Unable to monitor Synthetic web Transaction

[IT-OPS-SYS]

hi Experts,

I am trying to add one of our nagios server for the web transaction monitoring and using below XML for webinject but getting it failed.

testdata.xml:

<testcases repeat="1">

<case
id="1"
url="https://nagiosxi.dev.com/nagiosxi/login.php"
verifyresponsecode="200"
errormessage="Cannot load Nagios XI page"
/>

<case
id="2"
description1="Sign in"
url="https://nagiosxi.dev.com/nagiosxi/login.php"
method="post"
postbody="username=admin&password=Admin123"
verifypositive=' "Nagios" '
logrequest="yes"
logresponse="yes"
errormessage="Nagios login not successful"
/>

</testcases>

==============================
could you please let me know where did i go wrong in the XML config to check the nagios page loading and able to login with the username/password.

note: followed the article: https://assets.nagios.com/downloads/nag ... ios-XI.pdf
TIA.

[gsmith]

Hi

here's what my test.xml looks like:

Code: Select all

<testcases repeat="1">
<case
id="1"
url="http://192.168.23.97/nagiosxi/login.php"
verifyresponsecode="200"
errormessage="Cannot load Nagios XI page"
/>

<case
id="2"
description1="Sign in"
url="http://192.168.23.97/nagiosxi/login.php"
method="post"
postbody="username=nagiosadmin&password=bn7999hd"
verifypositive="Nagios"
logrequest="yes"
logresponse="yes"
errormessage="Nagios login not successful"
/>
</testcases>

in the case where id=2 I removed the extra quotes around "Nagios", it was ' "Nagios" '

Other than that I changed the URLs to http, it was https. Are you running with
https or http?

Thanks

[IT-OPS-SYS]

Thanks for the response!! yeah i am running with https.

so you are verifying with "verifypositive="Nagios", once the user logs in with the given username and password, he could verify with the "Logout" string as well but this is not the case here:

<case
id="2"
description1="Sign in"
url="http://192.168.23.97/nagiosxi/login.php"
method="post"
postbody="username=nagiosadmin&password=bn7999hd"
verifypositive="Logout"

note: if i give the incorrect username and password still the test gets passed which should not be the case.

[gsmith]

Hi,

I made some process but still have some issues.

config.xml:

Code: Select all

<testcasefile>greg_data.xml</testcasefile>
<useragent>WebInject Application Tester</useragent>
<timeout>10</timeout>
<globaltimeout>30</globaltimeout>
<reporttype>standard</reporttype>

testdata.xml:

Code: Select all

<testcases repeat="1">
<case
id="1"
url="http://192.168.23.97/nagiosxi/login.php?redirect=/nagiosxi/index.php%3f&noauth=1"
verifypositive="Nagios Products"
verifyresponsecode="200"
errormessage="Cannot load Nagios XI page"
parseresponse='nsp" value="|"|escape'
/>
<case
id="2"
description1="Sign in"
url="http://192.168.23.97/nagiosxi/login.php"
method="post"
postbody="username=nagiosadmin&password=bnhd&nsp={PARSEDRESULT}&page=auth&pageopt=login"
verifypositive="Configure"
logrequest="yes"
logresponse="yes"
errormessage="Nagios login not successful"
/>
</testcases>

There's a key called nsp that gets handed to you in case 1:

Code: Select all

<input type="hidden" name="nsp" value="6cc5167d68f8a53578209caeac8f1006cf3ea492fa2ad7add5fcbd2f8e9f8cc6">

and that needs to be sent back to the XI server everytime you make a post - it's like a sessonid.

That's what the:
parseresponse='nsp" value="|"|escape'
and:
postbody="username=nagiosadmin&password=bnhd&nsp={PARSEDRESULT}&page=auth&pageopt=login"
are doing.

The issue I am having is that when I use the correct password, case=2 passes on HTTP Response Code Verification
but fails on Positive Verification; and when I use an incorrect password, case=2 passes on HTTP Response
Code Verification but passes on Positive Verification

I'll update you when I get that figured out.

Thanks

[gsmith]

Hi


Got it!

config.xml:

Code: Select all

<testcasefile>data.xml</testcasefile>
<useragent>WebInject Application Tester</useragent>
<timeout>10</timeout>
<globaltimeout>30</globaltimeout>
<reporttype>standard</reporttype>

Note:
use <reporttype>standard</reporttype> for command line testing (./webinject.pl data.xml)
and change to:
<reporttype>nagios</reporttype> for use as a plugin

data.xml:

Code: Select all

<testcases repeat="1">
<case
id="1"
url="http://192.168.23.97/nagiosxi/login.php"
verifypositive="Login"
verifyresponsecode="200"
errormessage="Cannot load Nagios XI page"
parseresponse='\<input type="hidden" name="nsp" value="|"|escape'
/>
<case
id="2"
description1="Sign in"
url="http://192.168.23.97/nagiosxi/login.php"
method='post'
postbody='username=nagiosadmin&password=opensesame&nsp={PARSEDRESULT}&page=auth&pageopt=login&debug=&loginButton='
verifyresponsecode="302"
verifypositive="index.php"
logrequest="yes"
logresponse="yes"
errormessage="Nagios login not successful"
/>
</testcases>

In case 1 we hit the login page and verify it's up. We also capture the value of
nsp that is issued by the server.

In case 2 we hit the login page again, this time passing it the required parameters:
'username=nagiosadmin&password=opensesame&nsp={PARSEDRESULT}&page=auth&pageopt=login&debug=&loginButton='

Here is the request:

Code: Select all

POST http://192.168.23.97/nagiosxi/login.php
User-Agent: WebInject Application Tester
Content-Type: application/x-www-form-urlencoded
Cookie: nagiosxi=h7t6sbl6cudigc7bq7masofss6
Cookie2: $Version="1"

username=nagiosadmin&password=opensesame&nsp=9f38d3b6d85db02974265ae06cf42f42d3707d5a6fbc6ec07cff9c441fe75d2a&page=auth&pageopt=login&debug=&loginButton=

And here is the response:

Code: Select all

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Date: Fri, 29 Oct 2021 19:40:12 GMT
Pragma: no-cache
Location: index.php
Server: Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1g
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Client-Date: Fri, 29 Oct 2021 19:40:12 GMT
Client-Peer: 192.168.23.97:80
Client-Response-Num: 1
Client-Warning: Redirect loop detected (max_redirect = 0)
Content-Security-Policy: frame-ancestors 'self'
Set-Cookie: nagiosxi=f916j5779jrk7o8m3u22u20hck; expires=Fri, 29-Oct-2021 20:10:12 GMT; Max-Age=1800; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.24

The webinject.pl plugin is setup to NOT follow redirects, so we test for the redirect code
and the location of where we're being redirected to:

Code: Select all

verifyresponsecode="302"
verifypositive="index.php"

If you wanted to you could set the baseurl=http://192.168.23.97/nagiosxi/ and then retrieve the Location value (index.php) from
case2 to create the url for the main page (http://192.168.23.97/nagiosxi/index.php). With that and some of the other
variables (username, password, nsp) passed from case 2you could open the main page.

Thanks