Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

WebInject and .aspx pages?

https://support.nagios.com/forum/viewtopic.php?t=37646

Page 3 of 3

Re: WebInject and .aspx pages?

Posted: Thu Mar 31, 2016 2:48 pm
by rkennedy
jsharris wrote:Results with the default files (same as you provided now that the files are all in the same location; webinject doesn't seem to like files elsewhere even if the full path is provided):

Code: Select all

WebInject CRITICAL - Unable to acces at http://ntlm-website |time=0.098;20;;0
As for the testcases tag, is <testcases repeat="1"> not the opening tag? That is what is in the default file.
Thanks for verifying -- just wanted to make sure it wasn't a system issue.

I believe that is the opening tag, I didn't see it in your file above. Can you please add it and rerun the check?

Re: WebInject and .aspx pages?

Posted: Fri Apr 01, 2016 5:14 am
by jsharris
<testcases repeat="1"> has always been included in the file. The only changes we have made were to the URL and the credentials. All else is as set in the default file.

Re: WebInject and .aspx pages?

Posted: Fri Apr 01, 2016 1:56 pm
by rkennedy
jsharris wrote:No luck; tried removing http: and http://. Also saw that I was running only webinject.pl server-config.xml instead of webinject.pl -c server-config.xml. The second has virtually the same error; different line information and no "Starting webinject engine":

Code: Select all

junk after document element at line 3, column 0, byte 130 at /usr/lib64/perl5/XML/Parser.pm line 187
Contents of config_ALVAReports.xml:

Code: Select all

<testvar varname="URL">http://<server>/Reports/Pages/Folder.aspx?ItemPath=%2fAlva+Reports&ViewMode=Listclear</testvar>

<case
    id="1"
    description1="NTLM"
    method="get"
    url="${URL}"
    verifypositive="Reporting"
    errormessage="Unable to access at ${URL}"
/>

</testcases>
This paste did not include <testcases repeat="1"> - that's what I was basing it off of.

It looks like the plugin has a debug option included. Can you attempt to run the script with .debug at the end? For example -

Code: Select all

[root@localhost webinject-ntlm]# ./webinject.pl.debug -c server-config.xml

Current Case File : server.xml

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 01 Apr 2016 18:54:14 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Fri, 01 Apr 2016 18:54:13 GMT
Client-Date: Fri, 01 Apr 2016 18:54:25 GMT
Client-Peer: 104.239.213.7:80
Client-Response-Num: 1
Client-Transfer-Encoding: chunked
Refresh: 0;url=http://searchguide.level3.com/search/?q=http://ntlm-website/&t=0

<html><head><meta http-equiv="refresh" content="0;url=http://searchguide.level3.com/search/?q=http://ntlm-website/&t=0"/></head><body><script>window.location="http://searchguide.level3.com/search/?q="+escape(window.location)+"&r="+escape(document.referrer)+"&t=0";</script></body></html>
WebInject CRITICAL - Unable to acces at http://ntlm-website |time=0.127;20;;0

Re: WebInject and .aspx pages?

Posted: Mon Apr 04, 2016 8:20 am
by jsharris
Results of debug:

Code: Select all

[root@spnagios libexec]# ./webinject.pl.debug -c server-config.xml

Current Case File : server.xml

HTTP/1.1 401 Unauthorized
Date: Mon, 04 Apr 2016 13:19:14 GMT
WWW-Authenticate: NTLM
Content-Length: 0
Client-Date: Mon, 04 Apr 2016 13:19:14 GMT
Client-Peer: 10.115.145.81:80
Client-Response-Num: 1
Client-Warning: Unsupported authentication scheme 'ntlm'

WebInject CRITICAL - Unable to acces at http://<server>/Reports/Pages/Folder.aspx?ItemPath=%2fAlva+Reports&ViewMode=Listclear |time=0.345;20;;0

Re: WebInject and .aspx pages?

Posted: Mon Apr 04, 2016 3:11 pm
by ssax
Do you have perl-NTLM installed?
rpm -qa | grep perl-NTLM
If not, try installing it:
yum install perl-NTLM
I also found a post that says that you need to modify the webinject.pl script and change the code below to get NTLM to work:

Code: Select all

$useragent = LWP::UserAgent->new;
To:

Code: Select all

$useragent = LWP::UserAgent->new(keep_alive=>1);

Let us know the results.

Re: WebInject and .aspx pages?

Posted: Tue Apr 05, 2016 10:40 am
by jsharris
That was it! I was missing the perl-NTLM module. Once that was installed the check started working.

As always, thank you for the assistance. You guys are lifesavers.

Re: WebInject and .aspx pages?

Posted: Tue Apr 05, 2016 11:39 am
by rkennedy
Awesome! Glad we were able to find the NTLM plugin, and get this working for you.

Closing this one out, and marking it as resolved.

Feel free to create a new thread if you need any assistance in the future!
All times are UTC-05:00
Page 3 of 3

Powered by phpBB® Forum Software © phpBB Limited