Archive for the ‘HTTP’ Category
Posted by jpluimers on 2020/02/27
Cool tool, but be aware it does aJavaScript:xmlhttpPost from , so your data can be logged [WayBack] Redirect Detective – A Free Tool To Trace Where Redirects End Up.
For http://www.xs4all.nl/~jp, it shows these redirects (where in bold I’ve listed the changes):
Oh and it runs this call: JavaScript:xmlhttpPost("/linkdetect.px")?word=www.xs4all.nl%2F%7Ejp from [WayBack] redirectdetective.com/ajax.js.
Note that this shows more redirects than the plain http ones, so wget from [WayBack] wget – How do I display all URLs in a redirect chain? – Unix & Linux Stack Exchange shows this:
$ wget http://www.xs4all.nl/~jp 2>&1 | grep Location:
Location: https://www.xs4all.nl/~jp [following]
Location: https://jp.home.xs4all.nl/ [following]
–jeroen
Posted in *nix, *nix-tools, Communications Development, Development, HTTP, Internet protocol suite, Power User, TCP, wget | Leave a Comment »
Posted by jpluimers on 2019/05/21
Since many HTTP stacks do not have fields for this so it’s hard to get the originating IP address:
It is about these HTTP header fields with and without X- prefix:
ForwardedX-Forwarded-ForX-Forwarded-ByX-Forwarded-Proto
Note that widely used tools like HAProxy do not always fully adhere to the “standard”…
Via:
–jeroen
Posted in Communications Development, Development, HTTP, Internet protocol suite, Software Development, TCP | Leave a Comment »
Posted by jpluimers on 2019/02/21
From the geek fun department: [WayBack] IP over Avian Carriers – Wikipedia.
I learned through this slightly after the fight to keep HTTP status code 418 (I’m a teapot) which is part of RFC2324 released on April 1st, 1998.
The IP over Avian Carriers is part of three RFCs, all released on April 1st in various years:
–jeroen
via: Http-statuscode ‘I’m a teapot’ is voorlopig veilig – IT Pro – .Geeks – Tweakers
Posted in Communications Development, Development, Fun, Geeky, HTTP, Internet protocol suite, Software Development, TCP | Leave a Comment »
Posted by jpluimers on 2019/01/16
With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.
Some old to new links:
CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.
And of course there is SoftEtherVPN/SoftEtherVPN: A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.).
However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:
SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.
–jeroen
via: [WayBack] VPN through only http – Server Fault answer by [WayBack] neutrinus
Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »
Posted by jpluimers on 2019/01/15
Though the Google Calendar UI does not support EXRULE and EXDATE to exclude certain slots (via dates or rules) from recurring events.
The API supports them: [WayBack] Google Calendar API, RRULE and EXDATE – Stack Overflow
–jeroen
Posted in Communications Development, Development, Google, GoogleCalendar, HTTP, Internet protocol suite, Power User, REST, TCP | Leave a Comment »
Posted by jpluimers on 2018/11/08
Based on:
- Download the most recent x64 Apache binaries for Windows from [WayBack] Apache VC15 binaries and modules download (at the time of writing: https://www.apachelounge.com/download/VC15/binaries/httpd-2.4.34-win64-VC15.zip )
- Extract recursively to
D:\bin
- Run the UltrawareController locally
- Run
D:\bin\httpd-2.4.34-win64-VC15\Apache24\bin\ab.exe -n 1000 -c 10 http://localhost:8000/foo
This will run the ab Apache benchmark tool with 1000 connections using 10 threads all doing the same http GET request at http://localhost:8000/foo
If you want to test TLS (https) connections, then you need to use the abs tool in the same directory as the ab tool supports http-only (when you still try, you get the message SSL not compiled in; no https support as explained in [WayBack] Add https support to Apache Bench on Windows – Stack Overflow).
Download location via [WayBack] windows – Is there any link to download ab Apache benchmark – Stack Overflow:
There are many more command-line parameters documented at [WayBack] ab – Apache HTTP server benchmarking tool – Apache HTTP Server Version 2.4, this is the summary:
Synopsis
ab [ -A auth-username:password ] [ -b windowsize ] [ -B local-address ] [ -c concurrency ] [ -Ccookie-name=value ] [ -d ] [ -e csv-file ] [ -f protocol ] [ -g gnuplot-file ] [ -h ] [ -Hcustom-header ] [ -i ] [ -k ] [ -l ] [ -m HTTP-method ] [ -n requests ] [ -p POST-file ] [ -Pproxy-auth-username:password ] [ -q ] [ -r ] [ -s timeout ] [ -S ] [ -t timelimit ] [ -Tcontent-type ] [ -u PUT-file ] [ -v verbosity] [ -V ] [ -w ] [ -x <table>-attributes ] [ -Xproxy[:port] ] [ -y <tr>-attributes ] [ -z <td>-attributes ] [ -Z ciphersuite ] [http[s]://]hostname[:port]/path
Via: [WayBack] apache – ab load testing – Stack Overflow
––jeroen
Posted in Communications Development, Development, HTML, HTTP, Internet protocol suite, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2018/03/07
It was fitting to bump into [WayBack] Packet Sender is a good tool when debugging protocols…” Written by Dan Nagle… – Lars Fosdal – Google+ on the day presenting [WayBack] Conferences/Network-Protocol-Security.rst at master · jpluimers/Conferences · GitHub
It also means that libssh2-delphi is getting a bit more love soon and will move to github as well after a conversion from mercurial.
Some of the things I learned or got confirmed teaching the session (I love learning by teaching):
Here is some more info:
–jeroen
Read the rest of this entry »
Posted in Communications Development, Delphi, Development, Encryption, Hardware, Harman Kardon, Home Audio/Video, HTTP, https, HTTPS/TLS security, Internet protocol suite, Let's Encrypt (letsencrypt/certbot), OpenSSL, Power User, Security, Software Development, TCP, TLS | Leave a Comment »
Cool tool, but be aware it does a
The Wiert Corner - irregular stream of stuff 