Commit e56750ff authored by Russ Fish's avatar Russ Fish

Finished adding machinery and data, probed the first 3/4 of the pages with it.

 . Add interspersed action lines to make the {setup,teardown}_forms.list files
   more like scripts, including wget and sql shortcuts.

 . Add undo actions so multiple setup/teardown probes don't collide.  Undo the
   state changes after a probe that *DOESN'T FAIL*, due to ignoring the probe
   value given for the input field.  E.g, the first beginexp that succeeds
   uses up the experiment name and blocks all other probes, so the experiment
   has to be deleted again before the next probe is done.

 . Add a ! prefix for input_values.list lines to skip the input field entirely.

 . Probe both POST input field args, and GET action= args on the same page.

 . Change success/failure lines from text snippets to grep patterns.  Give
   failure matching patterns precedence over success.  Finish categorizing
   probe output pages (needed by the probe undo mechanism.)

 . Add activation and setup/teardown for probing nodetype, osid, and imageid pages.

 . Add analysis of overall success/failure page counts to the probes_msg.
parent b973f1c3
This diff is collapsed.
Invalid form arguments
Invalid page arguments
Invalid node
[Ii]nvalid
[Ii]llegal
Probe label
No tags
Could not continue
You are not authorized
......@@ -34,3 +34,15 @@ Please log out first
You do not appear to be logged in
Please log in again
You cannot modify an experiment in transition
has active experiments
Must supply a project name
No such image
already exists
must be unapproved
could not proceed
cannot freeze
does not exist
must be alphanumeric
must consist of
funky
You can freeze a user or you can thaw a user
......@@ -10,10 +10,10 @@
# - Spidered filename lines are from wget: ./host.path/page.php?getargs
# - Files may have multiple form sections, terminated by blank lines.
# - Each form section has one <form line, possibly many <input lines.
# - Attributes of <input elements are canonicalized and reordered:
# - Attributes of <input tags are canonicalized and reordered, e.g.:
# <input type="..." name="..." value=... ...>
# - <textarea become <input type="textarea" for uniformity.
# - <select become <input type="select" for uniformity.
# - <textarea tags become <input type="textarea" for uniformity.
# - <select tags become <input type="select" for uniformity.
# Beginning of file.
FNR == 1 {
......
......@@ -8,13 +8,31 @@
#
# form-input.gawk's output format is the input format for this script.
#
# A site_values.list file path is provided by a -v VALUES= awk arg.
# Contents are 'name="..." value'. An optional value (to end of line) is
# the default used for auto-form-fill-in. The Value may be prefixed with a
# ! to cause it to over-ride an action= arg in the form page URL.
# A site_values.list file path is provided by a -v VALUES=... awk arg.
#
# . Contents are 'name="..." value'. An optional value (separated by a
# space character, extending to the end of line) is the default used for
# auto-form-fill-in. Names may be of the form array[element] as in PHP.
#
# . Specifying !name="..." (an exclamation-point prefix) causes matching
# input fields to be skipped. If the name ends with a "*" then the name
# is a prefix and all names _starting with_ that string are skipped. Note
# that "[" characters in names are not treated specially, so e.g. you can
# skip a whole array by specifying !name="...[*" .
#
# . The value may be prefixed with a ! to cause it to over-ride an action=
# argument in the form page URL. It follows that a value of just an "!"
# specifies a null string value.
#
# . The value may contain a %d, which is replaced with a disambiguating number
# for argument values after the first. (The first one just gets a null
# string, as in the output file names in urls-to-wget.gawk .) This is
# useful for probing, where multiple probes will be generated for a single
# page but the values can conflict.
#
# Output is a set of page URL's including appended ?args.
# The Get arg method is default. Post is indicated by a post: prefix.
# The GET arg method is default, including action= args for a POSTed form.
# A POST argument string follows a "?post:" separator after the other ?args.
#
# A -v MAX_TIMES= awk arg specifies how many times to target a form.
#
......@@ -28,7 +46,13 @@ BEGIN {
while ( getline <VALUES ) {
arg_name = $1;
arg_name = gensub("name=\"([^\"]*)\"", "\\1", 1, arg_name);
###arg_name = gensub("formfields\\[(.*)\\]", "\\1", 1, arg_name);
if ( substr($1, 1, 1) == "!" ) {
arg_name = substr(arg_name, 2);
##print "not", arg_name;
if ( substr(arg_name, length(arg_name)) == "*" )
skip_prefix[substr(arg_name, 1, length(arg_name)-1)] = 1;
else skip_name[arg_name] = 1;
}
if (NF > 1)
defaults[arg_name] = substr($0, index($0, $2));
##printf "defaults %s=%s.\n", arg_name, defaults[arg_name];
......@@ -46,10 +70,11 @@ BEGIN {
method = gensub(".* method=\"([^\"]*)\".*", "\\1", 1);
