asriz7777
commented
5 years ago Project : FXABAC TEST
Template : NullPutAccountuserbDisallowHijack1
Run Id : 8a808011699a990101699ab3901a2277
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 500
Headers : {}
Endpoint : http://13.56.210.25null
Request :
{
"accessKey" : "irY3NF1Z",
"accountType" : "AZURE",
"allowedRegions" : [ "irY3NF1Z" ],
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "irY3NF1Z",
"org" : "",
"prop1" : "irY3NF1Z",
"prop2" : "irY3NF1Z",
"prop3" : "irY3NF1Z",
"region" : "irY3NF1Z",
"secretKey" : "irY3NF1Z",
"version" : ""
}
Response :
I/O error on PUT request for "http://13.56.210.25null": 13.56.210.25null; nested exception is java.net.UnknownHostException: 13.56.210.25null
Logs :
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Request [{
"billingEmail" : "TUx26OgY",
"company" : "Brekke Group",
"createdBy" : "",
"createdDate" : "",
"description" : "TUx26OgY",
"id" : "",
"inactive" : false,
"location" : "TUx26OgY",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "TUx26OgY",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:53.474+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2IyYzNiMWEtMmYyMi00MDgyLTg3MmItNTZmM2U2NDUwNzY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Time [1176]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1] : Size [121]
2019-03-20 10:44:53 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2IyYzNiMWEtMmYyMi00MDgyLTg3MmItNTZmM2U2NDUwNzY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2IyYzNiMWEtMmYyMi00MDgyLTg3MmItNTZmM2U2NDUwNzY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2IyYzNiMWEtMmYyMi00MDgyLTg3MmItNTZmM2U2NDUwNzY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:53 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2IyYzNiMWEtMmYyMi00MDgyLTg3MmItNTZmM2U2NDUwNzY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Request [{
"accessKey" : "QerByO1F",
"accountType" : "GitLab",
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "QerByO1F",
"org" : "",
"prop1" : "QerByO1F",
"prop2" : "QerByO1F",
"prop3" : "QerByO1F",
"region" : "QerByO1F",
"secretKey" : "QerByO1F",
"version" : ""
}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:54.733+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])",
"path" : "/api/v1/accounts"
}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDg4OTBiYjEtOWJiMi00MDJmLWJlYTUtNTMxYTY1MGZkNDE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Time [1266]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1] : Size [722]
2019-03-20 10:44:54 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDg4OTBiYjEtOWJiMi00MDJmLWJlYTUtNTMxYTY1MGZkNDE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDg4OTBiYjEtOWJiMi00MDJmLWJlYTUtNTMxYTY1MGZkNDE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDg4OTBiYjEtOWJiMi00MDJmLWJlYTUtNTMxYTY1MGZkNDE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:54 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDg4OTBiYjEtOWJiMi00MDJmLWJlYTUtNTMxYTY1MGZkNDE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Method [POST]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Request [{
"billingEmail" : "BCXSBkge",
"company" : "Pollich-Pollich",
"createdBy" : "",
"createdDate" : "",
"description" : "BCXSBkge",
"id" : "",
"inactive" : false,
"location" : "BCXSBkge",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BCXSBkge",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:56.081+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODk0YzRkNzktNGI4OS00NjQzLTg3N2QtMjI1M2MyNDNhMmMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:55 GMT]}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : StatusCode [403]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Time [1284]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1] : Size [121]
2019-03-20 10:44:56 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODk0YzRkNzktNGI4OS00NjQzLTg3N2QtMjI1M2MyNDNhMmMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:55 GMT]}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODk0YzRkNzktNGI4OS00NjQzLTg3N2QtMjI1M2MyNDNhMmMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:55 GMT]}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODk0YzRkNzktNGI4OS00NjQzLTg3N2QtMjI1M2MyNDNhMmMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:55 GMT]}]
2019-03-20 10:44:56 DEBUG [OrgCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODk0YzRkNzktNGI4OS00NjQzLTg3N2QtMjI1M2MyNDNhMmMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:55 GMT]}]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : URL [http://13.56.210.25null]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Method [PUT]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Request [{
"accessKey" : "irY3NF1Z",
"accountType" : "AZURE",
"allowedRegions" : [ "irY3NF1Z" ],
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "irY3NF1Z",
"org" : "",
"prop1" : "irY3NF1Z",
"prop2" : "irY3NF1Z",
"prop3" : "irY3NF1Z",
"region" : "irY3NF1Z",
"secretKey" : "irY3NF1Z",
"version" : ""
}]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Response [I/O error on PUT request for "http://13.56.210.25null": 13.56.210.25null; nested exception is java.net.UnknownHostException: 13.56.210.25null]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Response-Headers [{}]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : StatusCode [500]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Time [6]
2019-03-20 10:44:56 DEBUG [NullPutAccountuserbDisallowHijack1] : Size [141]
2019-03-20 10:44:56 ERROR [NullPutAccountuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:57.570+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/accounts/"
}]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NzZmMDY0MTYtOGZhZi00ODMyLWI5MzYtODZjMTBjNGMzYjEz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:56 GMT]}]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [1481]
2019-03-20 10:44:57 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163]
2019-03-20 10:44:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{
"timestamp" : "2019-03-20T10:44:58.565+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/orgs/"
}]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzg5ZTUwMmMtNmZjNi00ZmVjLWJiODItMmIxODZiZWU2ZjNi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:57 GMT]}]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [1000]
