From 36e35444c21c2c0e3f9ec3ba9ed1de0095761ef8 Mon Sep 17 00:00:00 2001 From: Simone Brunello <15804966+simone36050@users.noreply.github.com> Date: Mon, 11 Nov 2024 11:23:00 +0100 Subject: [PATCH] Removed debug resources --- tool/.devcontainer/Dockerfile | 20 - tool/.devcontainer/devcontainer.json | 9 - tool/.devcontainer/docker-compose.yml | 110 ---- tool/.devcontainer/msg_def.json | 786 ------------------------ tool/.devcontainer/project-options.json | 487 --------------- tool/.devcontainer/user-options.json | 23 - tool/src/main/java/migt/debug.http | 21 - 7 files changed, 1456 deletions(-) delete mode 100644 tool/.devcontainer/Dockerfile delete mode 100644 tool/.devcontainer/devcontainer.json delete mode 100644 tool/.devcontainer/docker-compose.yml delete mode 100644 tool/.devcontainer/msg_def.json delete mode 100644 tool/.devcontainer/project-options.json delete mode 100644 tool/.devcontainer/user-options.json delete mode 100644 tool/src/main/java/migt/debug.http diff --git a/tool/.devcontainer/Dockerfile b/tool/.devcontainer/Dockerfile deleted file mode 100644 index 30a4d49..0000000 --- a/tool/.devcontainer/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -FROM ubuntu:22.04 - -RUN apt update && apt install -y wget bzip2 libqt5gui5 libcanberra-gtk-module libcanberra-gtk3-module libnss3 libdbus-glib-1-2 openjdk-19-jdk - -ENV DISPLAY=$DISPLAY - -RUN wget -O burpsuite_community_linux_v2023_7_1.sh 'https://portswigger-cdn.net/burp/releases/download?product=community&version=2023.7.1&type=Linux' &&\ - chmod +x burpsuite_community_linux_v2023_7_1.sh &&\ - (echo -ne '\n'; echo '/opt/BurpSuiteCommunity/'; echo 'n') | ./burpsuite_community_linux_v2023_7_1.sh -c - -RUN wget -O geckodriver-v0.33.0-linux64.tar.gz 'https://github.com/mozilla/geckodriver/releases/download/v0.33.0/geckodriver-v0.33.0-linux64.tar.gz' &&\ - tar xvf geckodriver-v0.33.0-linux64.tar.gz &&\ - chmod +x geckodriver &&\ - mv geckodriver /root/ - -RUN wget -O firefox.tar.bz2 'https://download-installer.cdn.mozilla.net/pub/firefox/releases/115.0.3/linux-x86_64/en-US/firefox-115.0.3.tar.bz2' &&\ - tar xvf firefox.tar.bz2 -C /opt/ &&\ - ln -s /opt/firefox/firefox /usr/bin/firefox - -COPY msg_def.json /opt/BurpSuiteCommunity/msg_def.json diff --git a/tool/.devcontainer/devcontainer.json b/tool/.devcontainer/devcontainer.json deleted file mode 100644 index be405b8..0000000 --- a/tool/.devcontainer/devcontainer.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "name": "Mig-T dev container", - "dockerComposeFile": "docker-compose.yml", - "service": "burpsuite", - "forwardPorts": [ - "8443:8443", - "9095:9095" - ] -} diff --git a/tool/.devcontainer/docker-compose.yml b/tool/.devcontainer/docker-compose.yml deleted file mode 100644 index 9bbadcc..0000000 --- a/tool/.devcontainer/docker-compose.yml +++ /dev/null @@ -1,110 +0,0 @@ -version: "3" - -services: - burpsuite: - image: mig/burpsuite - build: - context: . - dockerfile: Dockerfile - volumes: - - /tmp/.X11-unix/:/tmp/.X11-unix/ - - /etc/localtime:/etc/localtime:ro - - "$HOME/.Xauthority:/root/.Xauthority:rw" - ports: - - "8443:8443" - - "9095:9095" - networks: - - net - - oidcfed - command: sleep infinity - environment: - - DISPLAY - stdin_open: true - tty: true - - trust-anchor.org: - # image: ghcr.io/italia/spid-cie-oidc-django:latest - build: - context: ../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django - # dockerfile: ../../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django/Dockerfile - dockerfile: ./Dockerfile - ports: - - "8000:8000" - volumes: - - ../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django/examples-docker/federation_authority:/django-project - depends_on: - - burpsuite - networks: - - oidcfed - command: | - bash -c " - echo 'base {log_debug = off;log_info = on;log = stderr;redirector = iptables;} redsocks {local_ip = localhost;local_port = 12345;ip = burpsuite;port = 9095;type = http-connect; }' > /etc/redsocks.conf && - /usr/sbin/redsocks -c /etc/redsocks.conf & - iptables -t nat -A OUTPUT -p tcp --dport 8002 -j REDIRECT --to-port 12345 && - iptables -t nat -A OUTPUT -p tcp --dport 8001 -j REDIRECT --to-port 12345 && - cd /django-project/ && - python3 manage.py migrate && - python3 manage.py loaddata dumps/example.json && - python3 manage.py runserver 0.0.0.0:8000" - cap_add: - - NET_ADMIN - - cie-provider.org: - # image: ghcr.io/italia/spid-cie-oidc-django:latest - build: - context: ../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django - dockerfile: ./Dockerfile - ports: - - "8002:8002" - volumes: - - ../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django/examples-docker/provider:/django-project - networks: - - oidcfed - depends_on: - - burpsuite - - trust-anchor.org - command: | - bash -c " - echo 'base {log_debug = off;log_info = on;log = stderr;redirector = iptables;} redsocks {local_ip = localhost;local_port = 12345;ip = burpsuite;port = 9095;type = http-connect; }' > /etc/redsocks.conf && - /usr/sbin/redsocks -c /etc/redsocks.conf & - iptables -t nat -A OUTPUT -p tcp --dport 8001 -j REDIRECT --to-port 12345 && - iptables -t nat -A OUTPUT -p tcp --dport 8000 -j REDIRECT --to-port 12345 && - cd /django-project/ && - python3 manage.py migrate && - python3 manage.py loaddata dumps/example.json && - python3 manage.py runserver 0.0.0.0:8002" - cap_add: - - NET_ADMIN - - relying-party.org: - # image: ghcr.io/italia/spid-cie-oidc-django:latest - build: - context: ../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django - dockerfile: ./Dockerfile - ports: - - "8001:8001" - volumes: - - ../../../../testplans/spid-cie-oidc/implementations/spid-cie-oidc-django/spid-cie-oidc-django/examples-docker/relying_party:/django-project - networks: - - oidcfed - depends_on: - - burpsuite - - trust-anchor.org - command: | - bash -c " - echo 'base {log_debug = off;log_info = on;log = stderr;redirector = iptables;} redsocks {local_ip = localhost;local_port = 12345;ip = burpsuite;port = 9095;type = http-connect; }' > /etc/redsocks.conf && - /usr/sbin/redsocks -c /etc/redsocks.conf & - iptables -t nat -A OUTPUT -p tcp --dport 8002 -j REDIRECT --to-port 12345 && - iptables -t nat -A OUTPUT -p tcp --dport 8000 -j REDIRECT --to-port 12345 && - cd /django-project/ && - python3 manage.py migrate && - python3 manage.py loaddata dumps/example.json && - python3 manage.py runserver 0.0.0.0:8001" - cap_add: - - NET_ADMIN - - -networks: - net: - oidcfed: - diff --git a/tool/.devcontainer/msg_def.json b/tool/.devcontainer/msg_def.json deleted file mode 100644 index 1b9b49c..0000000 --- a/tool/.devcontainer/msg_def.json +++ /dev/null @@ -1,786 +0,0 @@ -{ - "message_types": [ - { - "name": "Authentication request", - "is request": true, - "response name": "Authentication error response", - "checks": [ - { - "in": "url", - "check": "response_type", - "is present": "true" - } - ] - }, - { - "name": "Authentication response", - "is request": false, - "checks": [ - { - "in": "head", - "check param": "Location", - "contains": "state" - } - ] - }, - { - "name": "Authorization request", - "is request": true, - "response name": "Authorization response", - "checks": [ - { - "in": "body", - "check regex": "username", - "is present": "true" - }, - { - "in": "body", - "check regex": "password", - "is present": "true" - } - ] - }, - { - "name": "Token request", - "is request": true, - "response name": "Token response", - "checks": [ - { - "in": "url", - "check regex": "/token" - } - ] - }, - { - "name": "Revocation request", - "is request": true, - "response name": "Revocation response", - "checks": [ - { - "in": "url", - "check regex": "/revocation" - } - ] - }, - { - "name": "Entity Configuration request RP", - "is request": true, - "response name": "Entity Configuration response RP", - "checks": [ - { - "in": "url", - "check": "/.well-known/openid-federation", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "relying-party.org:8001" - } - ] - }, - { - "name": "Entity Configuration request OP", - "is request": true, - "response name": "Entity Configuration response OP", - "checks": [ - { - "in": "url", - "check": "oidc/op/.well-known/openid-federation", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Entity Configuration request TA", - "is request": true, - "response name": "Entity Configuration response TA", - "checks": [ - { - "in": "url", - "check regex": "\\s/.well-known/openid-federation" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Entity Configuration request SA", - "is request": true, - "response name": "Entity Configuration response SA", - "checks": [ - { - "in": "url", - "check regex": "\\s/.well-known/openid-federation" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Entity Configuration request AA", - "is request": true, - "response name": "Entity Configuration response AA", - "checks": [ - { - "in": "url", - "check": "/.well-known/openid-federation", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "attribute-authority.org" - } - ] - }, - { - "name": "Entity Configuration request SA", - "is request": true, - "response name": "Entity Configuration response SA", - "checks": [ - { - "in": "url", - "check": "/.well-known/openid-federation", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Trust Mark status request TA", - "is request": true, - "response name": "Trust Mark status response TA", - "checks": [ - { - "in": "url", - "check": "/trust_mark_status", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Trust Mark status request SA", - "is request": true, - "response name": "Trust Mark status response SA", - "checks": [ - { - "in": "url", - "check": "/trust_mark_status", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Trust Mark status request AA", - "is request": true, - "response name": "Trust Mark status response AA", - "checks": [ - { - "in": "url", - "check": "/trust_mark_status", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "attribute-authority.org" - } - ] - }, - { - "name": "UserInfo