search

amjadafanah / FX-SAAS-9

This project is for testing the security and quality of APIs in FX SaaS
0 stars 0 forks source link

FX-SAAS-9 : ApiV1BotClustersIdGetPathParamSqlInjectionMysqlId #423

Open amjadafanah opened 6 years ago

amjadafanah commented 6 years ago

Project : FX-SAAS-9

Job : Dev

Env : Dev

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 200

Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Sat, 08 Sep 2018 10:40:21 GMT]}

Endpoint : http://13.56.210.25/api/v1/bot-clusters/

Request :

Response :
{ "requestId" : "None", "requestTime" : "2018-09-08T10:40:21.737+0000", "errors" : false, "messages" : [ ], "data" : [ { "id" : "8a808098657bbaa501657c38aeac07ef", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T16:30:14.188+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T16:30:14.236+0000", "version" : null, "inactive" : false, "org" : { "id" : "8a80808a657aacf801657af6998c001f", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T10:38:26.188+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T11:27:59.360+0000", "version" : null, "inactive" : false, "name" : "FXLabs_QA" }, "account" : { "id" : "8a80808a657aacf801657af6998e0021", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T10:38:26.190+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T10:38:26.190+0000", "version" : null, "inactive" : false, "name" : "Default_SelfHosted", "region" : null, "accessKey" : null, "secretKey" : null, "org" : { "id" : "8a80808a657aacf801657af6998c001f", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T10:38:26.188+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T11:27:59.360+0000", "version" : null, "inactive" : false, "name" : "FXLabs_QA" }, "accountType" : "Self_Hosted", "prop1" : null, "prop2" : null, "prop3" : null, "allowedRegions" : [ ] }, "driver" : "MANUAL", "status" : null, "visibility" : "PRIVATE", "cloudType" : "OTHER", "name" : "Shan Khan", "region" : "Self_Hosted", "key" : "aHZ9wU9eVu9z1sevNAuKnRvvgbWNXOXYs2OR19SMmyk=", "min" : 1, "max" : null, "live" : null, "nodeId" : null, "manual" : false, "manualScript" : "docker run -d -e FX_HOST=13.56.210.25 -e FX_PORT=5672 -e FX_SSL=false -e FX_IAM=sH6XxQyw785qzH0jdQWNUfCYXIR8EOev -e FX_KEY=aHZ9wU9eVu9z1sevNAuKnRvvgbWNXOXYs2OR19SMmyk= fxlabs/bot:latest" } ], "totalPages" : 1, "totalElements" : 1 }

Logs :
Assertion [@ResponseTime >= 5000] failed, expected value [5000] but found [11] --- FX Bot ---

amjadafanah commented 6 years ago

Project : FX-SAAS-9

Job : Dev

Env : Dev

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 200

Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Mon, 10 Sep 2018 10:39:59 GMT]}

Endpoint : http://13.56.210.25/api/v1/bot-clusters/

Request :

Response :
{ "requestId" : "None", "requestTime" : "2018-09-10T10:39:59.949+0000", "errors" : false, "messages" : [ ], "data" : [ { "id" : "8a808098657bbaa501657c38aeac07ef", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T16:30:14.188+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T16:30:14.236+0000", "version" : null, "inactive" : false, "org" : { "id" : "8a80808a657aacf801657af6998c001f", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T10:38:26.188+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T11:27:59.360+0000", "version" : null, "inactive" : false, "name" : "FXLabs_QA" }, "account" : { "id" : "8a80808a657aacf801657af6998e0021", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T10:38:26.190+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T10:38:26.190+0000", "version" : null, "inactive" : false, "name" : "Default_SelfHosted", "region" : null, "accessKey" : null, "secretKey" : null, "org" : { "id" : "8a80808a657aacf801657af6998c001f", "createdBy" : "8a80808a657aacf801657ab17ca30000", "createdDate" : "2018-08-27T10:38:26.188+0000", "modifiedBy" : "8a80808a657aacf801657ab17ca30000", "modifiedDate" : "2018-08-27T11:27:59.360+0000", "version" : null, "inactive" : false, "name" : "FXLabs_QA" }, "accountType" : "Self_Hosted", "prop1" : null, "prop2" : null, "prop3" : null, "allowedRegions" : [ ] }, "driver" : "MANUAL", "status" : null, "visibility" : "PRIVATE", "cloudType" : "OTHER", "name" : "Shan Khan", "region" : "Self_Hosted", "key" : "aHZ9wU9eVu9z1sevNAuKnRvvgbWNXOXYs2OR19SMmyk=", "min" : 1, "max" : null, "live" : null, "nodeId" : null, "manual" : false, "manualScript" : "docker run -d -e FX_HOST=13.56.210.25 -e FX_PORT=5672 -e FX_SSL=false -e FX_IAM=sH6XxQyw785qzH0jdQWNUfCYXIR8EOev -e FX_KEY=aHZ9wU9eVu9z1sevNAuKnRvvgbWNXOXYs2OR19SMmyk= fxlabs/bot:latest" } ], "totalPages" : 1, "totalElements" : 1 }

Logs :
Assertion [@ResponseTime >= 5000] failed, expected value [5000] but found [65] --- FX Bot ---

amjadafanah commented 6 years ago

Project : FX-SAAS-9

Job : Dev

Env : Dev

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 200

Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 12 Sep 2018 10:51:07 GMT]}

Endpoint : http://13.56.210.25/api/v1/bot-clusters/

Request :

Response :
{ "requestId" : "None", "requestTime" : "2018-09-12T10:51:08.486+0000", "errors" : false, "messages" : [ ], "data" : [ ], "totalPages" : 0, "totalElements" : 0 }

Logs :
Assertion [@ResponseTime >= 5000] failed, expected value [5000] but found [13] --- FX Bot ---

amjadafanah commented 6 years ago

Project : FX-SAAS-9

Job : Dev

Env : Dev

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 200

Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Tue, 18 Sep 2018 10:48:09 GMT]}

Endpoint : http://13.56.210.25/api/v1/bot-clusters/

Request :

Response :
{ "requestId" : "None", "requestTime" : "2018-09-18T10:48:10.600+0000", "errors" : false, "messages" : [ ], "data" : [ ], "totalPages" : 0, "totalElements" : 0 }

Logs :
Assertion [@ResponseTime >= 5000] failed, expected value [5000] but found [14] --- FX Bot ---