File Coverage

blib/lib/App/DubiousHTTP/Tests/Common.pm

Criterion	Covered	Total	%
statement	56	214	26.1
branch	2	80	2.5
condition	0	16	0.0
subroutine	9	37	24.3
pod	0	12	0.0
total	67	359	18.6

line

stmt

bran

cond

sub

pod

time

code

1

3

use strict;

1

1

1

19

2

1

2

use warnings;

1

1

1

22

3

package App::DubiousHTTP::Tests::Common;

4

1

502

use Compress::Raw::Zlib;

1

3605

1

166

5

1

377

use MIME::Base64 'decode_base64';

1

417

1

65

6

1

4

use Exporter 'import';

1

1

1

43

7

our @EXPORT = qw(

8

MUSTBE_VALID SHOULDBE_VALID VALID INVALID UNCOMMON_VALID UNCOMMON_INVALID COMMON_INVALID

9

SETUP content html_escape url_encode garble_url ungarble_url bro_compress zlib_compress

10

$NOGARBLE $CLIENTIP $TRACKHDR $FAST_FEEDBACK

11

);

12

1

3

use Scalar::Util 'blessed';

1

1

1

100

13

14

our $CLIENTIP = undef;

15

our $NOGARBLE = 0;

16

our $FAST_FEEDBACK = 0;

17

use constant {

18

1

912

SHOULDBE_VALID => 3, # simple chunked, gzip.. - note if blocked

19

MUSTBE_VALID => 2, # no browser should fail on this

20

VALID => 1,

21

INVALID => 0,

22

UNCOMMON_VALID => -1,

23

UNCOMMON_INVALID => -2,

24

COMMON_INVALID => -3,

25

1

3

};

1

1

26

27

my $basedir = 'static/';

28

0

sub basedir { $basedir = pop }

29

30

{

31

my %bro = (

32

"Don't be afraid to look at this message. It is completely harmless. Really!"

33

=> decode_base64('G0oAAIyUq+1oRZSkJ0v1kiZ2hk1hs4NDDti/XVogkErgISv5M41kDrdKRMH7fRK8YAmyXwFNYppR3EBMbVhyBA=='),

34

'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*'

35

=> decode_base64('G0MAABQhyezgvJQnNVXciUrtsAEHrvlk0bTzGSRPqOdwPRhITMNtn+G6LB8+EYrC/LjqijSZFRhTlo5XllmqeTHxsABuVSsB'),

36

);

37

0

sub bro_compress { return $bro{shift()} }

38

}

39

40

my %builtin = (

41

'novirus.txt' => [

42

"Content-type: application/octet-stream\r\n".

43

"Content-disposition: attachment; filename=\"download.txt\"\r\n",

44

"Don't be afraid to look at this message. It is completely harmless. Really!",

45

],

46

'eicar.txt' => [

47

"Content-type: application/octet-stream\r\n".

48

"Content-disposition: attachment; filename=\"download.txt\"\r\n",

49

'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*',

50

'EICAR test virus',

51

],

52

# EICAR test virus with junk behind (proper antivirus should not match

53

'eicar-junk.txt' => [

54

"Content-type: application/octet-stream\r\n".

55

"Content-disposition: attachment; filename=\"download.txt\"\r\n",

56

'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*WHATEVER',

57

],

58

# EICAR test virus prefixed with junk (proper antivirus should not match)

59

'junk-eicar.txt' => [

60

"Content-type: application/octet-stream\r\n".

61

"Content-disposition: attachment; filename=\"download.txt\"\r\n",

62

'WHATEVERX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*',

63

],

64

# zipped novirus

65

'novirus.zip' => [

66

"Content-type: application/octet-stream\r\n".

67

"Content-disposition: attachment; filename=\"download.zip\"\r\n",

68

decode_base64('UEsDBBQAAAAIAE1900g2ai/1SAAAAEwAAAAJABwAZWljYXIuY29tVVQJAANCoWZXQqFmV3V4CwABBOkDAAAE6QMAAA3JsRGAMAgF0N4pvpVdprCxzQaoaHKCeIEm25vy3VvtXQI7g65G9UQYxOwBBaJUh7I73ZywBQYP0084WDoKNZWxCZlJpM/TD1BLAQIeAxQAAAAIAE1900g2ai/1SAAAAEwAAAAJABgAAAAAAAEAAAC0gQAAAABlaWNhci5jb21VVAUAA0KhZld1eAsAAQTpAwAABOkDAABQSwUGAAAAAAEAAQBPAAAAiwAAAAAA'),

69

],

70

# zipped eicar.com

71

'eicar.zip' => [

72

"Content-type: application/octet-stream\r\n".

