testing github bug management : ExampleV1HotelsPostAuthInvalid

[sohail1024]

Project : testing github bug management

Job : Default

Env : Default

Category : InvalidAuth

Tags : [OWASP A2, OWASP A5, OWASP A6, OWASP A7, [PCI DSS 3.0] 6.5.8, [PCI DSS 3.0] 6.5.10, OTG-AUTHN-004, FX Top 10 - API Vulnerability, Non-Intrusive]

Severity : Major

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 500

Headers : {}

Endpoint : http://18.144.38.115:8090/example/v1/hotels

Request :
{ "city" : "Haliestad", "description" : "dtE1318l", "id" : "", "name" : "dtE1318l", "rating" : "906306819" }

Response :
Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"

Logs :
2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : URL [http://18.144.38.115:8090/example/v1/hotels] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Method [POST] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Request [{ "city" : "Haliestad", "description" : "dtE1318l", "id" : "", "name" : "dtE1318l", "rating" : "906306819" }] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Request-Headers [{Content-Type=[application/xml, application/json], Accept=[application/xml, application/json], Authorization=[Basic aW52YWxpZHVzZXJAZnhsYWJzLmlvOlRoaXNJc0ludmFsaWRQYXNzd29yZA==]}] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Response [Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Response-Headers [{}] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : StatusCode [500] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Time [136] 2019-03-04 05:15:32 DEBUG [ExampleV1HotelsPostAuthInvalid] : Size [115] 2019-03-04 05:15:32 ERROR [ExampleV1HotelsPostAuthInvalid] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]

--- FX Bot ---

[sohail1024]

Project : testing github bug management

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 500

Headers : {}

Endpoint : http://18.144.38.115:8090/example/v1/hotels

Request :
{ "city" : "Port Vladimir", "description" : "TPVN5MVr", "id" : "", "name" : "TPVN5MVr", "rating" : "1414410219" }

Response :
Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed] --- FX Bot ---

[sohail1024]

Project : testing github bug management

Job : Default

Env : Default

Region : US_WEST_2

Result : fail

Status Code : 500

Headers : {}

Endpoint : http://18.144.38.115:8090/example/v1/hotels

Request :
{ "city" : "Lake Roma", "description" : "K7WyjJb1", "id" : "", "name" : "K7WyjJb1", "rating" : "2039731310" }

Response :
Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"

Logs :
2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : URL [http://18.144.38.115:8090/example/v1/hotels] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Method [POST] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Request [{ "city" : "Lake Roma", "description" : "K7WyjJb1", "id" : "", "name" : "K7WyjJb1", "rating" : "2039731310" }] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Request-Headers [{Content-Type=[application/xml, application/json], Accept=[application/xml, application/json], Authorization=[Basic aW52YWxpZHVzZXJAZnhsYWJzLmlvOlRoaXNJc0ludmFsaWRQYXNzd29yZA==]}] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Response [Invalid mime type "application/xml, application/json": Invalid token character ',' in token "xml, application/json"] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Response-Headers [{}] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : StatusCode [500] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Time [83] 2019-03-04 08:48:12 DEBUG [ExampleV1HotelsPostAuthInvalid] : Size [115] 2019-03-04 08:48:12 ERROR [ExampleV1HotelsPostAuthInvalid] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [500 == 401 OR 500 == 403] result [Failed]

--- FX Bot ---