request", - "is request": true, - "response name": "UserInfo response", - "checks": [ - { - "in": "url", - "check regex": "/userinfo" - } - ] - }, - { - "name": "Introspection request", - "is request": true, - "response name": "Introspection response", - "checks": [ - { - "in": "url", - "check regex": "/oidc/op/introspection" - } - ] - }, - { - "name": "Entity Statement request TA RP", - "is request": true, - "response name": "Entity Statement response TA RP", - "checks": [ - { - "in": "url", - "check regex": "/fetch\\?sub=http://relying-party\\.org:8001" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Entity Statement request TA OP", - "is request": true, - "response name": "Entity Statement response TA OP", - "checks": [ - { - "in": "url", - "check regex": "/fetch\\?sub=http://cie-provider.org:8002" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Entity Statement request TA SA", - "is request": true, - "response name": "Entity Statement response TA SA", - "checks": [ - { - "in": "url", - "check regex": "/fetch\\?sub=http://soggetti-aggregatori.org:8004" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Entity Statement request SA RP", - "is request": true, - "response name": "Entity Statement response SA RP", - "checks": [ - { - "in": "url", - "check regex": "/fetch\\?sub=http://relying-party\\.org:8001" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Entity Statement request SA OP", - "is request": true, - "response name": "Entity Statement response SA OP", - "checks": [ - { - "in": "url", - "check regex": "/fetch\\?sub=http://cie-provider.org:8002" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Entity Listing request", - "is request": true, - "response name": "Entity Listing response", - "checks": [ - { - "in": "url", - "check regex": "/list\\?entity_type=" - } - ] - }, - { - "name": "Fetch Entity Statement request TA OP", - "is request": true, - "response name": "Fetch Entity Statement response TA OP", - "checks": [ - { - "in": "url", - "check regex": "/federation_fetch_endpoint\\?iss=http://cie-provider.org:8002&sub=http://trust-anchor.org:8000" - } - ] - }, - { - "name": "Fetch Entity Statement request TA RP", - "is request": true, - "response name": "Fetch Entity Statement response TA RP", - "checks": [ - { - "in": "url", - "check regex": "/federation_fetch_endpoint\\?iss=http://relying-party.org:8001&sub=http://trust-anchor.org:8000" - } - ] - }, - { - "name": "Fetch Entity Statement request SA OP", - "is request": true, - "response name": "Fetch Entity Statement response SA OP", - "checks": [ - { - "in": "url", - "check regex": "/federation_fetch_endpoint\\?iss=http://cie-provider.org:8002&sub=http://subject-aggregator.org:8004" - } - ] - }, - { - "name": "Fetch Entity Statement request SA RP", - "is request": true, - "response name": "Fetch Entity Statement response SA RP", - "checks": [ - { - "in": "url", - "check regex": "/federation_fetch_endpoint\\?iss=http://relying-party.org:8001&sub=http://subject-aggregator.org:8004" - } - ] - }, - { - "name": "Public Keys History request", - "is request": true, - "response name": "Public Keys History response", - "checks": [ - { - "in": "url", - "check regex": "/.well-known/openid-federation-jwks" - } - ] - }, - { - "name": "Resolve Entity Statement request AA TA", - "is request": true, - "response name": "Resolve Entity Statement response AA TA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=trust-anchor.org:8000" - }, - { - "in": "head", - "check param": "Host", - "contains": "attribute-authority.org" - } - ] - }, - { - "name": "Resolve Entity Statement request AA RP", - "is request": true, - "response name": "Resolve Entity Statement response AA RP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=relying-party.org:8001" - }, - { - "in": "head", - "check param": "Host", - "contains": "attribute-authority.org" - } - ] - }, - { - "name": "Resolve Entity Statement request AA OP", - "is request": true, - "response name": "Resolve Entity Statement response AA OP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=trust-anchor.org:8000" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Resolve Entity Statement request AA SA", - "is request": true, - "response name": "Resolve Entity Statement response AA SA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=soggetti-aggregatori.org:8004" - }, - { - "in": "head", - "check param": "Host", - "contains": "attribute-authority.org" - } - ] - }, - { - "name": "Resolve Entity Statement request TA AA", - "is request": true, - "response name": "Resolve Entity Statement response TA AA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=attribute-authority.org" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Resolve Entity Statement request TA RP", - "is request": true, - "response name": "Resolve Entity Statement response TA