Beispiel #1
0
        public Gen obfuscation(Gen input_gen)
        {
            if (input_gen == null)
            {
                return(input_gen);//we can not mutate obfuscation when gen is null(have no alphabate to obfuscate)
            }
            //at least one header was mutate before comming to obfuscation
            if (!input_gen.mutated_header[0] && !input_gen.mutated_header[1] && !input_gen.mutated_header[2])
            {
                return(input_gen);
            }

            if (!input_gen.mutation_approach[0] && !input_gen.mutation_approach[1])//behavoiur change (or at least syntax...)must be applied before comming to obfuscation
            {
                return(input_gen);
            }

            Random r             = new Random(Guid.NewGuid().GetHashCode());
            int    mutation_type = r.Next(3, 7); //(1,7)

            int header = r.Next(0, 3);           //to choose referee,user-agant or cookie header for mutation

            while (true)
            {
                if (!input_gen.mutated_header[header])
                {
                    header = r.Next(0, 3);
                }
                else
                {
                    break;
                }
            }

            input_gen.mutated_header[header] = true;

            input_gen.mutation_approach[2] = true; //obfuscation
            header++;                              //1-3 not 0-2
            switch (mutation_type)
            {
            /*
             * case 1://MO_wsp
             *
             *  break;
             * case 2://MO_html
             *  break;
             */
            case 3:                              //MO_chr
                input_gen.obfuscation[0] = true; //MO_chr
                switch (header)
                {
                case 1:        //referer
                    input_gen.httprequest.Referer = MO_chr(input_gen.httprequest.Referer);
                    break;

                case 2:        //cookie
                    input_gen.httprequest.Headers["Cookie"] = MO_chr(input_gen.httprequest.Headers["Cookie"]);
                    break;

                case 3:        //user-aganet
                    input_gen.httprequest.UserAgent = MO_chr(input_gen.httprequest.UserAgent);
                    break;
                }
                break;

            case 4:                              //MO_per
                input_gen.obfuscation[1] = true; //MO_per
                switch (header)
                {
                case 1:        //referer
                    input_gen.httprequest.Referer = MO_per(input_gen.httprequest.Referer);
                    break;

                case 2:        //cookie
                    input_gen.httprequest.Headers["Cookie"] = MO_per(input_gen.httprequest.Headers["Cookie"]);
                    break;

                case 3:        //user-aganet
                    input_gen.httprequest.UserAgent = MO_per(input_gen.httprequest.UserAgent);
                    break;
                }
                break;

            case 5:                              //MO_bool
                input_gen.obfuscation[2] = true; //MO_bool
                switch (header)
                {
                case 1:        //referer
                    input_gen.httprequest.Referer = MO_bool(input_gen.httprequest.Referer);
                    break;

                case 2:        //cookie
                    input_gen.httprequest.Headers["Cookie"] = MO_bool(input_gen.httprequest.Headers["Cookie"]);
                    break;

                case 3:        //user-aganet
                    input_gen.httprequest.UserAgent = MO_bool(input_gen.httprequest.UserAgent);
                    break;
                }
                break;

            case 6:                              //MO_keyw
                input_gen.obfuscation[3] = true; //MO_keyw
                switch (header)
                {
                case 1:        //referer
                    input_gen.httprequest.Referer = MO_keyw(input_gen.httprequest.Referer);
                    break;

                case 2:        //cookie
                    input_gen.httprequest.Headers["Cookie"] = MO_keyw(input_gen.httprequest.Headers["Cookie"]);
                    break;

                case 3:        //user-aganet
                    input_gen.httprequest.UserAgent = MO_keyw(input_gen.httprequest.UserAgent);
                    break;
                }
                break;
            }

            return(input_gen);
        }
Beispiel #2
0
        /// <summary>
        /// mutate input gen by three existence condition: mo_OR,mo_AND,mo_Semi
        /// </summary>
        /// <param name="input_gen"></param>
        /// <returns>return mutated gen</returns>
        public Gen behavoiur_mutation(Gen input_gen)
        {
            if (input_gen == null)
            {
                return(input_gen);
            }

            //input gen was not null
            if (input_gen.mutation_approach[0])//do not apply behavoiur mutation twice!
            {
                return(input_gen);
            }

            // Gen mutated_gen = new Gen();
            Random r             = new Random(Guid.NewGuid().GetHashCode());
            int    mutation_type = r.Next(1, 4);

            int header = r.Next(0, 3);//two choose referee,user-agant or cookie header for mutation

            input_gen.mutated_header[header] = true;
            header++;                              //counting from 1 !

