private boolean authenticateClient() throws IOException { String line = in.readLine(); if (line == null || line.equals(secret) == false) { Log.warn( Thread.currentThread().getName() + ": failed authentication attempt with \"" + line + "\"."); out.println("Authentication failed"); return false; } writeNewSecret(); out.println("Authentication OK"); return true; }
private void handleClient() { try { this.in = new BufferedReader(new InputStreamReader(client.getInputStream())); this.out = new PrintWriter(new OutputStreamWriter(client.getOutputStream())); if (authenticateClient()) { handleRequest(); } out.flush(); out.close(); in.close(); } catch (Exception ex) { Log.warn(Thread.currentThread().getName() + ": failure handling client request.", ex); } finally { closeClientSocket(); } }
private byte[] doSignatureFile(String[] digestNames, MessageDigest[] algorithms, byte[] manbytes) throws IOException { ByteArrayOutputStream out = new ByteArrayOutputStream(); PrintWriter ps = IO.writer(out); ps.print("Signature-Version: 1.0\r\n"); for (int a = 0; a < algorithms.length; a++) { if (algorithms[a] != null) { byte[] digest = algorithms[a].digest(manbytes); ps.print(digestNames[a] + "-Digest-Manifest: "); ps.print(new Base64(digest)); ps.print("\r\n"); } } return out.toByteArray(); }
private void handleRequest() throws IOException { String line = in.readLine(); if (line == null || line.length() == 0) { Log.warn(Thread.currentThread().getName() + ": ignoring empty request."); return; } if (handleCommand(line, out) == false) { out.println( Thread.currentThread().getName() + ": didn't understand request \"" + line + "\"."); } }
public static void main(String args[]) throws Exception { MessageDigest m = MessageDigest.getInstance("MD5"); PrintWriter out = new PrintWriter(new FileOutputStream("dict.txt")); for (int i1 = 'a'; i1 < 'z'; i1++) { System.out.println("Now Processing" + (char) i1); for (int i2 = 'a'; i2 < 'z'; i2++) for (int i3 = 'a'; i3 < 'z'; i3++) for (int i4 = 'a'; i4 < 'z'; i4++) { char[] ch = {(char) i1, (char) i2, (char) i3, (char) i4}; String passwd = new String(ch); m.update(passwd.getBytes("UTF8")); byte s[] = m.digest(); String result = ""; for (int i = 0; i < s.length; i++) { result += Integer.toHexString((0x000000ff & s[i]) | 0xffffff00).substring(6); } out.print(passwd + " "); out.println(result); } } out.close(); }
public boolean handleCommand(String line, PrintWriter out) { String[] split = line.split("[\t ]"); String commandName = split[0]; try { Method[] methods = exportedInterface.getMethods(); for (Method method : methods) { if (method.getName().equals(commandName) && method.getReturnType() == void.class) { return invokeMethod(line, out, method, split); } } throw new NoSuchMethodException(); } catch (NoSuchMethodException nsmex) { out.println(fullName + ": didn't understand request \"" + line + "\"."); } catch (Exception ex) { Log.warn(fullName + ": exception thrown while handling command \"" + line + "\".", ex); out.println(fullName + ": request denied \"" + line + "\" (" + ex.toString() + ")."); } finally { out.flush(); out.close(); } return false; }
public void writeLandingPage(HttpServletRequest request, HttpServletResponse response) throws IOException { String landingPage = getNewTokenLandingPage(); /** default to current page * */ if (landingPage == null) { StringBuilder sb = new StringBuilder(); sb.append(request.getContextPath()); sb.append(request.getServletPath()); landingPage = sb.toString(); } /** create auto posting form * */ StringBuilder sb = new StringBuilder(); sb.append("<html>\r\n"); sb.append("<head>\r\n"); sb.append("<title>OWASP CSRFGuard Project - New Token Landing Page</title>\r\n"); sb.append("</head>\r\n"); sb.append("<body>\r\n"); sb.append("<script type=\"text/javascript\">\r\n"); sb.append("var form = document.createElement(\"form\");\r\n"); sb.append("form.setAttribute(\"method\", \"post\");\r\n"); sb.append("form.setAttribute(\"action\", \""); sb.append(landingPage); sb.append("\");\r\n"); /** only include token if needed * */ if (isProtectedPage(landingPage)) { sb.append("var hiddenField = document.createElement(\"input\");\r\n"); sb.append("hiddenField.setAttribute(\"type\", \"hidden\");\r\n"); sb.append("hiddenField.setAttribute(\"name\", \""); sb.append(getTokenName()); sb.append("\");\r\n"); sb.append("hiddenField.setAttribute(\"value\", \""); sb.append(getTokenValue(request, landingPage)); sb.append("\");\r\n"); sb.append("form.appendChild(hiddenField);\r\n"); } sb.append("document.body.appendChild(form);\r\n"); sb.append("form.submit();\r\n"); sb.append("</script>\r\n"); sb.append("</body>\r\n"); sb.append("</html>\r\n"); String code = sb.toString(); /** setup headers * */ response.setContentType("text/html"); response.setContentLength(code.length()); /** write auto posting form * */ OutputStream output = null; PrintWriter writer = null; try { output = response.getOutputStream(); writer = new PrintWriter(output); writer.write(code); writer.flush(); } finally { Writers.close(writer); Streams.close(output); } }