73

"Content-disposition: attachment; filename=\"download.zip\"\r\n",

74

decode_base64('UEsDBAoAAAAAADJHi0c8z1FoRAAAAEQAAAAJABwAZWljYXIuY29tVVQJAAPvgWpWjqBmV3V4CwABBOkDAAAE6QMAAFg1TyFQJUBBUFs0XFBaWDU0KFBeKTdDQyk3fSRFSUNBUi1TVEFOREFSRC1BTlRJVklSVVMtVEVTVC1GSUxFISRIK0gqUEsBAh4DCgAAAAAAMkeLRzzPUWhEAAAARAAAAAkAGAAAAAAAAQAAAKCBAAAAAGVpY2FyLmNvbVVUBQAD74FqVnV4CwABBOkDAAAE6QMAAFBLBQYAAAAAAQABAE8AAACHAAAAAAA='),

75

'EICAR test virus in zip file',

76

],

77

'warn.png' => [ "Content-type: image/png\r\n", decode_base64( <<'IMAGE' ) ],

78

iVBORw0KGgoAAAANSUhEUgAAABkAAAAZCAIAAABLixI0AAAAI0lEQVQ4y2N8fkObgUqAiYF6YNSs

79

UbNGzRo1a9SsUbOGi1kA82oCHFP7+koAAAAASUVORK5CYII=

80

IMAGE

81

'ok.png' => [ "Content-type: image/png\r\n", decode_base64( <<'IMAGE' ) ],

82

iVBORw0KGgoAAAANSUhEUgAAABkAAAAZCAIAAABLixI0AAAAIklEQVQ4y2Nk+MZALcDEwDBq1qhZ

83

o2aNmjVq1qhZo2ahAQDhPQEogMYUlwAAAABJRU5ErkJggg==

84

IMAGE

85

'bad.png' => [ "Content-type: image/png\r\n", decode_base64( <<'IMAGE' ) ],

86

iVBORw0KGgoAAAANSUhEUgAAABkAAAAZCAIAAABLixI0AAAAI0lEQVQ4y2N8zKfDQCXAxEA9MGrW

87

qFmjZo2aNWrWqFnDxSwAAzgBT9lsF30AAAAASUVORK5CYII=

88

IMAGE

89

'chunked.gif' => [ "Content-type: image/gif\r\n", decode_base64( <<'IMAGE' ) ],

90

R0lGODlhFAAUAKUrAAAAAAQEBAUFBQsLCxMTExYWFhcXFxwcHB0dHSAgICEhISwsLDExMTMzMzY2

91

Njo6OkFBQUJCQkZGRkhISGhoaGlpaZiYmJmZmZqamp6enqCgoKKiosfHx9bW1tfX19/f3+Dg4OTk

92

5Obm5ujo6Onp6erq6vX19fb29vn5+fr6+vv7+///////////////////////////////////////

93

/////////////////////////////////////////////yH5BAEKAD8ALAAAAAAUABQAAAZgwJVw

94

SCwaj8ikcslEqjQTg2CwoHCUIgdgy90mUw3AwfJJmTqYRxIDSJCawwhgAx8SAKO6MABQ6Vd3eXoQ

95

c38XAAoleigMAAgXICknHmlKIWFdXEspGRIFAVQVV3+kpUpBADs=

96

IMAGE

97

'clen.gif' => [ "Content-type: image/gif\r\n", decode_base64( <<'IMAGE' ) ],

98

R0lGODlhFAAUAKEBAAAAAP///////////yH5BAEKAAIALAAAAAAUABQAAAIhjI+py+0PFwAxzYou

99

Nnp3/FVhNELlczppM7Wt6b7bTGMFADs=

IMAGE

'ok.html' => sub {

my $spec = shift;

return [ "Content-type: text/html\r\n",

"

HTML

" ]

},

'bad.html' => sub {

my $spec = shift;

return [ "Content-type: text/html\r\n",

"

HTML

" ]

},

'warn.html' => sub {

my $spec = shift;

return [ "Content-type: text/html\r\n",

"

HTML

" ]

},

# we hide javascript behind GIF87a to work around content filters :)

'ok.js' => sub {

my $spec = shift;

return [ "Content-type: application/javascript\n",

"GIF87a=1;try { document.getElementById('$spec').style.backgroundColor = '#00e800'; } catch(e) {} ping_back('/ping?OK:$spec');" ]

},

'bad.js' => sub {

my $spec = shift;

return [ "Content-type: application/javascript\r\n",

"GIF87a=1;try { document.getElementById('$spec').style.backgroundColor = '#e30e2c'; } catch(e) {} ping_back('/ping?BAD:$spec');" ]

},

'warn.js' => sub {

my $spec = shift;

return [ "Content-type: application/javascript\r\n",

"GIF87a=1;try { document.getElementById('$spec').style.backgroundColor = '#e7d82b'; } catch(e) {} ping_back('/ping?WARN:$spec');" ]

},

'ping' => [ "Content-type: text/plain\r\n", "pong" ],

'ping.js' => [

"Content-type: application/javascript\r\n".

