Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proxy settings prevent sending attack requests #24

Open
mopotopo opened this issue Jun 12, 2019 · 1 comment
Open

Proxy settings prevent sending attack requests #24

mopotopo opened this issue Jun 12, 2019 · 1 comment

Comments

@mopotopo
Copy link

I work on the commit c8b0b7f892d7734b1860d6ebb8e839a12e414a0e and I want to attack a webservice via 'XML Element Count Attack'. But the attacker doesn't send any requests.

At wsattacker.plugin.dos.dosExtension.requestSender.RequestSenderImpl.sendRequestHttpClient(RequestObject) line 284 I reactivate the log.

What I see is:

Jun 12, 2019 10:38:06 AM wsattacker.plugin.dos.dosExtension.requestSender.RequestSenderImpl sendRequestHttpClient
SEVERE: null
java.lang.IllegalStateException: Scheme 'http' not registered.
	at org.apache.http.conn.scheme.SchemeRegistry.getScheme(SchemeRegistry.java:71)
	at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:127)
	at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
	at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
	at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561)
	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
	at wsattacker.plugin.dos.dosExtension.requestSender.RequestSenderImpl.sendRequestHttpClient(RequestSenderImpl.java:273)
	at wsattacker.plugin.dos.dosExtension.requestSender.RequestSenderImpl.sendTestProbeRequest(RequestSenderImpl.java:111)
	at wsattacker.plugin.dos.dosExtension.attackThreads.SendRequestThread.run(SendRequestThread.java:110)

I think, that the proxy settings 'http' is breaking the rules.
@CheariX
Copy link
Member

CheariX commented Jun 24, 2019

I think the proxy implementation is somehow buggy.
Do you use a Proxy (e.g. Burpsuite)?

You can start WS-Attacker using:

java -jar -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=8800 -Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=8800 WS-Attacker.jar

I guess the problem appears, once the configuration.xml is written and you restart WS-Attacker.
Since I always use a proxy, it works fine, but if you don't, there might be an error (?).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CheariX @mopotopo