HTTP response splitting from Checkmarx scan

Checkmarx keeps throwing http response splitting of the following code:

public void getFile(HttpServletRequest request, HttpServletResponse response) {     String date = ESAPI.validator().getValidInput("date", request.getParameter("date"), "Date", 8, false);      String jsonStr = fileService.getFile(date);     JSONObject rtn = JSONObject.fromObject(jsonStr);     String fileContent = rtn.getString("fileContent");     String fileName = rtn.getString("fileName");      if (!fileName.contains("\n")) {         byte[] backByte = Base64.decodeBase64(fileContent);         ByteArrayInputStream bInput = new ByteArrayInputStream(backByte);         response.setContentType("application/pdf");          response.setHeader("Content-disposition", "attachment; filename=" + fileName);         OutputStream out = response.getOutputStream();         IOUtils.copy(bInput, out);         bInput.close();         response.setHeader(Set-Cookie", "fileDownload=true; path=/; HttpOnly");         response.getOutputStream().close();         response.flushBuffer();     } } 

I’ve validated my input and also checked to see that filename doesn’t include “\n”, stuck now as problem still persists.

18.04 and Samsung: Scan to PC not available

I’m using Samsung XPress 2070FW over WiFi and I cannot get the printer to scan using the on-the-printer scan to pc function. The error message is “Scan to PC not available”. However, scanning using the PC (sane) works fine. The driver is the unified one for the model, but there’s no interface like the one of windows so I cannot tweak scanning on Ubuntu.

Anyone encountered a similar problem?

PHP Storm XML scan result : redundant default attribute value assignment

I ran a PHP Storm XML scan

https://magento.stackexchange.com/a/227343/70343

The part you are interested in is ‘How to use PhpStorm code inspector to validate project xml-files’

And I just spotted a load of ‘redundant default attribute value assignment’ errors

Many of these point to the use of the translate="true" value

For example

https://github.com/magento/magento2/blob/2.3/app/code/Magento/Catalog/etc/widget.xml#L12

Has this been deprecated or is this a false positive?

NMAP discovery scan reporting host offline, pinging the same host gets ICMP responses

I ran an nmap -sn scan on a host, and nmap reported the host as down. I then pinged the same host with ping and got ICMP responses. I’m confused, because I was sure that -sn among other things, did an ICMP echo request.

Output from my two commands:

~ $   nmap -sn 192.168.1.237   Starting Nmap 6.40 ( http://nmap.org ) at 2016-08-16 09:35 BST Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.00 seconds  ~ $   ping 192.168.1.237 PING 192.168.1.237 (192.168.1.237) 56(84) bytes of data. 64 bytes from 192.168.1.237: icmp_seq=1 ttl=128 time=9.82 ms 64 bytes from 192.168.1.237: icmp_seq=2 ttl=128 time=5.25 ms 64 bytes from 192.168.1.237: icmp_seq=3 ttl=128 time=2.95 ms 64 bytes from 192.168.1.237: icmp_seq=4 ttl=128 time=9.10 ms ^C --- 192.168.1.237 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 2.957/6.785/9.826/2.810 ms 

Any ideas why NMAP could be confused? I’m running the scan from my Ubuntu 16.04 box, the target is a Windows 10.

I did a IP scan on a network and I see the IP is scannable, but I cannot ping the device

I made a change on a serial-to-ethernet converter and the device is no longer pingable or accessable through the webUI, but when I do a IP scan, NMAP picks it up as:

Nmap scan report for 192.168.0.10 Host is up (0.00069s latency). All 1000 scanned ports on 192.168.0.10 are filtered MAC Address: 00:90:E8:73:1F:16 (Moxa Technologies)

Says the host is up, but I cannot connect whatsover? Is this just stored in the cache? or am I missing something else here?

Spell to scan memories

In my campaign, I want to have an NPC group that is gathering intelligence by kidnapping people while they sleep, scanning their memories, and returning them before morning. I know that I could just rule that they can do this, but I wanted to see if there was a spell that could be used for the purpose.

So far, I have looked at detect thoughts and modify memory, but neither of them has the exact effect I’m looking for. A related question asked about encode thoughts suggests that spell could be used, but it’s also from a Planescape supplement, and my campaign doesn’t take place in the setting.

Are there spells that can do what I’m trying to accomplish? I would prefer to restrict spells to PHB and XGtE, but if there are spells in other source books, I would be happy to consider those as well.

Which files to scan for viruses (or how to reduce the cost of a full scan) on Linux (Debian)?

It may be irrelevant but anyway: I’m using clamscan to check my system.

The problem is that a full system scan needs far more than one day.
When you plan to do one scan a day, that’s not acceptable.
Additionally the scan sometimes consumes a huge amount of CPU – reducing the performance of the rest of the software.

For me there are two possibilities to tackle this:
Don’t scan the whole system.
Find a way to reduce the workload but still scan the whole system.

The problem: I have no idea if there is a number of directories, big enough to noticeable solve my problem, which can be safely excluded let alone how to scan the whole system in a more efficient way.

Are there any best practices to scan a system for viruses?

Identifying a script used for vulnerability scan

The logs of a server are showing a great number of 404 responses in a short time. Apparently somebody used a tool/script to look for known vulnerabilities by combining the server and part of the path with elements like /login or /admin.php.

Is there a way to identify the script that was used without getting and analyzing various hacking/pentest tools?

How to view sophos antivirus scan results

I’m using sophos antivirus on the command line (sav-protect) on my Ubuntu 16.04. After running a scan, the software detected “28 errors” and “0 threats”. I wanted more information on the scan results, so I looked at the logs with sudo /opt/sophos-av/bin/savlog but the only entry corresponding to my scan was:

Mo 10 Jun 2019 19:21:19 CEST: savscan.log           On-demand scan started. Mo 10 Jun 2019 21:56:59 CEST: savscan.log           On-demand scan details: master boot records scanned: 0, boot records scanned: 0, files scanned: 375041, scan errors: 28, threats detected: 0, infected files detected: 0 Mo 10 Jun 2019 21:56:59 CEST: savscan.log           On-demand scan finished. 

Is there any way of getting more information on my scans? How do I get my hands on the errors detected to analyse and correct them?

The scan command I ran was this:

sudo savscan -sc -rec -dn -c -archive -pua -suspicious --stay-on-filesystem --stay-on-machine --backtrack-protection --preserve-backtrack --examine-x-bit --show-file-details /home/ 

Here are the details of the flags I’m using:

-sc = scan inside dynamically compressed files -rec = recursive down directories -dn = display names in form [mm:ss:filename] -c = ask for confirmaiton before disinfection/deletion -archive = scan inside archives -pua = scan for adware/potentially unwanted apps -suspicious = scan for suspicious files