# Action= URL can have args specified. Use the values over anything else,
# unless the default value is prefixed with a ! .
# unless the default value is prefixed with a ! . Keep them separate from
# POST args because PHP code may get them through the $_GET array.
url = action;
action_file = gensub(".*/", "", 1, gensub("?.*", "", 1, url));
delete args;
delete args; delete action_args;
if ( q = index(action, "?") ) {
url = substr(action, 1, q-1);
......@@ -60,12 +85,18 @@ BEGIN {
eq = index(name_val, "=");
nm = substr(name_val, 0, eq-1);
vl = substr(name_val, eq+1);
args[nm] = vl;
# Input fields to be skipped.
if ( skip_name[nm] ) continue;
for (j = 1; j <= length(nm); j++ )
if ( skip_prefix[substr(nm, 1, j)] ) continue;
action_args[nm] = vl;
# A default with a ! prefix over-rides an action= arg.
df = defaults[nm];
if ( df ~ "!" )
args[nm] = substr(df, 2);
action_args[nm] = substr(df, 2);
##printf "name_val %s, nm %s, vl %s, df %s\n", name_val, nm, vl, df;
}
}
......@@ -74,7 +105,7 @@ BEGIN {
if (! index(url, ":") ) url = "https://" host_path "/" url;
##printf "url %s, file %s, method %s, action args", url, action_file, method;
##for (i in args) printf " %s", args[i]; printf "\n";
##for (i in action_args) printf " %s", action_args[i]; printf "\n";
target[url]++;
form = target[url] <= MAX_TIMES; # Limit target hits.
......@@ -88,6 +119,12 @@ form && /^<input/ { # <input type="..." name="..." value=... ...>
# Type and name have been double-quoted. Value can be single- or double-.
type = gensub(".* type=\"([^\"]*)\".*", "\\1", 1);
name = gensub(".* name=\"([^\"]*)\".*", "\\1", 1);
# Input fields to be skipped.
if ( skip_name[name] ) next;
for (j = 1; j <= length(name); j++ )
if ( skip_prefix[substr(name, 1, j)] ) next;
if ( $0 ~ " value=\"" )
value = gensub(".* value=\"([^\"]*)\".*", "\\1", 1);
else if ( $0 ~ " value='" )
......@@ -105,49 +142,70 @@ form && /^<input/ { # <input type="..." name="..." value=... ...>
value=="Confirm" || value=="Go!"));
if ( val_arg || sub_arg ) {
arg_name = name; ### gensub("formfields\\[(.*)\\]", "\\1", 1, name);
##printf "arg_name %s, default=%s, value=%s.\n",
## arg_name, defaults[arg_name], value;
df = defaults[arg_name];
##printf "name %s, default=%s, value=%s.\n",
## name, defaults[name], value;
df = defaults[name];
if ( df != "" ) {
# Default value from VALUES file. May have ! prefix.
if ( df ~ "!" )
args[arg_name] = substr(df, 2);
args[name] = substr(df, 2);
else
args[arg_name] = df;
args[name] = df;
}
else if ( value != "" )
# Value from <input field default.
args[arg_name] = value;
args[name] = value;
else
args[arg_name] = "";
args[name] = "";
if ( args[arg_name] ) arg_vals++;
if ( args[name] ) arg_vals++;
}
}
form && /^$/ { # Blank line terminates each form section.
arg_str = "";
for (arg in args) {
if ( arg_str == "" ) arg_str = arg "=" args[arg];
else arg_str = arg_str "&" arg "=" args[arg];
# Collect the arg strings, with action args first.
arg_str = ""; n_args1 = n_args2 = 0;
for (arg in action_args) {
sep = ( n_args1==0 ? "?" : "&" );
arg_str = arg_str sep arg "=" action_args[arg];
n_args1++;
}
for (arg in args) { # Form input field args, may be POSTed.
if ( n_args2 != 0 ) sep = "&";
else if ( method == "post" ) sep = "?post:";
else sep = ( n_args1 == 0 ? "?" : "&" );
arg_str = arg_str sep arg "=" args[arg];
n_args2++;
}
post = (method=="post" ? "post:" : "");
if (arg_vals) { # Ignore if no argument values to supply.
if ( ! PROBE ) print post url "?" arg_str; # Not probing.
if ( ! PROBE ) {
# Not probing.
gsub("%d", "", arg_str);
print url arg_str;
}
else {
# Substitute a labeled mock SQL injection attack probe string for
# EACH ?argument value. Generates N urls.
for (arg in args) {
delete all_args;
for (arg in action_args) all_args[arg] = action_args[arg];
for (arg in args) all_args[arg] = args[arg];
for (arg in all_args) {
lbl = "**{" action_file ":" arg "}**";
# Quote square-brackets in argument names.
# Disambiguating number for %d. Null string for the first one.
dn_str = gensub("%d", dnum++, "g", arg_str);
# Quote regex metachars in array argument names for matching.
a = gensub("\\[", "\\\\[", 1, gensub("\\]", "\\\\]", 1, arg));
a = gensub("\\$", "\\\\$", "g", a);
# Notice the single-quote at the head of the inserted probe string.
probe_str = gensub("(\\<" a ")=([^?&]*)", "\\1='" lbl, 1, arg_str);
print post url "?" probe_str;
probe_str = gensub("(\\<" a ")=([^?&]*)", "\\1='" lbl, 1, dn_str);
print url probe_str;
}
}
}
......