RP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=relying-party.org:8001" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Resolve Entity Statement request TA OP", - "is request": true, - "response name": "Resolve Entity Statement response TA OP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=cie-provider.org:8002" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Resolve Entity Statement request TA SA", - "is request": true, - "response name": "Resolve Entity Statement response TA SA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=soggetti-aggregatori.org:8004" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Resolve Entity Statement request RP AA", - "is request": true, - "response name": "Resolve Entity Statement response RP AA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=attribute-authority.org" - }, - { - "in": "head", - "check param": "Host", - "contains": "relying-party.org:8001" - } - ] - }, - { - "name": "Resolve Entity Statement request RP TA", - "is request": true, - "response name": "Resolve Entity Statement response RP TA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=trust-anchor.org:8000" - }, - { - "in": "head", - "check param": "Host", - "contains": "relying-party.org:8001" - } - ] - }, - { - "name": "Resolve Entity Statement request RP OP", - "is request": true, - "response name": "Resolve Entity Statement response RP OP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=cie-provider.org:8002" - }, - { - "in": "head", - "check param": "Host", - "contains": "relying-party.org:8001" - } - ] - }, - { - "name": "Resolve Entity Statement request RP SA", - "is request": true, - "response name": "Resolve Entity Statement response RP SA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=soggetti-aggregatori.org:8004" - }, - { - "in": "head", - "check param": "Host", - "contains": "relying-party.org:8001" - } - ] - }, - { - "name": "Resolve Entity Statement request OP AA", - "is request": true, - "response name": "Resolve Entity Statement response OP AA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=attribute-authority.org" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Resolve Entity Statement request OP TA", - "is request": true, - "response name": "Resolve Entity Statement response OP TA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=trust-anchor.org:8000" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Resolve Entity Statement request OP RP", - "is request": true, - "response name": "Resolve Entity Statement response OP RP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=relying-party.org:8001" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Resolve Entity Statement request OP SA", - "is request": true, - "response name": "Resolve Entity Statement response OP SA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=soggetti-aggregatori.org:8004" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Resolve Entity Statement request SA AA", - "is request": true, - "response name": "Resolve Entity Statement response SA AA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=attribute-authority.org" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Resolve Entity Statement request SA TA", - "is request": true, - "response name": "Resolve Entity Statement response SA TA", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=trust-anchor.org:8000" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Resolve Entity Statement request SA RP", - "is request": true, - "response name": "Resolve Entity Statement response SA RP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=relying-party.org:8001" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Resolve Entity Statement request SA OP", - "is request": true, - "response name": "Resolve Entity Statement response SA OP", - "checks": [ - { - "in": "url", - "check regex": "/resolve/\\?sub=cie-provider.org:8002" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Consent Page request", - "is request": true, - "response name": "Consent Page response", - "checks": [ - { - "in": "url", - "check regex": "/consent" - }, - { - "in": "head", - "check regex": "POST" - }, - { - "in": "head", - "check param": "Host", - "contains": "cie-provider.org:8002" - } - ] - }, - { - "name": "Echo Attribute request", - "is request": true, - "response name": "Echo Attribute response", - "checks": [ - { - "in": "url", - "check regex": "/echo_attributes" - }, - { - "in": "head", - "check param": "Host", - "contains": "relying-party.org:8001" - } - ] - }, - { - "name": "Trust Mark revoke request SA", - "is request": true, - "response name": "Trust Mark revoke response SA", - "checks": [ - { - "in": "url", - "check": "/trust_mark_revoke", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "soggetti-aggregatori.org:8004" - } - ] - }, - { - "name": "Trust Mark revoke request TA", - "is request": true, - "response name": "Trust Mark revoke response TA", - "checks": [ - { - "in": "url", - "check": "/trust_mark_revoke", - "is