"Expires: Tue, 30 Jul 2033 20:04:02 GMT\r\n",

<<'PING_JS' ],

GIF87a=1;

function ping_back(url) {

var xmlHttp = null;

try { xmlHttp = new XMLHttpRequest(); }

catch(e) {

try { xmlHttp = new ActiveXObject("Microsoft.XMLHTTP"); }

catch(e) {

try { xmlHttp = new ActiveXObject("Msxml2.XMLHTTP"); }

catch(e) { xmlHttp = null; }

}

}

if (xmlHttp) {

xmlHttp.open('GET', url, true);

xmlHttp.send(null);

}

}

PING_JS

'set_success.js' => sub {

my $spec = shift;

return [ "Content-type: application/javascript\n", "set_success('$spec','js');" ]

},

'parent_set_success.html' => sub {

my $spec = shift;

return [ "Content-type: text/html\n", "" ]

},

'stylesheet.css' => [

"Content-type: text/css\r\n".

"Expires: Tue, 30 Jul 2033 20:04:02 GMT\r\n",

<<'STYLESHEET' ],

body { max-width: 55em; line-height: 140%; margin-left: 2em; }

ul { list-style-type: square; padding-left: 2em; }

h1 { font-variant: small-caps; font-size: x-large; }

h2,h3 { font-size: large; }

.runtest { text-align: right; margin-right: 5em; margin-top: 2em; }

.runtest a {

text-decoration: none;

background-color: #bfbfbf;

color: #333333;

padding: 4px 6px;

white-space: nowrap;

}

#test_novirus a { background-color: #70e270; padding: 8px 10px; }

#test_virus a { background-color: #ff4d4d; padding: 8px 10px; }

h1,h2,h3 { border: 1px; border-style: solid; padding: 5px 10px 5px 10px; }

h1 { color: #000; background: #eee; padding-top: 10px; padding-bottom: 10px; }

h2 { color: #444; background: #eee; }

h3 { color: #444; background: #fff; }

h2,h3 { margin-top: 2em; }

* { font-size: medium; font-family: Verdana,sans-serif; }

pre { font-family: Monospace,monospace; }

.button {

text-decoration: none;

background-color: #EEEEEE;

color: #333333;

padding: 2px 6px 2px 6px;

border-top: 1px solid #CCCCCC;

border-right: 1px solid #333333;

border-bottom: 1px solid #333333;

border-left: 1px solid #CCCCCC;

white-space: nowrap;

}

STYLESHEET

# give the bots something to play with

'robots.txt' => [

"Content-type: text/plain\r\n",

"User-Agent: *\nDisallow: /have-fun-looking-for-goodies/\n"

],

# and a nice favicon

'favicon.ico' => [ "Content-type: image/vnd.microsoft.icon\r\n", decode_base64(<<'FAVICON') ],

AAABAAEAEBAQAAEABAAoAQAAFgAAACgAAAAQAAAAIAAAAAEABAAAAAAAgAAAAAAAAAAAAAAAEAAA

AAAAAAAAAAAASB3MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAERAAAAAAAAAREAAAAAAAABAQAAAAAAARER

EQAAAAARAAABEAAAAAAAAAAAAAAAAAERAAAAAAAAABAAAAAAAAAAAAAAAAAAAQAAAQAAAAAREAAR

EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP4/AAD+PwAA/r8AAPgPAADz5wAA//8A

AP4/AAD/fwAA//8AAPvvAADxxwAA//8AAP//AAD//wAA

FAVICON

);

sub content {

0

my ($page,$spec) = @_;

0

$page =~s{^/+}{};

0

my ($hdr,$data);

0

if ( my $builtin = $builtin{$page} ) {

0

$builtin = $builtin->($spec,"/$page") if ref($builtin) eq 'CODE';

0

return @$builtin;

}

0

if ( $basedir && open( my $fh,'<',"$basedir/$page" )) {

0

$hdr =

$page =~m{\.js$} ? "Content-type: application/javascript\r\n" :

