public static TraceResult Trace(string Code, string Keyword)
{
IronJint IJ = new IronJint();
IJ.SetSourcesAndSinks(new List<string>() { Keyword }, DefaultSinkObjects, new List<string>(), DefaultSinkReturningMethods, DefaultArgumentReturningMethods, DefaultArgumentAssignedASourceMethods, DefaultArgumentAssignedToSinkMethods);
IJ.ClearAllTaint();
IJ.JintStack.Clear();
IJ.KeywordToTrace = Keyword;
IJ.TraceKeyword = true;
string CleanCode = Beautify(Code);
//List<string> Lines = new List<string>(CleanCode.Split(new string[] { "\r\n" }, StringSplitOptions.None));
IJ.Analyze(CleanCode);
//return IJ;
TraceResult TR = new TraceResult();
TR.Lines.AddRange(IJ.RawLines);
TR.SourceLineNos.AddRange(IJ.SourceLines);
TR.SinkLineNos.AddRange(IJ.SinkLines);
TR.SourceToSinkLineNos.AddRange(IJ.SourceToSinkLines);
foreach (int LineNo in TR.SourceLineNos)
{
TR.SourceLines.Add(IJ.RawLines[LineNo - 1]);
}
foreach (int LineNo in TR.SinkLineNos)
{
TR.SinkLines.Add(IJ.RawLines[LineNo - 1]);
}
foreach (int LineNo in TR.SourceToSinkLineNos)
{
TR.SourceToSinkLines.Add(IJ.RawLines[LineNo - 1]);
}
TR.KeywordContexts.AddRange(IJ.KeywordContexts);
return TR;
}
internal static void TraceFromUI()
{
try
{
IronUI.ShowTraceStatus("Trace in progress...", false);
IronJint IJ = new IronJint();
UIIJ = IJ;
IJ.SetSourcesAndSinks(ConfiguredSourceObjects, ConfiguredSinkObjects, ConfiguredSourceReturningMethods, ConfiguredSinkReturningMethods, ConfiguredArgumentReturningMethods, ConfiguredArgumentAssignedASourceMethods, ConfiguredArgumentAssignedToSinkMethods);
IJ.ClearAllTaint();
IJ.JintStack.Clear();
string DirtyJS = "";
if (Tools.IsJavaScript(InputCodeString))
{
DirtyJS = InputCodeString;
}
else
{
try
{
HTML H = new HTML(InputCodeString);
List<string> Scripts = H.GetJavaScript();
StringBuilder ScriptString = new StringBuilder();
foreach (string Script in Scripts)
{
ScriptString.AppendLine(Script);
}
DirtyJS = ScriptString.ToString();
}
catch
{
throw new Exception("Entered text does not contain valid JavaScript");
}
}
if (DirtyJS.Length == 0)
{
throw new Exception("No valid JavaScript input available to trace");
}
string CleanCode = Beautify(DirtyJS);
IronUI.SetJSTaintTraceCode(CleanCode, false);
IJ.Lines = new List<string>(CleanCode.Split(new string[] { "\r\n" }, StringSplitOptions.None));
if (PauseAtTaint) IronUI.SetJSTaintTraceResult();
IJ.StartedFromUI = true;
IJ.Analyze(CleanCode);
if (!PauseAtTaint) IronUI.SetJSTaintTraceResult();
IronUI.ShowTraceStatus("Trace Completed", false);
IronUI.ResetTraceStatus();
}
catch(ThreadAbortException)
{}
catch(Exception Exp)
{
StopUITrace();
IronUI.ResetTraceStatus();
IronUI.ShowTraceStatus("Trace Stopped due to error: " + Exp.Message, true);
IronException.Report("Error performing JS Taint Trace", Exp.Message, Exp.StackTrace);
}
}
public static TraceResult Trace(string Code)
{
IronJint IJ = new IronJint();
IJ.SetSourcesAndSinks(DefaultSourceObjects, DefaultSinkObjects, DefaultSourceReturningMethods, DefaultSinkReturningMethods, DefaultArgumentReturningMethods, DefaultArgumentAssignedASourceMethods, DefaultArgumentAssignedToSinkMethods);
IJ.ClearAllTaint();
IJ.JintStack.Clear();
string CleanCode = Beautify(Code);
IJ.Analyze(CleanCode);
TraceResult TR = new TraceResult();
TR.Lines.AddRange(IJ.RawLines);
TR.SourceLineNos.AddRange(IJ.SourceLines);
TR.SinkLineNos.AddRange(IJ.SinkLines);
TR.SourceToSinkLineNos.AddRange(IJ.SourceToSinkLines);
foreach (int LineNo in TR.SourceLineNos)
{
TR.SourceLines.Add(IJ.RawLines[LineNo - 1]);
}
foreach (int LineNo in TR.SinkLineNos)
{
TR.SinkLines.Add(IJ.RawLines[LineNo - 1]);
}
foreach (int LineNo in TR.SourceToSinkLineNos)
{
TR.SourceToSinkLines.Add(IJ.RawLines[LineNo - 1]);
}
return TR;
}