present": "true" - }, - { - "in": "head", - "check param": "Host", - "contains": "trust-anchor.org:8000" - } - ] - }, - { - "name": "Validating request", - "is request": true, - "response name": "Validating response", - "checks": [ - { - "in": "url", - "check regex": "csrfmiddlewaretoken" - } - ] - } - ] -} \ No newline at end of file diff --git a/tool/.devcontainer/project-options.json b/tool/.devcontainer/project-options.json deleted file mode 100644 index e63ac63..0000000 --- a/tool/.devcontainer/project-options.json +++ /dev/null @@ -1,487 +0,0 @@ -{ - "project_options": { - "connections": { - "hostname_resolution": [], - "out_of_scope_requests": { - "advanced_mode": false, - "drop_all_out_of_scope": false, - "exclude": [], - "include": [], - "scope_option": "suite" - }, - "platform_authentication": { - "credentials": [], - "do_platform_authentication": true, - "prompt_on_authentication_failure": false, - "use_user_options": true - }, - "socks_proxy": { - "dns_over_socks": false, - "host": "", - "password": "", - "port": 0, - "use_proxy": false, - "use_user_options": true, - "username": "" - }, - "timeouts": { - "domain_name_resolution_timeout": 300000, - "failed_domain_name_resolution_timeout": 60000, - "normal_timeout": 120000, - "open_ended_response_timeout": 10000 - }, - "upstream_proxy": { - "servers": [], - "use_user_options": true - } - }, - "http": { - "redirections": { - "understand_3xx_status_code": true, - "understand_any_status_code_with_location_header": false, - "understand_javascript_driven": false, - "understand_meta_refresh_tag": true, - "understand_refresh_header": true - }, - "status_100_responses": { - "remove_100_continue_responses": false, - "understand_100_continue_responses": true - }, - "streaming_responses": { - "scope_advanced_mode": false, - "store": true, - "strip_chunked_encoding_metadata": true, - "urls": [] - } - }, - "misc": { - "logging": { - "requests": { - "all_tools": "", - "extender": "", - "intruder": "", - "proxy": "", - "repeater": "", - "scanner": "", - "sequencer": "" - }, - "responses": { - "all_tools": "", - "extender": "", - "intruder": "", - "proxy": "", - "repeater": "", - "scanner": "", - "sequencer": "" - } - } - }, - "sessions": { - "cookie_jar": { - "monitor_extender": false, - "monitor_intruder": false, - "monitor_proxy": true, - "monitor_repeater": false, - "monitor_scanner": false, - "monitor_sequencer": false - }, - "macros": { - "macros": [] - }, - "session_handling_rules": { - "rules": [ - { - "actions": [ - { - "enabled": true, - "match_cookies": "all_except", - "type": "use_cookies" - } - ], - "description": "Use cookies from Burp's cookie jar", - "enabled": true, - "exclude_from_scope": [], - "include_in_scope": [], - "named_params": [], - "restrict_scope_to_named_params": false, - "tools_scope": [ - "Scanner" - ], - "url_scope": "all", - "url_scope_advanced_mode": false - } - ] - } - }, - "ssl": { - "client_certificates": { - "certificates": [], - "use_user_options": true - }, - "negotiation": { - "allow_unsafe_renegotiation": false, - "disable_ssl_session_resume": false, - "enabled_ciphers": [], - "enabled_protocols": [], - "tls_negotiation_behavior": "use_all_supported" - } - } - }, - "proxy": { - "http_history_display_filter": { - "by_annotation": { - "show_only_commented_items": false, - "show_only_highlighted_items": false - }, - "by_file_extension": { - "hide_items": [ - "js", - "gif", - "jpg", - "png", - "css" - ], - "hide_specific": false, - "show_items": [ - "asp", - "aspx", - "jsp", - "php" - ], - "show_only_specific": false - }, - "by_listener": { - "port": "" - }, - "by_mime_type": { - "show_css": false, - "show_flash": true, - "show_html": true, - "show_images": false, - "show_other_binary": false, - "show_other_text": true, - "show_script": true, - "show_xml": true - }, - "by_request_type": { - "hide_items_without_responses": false, - "show_only_in_scope_items": false, - "show_only_parameterized_requests": false - }, - "by_status_code": { - "show_2xx": true, - "show_3xx": true, - "show_4xx": true, - "show_5xx": true - } - }, - "intercept_client_requests": { - "automatically_fix_missing_or_superfluous_new_lines_at_end_of_request": false, - "automatically_update_content_length_header_when_the_request_is_edited": true, - "do_intercept": true, - "rules": [ - { - "boolean_operator": "and", - "enabled": true, - "match_condition": "(^gif$|^jpg$|^png$|^css$|^js$|^ico$)", - "match_relationship": "does_not_match", - "match_type": "file_extension" - }, - { - "boolean_operator": "or", - "enabled": false, - "match_relationship": "contains_parameters", - "match_type": "request" - }, - { - "boolean_operator": "or", - "enabled": false, - "match_condition": "(get|post)", - "match_relationship": "does_not_match", - "match_type": "http_method" - }, - { - "boolean_operator": "and", - "enabled": false, - "match_relationship": "is_in_target_scope", - "match_type": "url" - } - ] - }, - "intercept_server_responses": { - "automatically_update_content_length_header_when_the_response_is_edited": true, - "do_intercept": true, - "rules": [ - { - "boolean_operator": "or", - "enabled": true, - "match_condition": "text", - "match_relationship": "matches", - "match_type": "content_type_header" - }, - { - "boolean_operator": "or", - "enabled": false, - "match_relationship": "was_modified", - "match_type": "request" - }, - { - "boolean_operator": "or", - "enabled": false, - "match_relationship": "was_intercepted", - "match_type": "request" - }, - { - "boolean_operator": "and", - "enabled": false, - "match_condition": "^304$", - "match_relationship": "does_not_match", - "match_type": "status_code" - }, - { - "boolean_operator": "and", - "enabled": false, - "match_relationship": "is_in_target_scope", - "match_type": "url" - } - ] - }, - "intercept_web_sockets_messages": { - "client_to_server_messages": true, - "server_to_client_messages": true - }, - "match_replace_rules": [ - { - "comment": "Emulate IE", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^User-Agent.*$", - "string_replace": "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" - }, - { - "comment": "Emulate iOS", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^User-Agent.*$", - "string_replace": "User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B176 Safari/7534.48.3" - }, - { - "comment": "Emulate Android", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^User-Agent.*$", - "string_replace": "User-Agent: Mozilla/5.0 (Linux; U; Android 2.2; en-us; Droid Build/FRG22D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" - }, - { - "comment": "Require non-cached response", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^If-Modified-Since.*$" - }, - { - "comment": "Require non-cached response", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^If-None-Match.*$" - }, - { - "comment": "Hide Referer header", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^Referer.*$" - }, - { - "comment": "Require non-compressed responses", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^Accept-Encoding.*$" - }, - { - "comment": "Ignore cookies", - "enabled": false, - "is_simple_match": false, - "rule_type": "response_header", - "string_match": "^Set-Cookie.*$" - }, - { - "comment": "Rewrite Host header", - "enabled": false, - "is_simple_match": false, - "rule_type": "request_header", - "string_match": "^Host: foo.example.org$", - "string_replace": "Host: bar.example.org" - }, - { - "comment": "Add spoofed CORS origin", - "enabled": false, - "is_simple_match": true, - "rule_type": "request_header", - "string_replace": "Origin: foo.example.org" - }, - { - "comment": "Remove HSTS headers", - "enabled": false, - "is_simple_match": false, - "rule_type": "response_header", - "string_match": "^Strict\\-Transport\\-Security.*$" - }, - { - "comment": "Disable browser XSS protection", - "enabled": false, - "is_simple_match": true, - "rule_type": "response_header", - "string_replace": "X-XSS-Protection: 0" - } - ], - "miscellaneous": { - "disable_logging_to_history_and_site_map": false, - "disable_out_of_scope_logging_to_history_and_site_map": false, - "disable_web_interface": false, - "remove_unsupported_encodings_from_accept_encoding_headers_in_incoming_requests": true, - "set_connection_close_header_on_requests": true, - "set_connection_close_header_on_responses": false, - "strip_proxy_headers_in_incoming_requests": true, - "strip_sec_websocket_extensions_headers_in_incoming_requests": true, - "suppress_burp_error_messages_in_browser": false, - "unpack_gzip_deflate_in_requests": false, - "unpack_gzip_deflate_in_responses": true, - "use_http_10_in_requests_to_server": false, - "use_http_10_in_responses_to_client": false - }, - "request_listeners": [ - { - "certificate_mode": "per_host", - "listen_mode": "all_interfaces", - "listener_port": 9095, - "running": true - } - ], - "response_modification": { - "convert_https_links_to_http": false, - "enable_disabled_form_fields": false, - "highlight_unhidden_fields": false, - "remove_all_javascript": false, - "remove_input_field_length_limits": false, - "remove_javascript_form_validation": false, - "remove_object_tags": false, - "remove_secure_flag_from_cookies": false, - "unhide_hidden_form_fields": false - }, - "ssl_pass_through": { - "automatically_add_entries_on_client_ssl_negotiation_failure": false, - "rules": [] - }, - "web_sockets_history_display_filter": { - "by_annotation": { - "show_only_commented_items": false, - "show_only_highlighted_items": false - }, - "by_listener": { - "listener_port": "" - }, - "by_request_type": { - "hide_incoming_messages": false, - "hide_outgoing_messages": false, - "show_only_in_scope_items": false - } - } - }, - "repeater": { - "follow_redirections": "never", - "process_cookies_in_redirections": false, - "unpack_gzip_deflate": true, - "update_content_length": true - }, - "sequencer": { - "live_capture": { - "ignore_abnormal_length_tokens": true, - "max_length_deviation": 