sessiontester.ctf
<%
display_form = true
session = Request().getSession(false)
action = Request().Form("action")
if action <> null then
action = action.toLowerCase()
if action = "set value" then
if session <> null then
key = Request().Form("key")
if key <> null then
key = key.trim()
if key.length() > 0 then
value = Request().Form("value")
if value = null then
value = ""
else
value = value.trim()
end
session.setAttribute(key, value)
end
end
end
elseif action = "remove value" then
if session <> null then
key = Request().Form("key")
if key <> null then
key = key.trim()
if key.length() > 0 then
session.removeAttribute(key)
end
end
end
elseif action = "create session" then
session = Request().getSession(true)
elseif action = "remove session" then
if session <> null then
session.invalidate()
session = null
end
elseif action = "redirect test" then
Response().redirect(Response().encodeURL("./sessionredirect.ctf"))
display_form = false
end
end
if display_form then
%>
Session Tester
Session Tester
Session Status:
<%
if session = null then
Response().println(" does not exist
")
else
if session.isNew() then
Response().println("is new
")
elseif Request().isSessionValid() then
Response().println("is valid
")
else
Response().println("is invalid
")
end
%>
Session Id: <%=session.getId()%>
Creation Time: <%=Date(session.getCreationTime()).toString()%>
Last Accessed Time: <%=Date(session.getLastAccessedTime()).toString()%>
Maximum Inactive Interval: <%=session.getTimeout()%> seconds
Session From:
<%
if Request().isSessionFromURL() then
Response().println("URL
")
elseif Request().isSessionFromCookie() then
Response().println("Cookie
")
else
Response().println("Other
")
end
%>
Session Values:
<%
count = 0
e = session.getAttributeNames()
do while e.hasMoreElements()
count = count + 1
name = e.nextElement().toString()
Response().println(name + " = " + session.getAttribute(name).toString() + "
")
loop
if count = 0 then
Response().println("None")
end
end
%>
<% end%>
==================================================
sessionredirect.ctf
Session Redirect Tester
">Click here to return to Session Tester.