BoboTiG
/ docker-ping.sh
Last active
April 30, 2021 14:59
Medium - The Mystery of the Endless HTTPS Call
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| docker run ubuntu:latest bash -c "\ | |
| apt update \ | |
| && apt install -y curl iputils-ping \ | |
| && curl -k -v --trace-time 'https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0/execute/FileManager.Import' -H 'X-Batch-No-Drop: true' -H 'Content-Type: application/json' -H 'Cookie: X-Authentication-Token=<TOKEN>' --data-raw '{\"context\":{\"currentDocument\":\"/default-domain/UserWorkspaces/<USER>\"}}' \ | |
| & ping -f -i 0.1 <HOST>" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| docker run ubuntu:latest bash -c "\ | |
| apt update \ | |
| && apt install -y curl \ | |
| && curl -k -v --trace-time 'https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0/execute/FileManager.Import' -H 'X-Batch-No-Drop: true' -H 'Content-Type: application/json' -H 'Cookie: X-Authentication-Token=<TOKEN>' --data-raw '{\"context\":{\"currentDocument\":\"/default-domain/UserWorkspaces/<USER>\"}}'" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| # OpenSSL is compiled with debug and trace: | |
| ./config --prefix=$HOME/openssl-bin --openssldir=$HOME/openssl --debug -DDEBUG_SAFESTACK enable-ssl-trace | |
| # Gen & exec | |
| $ gcc cclient.c -o cclient -lssl -lcrypto -L$HOME/openssl-bin/lib -I$HOME/openssl-bin/include | |
| $ ./main.o HOST USER TOKEN BATCH_ID | |
| */ | |
| #include <math.h> | |
| #include <stdio.h> |
BoboTiG
/ SimpleHttpsClient.java
Created
January 20, 2021 15:25
Medium - The Mystery of the Endless HTTPS Call
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| # pre-requisites | |
| $ brew install java11 | |
| $ echo 'export PATH="/usr/local/opt/openjdk@11/bin:$PATH"' >> ~/.zshrc | |
| # exec | |
| $ javac SimpleHttpsClient.java | |
| $ java SimpleHttpsClient | |
| # debug |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ gdb -i <PID> | |
| (gdb) info threads | |
| Id Target Id Frame | |
| * 1 Thread 0x7fad2abbe680 (LWP 17394) "python" 0x00007fad2a189081 in __GI___libc_read (fd=5, buf=0x56395f61e5d3, nbytes=5) at ../sysdeps/unix/sysv/linux/read.c:27 | |
| (gdb) t | |
| [Current thread is 1 (Thread 0x7fad2abbe680 (LWP 17394))] | |
| (gdb) bt |
BoboTiG
/ repro-http-client.py
Created
January 20, 2021 15:22
Medium - The Mystery of the Endless HTTPS Call
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import http.client | |
| import json | |
| conn = http.client.HTTPSConnection("<HOST>") | |
| url = "/nuxeo/api/v1/upload/<BATCH_ID>/0/execute/FileManager.Import" | |
| headers = { | |
| "X-Batch-No-Drop": "true", | |
| "Content-Type": "application/json", | |
| "Cookie": "X-Authentication-Token=<TOKEN>", | |
| } |
BoboTiG
/ repro-urllib3.py
Created
January 20, 2021 15:20
Medium - The Mystery of the Endless HTTPS Call
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import urllib3 | |
| url = "https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0/execute/FileManager.Import" | |
| headers = { | |
| "X-Batch-No-Drop": "true", | |
| "Content-Type": "application/json", | |
| "Cookie": "X-Authentication-Token=<TOKEN>", | |
| } | |
| params = {"context": {"currentDocument":"/default-domain/UserWorkspaces/<USER>"}} |
BoboTiG
/ repro-requests.py
Created
January 20, 2021 15:19
Medium - The Mystery of the Endless HTTPS Call
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import requests | |
| url = "https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0/execute/FileManager.Import" | |
| headers = {"X-Batch-No-Drop": "true", "Content-Type": "application/json"} | |
| cookies = {"X-Authentication-Token": "<TOKEN>"} | |
| params = {"context": {"currentDocument": "/default-domain/UserWorkspaces/<USER>"}} | |
| try: | |
| req = requests.post(url, headers=headers, cookies=cookies, json=params) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2020-11-04 11:52:42 1321 123145487716352 DEBUG nuxeo.client Response from 'https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0/execute/FileManager.Import' [200] | |
| 2020-11-04 11:52:42 1321 123145487716352 DEBUG nuxeo.client Calling DELETE 'https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0' | |
| 2020-11-04 11:52:43 1321 123145487716352 DEBUG nuxeo.client Response from 'https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/0' [204] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2020-11-04 10:55:19 1321 123145487716352 INFO nxdrive.client.uploader.direct_transfer Direct Transfer of '/Users/<USER>/Downloads/test10Gb.db' into '/default-domain/UserWorkspaces/<USER>' | |
| 2020-11-04 10:55:19 1321 123145487716352 DEBUG nuxeo.client Calling GET 'https://<HOST>/nuxeo/api/v1/upload/handlers' | |
| 2020-11-04 10:55:19 1321 123145487716352 DEBUG nuxeo.client Response from 'https://<HOST>/nuxeo/api/v1/upload/handlers' [200] | |
| 2020-11-04 10:55:19 1321 123145487716352 DEBUG nuxeo.client Calling POST 'https://<HOST>/nuxeo/api/v1/upload/new/s3' | |
| 2020-11-04 10:55:19 1321 123145487716352 DEBUG nuxeo.client Response from 'https://<HOST>/nuxeo/api/v1/upload/new/s3' [200] | |
| 2020-11-04 10:55:19 1321 123145487716352 DEBUG nxdrive.client.uploader Instantiated transfer ... | |
| 2020-11-04 10:55:20 1321 123145487716352 DEBUG nuxeo.client Calling POST 'https://<HOST>/nuxeo/api/v1/upload/<BATCH_ID>/refreshToken' | |
| 2020-11-04 10:55:20 1321 123145487716352 DEBUG nuxeo.client |
NewerOlder