name="MAX_FILE_SIZE" 1024
name="OS" FreeBSD
!name="attributes[*"
!name="deletes[*"
name="default_osid" testproj-testosid
name="description" Test description.
name="eid" !testexp1
name="exptidx" 7
name="formfields[autoswap]" 0
name="formfields[body]" Test body.
name="formfields[count]" 1
name="formfields[cpu_usage]" 3
name="formfields[default_osid]" testproj-testosid
name="formfields[description]" Descriptive text.
name="formfields[eid]" !testexp1
name="formfields[exp_autoswap]" 0
name="formfields[exp_batched]" 0
name="formfields[exp_description]" Test experiment.
name="formfields[exp_id]" testexp1
name="formfields[exp_idleswap]" 0
name="formfields[exp_localnsfile]" /users/fish/shaped-2-nodes.ns
name="formfields[exp_noidleswap_reason]" Testing.
name="formfields[exp_pid]" testbed
name="formfields[exp_preload]" Yep
name="formfields[faq_entry]" 0
name="formfields[fullname]" !testproj-testlist@vulnelab.testbed.emulab.net
name="formfields[global]" !
......@@ -33,7 +40,7 @@ name="formfields[noidleswap_reason]" Testing.
name="formfields[op_mode]" NORMALv2
name="formfields[os_name]" FreeBSD
name="formfields[os_version]" 666
name="formfields[part1_osid]"
name="formfields[part1_osid]" testproj-testosid
name="formfields[password1]" EinE_tmp
name="formfields[password2]" EinE_tmp
name="formfields[passphrase1]" EinE_tmp
......@@ -51,8 +58,9 @@ name="formfields[proj_plabpcs]" checked
name="formfields[proj_public]" checked
name="formfields[proj_why]" Scanning inputs.
name="formfields[reboot_waittime]" 150
name="formfields[resusage]" 1
name="formfields[shared]" !
name="formfields[target_uid]" testuser
name="formfields[target_uid]" !testuser
name="formfields[tid]" testtid
name="formfields[title]" Test title.
name="formfields[usr_URL]" http://www.emulab.net
......@@ -61,35 +69,44 @@ name="formfields[usr_addr]" Silly
name="formfields[usr_affil]" Emulab Scripts
name="formfields[usr_city]" Salt Lake Silly
name="formfields[usr_country]" USA
name="formfields[usr_email]" fish@flux.utah.edu
name="formfields[usr_email]" fish@cs.utah.edu
name="formfields[usr_name]" Test User
name="formfields[usr_phone]" 801-123-4567
name="formfields[usr_state]" UT
name="formfields[usr_title]" Tester
name="formfields[usr_zip]" 12345
name="formfields[w_password1]" Zow-eee
name="formfields[w_password2]" Zow-eee
name="formfields[when]" 1
name="formfields[wikiname]" TestUser
name="formfields[xref_tag]" test_tag
name="formfields[xref_tag]" test_tag%d
name="gid" !testgroup
name="group_description" Testproj subgroup.
name="group_id" testgroup
name="group_leader" fish
name="group_pid" testproj1
name="inout" !out
name="imageid" testbed-testimg
name="imageid" !testproj-testimg
name="loadpart" 1
name="log_entry" Test log entry.
name="nextosid" !
!name="new_type"
name="new_uid" testuser
name="node" pc158
name="node_id" pc158
name="node_type" pctest
name="node_id" !pc158
name="node_type" !pctest
name="nodeid" pc158
name="nodes[]" pc158
name="os_reboot_waittime" 150
name="os_version" 666
name="osid" emulab-ops-RHL90-STD
name="osid" testproj-testosid
name="osname" testosid
name="part1_osid" testproj-testosid
name="password" EinE_tmp
name="pid" !testbed
name="query" what
name="range" 12%2f01%2f06-01%2f01%2f07
name="reserved_pid" testbed
name="target_pid" testbed
name="target_uid" testuser
name="target_uid" !testuser
name="uid" testuser
approveproject_form.php3
approveuser_form.php3
archive_view.php3
beginexp_html.php3
boot.php3
changeuid.php
delaycontrol.php3
deletegroup.php3
deleteimageid.php3
......