$page =~m{\.css$} ? "Content-type: text/css\r\n" :

$page =~m{\.html?$} ? "Content-type: text/html\r\n" :

$page =~m{\.(gif|png|jpeg)$} ? "Content-type: image/$1\r\n" :

"";

0

$data = do { local $/; <$fh> };

0

0

0

return ($hdr,$data);

}

0

return;

}

sub html_escape {

0

local $_ = shift;

0

s{\&}{&}g;

0

s{<}{<}g;

0

s{>}{>}g;

0

return $_

}

sub url_encode {

0

local $_ = shift;

0

s{([^\w\-&/?=!$~.,;])}{ sprintf("%%%02X",ord($1)) }esg;

0

0

return $_;

}

sub SETUP {

1

10

my ($id,$desc,$ldesc,@tests) = @_;

1

2

my $pkg = caller();

1

2

my @tests_only;

1

1

for my $t (@tests) {

# title | valid,spec,desc

173

204

if (@$t>1) {

161

96

$t = bless [ @{$t}[1,2,0] ], $pkg.'::Test';

161

231

161

132

push @tests_only, $t;

}

}

1

4

no strict 'refs';

1

1

1

1443

1

6

*{$pkg.'::ID'} = sub { $id };

1

5

0

1

3

*{$pkg.'::SHORT_DESC'} = sub { $desc };

1

4

0

1

6

*{$pkg.'::LONG_DESC_HTML'} = sub { $ldesc };

1

3

0

1

2

*{$pkg.'::TESTS'} = sub { @tests_only };

1

14

0

1

2

*{$pkg.'::make_index_page'} = sub {

0

my ($self,$page,$spec,$rqhdr) = @_;

0

return make_index_page($pkg,@tests) if ! $spec;

0

return make_index_page($pkg,undef,grep { $_->[0] && $_->[0] eq $spec } @tests);

0

1

3

};

1

2

*{$pkg.'::Test::ID'} = sub { shift->[0] };

1

3

0

1

5

*{$pkg.'::Test::LONG_ID'} = sub { "$id-" . shift->[0] };

1

3

0

1

2

*{$pkg.'::Test::NUM_ID'} = sub { _path2num("$id/".shift->[0]) };

1

3

0

1

1

*{$pkg.'::Test::DESCRIPTION'} = sub { shift->[1] };

1

3

0

1

2

*{$pkg.'::Test::VALID'} = sub { shift->[2] };

1

3

0

1

3

*{$pkg.'::Test::url'} = sub {

0

my ($self,$page) = @_;

0

return garble_url("/$id/$page/$self->[0]");

1

3

};

1

5

*{$pkg.'::Test::make_response'} = sub {

my ($self,$page,$spec,$rqhdr) = @_;

return $pkg->make_response($page,$self->[0],$rqhdr);

1

2

};

}

sub make_index_page {

my ($class,@tests) = @_;

my $body = <<'BODY';

BODY

if ($tests[0]) {

$body .= "

".$class->SHORT_DESC."

";

$body .= $class->LONG_DESC_HTML()."

";

} else {

# skip header

shift @tests

}

$body .= ''; "; "; "; "; "; "; "; "; "; ";

310	0						for my $test (@tests) {
311	0	0					if (!blessed($test)) {
312	0						$body .= "
$test->[0]
313	0						next;
314							}
315	0						my $valid = $test->VALID;
316	0	0					my $base = $valid>0 ? 'ok' : $valid<0 ? 'warn' : 'bad';
		0
317	0	0					my $bg = $valid>0 ? '#e30e2c' : $valid<0 ? '#d0cfd1' : '#00e800';
		0
318	0						$body .= "
319	0						$body .= "	". html_escape($test->DESCRIPTION) ."
320	0						$body .= "	IMAGE
321	0						$body .= "	SCRIPT
322	0						$body .= "
323	0						$body .= "	load EICAR
324	0						$body .= "	load eicar.zip
325	0						$body .= "
326	0						$body .= "";
327	0						$body .= "

328							}
329	0						$body .= "

";

$body .= "";

return "HTTP/1.0 200 Ok\r\n".

"Content-type: text/html\r\n".

"Content-length: ".length($body)."\r\n\r\n".

