User Usage

User Usage Information

#!/bin/bash

#
# noodle_datamanager_add.sh
#

set -e

U=$1
P=$2
F=$3
D=$4

SERVER="https://domain.tld"
COOKIE=noodle_cookie.tmp

if [ "$D" == "" ] ; then
	echo NO >&2
	exit 1
fi
if [ -f $COOKIE ] ; then
	echo "already running"
	exit 2;
fi
TMP=$(mktemp)
wget -q "$SERVER/HandleLogin.po" --post-data="user_name=$U&user_password=$P" --keep-session-cookies --save-cookies $COOKIE -O /dev/null
wget -q "$SERVER/datamanager/MainWindow.po"  --load-cookies $COOKIE -O "$TMP"
CSRF=$(< "$TMP" perl -pe 's/(<)/\n$1/g' | grep CSRF | perl -pe 's/^.*value="//g;s/".*$//g')
rm "$TMP"
wget -q "$SERVER/datamanager/HandleMainWindow.po" --post-data="CSRF=$CSRF&folder=$F&val5440=$D" --load-cookies $COOKIE -O /dev/null

#!/bin/bash

#
# noodle_datamanager_report_get.sh
#

set -e

U=$1
P=$2
F=$3
R=$4

SITE="https://domain.tld"
COOKIE=noodle_cookie.tmp

if [ "$R" == "" ] ; then
    echo NO >&2
    exit 1
fi
if [ -f $COOKIE ] ; then
    echo "already running"
    exit 2;
fi
wget -q "$SITE/HandleLogin.po" --post-data="user_name=$U&user_password=$P" --keep-session-cookies --save-cookies $COOKIE -O /dev/null
wget -q "$SITE/datamanager/ReportView.po?folder=$F&reportHandle=$R&itemsPerPage=99" --load-cookies $COOKIE -O -
rm $COOKIE

Microsoft checklist here.

Server list SPNs:

setspn -l %NoodleServiceAccount

Client list cached tickets:

klist get HTTP/%noodle.domain.tld

Client uncache tickets:

klist purge

The following information can be obtained with Wireshark;

 [truncated]Authorization: Negotiate YIG...NER
    GSS-API Generic Security Service Application Program Interface
        OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
        Simple Protected Negotiation
            negTokenInit
                mechTypes: 4 items
                    MechType: 1.2.840.48018.1.2.2 (MS KRB5 - Microsoft Kerberos 5)
                    MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5)
                    MechType: 1.3.6.1.4.1.311.2.2.30 (NEGOEX - SPNEGO Extended Negotiation Security Mechanism)
                    MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTLM Security Support Provider)
                mechToken: 6092a864886...
                krb5_blob: 6092a864886...
                    KRB5 OID: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5)
                    krb5_tok_id: KRB5_AP_REQ (0x0001)
                    Kerberos
                        ap-req
                            pvno: 5
                            msg-type: krb-ap-req (14)
                            Padding: 0
                            ap-options: 20000000 (mutual-required)
                                0... .... = reserved: False
                                .0.. .... = use-session-key: False
                                ..1. .... = mutual-required: True
                            ticket
                                tkt-vno: 5
                                realm: INTRA.NET
                                sname
                                    name-type: kRB5-NT-SRV-INST (2)
                                    sname-string: 2 items
                                        SNameString: HTTP
                                        SNameString: intra.net
                                enc-part
                                    etype: eTYPE-ARCFOUR-HMAC-MD5 (23)
                                    kvno: 2
                                    cipher: 678ed5435c9ec4d6...
                            authenticator
                                etype: eTYPE-ARCFOUR-HMAC-MD5 (23)
                                cipher: 62a133014138848d900d436...

The following information can be obtained with Wireshark or with Noodle DEBUG;

https://intranet.onelogin.com/trust/saml2/http-post/sso/699546?SAMLRequest=fVLLbtsw...%2FkD&RelayState=https%3A%2F%2Fintra.net%2FSAML.po

Should be sent to the IdP which before it is deflated and base 64 encoded looks like

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="-5abe3a1a-1671d27aa18--8000" Version="2.0" IssueInstant="2018-11-16T15:33:17Z" ProviderName="Noodle" Destination="https://intranet.onelogin.com/trust/saml2/http-post/sso/699546" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="https://intra.net/SAML.po">
    <saml:Issuer>Noodle</saml:Issuer>
    <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted" AllowCreate="true" />
    <samlp:RequestedAuthnContext Comparison="false">
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
    </samlp:RequestedAuthnContext>
</samlp:AuthnRequest>

