asriz7777
commented
5 years ago Project : FXABAC TEST
Template : ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1
Run Id : 8a808011699a990101699ab3901a2277
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 200
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGM5MWQ5ZjUtNmRkYy00MzkwLWJjYzYtOTNkOGNhY2JjZGQ4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:53 GMT]}
Endpoint : http://13.56.210.25/api/v1/resources
Request :
{
"definition" : "US0H50jv",
"dependency" : "US0H50jv",
"endpoints" : [ {
"coverageStatus" : { },
"endpoint" : "US0H50jv",
"method" : "US0H50jv",
"parameters" : [ {
"body" : "US0H50jv",
"defaultValue" : "US0H50jv",
"description" : "US0H50jv",
"endpointId" : "US0H50jv",
"format" : "US0H50jv",
"in" : "US0H50jv",
"name" : "US0H50jv",
"required" : false,
"type" : "US0H50jv"
} ],
"pathDependency" : "US0H50jv",
"projectId" : "US0H50jv",
"queryDependency" : "US0H50jv",
"responses" : [ {
"contentType" : "US0H50jv",
"endpointId" : "US0H50jv",
"ref" : "US0H50jv",
"response" : "US0H50jv",
"responseStatus" : "US0H50jv"
} ],
"sequenceOrder" : "1192182285",
"tags" : "US0H50jv",
"typeThreePath" : "US0H50jv"
} ],
"enumValues" : "US0H50jv",
"id" : "8a808003699a9ebf01699ab42c5b06a4",
"inactive" : false,
"path" : "US0H50jv",
"projectId" : "US0H50jv",
"resourceName" : "US0H50jv",
"tags" : "US0H50jv",
"typeThreeDefination" : "US0H50jv",
"typeThreePath" : "US0H50jv"
}
Response :
{
"requestId" : "None",
"requestTime" : "2019-03-20T10:44:54.077+0000",
"errors" : false,
"messages" : [ ],
"data" : {
"id" : "8a808003699a9ebf01699ab42c5b06a4",
"projectId" : "US0H50jv",
"resourceName" : "US0H50jv",
"definition" : "US0H50jv",
"path" : "US0H50jv",
"tags" : "US0H50jv",
"enumValues" : "US0H50jv",
"dependency" : "US0H50jv",
"typeThreeDefination" : "US0H50jv",
"typeThreePath" : "US0H50jv",
"inactive" : false,
"endpoints" : null
},
"totalPages" : 0,
"totalElements" : 0
}
Logs :
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Request [{
"billingEmail" : "zRrTCY6Y",
"company" : "Weber and Sons",
"createdBy" : "",
"createdDate" : "",
"description" : "zRrTCY6Y",
"id" : "",
"inactive" : false,
"location" : "zRrTCY6Y",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "zRrTCY6Y",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:48.664+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDYxZTJkNjAtZDkwNS00ZDViLWIwMjMtMjJjYzU1ZTYxY2Jl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Time [1089]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1] : Size [121]
2019-03-20 10:44:48 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDYxZTJkNjAtZDkwNS00ZDViLWIwMjMtMjJjYzU1ZTYxY2Jl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDYxZTJkNjAtZDkwNS00ZDViLWIwMjMtMjJjYzU1ZTYxY2Jl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDYxZTJkNjAtZDkwNS00ZDViLWIwMjMtMjJjYzU1ZTYxY2Jl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:48 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDYxZTJkNjAtZDkwNS00ZDViLWIwMjMtMjJjYzU1ZTYxY2Jl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Request [{
"accessKey" : "0iHLRI2D",
"accountType" : "GitLab",
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "0iHLRI2D",
"org" : "",
"prop1" : "0iHLRI2D",
"prop2" : "0iHLRI2D",
"prop3" : "0iHLRI2D",
"region" : "0iHLRI2D",
"secretKey" : "0iHLRI2D",
"version" : ""
}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:49.499+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])",
"path" : "/api/v1/accounts"
}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjVjNzc4Y2QtZGUzMy00MmU3LTk4MjAtYmU4MjM5ZTc3ODU0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Time [833]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1] : Size [722]
2019-03-20 10:44:49 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjVjNzc4Y2QtZGUzMy00MmU3LTk4MjAtYmU4MjM5ZTc3ODU0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjVjNzc4Y2QtZGUzMy00MmU3LTk4MjAtYmU4MjM5ZTc3ODU0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjVjNzc4Y2QtZGUzMy00MmU3LTk4MjAtYmU4MjM5ZTc3ODU0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjVjNzc4Y2QtZGUzMy00MmU3LTk4MjAtYmU4MjM5ZTc3ODU0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Request [{
"accessKey" : "rFnlYxmq",
"createdBy" : "",
"createdDate" : "",
"description" : "rFnlYxmq",
"host" : "rFnlYxmq",
"id" : "",
"inactive" : false,
"key" : "rFnlYxmq",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "rFnlYxmq",