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
================ success ================
approveproject.php3.html
Project 'testproj3' is being created!<br><br>
Project testproj3 (User: fish) has been approved.
approveuser.php3.html
<title>MyEmulab.Net - New Users Approved</title>
New Users Approved</h2>
User testusr3 was <b>granted</b> membership in testproj3/testproj3
archive_missing.php3.html
<title>MyEmulab.Net - Add Missing Files</title>
Add Missing Files</h2>
archive_tag.php3.html
Commit/Tag Archive
archive_tags.php3.html
<tr> <th>Run</th> <th>Tag (Click to visit archive)</th> <th>Date</th> <th>Description</th></tr>
beginexp_html.php3.html
<b>Starting experiment configuration!</b> Since you are only pre-loading the experiment, this will typically
boot.php3.html
reboot (pc158): Attempting to reboot ...
reboot (pc158): Successful!
delaycontrol.php3.html
Use this page to alter the traffic shaping parameters of your
deletegroup.php3.html
<b>Group 'testgroup3' in project 'testproj3' is being removed!</b> ...<br>
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
deleteimageid.php3.html
Image 'testproj3-testimg3' in project testproj3 has been deleted!
deleteosid.php3.html
OS Descriptor 'testosid3' in Project testproj3 has been deleted!
deleteproject.php3.html
Project 'testproj3' is being removed!<br><br>
<b>Done!</b>
deleteuser.php3.1.html
<b>User 'testusr3' is being removed!</b> ...<br>
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
deleteuser.php3.html
<b>User 'testusr3' is being removed!</b> ...<br>
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
editexp.php3.html
<h3 class="submenuheader">Experiment Options</h3>
editgroup.php3.html
<title>MyEmulab.Net - Show Group Information</title>
Show Group Information</h2>
editimageid.php3.html
<h3 class="submenuheader">More Options</h3>
editnodetype.php3.html
<title>MyEmulab.Net - Edit Node Type</title>
Edit Node Type</h2>
editsitevars.php3.html
</tr><tr><td>&nbsp;<b>batch/retry_wait</b>&nbsp;</td>
endexp.php3.html
This will take a few moments; please be <em>patient</em>.<br>
You will be notified via email when the experiment has been torn
feedback.php3.html
<center><h3><br>Done!</h3></center>
freezeuser.php3.html
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
gensslcert.php3.html
Your new SSL certificate has been created. You can
joinproject.php3.html
As a pending user of the Testbed you will receive a key via email.
kb-manage.php3.html
<center><b>Knowledge Base Entry: 265 test_tag</b><br>(<a href="https://myboss.vulnelab.testbed.emulab.net/kb-search.php3">Search Again</a>)</center>
kb-search.php3.html
<font size=+2>Knowledge Base search results</font>
linktest.php3.html
Are you <b>sure</b> you want to run linktest?
loadimage.php3.html
<h2><b>Warning!</b><br />Doing a snapshot of node 'pc158' into image 'testproj3-testimg3' will overwrite any previous snapshot for that image. Are you sure you want to continue?</h2><input type='hidden' name='node' value='pc158'></input><input type='hidden' name='imageid' value='testproj3-testimg3'></input><input type='submit' name='confirmed' value='Confirm'></input>&nbsp;<input type='submit' name='cancelled' value='Cancel'></input>
modifyexp.php3.html
<b>Your experiment is being modified!</b> You will be notified via email when the experiment has finished modifying and you are able to proceed. This typically takes less than 10 minutes, depending on the number of nodes in the experiment. If you do not receive email notification within a reasonable amount time, please contact <a href="mailto:testbed-ops@myops.vulnelab.testbed.emulab.net">
modnodeattributes.php3.html
<h3>Node attributes successfully modified!</h3><p>
moduserinfo.php3.html
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
newgroup.php3.html
<b>Creating project group testgroup3.</b> ...<br>
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
newimageid.php3.html
<h3 class="submenuheader">More Options</h3>
newimageid_ez.php3.html
Continue only if this is what you want.</h2><br /><form enctype="multipart/form-data" action='newimageid_ez.php3.html'
newmmlist.php3.html
<center><h2>testproj3-testlist mailing list administration<br>General Options Section</h2></center><hr>
newnodelog.php3.html
Log for node pc158.
newosid.php3.html
<h3 class="submenuheader">More Options</h3>
newproject.php3.html
Your project request has been successfully queued.
nodecontrol.php3.html
<h3>Node parameters successfully modified!</h3><p>
nscheck.php3.html
<center><br><br><h2>Your NS file looks good!</h2></center>
nsgen.php3.html
This template is for creating a DevBox for building software
plab_ez.php3.html
<p><b>To finish creating your slice, edit the
powertime.php3.html
<center>Updated power time for:<br><br><b>pc158</b><br></center><!-- end content -->
prereserve_node.php3.html
<h3 class="submenuheader">Node Options</h3>
replayexp.php3.html
<center><h2>Starting event replay. Please wait a moment ...
showpubkeys.php3.html
Current ssh public keys for user fish.
