• From: Dubai, UAE
  • Last visit: 11-Aug-2010 19:36:58
  • Registered: 19-May-2009
  • Posts: 64

Topic: [Shell-Scripting] Simple Webserver

This has been showed in July Meetup by dan_r. Also presentet in the forums here!

As requested, here are some snippets from last night:

A verbose command for downloading the top 3 videos from youtube:

wget http://www.youtube.com/ -O - 2> /dev/null | grep "<a href" | sed 's/.*<a href/<a href/' |cut -f2 -d'"' | grep "popular" | cut -f1 -d'&' | head -n 3 | sed 's/^/http:\/\/youtube.com/' | xargs -i clive {} \;

For the web server, here are the contents of a config file that must be added to /etc/xinetd.d/ 
(The name of the file doesn't matter):

service www
{
    port           = 80
    protocol       = tcp
    wait           = no
    user           = root
    server         = /home/dan/uaelug/httpd/httpd
}

And here's the example web server in bash script (for educational use only).

#! /bin/bash

docroot="/home/dan/uaelug/httpd"

# First line holds the HTTP request
read request

# Keep swallowing lines until you get a blank one
# Note: HTTP lines are terminated with CR LF, and CR='\r'
while read line; do
  test "$line" == $'\r' && break
done

# Trim the request string and log it
url=${request#GET }
url=${url% HTTP/*}
echo $url >> /home/dan/uaelug/httpd/log.txt

# Serve the request if the file exists, otherwise 404
if [ -f "${docroot}/${url}" ]; then
echo -e "HTTP/1.1 200 OK\r
Content-Type: text/html; charset=ISO-8859-1\r
\r"
cat ${docroot}/${url}
echo -e "\r"

else
echo -e "HTTP/1.1 404 Not Found\r
Content-Type: text/html; charset=UTF-8\r
\r"
cat ${docroot}/404.html
echo -e "\r"

fi

Reference: http://www.debian-administration.org/ar … ell_script

Again -> Kudos to dan_r.

http://primepage.de

xaitax's Website

  • From: Dubai, UAE
  • Last visit: 11-Aug-2010 19:36:58
  • Registered: 19-May-2009
  • Posts: 64

Re: [Shell-Scripting] Simple Webserver

Nice dan!

xai@w00t:~# diff -Naur webserver.sh webserver_alex.sh
--- webserver.sh        2009-07-14 16:33:44.000000000 +0200
+++ webserver_alex.sh   2009-07-14 16:34:58.000000000 +0200
@@ -20,6 +20,7 @@
   if [ -f "${docroot}/${url}" ]; then
   echo -e "HTTP/1.1 200 OK\r
   Content-Type: text/html; charset=ISO-8859-1\r
+  Server: Apache/1.2.6 PHP/4.0.6\r
   \r"
   cat ${docroot}/${url}
   echo -e "\r"

What about adding this line? Good honeypot if you watch the logs, might become very interesting.

/xai

http://primepage.de

xaitax's Website

  • From: Dubai, UAE
  • Last visit: 4 days ago
  • Registered: 19-May-2009
  • Posts: 62

Re: [Shell-Scripting] Simple Webserver

Cool.  But where would you run such a thing?  VPS? (expensive)

dan_r's Website

  • From: Dubai
  • Last visit: 10-Sep-2009 01:59:01
  • Registered: 19-May-2009
  • Posts: 78

Re: [Shell-Scripting] Simple Webserver

Thanks a lot Dan ... Awesome session indeed.

Alex,
Can you edit the 1st post to show the 1st verbose command:

wget http://www.youtube.com/ -O - 2> /dev/null | grep "<a href" | sed 's/.*<a href/<a href/' |cut -f2 -d'"' | grep "popular" | cut -f1 -d'&' | head -n 3 | sed 's/^/http:\/\/youtube.com/' | xargs -i clive {} \;

  • From: Dubai
  • Last visit: 10-Sep-2009 01:59:01
  • Registered: 19-May-2009
  • Posts: 78

Re: [Shell-Scripting] Simple Webserver

xaitax wrote:

Nice dan!

xai@w00t:~# diff -Naur webserver.sh webserver_alex.sh
--- webserver.sh        2009-07-14 16:33:44.000000000 +0200
+++ webserver_alex.sh   2009-07-14 16:34:58.000000000 +0200
@@ -20,6 +20,7 @@
   if [ -f "${docroot}/${url}" ]; then
   echo -e "HTTP/1.1 200 OK\r
   Content-Type: text/html; charset=ISO-8859-1\r
+  Server: Apache/1.2.6 PHP/4.0.6\r
   \r"
   cat ${docroot}/${url}
   echo -e "\r"

What about adding this line? Good honeypot if you watch the logs, might become very interesting.

/xai

What would this script do? Can you give us a brief explanation?

