Ejemplo n.º 1
0
        void DeserializeWithFormatPlugin(object PluginNameObject)
        {
            string PluginName = PluginNameObject.ToString();

            try
            {
                Request      Req = DisplayedRequest.GetClone(true);
                FormatPlugin FP  = FormatPlugin.Get(PluginName);
                CurrentFormatXml         = FP.ToXmlFromRequest(Req);
                CurrentXmlNameValueArray = FormatPlugin.XmlToArray(CurrentFormatXml);
                ShowStatusMsg("");
                SetDeserializedDataInUi(PluginName, CurrentFormatXml, CurrentXmlNameValueArray);
                this.ResetBodyParametersChangedStatus();
                ShowProgressBar(false);
            }
            catch (ThreadAbortException)
            {
                ShowStatusMsg("");
            }
            catch (Exception Exp)
            {
                IronException.Report(string.Format("Error converting Request to {0}", PluginName), Exp);
                ShowErrorMsg(string.Format("Unable to parse Request body as {0}", PluginName));
                ShowProgressBar(false);
            }
        }
Ejemplo n.º 2
0
        void SerializeNewXmlWithFormatPlugin(object PluginNameObject)
        {
            string PluginName = PluginNameObject.ToString();

            try
            {
                Request      Req        = DisplayedRequest.GetClone(true);
                FormatPlugin FP         = FormatPlugin.Get(PluginName);
                Request      NewRequest = FP.ToRequestFromXml(Req, CurrentFormatXml);
                this.DisplayedRequest = NewRequest;
                ShowStatusMsg("");
                this.SetNonFormatPluginRequestFields(NewRequest);
                ShowProgressBar(false);
            }
            catch (ThreadAbortException)
            {
                ShowStatusMsg("");
            }
            catch (Exception Exp)
            {
                IronException.Report(string.Format("Error converting {0} to Request", PluginName), Exp);
                ShowErrorMsg(string.Format("Unable to update edited values in {0}", PluginName));
                ShowProgressBar(false);
            }
        }
Ejemplo n.º 3
0
 public static BodyFormatType GetFormatType(Request Req)
 {
     if (Tools.IsSoap(Req.BodyString))
     {
         return(BodyFormatType.Soap);
     }
     else if (Tools.IsXml(Req.BodyString))
     {
         return(BodyFormatType.Xml);
     }
     else if (Tools.IsJson(Req.BodyString))
     {
         return(BodyFormatType.Json);
     }
     else if (FormatPlugin.Get(BodyFormatType.Multipart).Is(Req))
     {
         return(BodyFormatType.Multipart);
     }
     else if (Tools.IsBinary(Req.BodyArray))
     {
         return(BodyFormatType.UnknownBinary);
     }
     else if (IsNormal(Req))
     {
         return(BodyFormatType.UrlFormEncoded);
     }
     else
     {
         return(BodyFormatType.Unknown);
     }
 }
Ejemplo n.º 4
0
        Scanner SetFormatPlugin(Scanner S)
        {
            Request RequestToScan = S.OriginalRequest;

            if (!FormatPlugin.IsNormal(RequestToScan))
            {
                string FPName = FormatPlugin.Get(RequestToScan, FormatPlugins);
                if (FPName.Length > 0 && FPName != "Normal")
                {
                    S.BodyFormat = FormatPlugin.Get(FPName);
                }
            }
            return(S);
        }
Ejemplo n.º 5
0
        internal static void LoadNewFormatPlugins(ScriptEngine Engine)
        {
            string FormatPluginPath = Path.Combine(Config.RootDir, "plugins\\format");

            string[]      FormatPluginFiles = Directory.GetFiles(FormatPluginPath);
            List <string> OldPluginFiles    = new List <string>();
            List <string> NewPluginFiles    = new List <string>();

            foreach (string Name in FormatPlugin.List())
            {
                OldPluginFiles.Add((Config.RootDir + "\\plugins\\format\\" + FormatPlugin.Get(Name).FileName).Replace("/", "\\"));
            }
            foreach (string PluginFile in FormatPluginFiles)
            {
                if (!OldPluginFiles.Contains(PluginFile))
                {
                    NewPluginFiles.Add(PluginFile);
                }
            }
            LoadFormatPlugins(Engine, NewPluginFiles);
        }
Ejemplo n.º 6
0
        void AutoDetectFormatAndSetBodyParameters(object ReqObj)
        {
            try
            {
                Request Req    = ((Request)ReqObj).GetClone();
                string  FPName = FormatPlugin.Get(Req);