Enter ssh public keys for user
showsfskeys.php3.html
Enter sfs public keys for user fish[<b>1</b>].
showsumstats.php3.html
<b>Range: <a class='static'
showuser_list.php3.html
There are 2 logged in users.
template_create.php.html
This will take a few moments; please be <em>patient</em>.<br>
ClearBusyIndicators('<center><b>Done!</b></center>');
updateaccounts.php3.html
You will be notified via email when the update has completed on
================ failure ================
changeuid.php.html
<title>MyEmulab.Net - Page Error</title>
Page Error</h2>
The user fish must be unapproved (but verified) to change!
deletepubkey.php3.html
<title>MyEmulab.Net - Page Error</title>
Page Error</h2>
Public Key for user 'testusr3' does not exist!
kb-search.php3.html
<li><a href="https://myboss.vulnelab.testbed.emulab.net/kb-show.php3?idx=174">What does "invalid migration assumptions" mean from "assign"?</a>
newnodes_list.php3.html
At least one node must be selected!
swapexp.php3.html
<h3>swapout and dequeue could not proceed</h3><blockquote><pre>*** swapexp:
================ UNKNOWN ================
This diff is collapsed.
< approveuser_form.php3
< approvewauser_form.php3
< archive_missing.php3
< archive_tag.php3
......@@ -6,16 +5,19 @@
< cdromqueue.php3
< cdromrequest.php3
< chpasswd.php3
> changeuid.php
< deletenodelog.php3
< deletesfskey.php3
< delmmlist.php3
< expaccess_form.php3
< floormap.php3
< login.php3
< menu.php3
< newnode_edit.php3
< nodemon.php3
< nodemon_all.php3
< panicbutton.php3
< password.php3
< remapexp.php3
< request_idleinfo.php3
< request_swapexp.php3
......
......@@ -117,7 +117,6 @@ name="eb$$trust"
name="ee$$trust"
name="eid"
name="elabckup$$trust"
name="email"
name="eventrestart"
name="exptidx"
name="fish$$trust"
......@@ -178,7 +177,7 @@ name="formfields[localnsfile]"
name="formfields[makedefault]"
name="formfields[max_concurrent]"
name="formfields[mem_usage]"
name="formfields[mtype_pc600]"
name="formfields[mtype_pc850]"
name="formfields[new_section]"
name="formfields[node]"
name="formfields[noidleswap_reason]"
......@@ -265,6 +264,7 @@ name="mike$$trust"
name="modbase"
name="mode"
name="name"
name="new_uid"
name="newattribute_name"
name="newattribute_value"
name="newbold$$trust"
......@@ -298,8 +298,6 @@ name="os_shared"
name="os_version"
name="osid"
name="osname"
name="pcplab_okay"
name="phone"
name="pid"
name="poweron"
name="query"
......@@ -307,7 +305,6 @@ name="query_type"
name="query_which"
name="range"
name="reboot"
name="referrer"
name="remap[0]"
name="remap[1]"
name="remap[2]"
......@@ -317,7 +314,6 @@ name="remap[5]"
name="remap[6]"
name="reserved_pid"
name="ricci$$trust"
name="ron_okay"
name="rpms"
name="rricci$$trust"
name="searchfor"
......@@ -340,7 +336,8 @@ name="templatevalues[ImageName]"
name="templatevalues[NodeName]"
name="templatevalues[PLCHWType]"
name="testuser$$trust"
name="uid"
name="testusr2$$approval-testproj/testproj"
name="testusr2$$trust-testproj/testproj"
name="user_interface"
name="value"
name="vname"
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
Probe label: '**{approveproject.php3:head_uid}**
Probe label: '**{approveproject.php3:pid}**
Probe label: '**{boot.php3:node_id}**
Probe label: \'**{delaycontrol.php3:eid}**
Probe label: \'**{delaycontrol.php3:pid}**
Probe label: '**{deletegroup.php3:gid}**
Probe label: '**{deletegroup.php3:pid}**
Probe label: '**{deleteimageid.php3:imageid}**
Probe label: '**{deleteosid.php3:osid}**
Probe label: '**{deleteproject.php3:pid}**
Probe label: '**{editnodetype.php3:node_type}**
Probe label: \'**{editnodetype.php3:formfields[class]}**
Probe label: \'**{kb-manage.php3:formfields[title]}**
Probe label: '**{deleteuser.php3:target_uid}**
Probe label: '**{deleteuser.php3:target_uid}**
Probe label: '**{deleteuser.php3:target_pid}**
Probe label: '**{deleteuser.php3:target_pid}**
Probe label: \'**{editexp.php3:pid}**
Probe label: \'**{editexp.php3:eid}**
Probe label: '**{editgroup.php3:gid}**
Probe label: '**{editgroup.php3:pid}**
Probe label: \'**{editimageid.php3:formfields[description]}**
Probe label: '**{freenode.php3:node_id}**
Probe label: '**{freezeuser.php3:target_uid}**
Probe label: \'**{joinproject.php3:formfields[usr_country]}**
Probe label: \'**{kb-manage.php3:formfields[xref_tag]}**
Probe label: \'**{kb-manage.php3:formfields[body]}**
Probe label: \'**{kb-manage.php3:formfields[new_section]}**
Probe label: \'**{kb-manage.php3:formfields[title]}**
Probe label: \'**{kb-search.php3:query}**
Probe label: \'**{modifyexp.php3:eid}**
Probe label: \'**{modifyexp.php3:pid}**
Probe label: '**{modnodeattributes.php3:node_id}**
Probe label: \'**{newgroup.php3:group_description}**
Probe label: '**{newgroup.php3:group_pid}**
Probe label: \'**{newgroup.php3:group_leader}**
Probe label: '**{newimageid.php3:formfields[node]}**
Probe label: '**{newimageid.php3:formfields[part1_osid]}**
Probe label: '**{newimageid.php3:formfields[default_osid]}**
Probe label: '**{newimageid.php3:formfields[pid]}**
Probe label: '**{newimageid_ez.php3:formfields[node]}**
Probe label: '**{newimageid_ez.php3:formfields[pid]}**
Probe label: '**{newimageid_ez.php3:formfields[gid]}**
Probe label: '**{newnodelog.php3:node_id}**
Probe label: '**{newosid.php3:pid}**
Probe label: '**{nodecontrol.php3:node_id}**
Probe label: '**{replayexp.php3:eid}**
Probe label: '**{replayexp.php3:pid}**
Probe label: '**{showuser_list.php3:searchfor}**
Probe label: '**{swapexp.php3:eid}**
Probe label: '**{swapexp.php3:pid}**
Probe label: '**{updateaccounts.php3:eid}**
Probe label: \'**{updateaccounts.php3:nodeid}**
Probe label: '**{updateaccounts.php3:pid}**
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
This diff is collapsed.
