Ares Posted August 26, 2019 Share Posted August 26, 2019 Hello, UniGUI develops the project and is deployed on the hyper-server. For intrusion detection, there are high-risk issues as follows, please ask how to deal with. //===================================================================== HTTP verb tampering WVS /ext-6.6.0/build/classic/theme-classic/resources/images/button/ HTTP/1.1 Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate Host: User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 //===================================================================== WVS /ext-6.6.0/ HTTP/1.1 Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate Host: 220.130.39.24 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 //===================================================================== thanks Quote Link to comment Share on other sites More sharing options...
Sherzod Posted August 26, 2019 Share Posted August 26, 2019 Hello, First of all, can you please specify, which edition and build of UniGUI are you using? 2 minutes ago, Ares said: UniGUI develops the project and is deployed on the hyper-server. For intrusion detection, there are high-risk issues as follows, please ask how to deal with. ? Quote Link to comment Share on other sites More sharing options...
Ares Posted August 26, 2019 Author Share Posted August 26, 2019 1.90.0.1506 and 1481. Quote Link to comment Share on other sites More sharing options...
Sherzod Posted August 26, 2019 Share Posted August 26, 2019 14 minutes ago, Ares said: 1.90.0.1506 and 1481. Edition? Are you using a trial edition? Quote Link to comment Share on other sites More sharing options...
Ares Posted August 26, 2019 Author Share Posted August 26, 2019 1.90.0.1481 uniGUI trial edi tion 1.90.0.1506 uniGUI Complete - Professional Edition Quote Link to comment Share on other sites More sharing options...
Sherzod Posted August 26, 2019 Share Posted August 26, 2019 Just now, Ares said: 1.90.0.1481 uniGUI trial edi tion 1.90.0.1506 uniGUI Complete - Professional Edition OK, but why use the trial version if you have a license? 2 minutes ago, Ares said: 1.90.0.1506 uniGUI Complete - Professional Edition Please visit here first: Quote Link to comment Share on other sites More sharing options...
Ares Posted August 26, 2019 Author Share Posted August 26, 2019 I deleted v1.90.0.1481 from web server, waitting for intrusion detection again. Quote Link to comment Share on other sites More sharing options...
Administrators Farshad Mohajeri Posted August 26, 2019 Administrators Share Posted August 26, 2019 Hi, HyperServer handles POST/PUT/DELETE commands, but it doesn't pose a security threat because Nodes doesn't accept those commands. What is your main concern here? Quote Link to comment Share on other sites More sharing options...
Ares Posted September 18, 2019 Author Share Posted September 18, 2019 Hello, My project run on 1.90.0.1506 uniGUI Complete - Professional Edition , My customers use the vulnerability scanning tool to scan out many high-risk questions. How can I explain or modify the problem? AAMP_scan_report.pdf Quote Link to comment Share on other sites More sharing options...
Ario.Paxaz Posted November 7, 2022 Share Posted November 7, 2022 Hi How to solve this problem(http tampering)? Quote Link to comment Share on other sites More sharing options...
irigsoft Posted November 7, 2022 Share Posted November 7, 2022 54 minutes ago, A.Soltani said: Hi How to solve this problem(http tampering)? Hello, 1. try to add Custom Header on UniGUIServerModuleHTTPCommand: // https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS // AResponseInfo.CustomHeaders.AddValue('Access-Control-Expose-Headers', '"Location, Warning, Etag"'); // AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Origin-Headers', '"Accept, Content-Type, If-None-Match, X-If-None-Match"'); // AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Headers', '"Content-Type, If-None-Match, X-If-None-Match, Authorization"'); // AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Credentials', 'true'); AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Methods', 'GET');//,POST, DELETE, HEAD, OPTIONS AResponseInfo.CustomHeaders.AddValue('Access-Control-Max-Age', '86400'); 2. You should also check for "chunked" encoding 3. You have to look for : Reflected HTML Injection vulnerabilities - //Reflected Injection attack can be performed differently according to the HTTP methods i.e, GET and POST. I would remind, that with POST method data is being sent and with GET method data is being requested. I share all my solution in this topic: Quote Link to comment Share on other sites More sharing options...
irigsoft Posted January 10, 2023 Share Posted January 10, 2023 On 11/7/2022 at 10:24 AM, Ario.Paxaz said: Hi How to solve this problem(http tampering)? Hi, can you provide some feedback on how you solved your problem Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.