                if (FPName == "Normal")
                {
                    SetBodyParameters(Req, true);
                }
                else if (FPName.Length == 0)
                {
                    SetBodyParameters(Req, false);
                }
                else
                {
                    try
                    {
                        FormatPlugin FP = FormatPlugin.Get(FPName);
                        CurrentFormatXml         = FP.ToXmlFromRequest(Req);
                        CurrentXmlNameValueArray = FormatPlugin.XmlToArray(CurrentFormatXml);
                        SetDeserializedDataInUi(FP.Name, CurrentFormatXml, CurrentXmlNameValueArray);
                    }
                    catch
                    {
                        SetBodyParameters(Req, false);
                    }
                }
                this.ResetBodyParametersChangedStatus();
            }
            catch (ThreadAbortException) { }
            finally
            {
                ShowStatusMsg("");
                ShowProgressBar(false);
            }
        }
Ejemplo n.º 7
0
 void AutoDetectFormatAndSetBodyParameters(object ResObj)
 {
     try
     {
         Response Res    = ((Response)ResObj).GetClone();
         string   FPName = FormatPlugin.Get(Res);
         if (FPName.Length > 0 && FPName != "Normal")
         {
             try
             {
                 FormatPlugin FP = FormatPlugin.Get(FPName);
                 CurrentFormatXml         = FP.ToXmlFromResponse(Res);
                 CurrentXmlNameValueArray = FormatPlugin.XmlToArray(CurrentFormatXml);
                 SetDeserializedDataInUi(FP.Name, CurrentFormatXml, CurrentXmlNameValueArray);
             }
             catch
             { }
         }
         this.ResetBodyTypeFormatPluginsParametersChangedStatus();
         ShowStatusMsg("");
         ShowProgressBar(false);
     }
     catch {}
 }
Ejemplo n.º 8
0
        static void GetNewPlugins(XmlNode ManifestNode)
        {
            string PluginType = ManifestNode.Name;

            List <string[]> AllPluginInfo = new List <string[]>();

            switch (PluginType)
            {
            case ("active"):
                foreach (string Name in ActivePlugin.List())
                {
                    ActivePlugin P = ActivePlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;

            case ("passive"):
                foreach (string Name in PassivePlugin.List())
                {
                    PassivePlugin P = PassivePlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;

            case ("format"):
                foreach (string Name in FormatPlugin.List())
                {
                    FormatPlugin P = FormatPlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;

            case ("session"):
                foreach (string Name in SessionPlugin.List())
                {
                    SessionPlugin P = SessionPlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;
            }

            StringBuilder SB = new StringBuilder();
            XmlWriter     XW = XmlWriter.Create(SB);

            XW.WriteStartDocument();
            XW.WriteStartElement("manifest");

            foreach (XmlNode FileNode in ManifestNode.ChildNodes)
            {
                string          Version          = "";
                string          Action           = "";
                string          FileName         = "";
                string          DownloadFileName = "";
                string          Comment          = "";
                List <string[]> SupportFiles     = new List <string[]>();

                foreach (XmlNode PropertyNode in FileNode.ChildNodes)
                {
                    switch (PropertyNode.Name)
                    {
                    case ("version"):
                        Version = PropertyNode.InnerText;
                        break;

                    case ("action"):
                        Action = PropertyNode.InnerText;
                        break;

                    case ("filename"):
                        FileName = PropertyNode.InnerText;
                        break;

                    case ("downloadname"):
                        DownloadFileName = PropertyNode.InnerText;
                        break;

                    case ("comment"):
                        Comment = PropertyNode.InnerText;
                        break;

                    case ("support_file"):
                        string SupportFileName         = "";
                        string SupportFileDownloadName = "";
                        foreach (XmlNode SupportFileNode in PropertyNode.ChildNodes)
                        {
                            switch (SupportFileNode.Name)
                            {
                            case ("filename"):
                                SupportFileName = SupportFileNode.InnerText;
                                break;

                            case ("downloadname"):
                                SupportFileDownloadName = SupportFileNode.InnerText;
                                break;
                            }
                        }
                        SupportFiles.Add(new string[] { SupportFileName, SupportFileDownloadName });
                        break;
                    }
                }

                if (Action.Equals("add") || Action.Equals("update"))
                {
                    bool     MatchFound        = false;
                    string[] MatchedPluginInfo = new string[2];
                    foreach (string[] PluginInfo in AllPluginInfo)
                    {
                        if (PluginInfo[0].Equals(FileName))
                        {
                            MatchFound        = true;
                            MatchedPluginInfo = PluginInfo;
                            break;
                        }
                    }

                    if ((MatchFound && !MatchedPluginInfo[1].Equals(Version)) || !MatchFound)
                    {
                        DownloadPlugin(PluginType, FileName, DownloadFileName);
                        XW.WriteStartElement("file");
                        XW.WriteStartElement("action"); XW.WriteValue(Action); XW.WriteEndElement();
                        XW.WriteStartElement("filename"); XW.WriteValue(FileName); XW.WriteEndElement();
                        XW.WriteStartElement("comment"); XW.WriteValue(Comment); XW.WriteEndElement();
                        XW.WriteEndElement();
                        foreach (string[] SupportFile in SupportFiles)
                        {
                            DownloadPlugin(PluginType, SupportFile[0], SupportFile[1]);
                            XW.WriteStartElement("file");
                            XW.WriteStartElement("action"); XW.WriteValue(Action); XW.WriteEndElement();
                            XW.WriteStartElement("filename"); XW.WriteValue(SupportFile[0]); XW.WriteEndElement();
                            XW.WriteStartElement("comment"); XW.WriteValue(Comment); XW.WriteEndElement();
                            XW.WriteEndElement();
                        }
                    }
                }
            }