joinproject.php3
kb-search.php3
login.php3
newproject.php3
password.php3
./myboss.vulnelab.testbed.emulab.net/joinproject.php3:103: <form name=myform enctype=multipart/form-data
./myboss.vulnelab.testbed.emulab.net/kb-search.php3:61: <form action="kb-search.php3" method=get>
./myboss.vulnelab.testbed.emulab.net/login.php3:67: <form action='login.php3' method=post>
./myboss.vulnelab.testbed.emulab.net/login.php3?refer=1:67: <form action='login.php3' method=post>
./myboss.vulnelab.testbed.emulab.net/newproject.php3:108: <form enctype=multipart/form-data name=myform
./myboss.vulnelab.testbed.emulab.net/password.php3:66: <form action="password.php3" method=post>
......@@ -34,19 +34,6 @@
<input type="radio" name="query_which" value="both" checked >
<input type="submit" name="submit" value='Submit Query' >
./myboss.vulnelab.testbed.emulab.net/login.php3
<form action="login.php3" method="post">
<input type="text" name="uid" value="fish@cs.utah.edu" size=30>
<input type="password" name="password" size=12>
<input type="submit" name="login" value="Login" >
./myboss.vulnelab.testbed.emulab.net/login.php3?refer=1
<form action="login.php3" method="post">
<input type="text" name="uid" value="fish@cs.utah.edu" size=30>
<input type="password" name="password" size=12>
<input type="submit" name="login" value="Login" >
<input type="hidden" name="referrer" value="https://myboss.vulnelab.testbed.emulab.net/joinproject.php3" >
./myboss.vulnelab.testbed.emulab.net/newproject.php3
<form enctype=multipart/form-data name=myform action="newproject.php3" method="post">
<input type="text" name="formfields[proj_head_uid]" value="" size=8 maxlength=8>
......@@ -82,9 +69,3 @@
<input type="textarea" name="formfields[proj_why]" rows=10 cols=60>
<input type="submit" name="submit" value="Submit" >
./myboss.vulnelab.testbed.emulab.net/password.php3
<form action="password.php3" method="post">
<input type="text" name="email" value="" size=30>
<input type="text" name="phone" value="" size=20>
<input type="submit" name="reset" value="Reset Password" >
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
approveproject_form.php3
approveuser_form.php3
archive_view.php3
beginexp_form.php3
boot.php3
changeuid.php
delaycontrol.php3
deletegroup.php3
deleteimageid.php3
......@@ -24,7 +26,6 @@ kb-manage.php3
kb-search.php3
linktest.php3
loadimage.php3
login.php3
modifyexp.php3
modnodeattributes_form.php3
moduserinfo.php3
......@@ -40,7 +41,6 @@ news.php3
nodecontrol_form.php3
nscheck_form.php3
nsgen.php3
password.php3
plab_ez.php3
powertime.php3
prereserve_node.php3
......