"org" : "",
"prop1" : "rFnlYxmq",
"prop2" : "rFnlYxmq",
"prop3" : "rFnlYxmq",
"prop4" : "rFnlYxmq",
"prop5" : "rFnlYxmq",
"secretKey" : "rFnlYxmq",
"skillType" : "BOT_DEPLOYMENT",
"version" : ""
}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:50.376+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])",
"path" : "/api/v1/skills"
}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2RjM2MxNGEtODQ4Ny00YTdhLTllYzktNGE0NTllYjkxMDkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Time [881]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1] : Size [716]
2019-03-20 10:44:50 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2RjM2MxNGEtODQ4Ny00YTdhLTllYzktNGE0NTllYjkxMDkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2RjM2MxNGEtODQ4Ny00YTdhLTllYzktNGE0NTllYjkxMDkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2RjM2MxNGEtODQ4Ny00YTdhLTllYzktNGE0NTllYjkxMDkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:50 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2RjM2MxNGEtODQ4Ny00YTdhLTllYzktNGE0NTllYjkxMDkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{
"account" : "",
"createdBy" : "",
"createdDate" : "",
"description" : "4SsUPhTt",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "4SsUPhTt",
"org" : "",
"prop1" : "4SsUPhTt",
"prop2" : "4SsUPhTt",
"prop3" : "4SsUPhTt",
"prop4" : "4SsUPhTt",
"prop5" : "4SsUPhTt",
"skill" : "",
"state" : "INACTIVE",
"version" : "",
"visibility" : "ORG_PUBLIC"
}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:51.337+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])",
"path" : "/api/v1/issue-trackers/issue-tracker-bot"
}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM2ZDVkMjQtYTQxNC00YzJhLWE0ZGQtMjExY2QzNDNiMjE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:50 GMT]}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [957]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768]
2019-03-20 10:44:51 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM2ZDVkMjQtYTQxNC00YzJhLWE0ZGQtMjExY2QzNDNiMjE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:50 GMT]}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM2ZDVkMjQtYTQxNC00YzJhLWE0ZGQtMjExY2QzNDNiMjE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:50 GMT]}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM2ZDVkMjQtYTQxNC00YzJhLWE0ZGQtMjExY2QzNDNiMjE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:50 GMT]}]
2019-03-20 10:44:51 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM2ZDVkMjQtYTQxNC00YzJhLWE0ZGQtMjExY2QzNDNiMjE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:50 GMT]}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "1433292105",
"branch" : "KKUgYlpk",
"bugsOpen" : "1433292105",
"createdBy" : "",
"createdDate" : "",
"description" : "KKUgYlpk",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "KKUgYlpk",
"issueTracker" : "",
"lastCommit" : "KKUgYlpk",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "KKUgYlpk",
"openAPISpec" : "KKUgYlpk",
"openText" : "KKUgYlpk",
"org" : "",
"props" : null,
"url" : "KKUgYlpk",
"version" : ""
}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:52.161+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWE1NDM3ZGMtYjIxNy00NWZkLTliOTMtMTY2NDQzZDhmZDhj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Time [820]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1] : Size [744]
2019-03-20 10:44:52 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWE1NDM3ZGMtYjIxNy00NWZkLTliOTMtMTY2NDQzZDhmZDhj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWE1NDM3ZGMtYjIxNy00NWZkLTliOTMtMTY2NDQzZDhmZDhj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWE1NDM3ZGMtYjIxNy00NWZkLTliOTMtMTY2NDQzZDhmZDhj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWE1NDM3ZGMtYjIxNy00NWZkLTliOTMtMTY2NDQzZDhmZDhj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/resources]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Request [{
"definition" : "ffBhFct4",
"dependency" : "ffBhFct4",
"enumValues" : "ffBhFct4",
"id" : "",
"inactive" : false,
"path" : "ffBhFct4",
"projectId" : "",
"resourceName" : "ffBhFct4",
"tags" : "ffBhFct4",
"typeThreeDefination" : "ffBhFct4",
"typeThreePath" : "ffBhFct4"
}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Response [{
"requestId" : "None",
"requestTime" : "2019-03-20T10:44:52.955+0000",
"errors" : false,
"messages" : [ ],
"data" : {
"id" : "8a808003699a9ebf01699ab42c5b06a4",
"projectId" : "",
