Enhanced httpd.js web server
28 views
Skip to first unread message
teo
Jan 15, 2011, 8:32:55 AM1/15/11
to JSDB
Hello all!
In my first post I'd like to start with by saying that I find JSDB
amazing. Thank you Shanti and all of you, community members, for such
a nice tool.
Yesterday I contacted Shanti for letting him know that I had been
enhancing his httpd.js script. He nicely replied me quickly saying
that I should post it here, so there it goes!
Please download and try it from http://galinux.myftp.org/cus_webserver/
and let me know any feedback.
So far, I tested it under several versions of Firefox, IExplorer,
Opera and Konqueror using Win XPSP3, VistaSP1 and Mandriva 2008.
Cheers,
Teo Ramirez
In my first post I'd like to start with by saying that I find JSDB
amazing. Thank you Shanti and all of you, community members, for such
a nice tool.
Yesterday I contacted Shanti for letting him know that I had been
enhancing his httpd.js script. He nicely replied me quickly saying
that I should post it here, so there it goes!
Please download and try it from http://galinux.myftp.org/cus_webserver/
and let me know any feedback.
So far, I tested it under several versions of Firefox, IExplorer,
Opera and Konqueror using Win XPSP3, VistaSP1 and Mandriva 2008.
Cheers,
Teo Ramirez
teo
Jan 25, 2011, 12:54:12 AM1/25/11
to JSDB
Two tips:
* For those interested in improving the script, I found this info very
useful: http://netsecure.alcpress.com/netcat/ Not only for debugging,
but I guess somehow, performing a call to a external file as netcat,
could be a workaround for dead/malformed connections that currently
set the server frozen.
* I'm getting odd results from system.attributes().size (in function
dir_contents2html), possibly for something OS dependant or sort of an
integer-out-of-range limitation when dealing with large files: when I
retrieve the size of a 1450518528 bytes (1'4GB) file, It reports it as
being -696965120. I'm using Mandriva 2009 and the file is stored in a
Ext3 partition.
* For those interested in improving the script, I found this info very
useful: http://netsecure.alcpress.com/netcat/ Not only for debugging,
but I guess somehow, performing a call to a external file as netcat,
could be a workaround for dead/malformed connections that currently
set the server frozen.
* I'm getting odd results from system.attributes().size (in function
dir_contents2html), possibly for something OS dependant or sort of an
integer-out-of-range limitation when dealing with large files: when I
retrieve the size of a 1450518528 bytes (1'4GB) file, It reports it as
being -696965120. I'm using Mandriva 2009 and the file is stored in a
Ext3 partition.
code beat
Jul 26, 2018, 1:10:21 PM7/26/18
to JSDB
This is pretty awesome! Thank you for posting.
Op zaterdag 15 januari 2011 14:32:55 UTC+1 schreef teo:
code beat
Jul 26, 2018, 1:10:21 PM7/26/18
to JSDB
Great work, thanks for sharing, one suggestion though.
When somebody tried to access a forbidden file that is part of the system, for example httpd.js, I think it is better to send a 404 "file not found message" instead of an 403 forbidden message. Because, now you are able to figure out what the server is, for example by calling //yourserver.com/httpd.js, you know now the file is there because of the forbidden message. In fact as attacker you can identify the server.
Kind regards,
codebeat
Op zaterdag 15 januari 2011 14:32:55 UTC+1 schreef teo:
Hello all!
Reply all
Reply to author
Forward
0 new messages