The IdP should reply with "Content-Type: application/x-www-form-urlencoded" containing "SAMLResponse: PHN...fCg==" which when base 64 decoded looks like

<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="R6229535893ec8f41746de8cd0bb42fe1008d88a7" Version="2.0" IssueInstant="2018-11-16T15:33:18Z" Destination="{recipient}" InResponseTo="-5abe3a1a-1671d27aa18--8000">
    <saml:Issuer>https://app.onelogin.com/saml/metadata/699546</saml:Issuer>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
    </samlp:Status>
    <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Version="2.0" ID="pfx95004805-783d-f0ee-f32d-17d50ca7ef90" IssueInstant="2018-11-16T15:33:18Z">
        <saml:Issuer>https://app.onelogin.com/saml/metadata/699546</saml:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                <ds:Reference URI="#pfx95004805-783d-f0ee-f32d-17d50ca7ef90">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                    <ds:DigestValue>uCsDHp/wXNnMIz7nkq2D7OF81zY=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>QbDsbkTMULdxYmiV8lu64jUE4BNj7ETQvUhjlgHrbaUKMaUdnluJma8T9jh8WOUEQw+Of/MGP4hMJE18f2XOJJK3X3VQnlggE5z98xjHrP0SugRH+elgQpOVkB9ht685UXtzRF6SVAIwstOGphOgqgGRwrG9fPQpN6DAKr00IOc6ItM7cbhVnA+EA8iHP8WP0n+VZXkdub9Sb/tgVkimih3/7DZPIWi6FpmlsTN88mlxBXJKnslr1Iw0ZLqLjR5dJSFz7SHrkBijirFf/kOydoQeOQrRS+6XzOmXayWCP2hHWXVvr5Ye1GbDZyjKTxMpObc+Lv6nj7llC1Mal2M0cw==</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIEFzCCAv+gAwIBAgIUUVsi+5GzFHp5EeCzav01iiNyreEwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB1ZpYWxlY3QxFTATBgNVBAsMDE9uZUxvZ2luIElkUDEgMB4GA1UEAwwXT25lTG9naW4gQWNjb3VudCAxMDkzNzAwHhcNMTcwNjI1MTYzMjM5WhcNMjIwNjI2MTYzMjM5WjBYMQswCQYDVQQGEwJVUzEQMA4GA1UECgwHVmlhbGVjdDEVMBMGA1UECwwMT25lTG9naW4gSWRQMSAwHgYDVQQDDBdPbmVMb2dpbiBBY2NvdW50IDEwOTM3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFTuHcxpp8/hhD8BepAo8EI9AT7dACYFfISZo9IEcBMI1af3p/mm+lV9Iz1ZvoFTddIxHQMVe686segtdkg+p/LA+bWETyRv59yDfH8B3avZkbZkXR7lYq+noMMpQwoA3JYDcJGp9Hoh7FHuhCEZZQCGMuUbGaHMTMaMipzPB7AI9Bg6nZpTmDRqzPEd6SzKJHs18W2dZxJA+lDfze2tfyBaAuC2VFqJ3R2NZhZtpUE7IqCG67zv3ItLNk0sDqPEU3/LSIGyT0+fYcVEraBpIMkLp4MQDcihyTWZSVfhdxaOr0Fn4fUV9aTS/a1a5gybK/zat0cs6pJDgBSfoh9xRUCAwEAAaOB2DCB1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQFLDFhCLxjqc6f+cwpm7YnNZH2PTCBlQYDVR0jBIGNMIGKgBQFLDFhCLxjqc6f+cwpm7YnNZH2PaFcpFowWDELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB1ZpYWxlY3QxFTATBgNVBAsMDE9uZUxvZ2luIElkUDEgMB4GA1UEAwwXT25lTG9naW4gQWNjb3VudCAxMDkzNzCCFFFbIvuRsxR6eRHgs2r9NYojcq3hMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAG/YWVdBSvyUjpO8s97Z7KPo843putSf0jgiDHtD8FGddNmdRbAwPbzWBnFupZGyPPgogoEoTRqgRalPvV0xP4PmBMJuAYssI+vwqsj9cqr4pXzpqcsGzJct8SeWSvBqbzBbu+OMbSJ5hm3RvbzSjY6nNAHY7gMe0+7V5Cd+0vzGvmSeXFnKgW7HGlP/98gmDf7KpJYmQmFDITMFc0IS0BQb13SWd7FHVchIXukqqUFFpczWx2cwUmNq1TqcGZESA3XEGbtiJ0HoEmSIQA2RLGSgEPSUgMV+UM8MhYf/bQx6VAInizM/10IokZaAQn2fzz0m5uIbf2qSMXBBoYWWWng==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
        <saml:Subject>
            <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">tim@intra.net</saml:NameID>
            <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml:SubjectConfirmationData NotOnOrAfter="2018-11-16T15:36:18Z" Recipient="{recipient}" InResponseTo="-5abe3a1a-1671d27aa18--8000" />
            </saml:SubjectConfirmation>
        </saml:Subject>
        <saml:Conditions NotBefore="2018-11-16T15:30:18Z" NotOnOrAfter="2018-11-16T15:36:18Z">
            <saml:AudienceRestriction>
                <saml:Audience>{audience}</saml:Audience>
            </saml:AudienceRestriction>
        </saml:Conditions>
        <saml:AuthnStatement AuthnInstant="2018-11-16T15:33:17Z" SessionNotOnOrAfter="2018-11-17T15:33:18Z" SessionIndex="_c9a77760-cbdb-0136-fc65-0233ce1b6e10">
            <saml:AuthnContext>
                <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
            </saml:AuthnContext>
        </saml:AuthnStatement>
    </saml:Assertion>
</samlp:Response>

