Package: inet.applications.httptools.server
HttpServerDirectEvilB
simple moduleDemonstrates subclassing the server to create a custom site. This site is an attacker -- a puppetmaster -- which serves HTML pages containing attack code. In this case, we are simulating JavaScript attack code which prompts the unsuspecting browser to issue a number of requests for non-existing resources (random URLS) to the victim site. Delays are specified to simulate hiding the attack from the browser user by use of JavaScript timeouts or similar mechanisms. The generateBody virtual function is redefined to create a page containing the attack code.
Author: Kristjan V. Jonsson
Inheritance diagram
The following diagram shows inheritance relationships for this type. Unresolved types are missing from the diagram.
Parameters
| Name | Type | Default value | Description |
|---|---|---|---|
| hostName | string | "" |
The domain name of the server. |
| port | int | 80 |
The listening port number. |
| httpProtocol | int | 11 |
The http protocol: 10 for http/1.0, 11 for http/1.1. Not used at the present time. |
| logFile | string | "" |
Name of server log file. Events are appended, allowing sharing of file for multiple servers. |
| siteDefinition | string | "" |
The site script file. Blank to disable. |
| activationTime | double | 0s |
The initial activation delay. Zero to disable. |
| linkSpeed | double | 11Mbps |
Used to model transmission delays. |
| minBadRequests | int |
Specifies the lower bound of bad requests to be sent to the victim by the browser. |
|
| maxBadRequests | int |
Specifies the upper bound of bad requests to be sent to the victim by the browser. |
|
| config | xml |
The XML configuration file for random sites. |
|
| httpControllerModule | string | "httpController" |
Path to the HttpController module. |
Properties
| Name | Value | Description |
|---|---|---|
| lifecycleSupport |
Gates
| Name | Direction | Size | Description |
|---|---|---|---|
| httpIn | input |
Source code
// // Demonstrates subclassing the server to create a custom site. This site is an attacker -- a puppetmaster -- // which serves HTML pages containing attack code. In this case, we are simulating JavaScript attack code which prompts // the unsuspecting browser to issue a number of requests for non-existing resources (random URLS) to the victim site. // Delays are specified to simulate hiding the attack from the browser user by use of JavaScript timeouts or similar mechanisms. // The generateBody virtual function is redefined to create a page containing the attack code. // // @author Kristjan V. Jonsson // simple HttpServerDirectEvilB like IHttpDirectApp { parameters: string hostName = default(""); // The domain name of the server. int port = default(80); // The listening port number. int httpProtocol = default(11); // The http protocol: 10 for http/1.0, 11 for http/1.1. Not used at the present time. string logFile = default(""); // Name of server log file. Events are appended, allowing sharing of file for multiple servers. string siteDefinition = default(""); // The site script file. Blank to disable. double activationTime @unit(s) = default(0s); // The initial activation delay. Zero to disable. double linkSpeed @unit(bps) = default(11Mbps); // Used to model transmission delays. int minBadRequests; // Specifies the lower bound of bad requests to be sent to the victim by the browser. int maxBadRequests; // Specifies the upper bound of bad requests to be sent to the victim by the browser. xml config; // The XML configuration file for random sites. string httpControllerModule = default("httpController"); // Path to the ~HttpController module. @lifecycleSupport; gates: input httpIn @directIn; }File: src/inet/applications/httptools/server/HttpServerDirectEvilB.ned
This documentation is released under the Creative Commons license