Ejemplo n.º 1
0
        public object OldCreate(object parent, object configContext, XmlNode section)
        {
            log.Info("Beginning with the parsing of the web.config");
            //Read The Debug and Activity Attributes Before Creating The
            //Configuration Storage Object
            XmlElement activation = section["Activation"];

            log.Info("Reading The Main Attributes");
            string debug = activation.Attributes["Debug"].Value;

            if (XmlConvert.ToBoolean(debug))
            {
                BasicConfigurator.Configure(new TraceAppender(pat));
            }
            string active       = activation.Attributes["Active"].Value;
            string keywordcheck = activation.Attributes["KeywordCheck"].Value;
            string regexcheck   = activation.Attributes["RegExCheck"].Value;
            string cookies      = section["Handlers"].ChildNodes[0].Attributes["Action"].Value;
            string formfields   = section["Handlers"].ChildNodes[1].Attributes["Action"].Value;
            string querystring  = section["Handlers"].ChildNodes[2].Attributes["Action"].Value;

            log.Info("Finished successfully Mapping The Main Attributes");
            //DefenceMainSettings settings = new DefenceMainSettings();
            ViewStateStatus     viewStateHiding = new ViewStateStatus(true, ViewStateStatus.Method.GUID);
            DefenceMainSettings settings        = new DefenceMainSettings(viewStateHiding);
            ArrayList           ary             = settings.DenyList;

            if (keywordcheck == "true")
            {
                if (section["KeywordList"] != null && section["KeywordList"].ChildNodes != null)
                {
                    for (int i = 0; i < section["KeywordList"].ChildNodes.Count; i++)
                    {
                        string patterns = section["KeywordList"].ChildNodes[i].InnerText;
                        if (GeneralUtilities.CheckString(patterns))
                        {
                            try
                            {
                                string names = section["KeywordList"].ChildNodes[i].Attributes["name"].Value;
                                ary.Add(new Textrule(names, patterns, Rule.ActionTypes.Deny));
                            }
                            catch (Exception ex)
                            {
                                log.Error("Error in keywordlist configuration parsing", ex);
                            }
                        }
                    }
                }
            }
            if (regexcheck == "true")
            {
                for (int x = 0; x < section["RegExDeny"].ChildNodes.Count; x++)
                {
                    string patterns = section["RegExDeny"].ChildNodes[x].InnerText;
                    if (GeneralUtilities.CheckString(patterns))
                    {
                        try
                        {
                            ary.Add(new Regexrule(section["RegExDeny"].ChildNodes[x].Attributes["name"].Value, patterns, Rule.ActionTypes.Deny));
                        }
                        catch (Exception ex)
                        {
                            log.Error("Error in regex configuration parsing", ex);
                        }
                    }
                }
            }
            settings.HandleCookies = int.Parse(cookies);
            settings.HandleForms   = int.Parse(formfields);
            settings.HandleQueries = int.Parse(querystring);
            //Disabled Prior To Release v0.3
            //settings.IsSqlInjectionBlock = (sqlinjection == "true"?true:false);
            settings.IsDebug  = XmlConvert.ToBoolean(debug);
            settings.IsActive = XmlConvert.ToBoolean(active);
            log.Info("Finished Parsing of The Web.Config");
            return(settings);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Used By The Configuration Parser To Parser The Config Section
        /// </summary>
        /// <param name="parent"></param>
        /// <param name="configContext"></param>
        /// <param name="section"></param>
        /// <returns></returns>
        public object Create(object parent, object configContext, XmlNode section)
        {
            log.Info("Beginning with the parsing of the web.config");

            #region XmlElement Creation Section

            XmlElement activation      = section["Activation"];
            XmlElement FoundStone      = section["FoundStoneModule"];
            XmlElement Plugin          = section["Plugins"];
            XmlElement ViewStateHiding = section["ViewStateHiding"];

            #endregion

            log.Info("Reading The Main Attributes");

            #region Debug Handling Section

            //BasicConfigurator.Configure(new FileAppender(pat, "c:\\defapplog.log", true));
            bool debug = XmlConvert.ToBoolean(activation.Attributes["Debug"].Value);
            if ((debug))
            {
                string debugFile = activation.Attributes["DebugFile"].Value;
                if (debugFile != null && debugFile.Length > 0)
                {
                    try
                    {
                        BasicConfigurator.Configure(new FileAppender(pat, debugFile, true));
                    }
                    catch
                    {
                    }
                }
                //Configures The MemoryAppender
                BasicConfigurator.Configure(new HttpAppender(pat, MemoryLogs));
                //Configures The Trace Appender
                BasicConfigurator.Configure(new TraceAppender(pat));
            }