            input_gen.mutation_approach[0] = true; //behavoiur
            string temp;

            switch (mutation_type)
            {
            case 1:    //mo_OR
                input_gen.behaviour_changing[0] = true;
                switch (header)
                {
                case 1:        //referer
                    //  input_gen.mutated_header[0] = true;
                    if (input_gen.httprequest.Referer == null)
                    {
                        input_gen.httprequest.Referer = "OR x=x";
                    }
                    else
                    {
                        temp = input_gen.httprequest.Referer;
                        input_gen.httprequest.Referer  = "OR x=x";
                        input_gen.httprequest.Referer += temp;
                    }
                    break;

                case 2:        //cookie
                    if (input_gen.httprequest.Headers["Cookie"] == null)
                    {
                        input_gen.httprequest.Headers.Add("Cookie", "OR x = x");
                    }
                    else
                    {
                        temp = input_gen.httprequest.Headers["Cookie"];
                        input_gen.httprequest.Headers["Cookie"]  = "OR x = x";
                        input_gen.httprequest.Headers["Cookie"] += temp;
                    }
                    break;

                case 3:        //user-agant
                    //  input_gen.mutated_header[2] = true;

                    if (input_gen.httprequest.UserAgent == null)
                    {
                        input_gen.httprequest.UserAgent = "OR x=x";
                    }
                    else
                    {
                        temp = input_gen.httprequest.UserAgent;
                        input_gen.httprequest.UserAgent  = "OR x=x";
                        input_gen.httprequest.UserAgent += temp;
                    }
                    break;
                }
                break;

            case 2:    //mo_AND
                input_gen.behaviour_changing[1] = true;
                switch (header)
                {
                case 1:        //referer
                    //  input_gen.mutated_header[0] = true;
                    if (input_gen.httprequest.Referer == null)
                    {
                        input_gen.httprequest.Referer = "AND x=y";
                    }
                    else
                    {
                        temp = input_gen.httprequest.Referer;
                        input_gen.httprequest.Referer  = "AND x=y ";
                        input_gen.httprequest.Referer += temp;
                    }
                    break;

                case 2:        //cookie
                    //  input_gen.mutated_header[1] = true;
                    if (input_gen.httprequest.Headers["Cookie"] == null)
                    {
                        input_gen.httprequest.Headers.Add("Cookie", "AND x=y ");
                    }
                    else
                    {
                        temp = input_gen.httprequest.Headers["Cookie"];
                        input_gen.httprequest.Headers["Cookie"]  = "AND x=y ";
                        input_gen.httprequest.Headers["Cookie"] += temp;
                    }
                    break;

                case 3:        //user-agant
                    //  input_gen.mutated_header[2] = true;
                    if (input_gen.httprequest.UserAgent == null)
                    {
                        input_gen.httprequest.UserAgent = "AND x=y";
                    }
                    else
                    {
                        temp = input_gen.httprequest.UserAgent;
                        input_gen.httprequest.UserAgent  = "AND x=y";
                        input_gen.httprequest.UserAgent += temp;
                    }
                    break;
                }
                break;

            case 3:    //mo_semi
                input_gen.behaviour_changing[2] = true;
                switch (header)
                {
                case 1:        //referer
                    //  input_gen.mutated_header[0] = true;

                    if (input_gen.httprequest.Referer == null)
                    {
                        input_gen.httprequest.Referer = "; SELECT waitfor(5) FROM dual";
                    }
                    else
                    {
                        temp = input_gen.httprequest.Referer;
                        input_gen.httprequest.Referer  = "; SELECT waitfor(5) FROM dual";
                        input_gen.httprequest.Referer += temp;
                    }
                    break;

                case 2:        //cookie
                    if (input_gen.httprequest.Headers["Cookie"] == null)
                    {
                        input_gen.httprequest.Headers.Add("Cookie", "; SELECT waitfor(5) FROM dual");
                    }
                    else
                    {
                        temp = input_gen.httprequest.Headers["Cookie"];
                        input_gen.httprequest.Headers["Cookie"]  = "; SELECT waitfor(5) FROM dual";
                        input_gen.httprequest.Headers["Cookie"] += temp;
                    }
                    break;

