1. import java.util.HashMap;
  2. import java.util.Map;
  4. public class HeaderAnomalyChecker {
  6. private static final Map<String, Integer> HARDCODED_LIMITS = new HashMap<>();
  8. static {
  9. // Define hardcoded limits for header values
  10. HARDCODED_LIMITS.put("User-Agent", 200); // Max length of User-Agent
  11. HARDCODED_LIMITS.put("Content-Length", 10000); //Max Content-Length
  12. HARDCODED_LIMITS.put("Referer", 255); //Max length of Referer
  13. HARDCODED_LIMITS.put("Cookie", 8000); //Max length of Cookie
  14. }
  16. public static boolean checkHeaderAnomalies(Map<String, String> headers) {
  17. boolean anomalyFound = false;
  19. if (headers == null) {
  20. return true; // Consider null headers as an anomaly
  21. }
  23. for (Map.Entry<String, String> entry : headers.entrySet()) {
  24. String headerName = entry.getKey();
  25. String headerValue = entry.getValue();
  27. if (headerValue != null) {
  28. if (headerName.equals("User-Agent") && headerValue.length() > HARDCODED_LIMITS.getOrDefault(headerName, 0)) {
  29. System.out.println("Anomaly: User-Agent length exceeds limit (" + headerValue.length() + "> " + HARDCODED_LIMITS.getOrDefault(headerName, 0) + ")");
  30. anomalyFound = true;
  31. } else if (headerName.equals("Content-Length") && Integer.parseInt(headerValue) > HARDCODED_LIMITS.getOrDefault(headerName, 0)) {
  32. System.out.println("Anomaly: Content-Length exceeds limit (" + Integer.parseInt(headerValue) + "> " + HARDCODED_LIMITS.getOrDefault(headerName, 0) + ")");
  33. anomalyFound = true;
  34. } else if (headerName.equals("Referer") && headerValue.length() > HARDCODED_LIMITS.getOrDefault(headerName, 0)) {
  35. System.out.println("Anomaly: Referer length exceeds limit (" + headerValue.length() + "> " + HARDCODED_LIMITS.getOrDefault(headerName, 0) + ")");
  36. anomalyFound = true;
  37. } else if (headerName.equals("Cookie") && headerValue.length() > HARDCODED_LIMITS.getOrDefault(headerName, 0)) {
  38. System.out.println("Anomaly: Cookie length exceeds limit (" + headerValue.length() + "> " + HARDCODED_LIMITS.getOrDefault(headerName, 0) + ")");
  39. anomalyFound = true;
  40. }
  41. }
  42. }
  44. return anomalyFound;
  45. }
  47. public static void main(String[] args) {
  48. // Example Usage
  49. Map<String, String> headers1 = new HashMap<>();
  50. headers1.put("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36");
  51. headers1.put("Content-Length", "5000");
  52. headers1.put("Referer", "https://example.com");
  54. Map<String, String> headers2 = new HashMap<>();
  55. headers2.put("User-Agent", "TooLongUserAgentStringThatExceedsTheLimit");
  56. headers2.put("Content-Length", "1000");
  58. System.out.println("Headers 1 Anomaly Check: " + checkHeaderAnomalies(headers1));
  59. System.out.println("Headers 2 Anomaly Check: " + checkHeaderAnomalies(headers2));
  60. }
  61. }

Add your comment