 

 

Noodle supports the following integrations:

  • Authentication
  • Media
    • Unsplash
    • Youtube
    • Vimeo
  • Files
  • Calendars (iCal)
    • Google
    • Microsoft
  • Scripting (bash)
  • email (SMTP)
    • Postfix
    • MS Exchange
    • etc
  • RDBMS (SQL)
    • PostgreSQL
    • MS SQL
    • MareaDB
    • MySQL
    • CockroachDB + Ceph
    • Oracle
  • Web Browsers
    • Firefox
    • Chromium
  • Indexing (CLI)
    •  TensorFlow
    • MS Office
    • Adobe
    • LibreOffice
    • OpenAI Whisper
    • Tesseract
    • etc
  • UI Customization (JS/CSS)
    • Twitter
    • Weather
    • RSS
    • etc

  1. Create a drive key and secret
  2. Put them in "System Tools > Settings > General > Google Drive OAuth"
    1. Note that OAuth requires your Noodle server to be accessed via a public domain
  3. Enable in the "Administration > Properties" of the folder you want to connect.
  4. View the folder and follow the prompts.

Vialect Bug Bounty;

  1. Contact us and let us know you are interested.
  2. Qualification
    • Confine aggressive/damaging testing to a local install
    • Keep your findings confidential until the week after we fix the bug (same day we hope)
    • We pay whenever we make a change as a result of your bug report.
  3. Send us a report with enough information for us to reproduce the bug of whatever class
    • RCE Remote code execution
    • EoP Elevation of privilege
    • ID Information disclosure
    • DoS Denial of service
  4. We will reward you (You will not be prosecuted)
    • Public credit and thanks
    • Payment (varies by severity and location of the bug up to $1,000 USD)

We thank VioPoint and All Covered for Testing Noodle.

When something unexpected happens Noodle will ask you what you were doing and email a stack trace to Vialect. Bug reports may also be sent to techsupport@vialect.com. Please use saleshelp@vialect.com for any other inquiries.

Please provide the following to help us reproduce and correct issues faster:

  • Minimal steps to reproduce the issue from scratch. Possibly relevant details:
    • The URL
    • The version of Noodle
    • The version of Web Browser
    • The version of Operating System
    • A username and password
    • An ordered list of buttons/links clicked
    • Sample file/data
  • Expected behavior, possible details:
    • 720p mockup of desired appearance with min and max sample data.
  • Actual behavior, possible details:
    • A full resolution screen shot including address and scroll bars
    • Web Browser console output
    • Web Browser network log (HAR)
    • The source of any warning pages (wrong format, missing parameter)
    • The source of any email
    • A zip of the Noodle/log folder
  • Observe email educate
    • A short descriptive email subject
    • Reply to the email thread only for the same issue
    • Don't make new threads for the same issue.
    • Avoid requesting thread history review.
    • Do not place legal or print notes in signatures or otherwise bloat them.
    • Use text in favor of images
    • Use attachments not overlays/embeds of images or text
    • Be concise.

Leaving out information leads to Vialect spending less time creating solutions and more time attempting to reproduce issues and linking to this page.