"resourceName" : "ffBhFct4",
"definition" : "ffBhFct4",
"path" : "ffBhFct4",
"tags" : "ffBhFct4",
"enumValues" : "ffBhFct4",
"dependency" : "ffBhFct4",
"typeThreeDefination" : "ffBhFct4",
"typeThreePath" : "ffBhFct4",
"inactive" : false,
"endpoints" : null
},
"totalPages" : 0,
"totalElements" : 0
}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGE0MmJjMDItZGUwMS00M2YxLWEwZDEtZjFlNTQ3NDdhZTVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : StatusCode [200]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Time [795]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Size [419]
2019-03-20 10:44:52 INFO [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [200 == 200 OR 200 == 201] result [Passed]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGE0MmJjMDItZGUwMS00M2YxLWEwZDEtZjFlNTQ3NDdhZTVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGE0MmJjMDItZGUwMS00M2YxLWEwZDEtZjFlNTQ3NDdhZTVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGE0MmJjMDItZGUwMS00M2YxLWEwZDEtZjFlNTQ3NDdhZTVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:52 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGE0MmJjMDItZGUwMS00M2YxLWEwZDEtZjFlNTQ3NDdhZTVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/resources]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Method [POST]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Request [{
"definition" : "US0H50jv",
"dependency" : "US0H50jv",
"endpoints" : [ {
"coverageStatus" : { },
"endpoint" : "US0H50jv",
"method" : "US0H50jv",
"parameters" : [ {
"body" : "US0H50jv",
"defaultValue" : "US0H50jv",
"description" : "US0H50jv",
"endpointId" : "US0H50jv",
"format" : "US0H50jv",
"in" : "US0H50jv",
"name" : "US0H50jv",
"required" : false,
"type" : "US0H50jv"
} ],
"pathDependency" : "US0H50jv",
"projectId" : "US0H50jv",
"queryDependency" : "US0H50jv",
"responses" : [ {
"contentType" : "US0H50jv",
"endpointId" : "US0H50jv",
"ref" : "US0H50jv",
"response" : "US0H50jv",
"responseStatus" : "US0H50jv"
} ],
"sequenceOrder" : "1192182285",
"tags" : "US0H50jv",
"typeThreePath" : "US0H50jv"
} ],
"enumValues" : "US0H50jv",
"id" : "8a808003699a9ebf01699ab42c5b06a4",
"inactive" : false,
"path" : "US0H50jv",
"projectId" : "US0H50jv",
"resourceName" : "US0H50jv",
"tags" : "US0H50jv",
"typeThreeDefination" : "US0H50jv",
"typeThreePath" : "US0H50jv"
}]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Response [{
"requestId" : "None",
"requestTime" : "2019-03-20T10:44:54.077+0000",
"errors" : false,
"messages" : [ ],
"data" : {
"id" : "8a808003699a9ebf01699ab42c5b06a4",
"projectId" : "US0H50jv",
"resourceName" : "US0H50jv",
"definition" : "US0H50jv",
"path" : "US0H50jv",
"tags" : "US0H50jv",
"enumValues" : "US0H50jv",
"dependency" : "US0H50jv",
"typeThreeDefination" : "US0H50jv",
"typeThreePath" : "US0H50jv",
"inactive" : false,
"endpoints" : null
},
"totalPages" : 0,
"totalElements" : 0
}]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGM5MWQ5ZjUtNmRkYy00MzkwLWJjYzYtOTNkOGNhY2JjZGQ4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:53 GMT]}]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : StatusCode [200]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Time [1122]
2019-03-20 10:44:54 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Size [427]
2019-03-20 10:44:54 ERROR [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [200 == 401 OR 200 == 403] result [Failed]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : URL [http://13.56.210.25/api/v1/resources/8a808003699a9ebf01699ab42c5b06a4]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Method [DELETE]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Request [null]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Response [{
"requestId" : "None",
"requestTime" : "2019-03-20T10:44:55.365+0000",
"errors" : false,
"messages" : [ ],
"data" : null,
"totalPages" : 0,
"totalElements" : 0
}]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YTc4ZTU0NTMtMzlmOC00OGMzLWJjZWQtZTI1ZTVjZmM1M2Uz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : StatusCode [200]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Time [1293]
2019-03-20 10:44:55 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Size [139]
2019-03-20 10:44:55 INFO [null] : Assertion [@StatusCode == 200] resolved-to [200 == 200] result [Passed]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:57.050+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/projects/"
}]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTA4ZWZjZjktMDg4YS00ODMxLTg2ZDctMThhMTdjNjk0ZWMx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:56 GMT]}]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [1672]
2019-03-20 10:44:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163]
2019-03-20 10:44:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{
"timestamp" : "2019-03-20T10:44:57.784+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/issue-trackers/issue-tracker-bot/"
}]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NzJjM2I5MjYtNzU3OS00MmFkLTkyZDAtODc3OWE4ZmVhMDJh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:57 GMT]}]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [733]
2019-03-20 10:44:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187]
2019-03-20 10:44:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{
"timestamp" : "2019-03-20T10:44:58.335+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/skills/"
}]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjRlMTQ5MzgtYWZkOC00MDlmLTljYmQtNWMzZTk5YTJhYmQx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:57 GMT]}]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [550]
2019-03-20 10:44:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161]
2019-03-20 10:44:58 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:59.217+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/accounts/"
}]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWQ0ODhlZWEtNDc4Ni00ZTYwLWJiN2UtYWE2MWUwZGEwMzhi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:58 GMT]}]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [884]
2019-03-20 10:44:59 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163]
2019-03-20 10:44:59 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{
"timestamp" : "2019-03-20T10:45:00.430+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/orgs/"
}]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWUwMWI5OGItOWVkNi00NjA0LThkOWUtN2MxNzdhNmUxYTM3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:59 GMT]}]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [1210]
2019-03-20 10:45:00 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159]
2019-03-20 10:45:00 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
--- FX Bot ---
Project : FXABAC TEST
Template : ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1
Run Id : 8a808011699a990101699ab0f9761b20
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 200
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjRjZGZjOWMtNzAwNi00MmJiLTg5OWQtN2Q3YTU0M2ZiODZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}
Endpoint : http://13.56.210.25/api/v1/resources
Request :
{ "definition" : "Ilh9NDFr", "dependency" : "Ilh9NDFr", "endpoints" : [ { "coverageStatus" : { }, "endpoint" : "Ilh9NDFr", "method" : "Ilh9NDFr", "parameters" : [ { "body" : "Ilh9NDFr", "defaultValue" : "Ilh9NDFr", "description" : "Ilh9NDFr", "endpointId" : "Ilh9NDFr", "format" : "Ilh9NDFr", "in" : "Ilh9NDFr", "name" : "Ilh9NDFr", "required" : false, "type" : "Ilh9NDFr" } ], "pathDependency" : "Ilh9NDFr", "projectId" : "Ilh9NDFr", "queryDependency" : "Ilh9NDFr", "responses" : [ { "contentType" : "Ilh9NDFr", "endpointId" : "Ilh9NDFr", "ref" : "Ilh9NDFr", "response" : "Ilh9NDFr", "responseStatus" : "Ilh9NDFr" } ], "sequenceOrder" : "1953380013", "tags" : "Ilh9NDFr", "typeThreePath" : "Ilh9NDFr" } ], "enumValues" : "Ilh9NDFr", "id" : "8a808003699a9ebf01699ab178490697", "inactive" : false, "path" : "Ilh9NDFr", "projectId" : "Ilh9NDFr", "resourceName" : "Ilh9NDFr", "tags" : "Ilh9NDFr", "typeThreeDefination" : "Ilh9NDFr", "typeThreePath" : "Ilh9NDFr" }
Response :
{ "requestId" : "None", "requestTime" : "2019-03-20T10:41:56.305+0000", "errors" : false, "messages" : [ ], "data" : { "id" : "8a808003699a9ebf01699ab178490697", "projectId" : "Ilh9NDFr", "resourceName" : "Ilh9NDFr", "definition" : "Ilh9NDFr", "path" : "Ilh9NDFr", "tags" : "Ilh9NDFr", "enumValues" : "Ilh9NDFr", "dependency" : "Ilh9NDFr", "typeThreeDefination" : "Ilh9NDFr", "typeThreePath" : "Ilh9NDFr", "inactive" : false, "endpoints" : null }, "totalPages" : 0, "totalElements" : 0 }
Logs :