$body;

}

sub garble_url {

my $url = shift;

return $url if $NOGARBLE;

my ($keep,$garble) = $url =~m{^((?:https?://[^/]+)?/)(.+)}

or return $url;

my $xor = $CLIENTIP ? _ip2bin($CLIENTIP): pack('L',rand(2**32));

my $g = ($CLIENTIP ? pack('C',length($xor)):'') . $xor . _xorall($garble,$xor);

# url safe base64

my $pad = ( 3 - length($g) % 3 ) % 3;

$g = pack('u',$g);

$g =~s{(^.|\n)}{}mg;

$g =~tr{` -_}{AA-Za-z0-9\-_};

substr($g,-$pad) = '=' x $pad if $pad;

return $keep . ($CLIENTIP?'-':'=') . $g;

}

sub ungarble_url {

my $url = shift;

my ($keep,$type,$u,$rest) = $url =~m{^(.*/)([=-])([0-9A-Za-z_\-]+={0,2})([/? ].*)?$}

or return $url;

# url safe base64 -d

$u =~s{=+$}{};

$u =~tr{A-Za-z0-9\-_}{`!-_};

$u =~s{(.{1,60})}{ chr(32 + length($1)*3/4) . $1 . "\n" }eg;

$u = unpack("u",$u);

my $size = ($type eq '=') ? 4: unpack('C',substr($u,0,1,''));

my $xor = substr($u,0,$size,'');

${$_[0]} = _bin2ip($xor) if $type ne '=' && @_;

$u = _xorall($u,$xor);

# make sure we only have valid stuff here

$u = 'some-binary-junk' if $u =~m{[\x00-\x1f\x7f-\xff]};

return $keep . $u . ($rest || '');

}

sub zlib_compress {

my ($data,$w) = @_;

my $zlib = Compress::Raw::Zlib::Deflate->new(

-WindowBits => $w eq 'gzip' ? WANT_GZIP : $w eq 'zlib' ? +MAX_WBITS() : -MAX_WBITS(),

-AppendOutput => 1,

);

my $newdata = '';

$zlib->deflate( $data, $newdata);

$zlib->flush($newdata,Z_FINISH);

return $newdata;

}

{

my ($path2num,$num2path);

sub load_nummap {

my $maxold = @_>1 ? pop(@_) : 9999;

$num2path = eval(

"require App::DubiousHTTP::Tests::TestID;".

"App::DubiousHTTP::Tests::TestID->num2path"

) || {};

$path2num = { reverse %$num2path };

my @new;

for my $mod ( App::DubiousHTTP::Tests->categories ) {

my $catid = $mod->ID;

for ($mod->TESTS) {

my $path = "$catid/".$_->ID;

if (my $n = $path2num->{$path}) {

$maxold = $n if !defined $maxold || $maxold<$n;

} else {

push @new,$path;

}

}

}

for(@new) {

$maxold++;

$num2path->{$maxold} = $_;

$path2num->{$_} = $maxold;

}

return $num2path;

}

sub _path2num {

my $path = shift;

$path2num || load_nummap;

return $path2num->{$path};

}

sub num2path { _num2path($_[1]) }

sub _num2path {

my $num = shift;

$num2path || load_nummap;

return $num2path->{$num};

}

}

sub _xorall {

my ($data,$xor) = @_;

my @x = unpack('a' x length($xor),$xor);

my @c = split('',$data);

$data = '';

while (@c) {

$data .= shift(@c) ^ $x[0];

push @x, shift(@x);

}

return $data;

}

sub _ip2bin {

my $ip = shift;

# inet_ntop(AF_INET,...)

return pack("CCCC",split(m{\.},$1))

if $ip =~m{^(?:::ffff:)?(\d+\.\d+\.\d+\.\d+)$};

# inet_ntop(AF_INET6,...)

my @p = split(m{:},$ip);

$ip = '';

for(my $i=0;$i<@p;$i++) {

if ($p[$i] eq '') {

$p[$i] = '0';

splice(@p,$i,0,'0') while @p<8;

}

$ip .= pack("n",hex($p[$i]));

}

return $ip;

}

sub _bin2ip {

my $ip = shift;

return join('.',unpack('CCCC',$ip)) if length($ip) == 4;

my @part = unpack("n8",$ip);

my (@null,$null,$maxnull);

for( my $i=0;$i<@part;$i++) {

if (!$part[$i]) {

$part[$i] = '0';

if ($null) {

$$null++;

$maxnull = $#null if !$maxnull || $$null>$maxnull;

} else {

push @null,[$i,1];

$null = \$null[-1][1];

}

} else {

$part[$i] = sprintf("%x",$part[$i]);

$null = undef;

}

}

return join(':',@part) if !defined $maxnull;

my $begin = $null[$maxnull][0];

my $end = $begin + $null[$maxnull][1]-1;

0

return join(':', @part[0 .. $begin-1]). '::'. join(':',@part[$end+1 .. $#part]);

}

1;