2019-03-20 10:44:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159]
2019-03-20 10:44:58 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
--- FX Bot ---
Project : FXABAC TEST
Template : NullPutAccountuserbDisallowHijack1
Run Id : 8a808011699a990101699ab0f9761b20
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 500
Headers : {}
Endpoint : http://13.56.210.25null
Request :
{ "accessKey" : "qoMnvVDv", "accountType" : "AZURE", "allowedRegions" : [ "qoMnvVDv" ], "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "qoMnvVDv", "org" : "", "prop1" : "qoMnvVDv", "prop2" : "qoMnvVDv", "prop3" : "qoMnvVDv", "region" : "qoMnvVDv", "secretKey" : "qoMnvVDv", "version" : "" }
Response :
I/O error on PUT request for "http://13.56.210.25null": 13.56.210.25null; nested exception is java.net.UnknownHostException: 13.56.210.25null
Logs :
2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Request [{ "billingEmail" : "RAqxmHmz", "company" : "Stiedemann Inc", "createdBy" : "", "createdDate" : "", "description" : "RAqxmHmz", "id" : "", "inactive" : false, "location" : "RAqxmHmz", "modifiedBy" : "", "modifiedDate" : "", "name" : "RAqxmHmz", "orgPlan" : "TEAM", "orgType" : "ENTERPRISE", "version" : "" }] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:56.879+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmZiZjkwODUtMWU4YS00MmExLWJjN2UtNzM1YTZlZWZjNmUy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Time [430] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1] : Size [121] 2019-03-20 10:41:56 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmZiZjkwODUtMWU4YS00MmExLWJjN2UtNzM1YTZlZWZjNmUy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmZiZjkwODUtMWU4YS00MmExLWJjN2UtNzM1YTZlZWZjNmUy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmZiZjkwODUtMWU4YS00MmExLWJjN2UtNzM1YTZlZWZjNmUy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:56 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmZiZjkwODUtMWU4YS00MmExLWJjN2UtNzM1YTZlZWZjNmUy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Request [{ "accessKey" : "0AH7GQVt", "accountType" : "GitLab", "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "0AH7GQVt", "org" : "", "prop1" : "0AH7GQVt", "prop2" : "0AH7GQVt", "prop3" : "0AH7GQVt", "region" : "0AH7GQVt", "secretKey" : "0AH7GQVt", "version" : "" }] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:57.371+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance of
com.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])", "path" : "/api/v1/accounts" }] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzc2ODI5YWEtNjRkZC00N2E4LWExMzAtYWJlNzZjODVmNzUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Time [490] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1] : Size [722] 2019-03-20 10:41:57 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzc2ODI5YWEtNjRkZC00N2E4LWExMzAtYWJlNzZjODVmNzUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzc2ODI5YWEtNjRkZC00N2E4LWExMzAtYWJlNzZjODVmNzUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzc2ODI5YWEtNjRkZC00N2E4LWExMzAtYWJlNzZjODVmNzUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzc2ODI5YWEtNjRkZC00N2E4LWExMzAtYWJlNzZjODVmNzUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/orgs] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Method [POST] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Request [{ "billingEmail" : "SmzbwYhu", "company" : "Olson LLC", "createdBy" : "", "createdDate" : "", "description" : "SmzbwYhu", "id" : "", "inactive" : false, "location" : "SmzbwYhu", "modifiedBy" : "", "modifiedDate" : "", "name" : "SmzbwYhu", "orgPlan" : "TEAM", "orgType" : "ENTERPRISE", "version" : "" }] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:57.832+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmJhZDJhODEtMTQzZi00ZWI4LTkwMTgtZmQzMDQ5YzllM2M2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : StatusCode [403] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Time [404] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1] : Size [121] 2019-03-20 10:41:57 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmJhZDJhODEtMTQzZi00ZWI4LTkwMTgtZmQzMDQ5YzllM2M2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmJhZDJhODEtMTQzZi00ZWI4LTkwMTgtZmQzMDQ5YzllM2M2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmJhZDJhODEtMTQzZi00ZWI4LTkwMTgtZmQzMDQ5YzllM2M2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:57 DEBUG [OrgCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmJhZDJhODEtMTQzZi00ZWI4LTkwMTgtZmQzMDQ5YzllM2M2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : URL [http://13.56.210.25null] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Method [PUT] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Request [{ "accessKey" : "qoMnvVDv", "accountType" : "AZURE", "allowedRegions" : [ "qoMnvVDv" ], "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "qoMnvVDv", "org" : "", "prop1" : "qoMnvVDv", "prop2" : "qoMnvVDv", "prop3" : "qoMnvVDv", "region" : "qoMnvVDv", "secretKey" : "qoMnvVDv", "version" : "" }] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Response [I/O error on PUT request for "http://13.56.210.25null": 13.56.210.25null; nested exception is java.net.UnknownHostException: 13.56.210.25null] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Response-Headers [{}] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : StatusCode [500] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Time [7] 2019-03-20 10:41:57 DEBUG [NullPutAccountuserbDisallowHijack1] : Size [141] 2019-03-20 10:41:57 ERROR [NullPutAccountuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:58.252+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/accounts/" }] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTdhMmQzNDMtZDhjZC00NTdjLThlNmItN2RlMDdiZGI0Y2U3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [414] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163] 2019-03-20 10:41:58 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{ "timestamp" : "2019-03-20T10:41:58.649+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGEzOTIyNmEtOTAwYS00MTkxLTk0N2MtNTE5ZTZlNDg4NTY4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:58 GMT]}] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [384] 2019-03-20 10:41:58 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159] 2019-03-20 10:41:58 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]--- FX Bot ---