search

landro / TesTcl

when you don't have the balls to test your F5 BIG-IP iRules directly in production
https://testcl.com
BSD 3-Clause "New" or "Revised" License
98 stars 30 forks source link

iRule problem #61

Closed EdoardoMDP closed 5 years ago

EdoardoMDP commented 5 years ago

Hi all,

I have to test my iRule using this tool. When i run this command "jtcl test_jtcl_irule.tcl" the output is correct ("The jtcl-irule extension has successfully been installed") so i have installed correctly the tcl on my mac. The problem is reflected in the next step... I have the following problems:

1) I can't find the file specified ("test_simple_irule.tcl") on the directory downloaded here. 2) if I try to run other irules I get compilation errors as if it didn't recognize the language (iRule) ex: iRule test.tcl: when HTTP_REQUEST { if { [HTTP::host] starts_with "fir3net.com" } { HTTP::redirect http://www.fir3net.com[HTTP::uri] } }

i run jtcl test.tcl and i got this error:

invalid command name "when"

Someone could help me? Thanks

kugg commented 5 years ago

Nice to see that you are using testcl, I know this wasnt your question but id like to give some pointers on your testcase.

If you write a testcase where an attacker points her own domain fir3net.com.attacker.horse and point it to your F5 ip they can use it to redirect to an arbitrary uri on clear text http.

Redirecting to http is also dangerous because its clear text, your domaim has a working TLS cert so redirection should rather go to https://

starts_with is an unsafe comparison for hostnames because its the ending of the hostname that makes the domain name uniquely qualified. Anyone can own a domain name and create a subdomain that starts with fir3net.com