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -2,29 +2,27 @@ https://myboss.vulnelab.testbed.emulab.net/kb-search.php3?query_type=and&submit=
https://myboss.vulnelab.testbed.emulab.net/archive_tag.php3?exptidx=7
https://myboss.vulnelab.testbed.emulab.net/archive_tags.php3?exptidx=7
https://myboss.vulnelab.testbed.emulab.net/archive_missing.php3?exptidx=7
post:https://myboss.vulnelab.testbed.emulab.net/boot.php3?confirmed=Confirm&node_id=pc158
post:https://myboss.vulnelab.testbed.emulab.net/delaycontrol.php3?dochange=1&eid=testexp1&pid=testbed&modbase=1
post:https://myboss.vulnelab.testbed.emulab.net/deleteproject.php3?confirmed=Confirm&pid=testbed
post:https://myboss.vulnelab.testbed.emulab.net/editimageid.php3?formfields[mtype_pc600]=Yep&formfields[path]=/proj/testbed/images/testimg.ndz&submit=Submit&formfields[load_address]=&imageid=FBSD45-STD&formfields[description]=Descriptive text.&formfields[frisbee_pid]=0
post:https://myboss.vulnelab.testbed.emulab.net/editnodetype.php3?deletes[trivlink_maxspeed]=checked&deletes[power_delay]=checked&attributes[memory]=XXX&deletes[frequency]=checked&attributes[bootdisk_unit]=0&formfields[isdynamic]=0&deletes[disktype]=checked&deletes[disksize]=checked&deletes[delay_osid]=checked&attributes[control_interface]=ethX&attributes[bios_waittime]=60&attributes[virtnode_capacity]=20&attributes[delay_capacity]=2&deletes[delay_capacity]=checked&deletes[adminmfs_osid]=checked&formfields[issubnode]=0&attributes[frequency]=XXX&attributes[disktype]=ad&attributes[disksize]=0.00&deletes[bootdisk_unit]=checked&formfields[isplabdslice]=0&formfields[isjailed]=0&deletes[memory]=checked&attributes[control_network]=X&newattribute_name=&attributes[default_osid]=X&deletes[control_interface]=checked&formfields[isremotenode]=0&formfields[isvirtnode]=0&submit=Submit&deletes[virtnode_capacity]=checked&attributes[processor]=PIII&deletes[processor]=checked&attributes[jail_osid]=X&attributes[delay_osid]=X&attributes[default_imageid]=X&deletes[control_network]=checked&formfields[issimnode]=0&node_type=pctest&attributes[simnode_capacity]=650&attributes[power_delay]=60&deletes[max_interfaces]=checked&deletes[jail_osid]=checked&deletes[bios_waittime]=checked&newattribute_value=&attributes[trivlink_maxspeed]=400000&deletes[simnode_capacity]=checked&deletes[rebootable]=checked&deletes[imageable]=checked&deletes[default_osid]=checked&deletes[default_imageid]=checked&attributes[rebootable]=1&attributes[diskloadmfs_osid]=FRISBEE-MFS&formfields[class]=pc&new_type=1&attributes[max_interfaces]=X&attributes[imageable]=1&deletes[diskloadmfs_osid]=checked&attributes[adminmfs_osid]=FREEBSD-MFS
post:https://myboss.vulnelab.testbed.emulab.net/editsitevars.php3?name=batch/retry_wait&value=
https://myboss.vulnelab.testbed.emulab.net/boot.php3?post:confirmed=Confirm&node_id=pc158
https://myboss.vulnelab.testbed.emulab.net/delaycontrol.php3?post:dochange=1&eid=testexp1&pid=testbed&modbase=1
https://myboss.vulnelab.testbed.emulab.net/editimageid.php3?imageid=testproj-testimg?post:formfields[path]=/proj/testbed/images/testimg.ndz&formfields[mtype_pc850]=Yep&submit=Submit&formfields[load_address]=&formfields[description]=Descriptive text.&formfields[frisbee_pid]=0
https://myboss.vulnelab.testbed.emulab.net/editnodetype.php3?node_type=pctest?post:formfields[isdynamic]=0&formfields[issubnode]=0&formfields[isplabdslice]=0&formfields[isjailed]=0&newattribute_name=&formfields[isremotenode]=0&formfields[isvirtnode]=0&submit=Submit&formfields[issimnode]=0&node_type=pctest&newattribute_value=&formfields[class]=pc
https://myboss.vulnelab.testbed.emulab.net/editsitevars.php3?post:name=batch/retry_wait&value=
https://myboss.vulnelab.testbed.emulab.net/feedback.php3?mode=clear&confirmed=Confirm&clear_last=1&eid=testexp1&clear_bootstrap=1&pid=testbed
post:https://myboss.vulnelab.testbed.emulab.net/gensslcert.php3?formfields[passphrase1]=EinE_tmp&submit=Create SSL Cert&formfields[passphrase2]=EinE_tmp&formfields[target_uid]=testuser
post:https://myboss.vulnelab.testbed.emulab.net/kb-manage.php3?formfields[xref_tag]=test_tag&formfields[title]=Test title.&submit=Submit&formfields[section]=none&formfields[body]=Test body.&formfields[faq_entry]=0&formfields[new_section]=test_section