  • From: Dubai, UAE
  • Last visit: 11-Aug-2010 19:36:58
  • Registered: 19-May-2009
  • Posts: 64

Re: [Shell-Scripting] Simple Webserver

dan_r wrote:

Cool.  But where would you run such a thing?  VPS? (expensive)

Yes, for example.
I could run it on my Router (Linksys WRT54G2 flashed with DD-WRT[1]) for a time.

linuxhat wrote:

Can you edit the 1st post to show the 1st verbose command:

Did I miss something? It is?

[1] http://www.dd-wrt.com/dd-wrtv3/index.php

/xai

http://primepage.de

xaitax's Website

  • From: Dubai
  • Last visit: 10-Sep-2009 01:59:01
  • Registered: 19-May-2009
  • Posts: 78

Re: [Shell-Scripting] Simple Webserver

xaitax wrote:

Did I miss something? It is?

[1] http://www.dd-wrt.com/dd-wrtv3/index.php

/xai

There is command in the beigning of this post as shown below but the [ code ] option is hiding it:

A verbose command for downloading the top 3 videos from youtube:

wget http://www.youtube.com/ -O - 2> /dev/null | grep "<a href" | sed 's/.*<a href/<a href/' |cut -f2 -d'"' | grep "popular" | cut -f1 -d'&' | head -n 3 | sed 's/^/http:\/\/youtube.com/' | xargs -i clive {} \;

  • From: Dubai, UAE
  • Last visit: 11-Aug-2010 19:36:58
  • Registered: 19-May-2009
  • Posts: 64

Re: [Shell-Scripting] Simple Webserver

I have no idea which funny operating system and browser you use, but with me, everything is fine big_smile
Can you post a screenshot please?

http://primepage.de

xaitax's Website

  • From: Dubai
  • Last visit: 10-Sep-2009 01:59:01
  • Registered: 19-May-2009
  • Posts: 78

Re: [Shell-Scripting] Simple Webserver

I'm using XP and IE at work. sad

http://img33.imageshack.us/img33/3209/snapshotqjv.jpg

  • From: Dubai, UAE
  • Last visit: 11-Aug-2010 19:36:58
  • Registered: 19-May-2009
  • Posts: 64

Re: [Shell-Scripting] Simple Webserver

Will I be lapidated if I say - I don't care about IE? lol
Especially IE6.

Please have a look now, I changed something in the src.
Does it still look like before?

http://primepage.de

xaitax's Website

  • From: Dubai, UAE
  • Last visit: 4 days ago
  • Registered: 19-May-2009
  • Posts: 62

Re: [Shell-Scripting] Simple Webserver

linuxhat wrote:
linuxhat wrote:

What about adding this line? Good honeypot if you watch the logs, might become very interesting.

What would this script do? Can you give us a brief explanation?

If I understand correctly, adding this line would identify our "web server" as an old Apache/PHP stack that can be exploited.  Unpleasant people out there are scanning automatically for servers running vulnerable software.

Without much effort, you might capture a real attack in your log file.  That would be most excellent.  Like catching a fox with a piece of bubble gum and a shoe string.

P.S.: Tell your boss to install Firefox so you can surf properly smile

dan_r's Website

  • From: Dubai, UAE
  • Last visit: 11-Aug-2010 19:36:58
  • Registered: 19-May-2009
  • Posts: 64

Re: [Shell-Scripting] Simple Webserver

Oh, sorry. I completely read it over.
But Dan's explanation was - of course - 100% correct. smile

http://primepage.de

xaitax's Website

  • From: Dubai
  • Last visit: 10-Sep-2009 01:59:01
  • Registered: 19-May-2009
  • Posts: 78

Re: [Shell-Scripting] Simple Webserver

xaitax wrote:

Will I be lapidated if I say - I don't care about IE? lol
Especially IE6.

Please have a look now, I changed something in the src.
Does it still look like before?

Neither do I hmm But we gotta do what we gotta do. IE is the standard one in this company mad

It's not fixed yet. If you'll keep trying, it's for other members, I'm fine with the current one since I know how to get it.


dan_r wrote:

P.S.: Tell your boss to install Firefox so you can surf properly smile

Thanks for explaning what the script does.

It's not allowed to install apps ... I already got my final warning .. Thank you sad

  • Last visit: 15-Sep-2009 02:19:14
  • Registered: 20-May-2009
  • Posts: 59

Re: [Shell-Scripting] Simple Webserver

You should inform your superiors that everything one does in IE is permanently cached and stored in another completely hidden directory, even if you delete your history, cookies, and cache. This link provides more details:

http://membrane.com/security/secure/Mic … ulous.html

Not to mention that it'd probably be a good idea to give them a detailed report on how insecure IE is. Print out reports, and tell them that their company's computer security is at risk. Just word it up to make it seem really serious.

Let's just pretend I said something amusing here and you consider me awesome for the rest of your life.
Signature objective: ACCOMPLISHED.

v4sw6+8CHPSUYhw5ln6pr6ck7+9ma6+9u8FLNOw2DNWXm3l8DGLRSUOAamix/i52N0e4+9t3Mb9AGHMOPRSTen7a19s4+5r5p-1.25/-5.08g8ACPTV