Package: inet.applications.httptools.server
HttpServerEvilA
simple moduleDemonstrates subclassing the server to create a custom site. This site is an attacker -- a puppetmaster -- which serves HTML pages containing attack code. In this case, we are simulating JavaScript attack code which prompts the unsuspecting browser to request a number of images from a victim site. Delays are specified to simulate hiding the attack from the browser user by use of JavaScript timeouts or similar mechanisms. The generateBody virtual function is redefined to create a page containing the attack code.
Author: Kristjan V. Jonsson
Inheritance diagram
The following diagram shows inheritance relationships for this type. Unresolved types are missing from the diagram.
Extends
| Name | Type | Description |
|---|---|---|
| HttpServer | simple module |
A Web server module. This module is intended for use with the INET StandardHost module and plugs in as an app. The INET TCP/IP stack modeling is used for transport. |
Parameters
| Name | Type | Default value | Description |
|---|---|---|---|
| hostName | string | "" |
The domain name of the server. |
| port | int | 80 |
The listening port number. |
| httpProtocol | int | 11 |
The http protocol: 10 for http/1.0, 11 for http/1.1. Not used at the present time. |
| logFile | string | "" |
Name of server log file. Events are appended, allowing sharing of file for multiple servers. |
| siteDefinition | string | "" |
The site script file. Blank to disable. |
| activationTime | double | 0s |
The initial activation delay. Zero to disable. |
| config | xml |
The XML configuration file for random sites. |
|
| httpControllerModule | string | "httpController" |
ModulePath for HttpController module. |
| minBadRequests | int |
Specifies the lower bound of bad requests to be sent to the victim by the browser. |
|
| maxBadRequests | int |
Specifies the upper bound of bad requests to be sent to the victim by the browser. |
Properties
| Name | Value | Description |
|---|---|---|
| lifecycleSupport | ||
| class | HttpServerEvilA |
Gates
| Name | Direction | Size | Description |
|---|---|---|---|
| socketIn | input | ||
| socketOut | output |
Source code
// // Demonstrates subclassing the server to create a custom site. This site is an attacker -- a puppetmaster -- // which serves HTML pages containing attack code. In this case, we are simulating JavaScript attack code which prompts // the unsuspecting browser to request a number of images from a victim site. Delays are specified to simulate hiding // the attack from the browser user by use of JavaScript timeouts or similar mechanisms. // The generateBody virtual function is redefined to create a page containing the attack code. // // @author Kristjan V. Jonsson // simple HttpServerEvilA extends HttpServer { parameters: @class(HttpServerEvilA); int minBadRequests; // Specifies the lower bound of bad requests to be sent to the victim by the browser. int maxBadRequests; // Specifies the upper bound of bad requests to be sent to the victim by the browser. }File: src/inet/applications/httptools/server/HttpServerEvilA.ned
This documentation is released under the Creative Commons license