post:https://myboss.vulnelab.testbed.emulab.net/linktest.php3?level=0&eid=testexp1&pid=testbed
post:https://myboss.vulnelab.testbed.emulab.net/modnodeattributes.php3?_newattrs[0]=&refer=&_newvals[0]=&node_id=pc158
post:https://myboss.vulnelab.testbed.emulab.net/moduserinfo.php3?formfields[usr_country]=USA&formfields[user_interface]=plab&formfields[usr_city]=Salt Lake Silly&formfields[usr_affil]=Emulab Scripts&formfields[usr_state]=UT&formfields[usr_URL]=http://www.emulab.net&formfields[usr_name]=Test User&submit=Submit&formfields[usr_addr]=Silly&formfields[target_uid]=testuser&formfields[notes]=&formfields[password1]=EinE_tmp&formfields[usr_email]=fish@flux.utah.edu&formfields[password2]=EinE_tmp&formfields[usr_phone]=801-123-4567&formfields[w_password1]=zyiOEjpw&formfields[usr_zip]=12345&formfields[w_password2]=&formfields[usr_shell]=sh&formfields[usr_addr2]=Address&formfields[usr_title]=Tester
post:https://myboss.vulnelab.testbed.emulab.net/newnodelog.php3?log_type=misc&log_entry=Test log entry.&node_id=pc158
https://myboss.vulnelab.testbed.emulab.net/gensslcert.php3?post:formfields[passphrase1]=EinE_tmp&submit=Create SSL Cert&formfields[passphrase2]=EinE_tmp&formfields[target_uid]=testuser
https://myboss.vulnelab.testbed.emulab.net/linktest.php3?post:level=0&eid=testexp1&pid=testbed
https://myboss.vulnelab.testbed.emulab.net/modnodeattributes.php3?refer=?post:_newattrs[0]=&_newvals[0]=&node_id=pc158
https://myboss.vulnelab.testbed.emulab.net/moduserinfo.php3?post:formfields[usr_country]=USA&formfields[user_interface]=plab&formfields[usr_city]=Salt Lake Silly&formfields[usr_affil]=Emulab Scripts&formfields[usr_state]=UT&formfields[usr_URL]=http://www.emulab.net&formfields[usr_name]=Test User&submit=Submit&formfields[usr_addr]=Silly&formfields[target_uid]=testuser&formfields[notes]=&formfields[password1]=EinE_tmp&formfields[usr_email]=fish@cs.utah.edu&formfields[password2]=EinE_tmp&formfields[usr_phone]=801-123-4567&formfields[w_password1]=Zow-eee&formfields[usr_zip]=12345&formfields[w_password2]=Zow-eee&formfields[usr_shell]=sh&formfields[usr_addr2]=Address&formfields[usr_title]=Tester
https://myboss.vulnelab.testbed.emulab.net/newnodelog.php3?post:log_type=misc&log_entry=Test log entry.&node_id=pc158
https://myboss.vulnelab.testbed.emulab.net/newnodes_list.php3?remap[4]=&remap[5]=&newprefix=&remap[6]=&newtype=&create=Create selected nodes&remap[0]=&remap[1]=&remap[2]=&remap[3]=&addnumber=
post:https://myboss.vulnelab.testbed.emulab.net/nodecontrol.php3?rpms=&next_boot_osid=&def_boot_osid=CONSUME&temp_boot_osid=&startupcmd=&node_type=pctest&tarballs=&refer=&next_boot_cmd_line=&def_boot_cmd_line=&node_id=pc158
post:https://myboss.vulnelab.testbed.emulab.net/nscheck.php3?MAX_FILE_SIZE=1024&formfields[exp_localnsfile]=/users/fish/shaped-2-nodes.ns
https://myboss.vulnelab.testbed.emulab.net/nodecontrol.php3?refer=?post:rpms=&next_boot_osid=&def_boot_osid=CONSUME&temp_boot_osid=&startupcmd=&node_type=pctest&tarballs=&next_boot_cmd_line=&def_boot_cmd_line=&node_id=pc158
https://myboss.vulnelab.testbed.emulab.net/nscheck.php3?post:MAX_FILE_SIZE=1024&formfields[exp_localnsfile]=/users/fish/shaped-2-nodes.ns
https://myboss.vulnelab.testbed.emulab.net/nsgen.php3?template=plabdevbox&templatevalues[ImageName]=PLAB-DEVBOX&templatevalues[NodeName]=devbox&templatevalues[HWType]=pc
https://myboss.vulnelab.testbed.emulab.net/plab_ez.php3?formfields[count]=10&formfields[when]=52&submit=Create it&formfields[type]=pcplab&formfields[canfail]=Yep&formfields[units]=168&formfields[resusage]=3
https://myboss.vulnelab.testbed.emulab.net/plab_ez.php3?formfields[count]=1&formfields[when]=1&submit=Create it&formfields[type]=pcplab&formfields[canfail]=Yep&formfields[units]=168&formfields[resusage]=1
https://myboss.vulnelab.testbed.emulab.net/powertime.php3?nodes[]=pc158&poweron=Yep&confirmed=Confirm
post:https://myboss.vulnelab.testbed.emulab.net/prereserve_node.php3?submit=Submit&reserved_pid=&node_id=cisco1
post:https://myboss.vulnelab.testbed.emulab.net/replayexp.php3?confirmed=Confirm&eid=testexp1&pid=testbed