5, - "num_threads": 5, - "throttle": 0 - }, - "token_analysis": { - "compression": true, - "correlation": true, - "count": true, - "fips_long_run": true, - "fips_monobit": true, - "fips_poker": true, - "fips_runs": true, - "spectral": true, - "transitions": true - }, - "token_handling": { - "base_64_decode_before_analyzing": false, - "pad_short_tokens_at": "start", - "pad_with": "0" - } - }, - "target": { - "filter": { - "by_annotation": { - "show_only_commented_items": false, - "show_only_highlighted_items": false - }, - "by_file_extension": { - "hide_items": [ - "js", - "gif", - "jpg", - "png", - "css" - ], - "hide_specific": false, - "show_items": [ - "asp", - "aspx", - "jsp", - "php" - ], - "show_only_specific": false - }, - "by_folders": { - "hide_empty_folders": true - }, - "by_mime_type": { - "show_css": false, - "show_flash": true, - "show_html": true, - "show_images": false, - "show_other_binary": false, - "show_other_text": true, - "show_script": true, - "show_xml": true - }, - "by_request_type": { - "hide_not_found_items": true, - "show_only_in_scope_items": false, - "show_only_parameterized_requests": false, - "show_only_requested_items": false - }, - "by_search": { - "case_sensitive": false, - "negative_search": false, - "regex": false, - "term": "" - }, - "by_status_code": { - "show_2xx": true, - "show_3xx": true, - "show_4xx": false, - "show_5xx": true - } - }, - "scope": { - "advanced_mode": false, - "exclude": [], - "include": [] - } - } -} \ No newline at end of file diff --git a/tool/.devcontainer/user-options.json b/tool/.devcontainer/user-options.json deleted file mode 100644 index cb43697..0000000 --- a/tool/.devcontainer/user-options.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "user_options": { - "extender": { - "extensions": [ - { - "errors": "ui", - "extension_file": "/IdeaProjects/tool/target/mig-t-beta-jar-with-dependencies.jar", - "extension_type": "java", - "loaded": true, - "name": "MIG-T", - "output": "ui" - } - ], - "settings": { - "automatically_reload_extensions_on_startup": true, - "automatically_update_bapps_on_startup": true - } - } - }, - "misc": { - "enable_proxy_interception_at_startup": "never" - } -} \ No newline at end of file diff --git a/tool/src/main/java/migt/debug.http b/tool/src/main/java/migt/debug.http deleted file mode 100644 index e648dea..0000000 --- a/tool/src/main/java/migt/debug.http +++ /dev/null @@ -1,21 +0,0 @@ -POST localhost:3000/execute -Content-Type: application/json -# X-AuthKey: ciao - -{ - "test": "{\r\n \"test suite\": {\r\n \"name\": \"Single test\",\r\n \"description\": \"One test only\",\r\n \"filter messages\": true\r\n },\r\n \"tests\": [\r\n {\r\n \"test\": {\r\n \"name\": \"Does the OP release Access Tokens with the use of refresh tokens\",\r\n \"description\": \"In this test the offline access flow is accomplished and a refresh token is obtained. After this, a new token request is done with \\\"grant_type=refresh_token\\\" and the refresh token inserted in the \\\"refresh_token\\\" parameter. The response must include the Access Token\",\r\n \"type\": \"active\",\r\n \"sessions\": [\r\n \"s1\",\r\n \"s1.1\",\r\n \"s1.2\"\r\n ],\r\n \"operations\": [\r\n {\r\n \"session\": \"s1\",\r\n \"action\": \"start\"\r\n },\r\n {\r\n \"action\": \"intercept\",\r\n \"from session\": \"s1\",\r\n \"then\": \"forward\",\r\n \"message type\": \"Authentication request\",\r\n \"decode operations\": [\r\n {\r\n \"from\": \"url\",\r\n \"decode param\": \"request\",\r\n \"type\": \"jwt\",\r\n \"edits\": [\r\n {\r\n \"jwt from\": \"payload\",\r\n \"jwt edit\": \"$.acr_values\",\r\n \"value\": \"https:\/\/www.spid.gov.it\/SpidL1\"\r\n },\r\n {\r\n \"jwt sign\": \"-----BEGIN PRIVATE KEY-----\\nMIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC5d8kD7BOVMIDg\\nV2ygTSpl+YoiB52Zquu1aBBsSUptaD1ENHtnwlUFpEsWrDJ\/IbUkkWbrgbnVwEnA\\nsgXBagXufGwf1VgubmhyMCexHhGGV9UTTL\/rTCN\/yyQmAFGmJdA+XAf2MMZqpUT8\\n8QFM5sM7nDdei6sPUXfrT6\/lwsMtEd0UkiK10RW2oBOpjkOCVENoqIGGKztrn\/Vu\\nTzf08MtpCGO7hcmTi28PLn4tWQzLmw\/bNTr7W0l0D5WZoFktfL2fT3rsUYhaYzOl\\np+sEw64cVxQ4fnqj5yUNqH8IhMfV2rYPrgrQxiESkAI7anwAfgrxDpi4nV2eRUMP\\nBmnYLzixAgMBAAECggEBAJ\/3jyuQ3TsagK3++bQxmlYmK1w6kVZPM8pdnXyookdH\\nV0CSu7W8ybR6BkHh+BPrMN\/\/gXOzimOw3GwVoB04ozEVo\/S5ALvbgr6qhjGgK6Fh\\n9GgXFJmQLDY3MlCMid\/yUXDX1A4l951YOu6nuGVpzA6IKMGlWb92lyYgryhPGiSu\\nAVf5xdzbeUes1GKY2UPE9Rg2Qld782t6oJQ613vM6HPqfHC7N6yZ+7TFUiVc5wiK\\njn3jNVSINCN59m7m2DsfPLHJB7g53104kw5cquSMA8gR5oiHt36bvnOHtbYgZmzn\\n9iKgwml\/EnaZ1NoE4\/WJWbUTapodzQf65LASli897iECgYEA5PA7lJEDd3vrw5hl\\nolFzvjvRriOu1SMHXx9Y52AgpOeQ6MnE1pO8qwn33lwYTSPGYinaq4jS3FKF\/U5v\\nOZltJAGBMa4ByEvAROJVCh958rKVRWKIqVXLOi8Gk11kHbVKw6oDXAd8Qt\/y\/ff8\\nk\/K6jW2EbWm1K6kfTvTMzoHkqrUCgYEAz2QeMH4WtrdiWUET7JgZNX0TbcaVBgd2\\nGpo8JHnfnGOUsvO\/euKGgqpCcxiWVXSlqffQyTgVzl4iMROP8bEaQwvueHurtziM\\nDSy9Suumyktu3PbGgjqu\/izRim8Xlg7sz8Hs2quJPII\/fQ8BCoaWpg30osFZqCBa\\nrQM7CWhxR40CgYA3CVWZap8lu0G7XMiaE\/C6O9E1htiB3pDoGjYaMW7Hle+tNsw+\\nNXf2uke\/Se6BpOcNNDigYh0m4CPb+F4ev7aQIFh5o\/ZDu4o2RR7idxyu7qWZ740h\\nAEIB88ol5R6rUajujtGN7zK9NO9KhLJQstqMI1bhorbuDxM6vPj7cBiTvQKBgQDJ\\nfuJ+BuOWntHlGf97rcNAXsdTrs73TqSG8Ddi0S5ayb2dqIjvoctChJ2PKeJWIMEc\\nRHQMLHuzR2489F60WnfDkIIfeTi7CSu5WTCI7C\/e+C88bF8uBEolFfJ4Z7soxlN6\\n\/1Val7L8oSeCH+PJED6qE4EN6IFtghHXav4fA+SbuQKBgQCNy7q3MoBOxDlKOpSN\\nChoYUfW0JvwJbyyaVYOVq0efGVobosAblE\/IuwaoIuVgh8c4T3qZtwFcSpvfR5Qy\\nSOWFs2QXN\/P4ZvmiVpXK\/9Tcnth2BThpb9apQCT2a\/CYtrRiGNAVWKiK0U9QlN\/w\\n9fVBO\/ZgdaXE4xqYOSceH14yrQ==\\n-----END PRIVATE KEY-----\\n\"\r\n }\r\n ]\r\n }\r\n ]\r\n },\r\n {\r\n \"action\": \"intercept\",\r\n \"from session\": \"s1\",\r\n \"then\": \"forward\",\r\n \"message type\": \"Token response\",\r\n \"message operations\": [\r\n {\r\n \"from\": \"body\",\r\n \"save\": \"(?<=\\\"refresh_token\\\": \\\")[^\\\"]+\",\r\n \"as\": \"saved_refresh_token\"\r\n }\r\n ]\r\n },\r\n {\r\n \"session\": \"s1\",\r\n \"action\": \"pause\"\r\n },\r\n {\r\n \"session\": \"s1.1\",\r\n \"action\": \"start\"\r\n },\r\n {\r\n \"action\": \"intercept\",\r\n \"from session\": \"s1.1\",\r\n \"then\": \"forward\",\r\n \"message type\": \"Token request\",\r\n \"edit operations\": [\r\n {\r\n \"from\": \"body\",\r\n \"edit regex\": \"(?<=grant_type=)([^&\\\\n]+)\",\r\n \"value\": \"refresh_token\"\r\n },\r\n {\r\n \"from\": \"body\",\r\n \"add\": \"\",\r\n \"value\": \"&refresh_token=\"\r\n },\r\n {\r\n \"from\": \"body\",\r\n \"add\": \"\",\r\n \"use\": \"saved_refresh_token\"\r\n }\r\n ]\r\n },\r\n {\r\n \"action\": \"intercept\",\r\n \"from session\": \"s1.1\",\r\n \"then\": \"forward\",\r\n \"message type\": \"UserInfo request\"\r\n },\r\n {\r\n \"session\": \"s1.1\",\r\n \"action\": \"pause\"\r\n },\r\n {\r\n \"session\": \"s1.2\",\r\n \"action\": \"start\"\r\n },\r\n {\r\n \"action\": \"intercept\",\r\n \"from session\": \"s1.2\",\r\n \"then\": \"forward\",\r\n \"message type\": \"Token request\",\r\n \"edit operations\": [\r\n {\r\n \"from\": \"body\",\r\n \"edit regex\": \"(?<=grant_type=)([^&\\\\n]+)\",\r\n \"value\": \"refresh_token\"\r\n },\r\n {\r\n \"from\": \"body\",\r\n \"add\": \"\",\r\n \"value\": \"&refresh_token=\"\r\n },\r\n {\r\n \"from\": \"body\",\r\n \"add\": \"\",\r\n \"use\": \"saved_refresh_token\"\r\n }\r\n ]\r\n },\r\n {\r\n \"action\": \"intercept\",\r\n \"from session\": \"s1.2\",\r\n \"then\": \"forward\",\r\n \"message type\": \"Token response\",\r\n \"checks\": [\r\n {\r\n \"in\": \"head\",\r\n \"check regex\": \"HTTP\/?\\\\d?\\\\.?\\\\d?\\\\s400\"\r\n },\r\n {\r\n \"in\": \"body\",\r\n \"check\": \"invalid_request\"\r\n }\r\n ]\r\n },\r\n {\r\n \"session\": \"s1\",\r\n \"action\": \"resume\"\r\n },\r\n {\r\n \"session\": \"s1.1\",\r\n \"action\": \"resume\"\r\n }\r\n ],\r\n \"result\": \"assert_only\"\r\n }\r\n }\r\n ]\r\n}", - "sessions": { - "main": "open | http:\/\/relying-party.org:8001\/oidc\/rp\/landing |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/a |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/div\/ul\/li[2]\/a |\r\ntype | id=id_username | user\r\ntype | id=id_password | oidcuser\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div[2]\/div[1]\/form\/fieldset\/div\/div\/div\/div[3]\/button\/span[2] |\r\nclick | id=agree |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/a |\r\nwait | 1000", - "s1": "open | http:\/\/relying-party.org:8001\/oidc\/rp\/landing |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/a |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/div\/ul\/li[2]\/a |\r\ntype | id=id_username | user\r\ntype | id=id_password | oidcuser\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div[2]\/div[1]\/form\/fieldset\/div\/div\/div\/div[3]\/button\/span[2] |\r\nclick | id=agree |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/a |\r\nwait | 1000", - "s1.1": "open | http:\/\/relying-party.org:8001\/oidc\/rp\/landing |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/a |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/div\/ul\/li[2]\/a |\r\ntype | id=id_username | user\r\ntype | id=id_password | oidcuser\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div[2]\/div[1]\/form\/fieldset\/div\/div\/div\/div[3]\/button\/span[2] |\r\nclick | id=agree |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/a |\r\nwait | 1000", - "s1.2": "open | http:\/\/relying-party.org:8001\/oidc\/rp\/landing |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/a |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div\/span[2]\/div\/ul\/li[2]\/a |\r\ntype | id=id_username | user\r\ntype | id=id_password | oidcuser\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/div[2]\/div[2]\/div[1]\/form\/fieldset\/div\/div\/div\/div[3]\/button\/span[2] |\r\nclick | id=agree |\r\nclick | xpath=\/html\/body\/div[2]\/div\/div\/div\/div\/div\/div\/div\/div\/div\/a |\r\nwait | 1000" - } -} - -### -POST localhost:3000/result - - -### -POST localhost:3000/result?verbose=true -