            #endregion

            #region General Settings And Handling Orders

            string active = activation.Attributes["Active"].Value;
            //string keywordcheck = activation.Attributes["KeywordCheck"].Value;
            //string regexcheck = activation.Attributes["RegExCheck"].Value;
            string cookies     = "";
            string formfields  = "";
            string querystring = "";
            string headers     = "";
            for (int ixy = 0; ixy < section["Handlers"].ChildNodes.Count; ixy++)
            {
                string Name = section["Handlers"].ChildNodes[ixy].Name;
                switch (Name)
                {
                case "HandleCookies":
                    cookies = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value;
                    break;

                case "HandleFormFields":
                    formfields = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value;
                    break;

                case "HandleQueryString":
                    querystring = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value;
                    break;

                case "HandleHeaders":
                    headers = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value;
                    break;

                default:
                    break;
                }
            }
            DefenceMainSettings settings = new DefenceMainSettings();

            if (!GeneralUtilities.IsNull(ViewStateHiding))
            {
                if (ViewStateHiding.Attributes.Count == 2)
                {
                    if (!GeneralUtilities.IsNull(ViewStateHiding.Attributes["Active"]))
                    {
                        bool tmpActivation =
                            XmlConvert.ToBoolean(ViewStateHiding.Attributes["Active"].Value);
                        string          tmpMethod       = ViewStateHiding.Attributes["Method"].Value;
                        ViewStateStatus viewStateHiding = null;
                        switch (tmpMethod)
                        {
                        case "MD5":
                            viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.MD5);
                            break;

                        case "GUID":
                            viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.SHA1);
                            break;

                        case "SHA1":
                            viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.GUID);
                            break;

                        default:
                            viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.NONE);
                            break;
                        }
                        settings = new DefenceMainSettings(viewStateHiding);
                    }
                }
            }

            settings.HandleCookies = int.Parse(cookies);
            settings.HandleForms   = int.Parse(formfields);
            settings.HandleQueries = int.Parse(querystring);
            settings.HandleHeaders = int.Parse(headers);
            settings.IsDebug       = debug;
            settings.IsActive      = XmlConvert.ToBoolean(active);


            //settings
            #endregion

            #region Handle FoundStone Settings

            //log.Debug(AppDomain.CurrentDomain.BaseDirectory + "/bin/" + "DefAppPluginTest.dll");
            //ArrayList lists =
            //Plugins.DefAppPlugin.XmlToPlugin(AppDomain.CurrentDomain.BaseDirectory + "/bin/" + "DefAppPluginTest.dll",10);
            //log.Debug(defApp.PluginName());

            log.Info("Begin Parsing Dinis Attributes");
            if (!GeneralUtilities.IsNull(FoundStone) && !GeneralUtilities.IsNull(FoundStone.Attributes["Active"]))
            {
                string dinisActive = FoundStone.Attributes["Active"].Value;
                settings.IsFoundStoneActive = XmlConvert.ToBoolean(dinisActive);
                if (!GeneralUtilities.IsNull(FoundStone.Attributes["ValidatorFormMappings"]))
                {
                    settings.FS_HttpModule_Validator_FormMappings = FoundStone.Attributes["ValidatorFormMappings"].Value;
                }
                if (!GeneralUtilities.IsNull(FoundStone.Attributes["ValidatorRules"]))
                {
                    settings.FS_HttpModule_Validator_Rules = FoundStone.Attributes["ValidatorRules"].Value;
                }
                if (!GeneralUtilities.IsNull(FoundStone.Attributes["XMLRulesDatabase"]))
                {
                    settings.FS_HttpModule_XMLRulesDatabase = FoundStone.Attributes["XMLRulesDatabase"].Value;
                }
                if (!GeneralUtilities.IsNull(FoundStone.Attributes["FSPageOutput"]))
                {
                    settings.FSPageOutput = XmlConvert.ToBoolean(FoundStone.Attributes["FSPageOutput"].Value);
                }
            }
            log.Info("End Parsing Dinis Attributes");

            #endregion

            #region Plugin Handling Section

            if (GeneralUtilities.CheckNode(Plugin))
            {
                ArrayList   pluginArray = settings.PluginList;
                IEnumerator pluginEnum  = Plugin.ChildNodes.GetEnumerator();
                while (pluginEnum.MoveNext())
                {
                    XmlNode Pluginen = (XmlNode)pluginEnum.Current;
                    if (!GeneralUtilities.IsNull(Pluginen.Attributes["assembly"].Value))
                    {
                        string paths = AppDomain.CurrentDomain.BaseDirectory + "/bin/" + Pluginen.Attributes["assembly"].Value;
                        log.Info(paths);
                        DefAppPlugin.XmlToPlugin(paths, 999, pluginArray);
                    }
                }
            }

            #endregion

            log.Info("Finished successfully Mapping The Main Attributes");

            #region Rule Processing Section

            ArrayList ary      = settings.DenyList;
            XmlNode   Rulenode = section["RuleList"];
            if (GeneralUtilities.CheckNode(Rulenode))
            {
                IEnumerator enums = Rulenode.ChildNodes.GetEnumerator();
                while (enums.MoveNext())
                {
                    XmlNode Rules = (XmlNode)enums.Current;
                    Rule.XmlToRule(Rules, ary);
                }
            }

            #endregion

            log.Info("Finished Parsing of The Web.Config");

            return(settings);
        }
Ejemplo n.º 3
0
 public DefenceMainSettings(ViewStateStatus viewStateStatus) : this()
 {
     log.Info("Initializing The DefenceMainSetting Object");
     this.viewStateStatus = viewStateStatus;
 }
Ejemplo n.º 4
0
 public MemoryFilter(Stream stream, ViewStateStatus viewStateStatus) : this(stream, viewStateStatus.ViewStateStorage)
 {
     this.method = viewStateStatus.GetActiveMethod();
 }