                case 3:        //user-agant
                    //input_gen.mutated_header[2] = true;
                    if (input_gen.httprequest.UserAgent == null)
                    {
                        input_gen.httprequest.UserAgent = "; SELECT waitfor(5) FROM dual";
                    }
                    else
                    {
                        temp = input_gen.httprequest.UserAgent;
                        input_gen.httprequest.UserAgent  = "; SELECT waitfor(5) FROM dual";
                        input_gen.httprequest.UserAgent += temp;
                    }
                    break;
                }
                break;
            }
            input_gen.mutation_approach[0] = true;
            return(input_gen);
        }
Beispiel #3
0
        public Gen syntax_repairing(Gen input_gen)
        {
            //check precondition
            // if (!input_gen.mutation_approach[0])//behavoiur changinf applied before?
            //   return input_gen;//without change

            // Gen mutated_gen = new Gen();
            Random r             = new Random(Guid.NewGuid().GetHashCode());
            int    mutation_type = r.Next(1, 4);

            if (input_gen.syntax_repairing[mutation_type - 1])
            {
                return(input_gen);     //this type of mutation was applied before!
            }
            int header = r.Next(0, 3); //two choose referee,user-agant or cookie header for mutation

            input_gen.mutated_header[header] = true;
            header++;
            input_gen.mutation_approach[1] = true;

            string temp = "";

            switch (mutation_type)
            {
            case 1:                                   //mo_par
                input_gen.syntax_repairing[0] = true; //par
                switch (header)
                {
                case 1:        //referer
                    if (input_gen.httprequest.Referer == null)
                    {
                        input_gen.httprequest.Referer = ") ";
                    }
                    else
                    {
                        temp = input_gen.httprequest.Referer;
                        input_gen.httprequest.Referer  = ") ";
                        input_gen.httprequest.Referer += temp;
                    }
                    break;

                case 2:        //cookie
                    if (input_gen.httprequest.Headers["Cookie"] == null)
                    {
                        input_gen.httprequest.Headers["Cookie"] = ") ";
                    }
                    else
                    {
                        temp = input_gen.httprequest.Headers["Cookie"];
                        input_gen.httprequest.Headers["Cookie"]  = ") ";
                        input_gen.httprequest.Headers["Cookie"] += temp;
                    }
                    break;

                case 3:        //user-agant
                    if (input_gen.httprequest.UserAgent == null)
                    {
                        input_gen.httprequest.UserAgent = ") ";
                    }
                    else
                    {
                        temp = input_gen.httprequest.UserAgent;
                        input_gen.httprequest.UserAgent  = ") ";
                        input_gen.httprequest.UserAgent += temp;
                    }
                    break;
                }
                break;

            case 2:                                   //mo_cmt
                input_gen.syntax_repairing[1] = true; //cmt
                int rand = r.Next(0, 2);
                switch (header)
                {
                case 1:        //referer
                    if (rand == 0)
                    {
                        if (input_gen.httprequest.Referer == null)
                        {
                            input_gen.httprequest.Referer = "#";
                        }
                        else
                        {
                            input_gen.httprequest.Referer += "#";        //# add to last of insertion
                        }
                    }
                    else
                    {
                        if (input_gen.httprequest.Referer == null)
                        {
                            input_gen.httprequest.Referer = "--";
                        }
                        else
                        {
                            input_gen.httprequest.Referer += "--";
                        }
                    }

                    break;

                case 2:        //cookie
                    if (input_gen.httprequest.Headers["Cookie"] == null)
                    {
                        if (rand == 0)
                        {
                            input_gen.httprequest.Headers["Cookie"] = "#";
                        }
                        else
                        {
                            input_gen.httprequest.Headers["Cookie"] = "--";
                        }
                    }
                    else
                    {
                        if (rand == 0)
                        {
                            input_gen.httprequest.Headers["Cookie"] += "#";
                        }
                        else
                        {
                            input_gen.httprequest.Headers["Cookie"] += "--";
                        }
                    }
                    break;

                case 3:        //user-agant
                    if (rand == 0)
                    {
                        if (input_gen.httprequest.UserAgent == null)
                        {
                            input_gen.httprequest.UserAgent = "#";
                        }
                        else
                        {
                            input_gen.httprequest.UserAgent += "#";
                        }
                    }
                    else
                    {
                        if (input_gen.httprequest.UserAgent == null)
                        {
                            input_gen.httprequest.UserAgent = "--";
                        }
                        else
                        {
                            input_gen.httprequest.UserAgent += "--";
                        }
                    }
                    break;
                }
                break;

