASP and I think you'll get what I mean ;)
sub Session_OnStart
' here should be a Select Case switch or something like that
Response.Redirect("newlocation.asp")
' or if that will work, this would be better (again with switch)
Response.Status = "301 Moved Permanently"
Response.AddHeader "Location", "http://company.com/newlocation.asp"
end sub
Hope that helps.
I recommend using URL Rewrite for that, see the following blog about it, in particular "Site Reorganization":
http://blogs.msdn.com/b/carlosag/archive/2008/09/02/iis7urlrewriteseo.aspx
For more info about URL Rewrite see: http://www.iis.net/download/URLRewrite
You can try ISAPIRewrite since it's classic ASP + IIS6
http://www.isapirewrite.com/
They have a lite version which is free, probably good enough for your use.
urlrewrite will only work if you can install a dll on the server
one of these articles will help
http://www.google.com/search?hl=en&client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&hs=qRR&q=url+rewrite+classic+asp&btnG=Search&aq=f&oq=&aqi=g-m1
basically you have to point 404 errors to an error page which will parse the incoming querystring / post info and redirect user to correct location with incoming parameters added.
variations on that theme will be found in the examples fro google.
Basically i developed my app on a localhost wamp server with PHP 5. ON uploading to the actual host i notice that
The server is running php 4.4.9
Everytime i upload my .htaccess file, the server removes it completely.. seems to not be allowed
When i test out the set all i get is a 404 page not found
Any help on how to make it work on this PHP 4 server?
I did a test with CI 1.7.2, default installation.. works on my local server but when uploaded does not work, does this mean that the server does not support it?
I'm sure this isn't what you want to here, but get a new server. Here are the reasons why:
PHP 4 is no longer well supported. It's insecure.
If the server is removing .htaccess files, they are also unsupported on that server, giving you one more reason to move.
Code Igniter runs best with PHP 5 and with an .htaccess file.
The gist of this is you are going to have to hack your code back into the dark ages to get this to work, and then you will still have pretty URL issues and overall system instability. If you can make the switch, do.
If you cannot use .htaccess files with CodeIgniter, in system/application/config/config.php there is a configuration key called index_page. You need to set that to whatever page you have bootstrapping CodeIgniter (usually /index.php)
Then, make sure all your links that get routed through CI either target index.php/controller/action/params... or utilize the URL helper (with site_url or anchor) to automatically put in the index.php
Joe Mills is exactly right in his answer, though. CI works best with PHP 5 and .htaccess.
See CI URLs and CI URL Helper for documentation.
Well i found out how to fix several things
The issue with .htaccess would be to just not use modrewrite as such i put "query_string" option in my path variavable and this works.
The other issue, which was the major issue was that i was using Datamapper library which is a php 5 only library.