Forum Discussion
James_Quinby_46
Apr 07, 2011Historic F5 Account
Question re: HTTP::retry
I have an embedded webserver on a device in my network and am working on a rule to basically by-pass the login screen.
The trick with the login process is that it collects a username and a p...
Joel_Moses
Apr 08, 2011Nimbostratus
Y'know what? Disregard the above. If you're logging the right input values, you're not compressed coming from the pool member.
Try something like this:
when CLIENT_ACCEPTED {
set trypost 0
set collected 0
set retried 0
}
when HTTP_REQUEST {
if { (! $retried) && ([HTTP::method] equals "GET") && ([string tolower [HTTP::uri]] equals "/tgi/login.tgi") } {
set trypost 1
HTTP::header sanitize "Accept-Encoding Connection Keep-Alive"
HTTP::header insert Connection "close"
}
}
when HTTP_RESPONSE {
if {($trypost) && (! $collected) && (! $retrying) }{
if {[HTTP::header exists Content-Length] && ([HTTP::header Content-Length] < 100000)} {
set clength [HTTP::header Content-Length]
} else {
set clength 100000
}
HTTP::collect $clength
set collected 1
}
}
when HTTP_RESPONSE_DATA {
if { ($trypost) && ($collected) && (! $retried) } {
set salt_value [lindex [regexp -all -inline {(ge\" VALUE=\")(.{8})} [HTTP::payload]] 2]
log local0. "salt -> $salt_value"
set response "adminpassword123$salt_value"
log local0. "salted response -> $response"
binary scan [ md5 $response ] H* hexhash
log local0. "md5(hex) of $response -> $hexhash"
HTTP::payload replace 0 [HTTP::payload length] ""
HTTP::retry "POST /tgi/login.tgi HTTP/1.1\r\n Host: 10.10.10.10\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 77\r\n\r\nUsername=admin&Password=&Challenge=&Response=$hexhash"
set trypost 0
set collected 0
set retried 1
}
}
Yeah, it doesn't look like some of the other stuff you've seen on HTTP::retry, but most of those are not re-hitting the same pool member, they're going to some other pool or node entirely. What I'm doing here is essentially forcing a close from the browser when a GET request to the login page occurs, then in HTTP_RESPONSE, I'm taking steps to throw away the payload that's been collected before attempting the HTTP::retry.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects