diff --git a/tests/pcap/sql_injection.pcap b/tests/pcap/sql_injection.pcap new file mode 100644 index 00000000000..06bbcec1765 Binary files /dev/null and b/tests/pcap/sql_injection.pcap differ diff --git a/tests/pcap/xss.pcap b/tests/pcap/xss.pcap new file mode 100644 index 00000000000..1a9c1f5c9a1 Binary files /dev/null and b/tests/pcap/xss.pcap differ diff --git a/tests/result/sql_injection.pcap.out b/tests/result/sql_injection.pcap.out new file mode 100644 index 00000000000..654b3c3b859 --- /dev/null +++ b/tests/result/sql_injection.pcap.out @@ -0,0 +1,8 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 3 (3.00 pkts/flow) +Confidence DPI : 1 (flows) + +HTTP 5 2748 1 + + 1 TCP 192.168.3.109:53528 <-> 192.168.3.107:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][2 pkts/823 bytes <-> 3 pkts/1925 bytes][Goodput ratio: 84/90][0.00 sec][Hostname/SNI: 192.168.3.107][URL: 192.168.3.107/DVWA-master/vulnerabilities/sqli/?id=%3Fid%3Da%27+UNION+SELECT+%22text1%22%2C%22text2%22%3B--+-%26Submit%3DSubmit&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36][Risk: ** SQL Injection **** HTTP Numeric IP Address **][Risk Score: 260][Risk Info: Found host 192.168.3.107][PLAIN TEXT (GET /DV)][Plen Bins: 0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0] diff --git a/tests/result/xss.pcap.out b/tests/result/xss.pcap.out new file mode 100644 index 00000000000..f90889953a3 --- /dev/null +++ b/tests/result/xss.pcap.out @@ -0,0 +1,10 @@ +Guessed flow protos: 1 + +DPI Packets (TCP): 9 (4.50 pkts/flow) +Confidence Match by port : 1 (flows) +Confidence DPI : 1 (flows) + +HTTP 11 3209 2 + + 1 TCP 192.168.3.109:53514 <-> 192.168.3.107:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][4 pkts/880 bytes <-> 4 pkts/2115 bytes][Goodput ratio: 69/87][0.01 sec][Hostname/SNI: 192.168.3.107][bytes ratio: -0.412 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 5/4 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/529 674/1514 262/591][URL: 192.168.3.107/DVWA-master/vulnerabilities/xss_d/?default=English%3Cscript%3Ealert(1)%3C/script%3E][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36][Risk: ** XSS Attack **** HTTP Numeric IP Address **][Risk Score: 260][Risk Info: Found host 192.168.3.107][PLAIN TEXT (FGET /DVWA)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0] + 2 TCP 192.168.3.109:53516 <-> 192.168.3.107:80 [proto: 7/HTTP][ClearText][Confidence: Match by port][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]