private void WriteFragmented(Report report, IScanRunner Sender)
{
if (report.Events.Count > 0)
{
string output = "";
//Found a malicious string
foreach (Event ev in report.Events)
{
output += "<div class=\"result\"><h3>found fragmented injection: </h3></div>";
//output += "<div class=\"value\">value: " + Server.HtmlEncode(ev.Value) + "</div>";
int impact = 0;
foreach (Filter f in ev.Filters)
{
impact += f.Impact;
if (f.Rule.Length > 60)
{
output += "<div class=\"result\">rule: " + Server.HtmlEncode(f.Rule.Substring(0, 60)) + "...<br />rule-description: <i>" + Server.HtmlEncode(f.Description) + "</i><br />impact: " + f.Impact + "</div>";
}
else
{
output += "<div class=\"result\">rule: " + Server.HtmlEncode(f.Rule) + "<br />rule-description: <i>" + Server.HtmlEncode(f.Description) + "</i><br />impact: " + f.Impact + "</div>";
}
}
output += "<div class=\"result\"><h3>Overall impact: <strong style=\"color:red;\">" + ev.Impact + "</strong></h3></div>";
}
if (_replace != string.Empty)
{
string newoutput = PageHTML.Replace(_replace, output);
Sender.WriteResponse(newoutput);
}
else
{
Sender.WriteResponse();
}
}
}
public void IDSEventHandler(Report report, IScanRunner Sender)
{
switch (report.RequestType)
{
case RequestType.Get:
if (!ShowReport(report))
{
WriteAllClearGet(report);
}
else
{
_found = true;
}
break;
case RequestType.Post:
if (!ShowReport(report))
{
WriteAllClearPost(report);
}
else
{
_found = true;
}
break;
case RequestType.Cookie:
if (!ShowReport(report))
{
WriteAllClearCookie(report);
}
else
{
_found = true;
}
break;
case RequestType.Header:
if (!ShowReport(report))
{
WriteAllClearHeader(report);
}
else
{
_found = true;
}
if (!_found)
{
//NOW WRITE THE SPACE FOR THE OUTPUT PARAMETER
Literal outputspace = new Literal();
outputspace.Text = WriteAllClearFragmented();
_replace = outputspace.Text;
idsoutput.Controls.Add(outputspace);
}
else
{
//NOW WRITE THE SPACE FOR THE OUTPUT PARAMETER
Literal outputspace = new Literal();
outputspace.Text = "<h3 class=\"clean\">Fragmented input not written because non-fragmented events were detected.</h3><br/>";
_replace = outputspace.Text;
idsoutput.Controls.Add(outputspace);
}
break;
case RequestType.Output:
if (report.Events.Count == 0)
{
//Write new output with concaternated strings
Sender.WriteResponse();
}
else
{
if (!_found)
{
WriteFragmented(report, Sender);
}
else
{
Sender.WriteResponse();
}
}
break;
}
}
private void WriteFragmented(Report report, IScanRunner Sender)
{
if (report.Events.Count > 0)
{
string output = "";
//Found a malicious string
foreach (Event ev in report.Events)
{
output += "<div class=\"result\"><h3>found fragmented injection: </h3></div>";
//output += "<div class=\"value\">value: " + Server.HtmlEncode(ev.Value) + "</div>";
int impact = 0;
foreach (Filter f in ev.Filters)
{
impact += f.Impact;
if (f.Rule.Length > 60)
{
output += "<div class=\"result\">rule: " + Server.HtmlEncode(f.Rule.Substring(0, 60)) + "...<br />rule-description: <i>" + Server.HtmlEncode(f.Description) + "</i><br />impact: " + f.Impact + "</div>";
}
else
{
output += "<div class=\"result\">rule: " + Server.HtmlEncode(f.Rule) + "<br />rule-description: <i>" + Server.HtmlEncode(f.Description) + "</i><br />impact: " + f.Impact + "</div>";
}
}
output += "<div class=\"result\"><h3>Overall impact: <strong style=\"color:red;\">" + ev.Impact + "</strong></h3></div>";
}
if (_replace != string.Empty)
{
string newoutput = PageHTML.Replace(_replace, output);
Sender.WriteResponse(newoutput);
}
else
{
Sender.WriteResponse();
}
}
}
public void IDSEventHandler(Report report, IScanRunner Sender)
{
switch (report.RequestType)
{
case RequestType.Get:
if (!ShowReport(report))
{
WriteAllClearGet(report);
}
else
{
_found = true;
}
break;
case RequestType.Post:
if (!ShowReport(report))
{
WriteAllClearPost(report);
}
else
{
_found = true;
}
break;
case RequestType.Cookie:
if (!ShowReport(report))
{
WriteAllClearCookie(report);
}
else
{
_found = true;
}
break;
case RequestType.Header:
if (!ShowReport(report))
{
WriteAllClearHeader(report);
}
else
{
_found = true;
}
if (!_found)
{
//NOW WRITE THE SPACE FOR THE OUTPUT PARAMETER
Literal outputspace = new Literal();
outputspace.Text = WriteAllClearFragmented();
_replace = outputspace.Text;
idsoutput.Controls.Add(outputspace);
}
else
{
//NOW WRITE THE SPACE FOR THE OUTPUT PARAMETER
Literal outputspace = new Literal();
outputspace.Text = "<h3 class=\"clean\">Fragmented input not written because non-fragmented events were detected.</h3><br/>";
_replace = outputspace.Text;
idsoutput.Controls.Add(outputspace);
}
break;
case RequestType.Output:
if (report.Events.Count == 0)
{
//Write new output with concaternated strings
Sender.WriteResponse();
}
else
{
if (!_found)
{
WriteFragmented(report, Sender);
}
else
{
Sender.WriteResponse();
}
}
break;
}
}