            case 3:                                   //mo_qot
                temp = "";
                input_gen.syntax_repairing[2] = true; //qot
                rand = r.Next(0, 2);
                switch (header)
                {
                case 1:        //referer
                    if (input_gen.httprequest.Referer != null)
                    {
                        temp = input_gen.httprequest.Referer;
                    }

                    if (rand == 0)
                    {
                        input_gen.httprequest.Referer = "' ";
                    }
                    else
                    {
                        input_gen.httprequest.Referer = "\" ";
                    }

                    if (temp != "")
                    {
                        input_gen.httprequest.Referer += temp;
                    }

                    break;

                case 2:        //cookie
                    if (input_gen.httprequest.Headers["Cookie"] == null)
                    {
                        if (rand == 0)
                        {
                            input_gen.httprequest.Headers["Cookie"] = "' ";
                        }
                        else
                        {
                            input_gen.httprequest.Headers["Cookie"] = "\" ";
                        }
                    }
                    else
                    {
                        temp = input_gen.httprequest.Headers["Cookie"];

                        if (rand == 0)
                        {
                            input_gen.httprequest.Headers["Cookie"] = "' ";
                        }
                        else
                        {
                            input_gen.httprequest.Headers["Cookie"] = "\" ";
                        }

                        input_gen.httprequest.Headers["Cookie"] += temp;
                    }
                    break;

                case 3:        //user-agant
                    if (input_gen.httprequest.UserAgent != null)
                    {
                        temp = input_gen.httprequest.UserAgent;
                    }

                    if (rand == 0)
                    {
                        input_gen.httprequest.UserAgent = "' ";
                    }
                    else
                    {
                        input_gen.httprequest.UserAgent = "\" ";
                    }

                    if (temp != "")
                    {
                        input_gen.httprequest.UserAgent += temp;
                    }
                    break;
                }
                break;
            }
            return(input_gen);
        }
Beispiel #4
0
        }//end mutation func

        /// <summary>
        /// merge two gen and create two new children where updated to gen pool instead their parents
        /// </summary>
        /// <param name="parent1"></param>
        /// <param name="parent2"></param>
        public Gen[] Merg_parents(Gen parent1, Gen parent2)
        {
            Gen[] childrens = new Gen[2];

            Random r    = new Random(Guid.NewGuid().GetHashCode());
            int    rand = r.Next(0, 2);//to choose mutation approach from mution_approach of parents(probility 50-50)

            //detect mutation approach for parent1
            //analysize parent2 and its mutation approach

            //maybe parent2 had both mutation(syntatx and obfuscation)
            //rand use to inherit mutation-approach randomly from his parents
            if (rand == 0)
            {
                if (parent2.mutation_approach[1])             //parent2 had syntax mutation
                {
                    childrens[0] = syntax_repairing(parent1); //updated parent1 inhertant syntax mutation from his parents
                }
                else if (parent2.mutation_approach[2])        //updated parent1 inhertant obfuscation from his parents
                {
                    childrens[0] = obfuscation(parent1);
                }
            }
            else //rand =1
            {
                if (parent2.mutation_approach[2])//parent2 had obfuscation mutation
                {
                    childrens[0] = obfuscation(parent1);
                }
                else if (parent2.mutation_approach[1])//parent2 had syntax-mutation mutation
                {
                    childrens[0] = syntax_repairing(parent1);
                }
            }

            //detect mutation approach for parent2
            //analysize parent1 and its mutation approach
            if (!parent2.mutation_approach[0])
            {
                childrens[1] = behavoiur_mutation(parent2);//with no change
            }
            else
            {
                rand = r.Next(0, 2);
                if (rand == 0)
                {
                    if (parent1.mutation_approach[1])             //parent2 had syntax mutation
                    {
                        childrens[1] = syntax_repairing(parent2); //updated parent1 inhertant syntax mutation from his parents
                    }
                    else if (parent1.mutation_approach[2])        //parent2 had obfuscation mutation
                    {
                        childrens[1] = obfuscation(parent2);
                    }
                }
                else //rand =1
                {
                    if (parent1.mutation_approach[2])//parent2 had obfuscation mutation
                    {
                        childrens[1] = obfuscation(parent2);
                    }
                    else if (parent1.mutation_approach[1])
                    {
                        childrens[1] = syntax_repairing(parent2);
                    }
                }
            }
            return(childrens);
        }