2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Request [{ "billingEmail" : "fpANRSQW", "company" : "Hilpert LLC", "createdBy" : "", "createdDate" : "", "description" : "fpANRSQW", "id" : "", "inactive" : false, "location" : "fpANRSQW", "modifiedBy" : "", "modifiedDate" : "", "name" : "fpANRSQW", "orgPlan" : "TEAM", "orgType" : "ENTERPRISE", "version" : "" }] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:53.207+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM0MWZhMGEtYWMxNy00NzEwLTlhNDItZWY4ZWEzMWVjOTVh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Time [595] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1] : Size [121] 2019-03-20 10:41:53 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM0MWZhMGEtYWMxNy00NzEwLTlhNDItZWY4ZWEzMWVjOTVh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM0MWZhMGEtYWMxNy00NzEwLTlhNDItZWY4ZWEzMWVjOTVh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM0MWZhMGEtYWMxNy00NzEwLTlhNDItZWY4ZWEzMWVjOTVh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:53 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzM0MWZhMGEtYWMxNy00NzEwLTlhNDItZWY4ZWEzMWVjOTVh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Request [{ "accessKey" : "AiKg3pXk", "accountType" : "GitLab", "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "AiKg3pXk", "org" : "", "prop1" : "AiKg3pXk", "prop2" : "AiKg3pXk", "prop3" : "AiKg3pXk", "region" : "AiKg3pXk", "secretKey" : "AiKg3pXk", "version" : "" }] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:53.733+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance of
com.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])", "path" : "/api/v1/accounts" }] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmNmNThmNTUtYzNlNy00MTAyLWFlZTctMmViMGE0ZDJlN2Zm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Time [525] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1] : Size [722] 2019-03-20 10:41:53 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmNmNThmNTUtYzNlNy00MTAyLWFlZTctMmViMGE0ZDJlN2Zm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmNmNThmNTUtYzNlNy00MTAyLWFlZTctMmViMGE0ZDJlN2Zm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmNmNThmNTUtYzNlNy00MTAyLWFlZTctMmViMGE0ZDJlN2Zm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:53 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmNmNThmNTUtYzNlNy00MTAyLWFlZTctMmViMGE0ZDJlN2Zm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Request [{ "accessKey" : "zALGNEOQ", "createdBy" : "", "createdDate" : "", "description" : "zALGNEOQ", "host" : "zALGNEOQ", "id" : "", "inactive" : false, "key" : "zALGNEOQ", "modifiedBy" : "", "modifiedDate" : "", "name" : "zALGNEOQ", "org" : "", "prop1" : "zALGNEOQ", "prop2" : "zALGNEOQ", "prop3" : "zALGNEOQ", "prop4" : "zALGNEOQ", "prop5" : "zALGNEOQ", "secretKey" : "zALGNEOQ", "skillType" : "BOT_DEPLOYMENT", "version" : "" }] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:54.201+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])", "path" : "/api/v1/skills" }] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQxMmQzMTQtNTY1Yy00YTlmLWE3NDctNzgwODVkYTViYjAy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Time [466] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1] : Size [716] 2019-03-20 10:41:54 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQxMmQzMTQtNTY1Yy00YTlmLWE3NDctNzgwODVkYTViYjAy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQxMmQzMTQtNTY1Yy00YTlmLWE3NDctNzgwODVkYTViYjAy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQxMmQzMTQtNTY1Yy00YTlmLWE3NDctNzgwODVkYTViYjAy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQxMmQzMTQtNTY1Yy00YTlmLWE3NDctNzgwODVkYTViYjAy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{ "account" : "", "createdBy" : "", "createdDate" : "", "description" : "5GAGirih", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "5GAGirih", "org" : "", "prop1" : "5GAGirih", "prop2" : "5GAGirih", "prop3" : "5GAGirih", "prop4" : "5GAGirih", "prop5" : "5GAGirih", "skill" : "", "state" : "INACTIVE", "version" : "", "visibility" : "ORG_PUBLIC" }] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:54.742+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])", "path" : "/api/v1/issue-trackers/issue-tracker-bot" }] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTU0OTE5MmUtY2I5OC00YzBjLTg5ZDctNmQzYTlkNWMxNTM5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [539] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768] 2019-03-20 10:41:54 