cat try.sh
echo -e 'POST /cgi-bin/test-cgi HTTP/1.1\r\nHost: localhost:80\r\nAccept: /\r\nContent-Type: application/x-www-form-urlencoded\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\n\r\n9\r\ndata=abcd This part is ignored by httpd\r\n0\r\n\r\n' | nc localhost 80
DR5
[root@rhel7 noe-tests]# ./try.sh
HTTP/1.1 400 Bad Request
Date: Thu, 10 May 2018 13:11:50 GMT
Server: Apache/2.4.29 (Red Hat)
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.4.29 (Red Hat) Server at localhost Port 80</address>
</body></html>
CGI/1.0 test script report:
argc is 0. argv is .
SERVER_SOFTWARE = Apache/2.4.29 (Red Hat)
SERVER_NAME = localhost
GATEWAY_INTERFACE = CGI/1.1
SERVER_PROTOCOL = HTTP/1.1
SERVER_PORT = 80
REQUEST_METHOD = POST
HTTP_ACCEPT = /
PATH_INFO =
PATH_TRANSLATED =
SCRIPT_NAME = /cgi-bin/test-cgi
QUERY_STRING =
REMOTE_HOST =
REMOTE_ADDR = 127.0.0.1
REMOTE_USER =
AUTH_TYPE =
CONTENT_TYPE = application/x-www-form-urlencoded
CONTENT_LENGTH =
error log
[Thu May 10 15:11:50.259682 2018] [authz_core:debug] [pid 15869] mod_authz_core.c(809): [client 127.0.0.1:58632] AH01626: authorization result of Require all granted: granted
[Thu May 10 15:11:50.259712 2018] [authz_core:debug] [pid 15869] mod_authz_core.c(809): [client 127.0.0.1:58632] AH01626: authorization result of <RequireAny>: granted
[Thu May 10 15:11:50.259794 2018] [http:info] [pid 15869] (22)Invalid argument: [client 127.0.0.1:58632] AH01590: Error reading/parsing chunk
DR3
HTTP/1.1 400 Bad Request
Date: Thu, 10 May 2018 13:26:10 GMT
Server: Apache/2.4.29 (Red Hat)
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.4.29 (Red Hat) Server at localhost Port 80</address>
</body></html>
error log
[Thu May 10 15:26:10.228491 2018] [authz_core:debug] [pid 15964] mod_authz_core.c(809): [client 127.0.0.1:58644] AH01626: authorization result of Require all granted: granted
[Thu May 10 15:26:10.228517 2018] [authz_core:debug] [pid 15964] mod_authz_core.c(809): [client 127.0.0.1:58644] AH01626: authorization result of <RequireAny>: granted
[Thu May 10 15:26:10.229417 2018] [http:info] [pid 15964] (22)Invalid argument: [client 127.0.0.1:58644] AH01590: Error reading/parsing chunk
[Thu May 10 15:26:10.229491 2018] [cgi:error] [pid 15964] (-102)Unknown error -102: [client 127.0.0.1:58644] AH01225: Error reading request entity data
cat ~/noe-tests/./resources/httpd/cve/CVE-2015-3183/test-cgi
#!/bin/sh
- disable filename globbing
set -f
echo "Content-type: text/plain; charset=iso-8859-1"
echo
echo CGI/1.0 test script report:
echo
echo argc is $#. argv is "$*".
echo
echo SERVER_SOFTWARE = $SERVER_SOFTWARE
echo SERVER_NAME = $SERVER_NAME
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
echo SERVER_PORT = $SERVER_PORT
echo REQUEST_METHOD = $REQUEST_METHOD
echo HTTP_ACCEPT = "$HTTP_ACCEPT"
echo PATH_INFO = "$PATH_INFO"
echo PATH_TRANSLATED = "$PATH_TRANSLATED"
echo SCRIPT_NAME = "$SCRIPT_NAME"
echo QUERY_STRING = "$QUERY_STRING"
echo REMOTE_HOST = $REMOTE_HOST
echo REMOTE_ADDR = $REMOTE_ADDR
echo REMOTE_USER = $REMOTE_USER
echo AUTH_TYPE = $AUTH_TYPE
echo CONTENT_TYPE = $CONTENT_TYPE
echo CONTENT_LENGTH = $CONTENT_LENGTH
and also change the logging level do debug
Bug
Critical