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTU0OTE5MmUtY2I5OC00YzBjLTg5ZDctNmQzYTlkNWMxNTM5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTU0OTE5MmUtY2I5OC00YzBjLTg5ZDctNmQzYTlkNWMxNTM5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTU0OTE5MmUtY2I5OC00YzBjLTg5ZDctNmQzYTlkNWMxNTM5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTU0OTE5MmUtY2I5OC00YzBjLTg5ZDctNmQzYTlkNWMxNTM5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Request [{ "account" : "", "autoGenSuites" : "904705725", "branch" : "k3iFthXM", "bugsOpen" : "904705725", "createdBy" : "", "createdDate" : "", "description" : "k3iFthXM", "genPolicy" : "Create", "id" : "", "inactive" : false, "isFileLoad" : "k3iFthXM", "issueTracker" : "", "lastCommit" : "k3iFthXM", "lastSync" : null, "modifiedBy" : "", "modifiedDate" : "", "name" : "k3iFthXM", "openAPISpec" : "k3iFthXM", "openText" : "k3iFthXM", "org" : "", "props" : null, "url" : "k3iFthXM", "version" : "" }] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:55.173+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])", "path" : "/api/v1/projects" }] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDQyZDFjNjktYTI2Mi00ZGZjLTg0NDctY2Q0OTg2ZTVjZDY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Time [430] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1] : Size [744] 2019-03-20 10:41:55 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDQyZDFjNjktYTI2Mi00ZGZjLTg0NDctY2Q0OTg2ZTVjZDY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDQyZDFjNjktYTI2Mi00ZGZjLTg0NDctY2Q0OTg2ZTVjZDY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDQyZDFjNjktYTI2Mi00ZGZjLTg0NDctY2Q0OTg2ZTVjZDY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDQyZDFjNjktYTI2Mi00ZGZjLTg0NDctY2Q0OTg2ZTVjZDY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/resources] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Request [{ "definition" : "sGDmrKsr", "dependency" : "sGDmrKsr", "enumValues" : "sGDmrKsr", "id" : "", "inactive" : false, "path" : "sGDmrKsr", "projectId" : "", "resourceName" : "sGDmrKsr", "tags" : "sGDmrKsr", "typeThreeDefination" : "sGDmrKsr", "typeThreePath" : "sGDmrKsr" }] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Response [{ "requestId" : "None", "requestTime" : "2019-03-20T10:41:55.785+0000", "errors" : false, "messages" : [ ], "data" : { "id" : "8a808003699a9ebf01699ab178490697", "projectId" : "", "resourceName" : "sGDmrKsr", "definition" : "sGDmrKsr", "path" : "sGDmrKsr", "tags" : "sGDmrKsr", "enumValues" : "sGDmrKsr", "dependency" : "sGDmrKsr", "typeThreeDefination" : "sGDmrKsr", "typeThreePath" : "sGDmrKsr", "inactive" : false, "endpoints" : null }, "totalPages" : 0, "totalElements" : 0 }] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWQxMzY3MmUtOWZkMC00MmEwLWIxNWQtNTE4MzdmYmRiMGI3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : StatusCode [200] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Time [613] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1] : Size [419] 2019-03-20 10:41:55 INFO [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [200 == 200 OR 200 == 201] result [Passed] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWQxMzY3MmUtOWZkMC00MmEwLWIxNWQtNTE4MzdmYmRiMGI3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWQxMzY3MmUtOWZkMC00MmEwLWIxNWQtNTE4MzdmYmRiMGI3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWQxMzY3MmUtOWZkMC00MmEwLWIxNWQtNTE4MzdmYmRiMGI3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:55 DEBUG [ResourceDefinitionCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWQxMzY3MmUtOWZkMC00MmEwLWIxNWQtNTE4MzdmYmRiMGI3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/resources] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Method [POST] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Request [{ "definition" : "Ilh9NDFr", "dependency" : "Ilh9NDFr", "endpoints" : [ { "coverageStatus" : { }, "endpoint" : "Ilh9NDFr", "method" : "Ilh9NDFr", "parameters" : [ { "body" : "Ilh9NDFr", "defaultValue" : "Ilh9NDFr", "description" : "Ilh9NDFr", "endpointId" : "Ilh9NDFr", "format" : "Ilh9NDFr", "in" : "Ilh9NDFr", "name" : "Ilh9NDFr", "required" : false, "type" : "Ilh9NDFr" } ], "pathDependency" : "Ilh9NDFr", "projectId" : "Ilh9NDFr", "queryDependency" : "Ilh9NDFr", "responses" : [ { "contentType" : "Ilh9NDFr", "endpointId" : "Ilh9NDFr", "ref" : "Ilh9NDFr", "response" : "Ilh9NDFr", "responseStatus" : "Ilh9NDFr" } ], "sequenceOrder" : "1953380013", "tags" : "Ilh9NDFr", "typeThreePath" : "Ilh9NDFr" } ], "enumValues" : "Ilh9NDFr", "id" : "8a808003699a9ebf01699ab178490697", "inactive" : false, "path" : "Ilh9NDFr", "projectId" : "Ilh9NDFr", "resourceName" : "Ilh9NDFr", "tags" : "Ilh9NDFr", "typeThreeDefination" : "Ilh9NDFr", "typeThreePath" : "Ilh9NDFr" }] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Response [{ "requestId" : "None", "requestTime" : "2019-03-20T10:41:56.305+0000", "errors" : false, "messages" : [ ], "data" : { "id" : "8a808003699a9ebf01699ab178490697", "projectId" : "Ilh9NDFr", "resourceName" : "Ilh9NDFr", "definition" : "Ilh9NDFr", "path" : "Ilh9NDFr", "tags" : "Ilh9NDFr", "enumValues" : "Ilh9NDFr", "dependency" : "Ilh9NDFr", "typeThreeDefination" : "Ilh9NDFr", "typeThreePath" : "Ilh9NDFr", "inactive" : false, "endpoints" : null }, "totalPages" : 0, "totalElements" : 0 }] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjRjZGZjOWMtNzAwNi00MmJiLTg5OWQtN2Q3YTU0M2ZiODZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : StatusCode [200] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Time [519] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Size [427] 2019-03-20 10:41:56 ERROR [ApiV1ResourcesPostResourcedefinitionuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [200 == 401 OR 200 == 403] result [Failed] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : URL [http://13.56.210.25/api/v1/resources/8a808003699a9ebf01699ab178490697] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Method [DELETE] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Request [null] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Response [{ "requestId" : "None", "requestTime" : "2019-03-20T10:41:56.841+0000", "errors" : false, "messages" : [ ], "data" : null, "totalPages" : 0, "totalElements" : 0 }] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGYzZTBjMWEtOTNmMy00NDQ2LWIzZTctYTU2NDkyZTMwMWZj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : StatusCode [200] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Time [541] 2019-03-20 10:41:56 DEBUG [ApiV1ResourcesIdDeleteResourcedefinitionhijack1] : Size [139] 2019-03-20 10:41:56 INFO [null] : Assertion [@StatusCode == 200] resolved-to [200 == 200] result [Passed] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:57.259+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/projects/" }] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjdjMWM5ZmItZTMxOC00MmFjLTk1MjEtOTQyNmJhNWU0YzQx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:56 GMT]}] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [409] 2019-03-20 10:41:57 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163] 2019-03-20 10:41:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{ "timestamp" : "2019-03-20T10:41:57.913+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/issue-trackers/issue-tracker-bot/" }] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWYwM2U1ZTEtODdjNC00YzkxLWI1YmEtZTRhMWM3ZDI5NGIz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [650] 2019-03-20 10:41:57 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187] 2019-03-20 10:41:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{ "timestamp" : "2019-03-20T10:41:58.279+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/skills/" }] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2ExMGU0ZGMtY2VmZS00OTJmLWJmOGItZmRjYmQwMDVhNmQz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:57 GMT]}] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [365] 2019-03-20 10:41:58 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161] 2019-03-20 10:41:58 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:58.716+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/accounts/" }] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzRkNDU3YWQtNDRkNy00NWE4LTg3NWUtMDEzNzBmN2Q3MTJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:58 GMT]}] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [436] 2019-03-20 10:41:58 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163] 2019-03-20 10:41:58 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{ "timestamp" : "2019-03-20T10:41:59.081+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjliOGJkMjAtMGMzNi00NjAwLWE2ODktOWExZjkwNzY3YzY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:58 GMT]}] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [365] 2019-03-20 10:41:59 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159] 2019-03-20 10:41:59 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]--- FX Bot ---