            XW.WriteEndElement();
            XW.WriteEndDocument();
            XW.Close();

            StreamWriter SW = File.CreateText(Config.Path + "\\updates\\" + PluginType + "_plugin_manifest.xml");

            SW.Write(SB.ToString());
            SW.Close();
        }
Ejemplo n.º 9
0
        static void DoScan()
        {
            Spider = new Crawler();
            try
            {
                Spider.PrimaryHost = PrimaryHost;
                Spider.BaseUrl     = BaseUrl;
                Spider.StartingUrl = StartingUrl;
                Spider.PerformDirAndFileGuessing = PerformDirAndFileGuessing;
                Spider.IncludeSubDomains         = IncludeSubDomains;
                Spider.HTTP           = HTTP;
                Spider.HTTPS          = HTTPS;
                Spider.UrlsToAvoid    = UrlsToAvoid;
                Spider.HostsToInclude = HostsToInclude;


                Spider.Start();
            }
            catch (Exception Exp)
            {
                IronException.Report("Error starting Crawler", Exp);
                try
                {
                    Stop();
                }
                catch { }
                return;
            }

            ScanItemUniquenessChecker UniqueChecker = new ScanItemUniquenessChecker(Mode != ScanMode.Default);

            List <int>     ScanIDs                = new List <int>();
            bool           ScanActive             = true;
            List <string>  ActivePlugins          = ActivePlugin.List();
            int            TotalRequestsCrawled   = 0;
            int            TotalScanJobsCreated   = 0;
            int            TotalScanJobsCompleted = 0;
            List <Request> ScannedRequests        = new List <Request>();
            int            SleepCounter           = 0;

            while (ScanActive)
            {
                ScanActive = false;
                List <Request> Requests = Spider.GetCrawledRequests();
                if (Stopped)
                {
                    return;
                }
                if (Requests.Count > 0 || Spider.IsActive())
                {
                    ScanActive = true;
                    if (CrawlAndScan)
                    {
                        TotalRequestsCrawled = TotalRequestsCrawled + Requests.Count;
                        //update the ui with the number of requests crawled
                        foreach (Request Req in Requests)
                        {
                            if (Stopped)
                            {
                                return;
                            }
                            if (!CanScan(Req))
                            {
                                continue;
                            }
                            if (!UniqueChecker.IsUniqueToScan(Req, ScannedRequests, false))
                            {
                                continue;
                            }
                            try
                            {
                                Scanner S = new Scanner(Req);
                                S.CheckAll();

                                if (S.OriginalRequest.Query.Count == 0 && S.OriginalRequest.File.Length != 3 && S.OriginalRequest.File.Length != 4)
                                {
                                    S.InjectUrl();
                                }
                                S.InjectQuery();
                                S.InjectBody();
                                //S.InjectHeaders();
                                //S.InjectCookie();

                                if (!FormatPlugin.IsNormal(Req))
                                {
                                    List <FormatPlugin> RightList = FormatPlugin.Get(Req);
                                    if (RightList.Count > 0)
                                    {
                                        S.BodyFormat = RightList[0];
                                    }
                                }
                                if (S.InjectionPointsCount == 0)
                                {
                                    continue;
                                }
                                TotalScanJobsCreated++;
                                if (Stopped)
                                {
                                    return;
                                }
                                int ScanID = S.LaunchScan();
                                if (Stopped)
                                {
                                    Stop(true);
                                    return;
                                }
                                if (ScanID > 0)
                                {
                                    ScannedRequests.Add(Req);
                                    ScanIDs.Add(ScanID);
                                }
                            }
                            catch (Exception Exp)
                            {
                                IronException.Report(string.Format("Error creating Scan Job with Request - {0}", Req.Url), Exp);
                            }
                        }
                    }
                }
                if (CrawlAndScan)
                {
                    List <int> ScanIDsToRemove  = new List <int>();
                    List <int> AbortedScanIDs   = Scanner.GetAbortedScanIDs();
                    List <int> CompletedScanIDs = Scanner.GetCompletedScanIDs();
                    for (int i = 0; i < ScanIDs.Count; i++)
                    {
                        if (Stopped)
                        {
                            return;
                        }
                        if (CompletedScanIDs.Contains(ScanIDs[i]))
                        {
                            ScanIDsToRemove.Add(i);
                            TotalScanJobsCompleted++;
                        }
                        else if (AbortedScanIDs.Contains(ScanIDs[i]))
                        {
                            ScanIDsToRemove.Add(i);
                        }
                    }
                    for (int i = 0; i < ScanIDsToRemove.Count; i++)
                    {
                        if (Stopped)
                        {
                            return;
                        }
                        ScanIDs.RemoveAt(ScanIDsToRemove[i] - i);
                    }
                }
                if (ScanActive)
                {
                    Thread.Sleep(2000);
                }
                else
                {
                    if (ScanIDs.Count > 0)
                    {
                        ScanActive = true;
                        Thread.Sleep(5000);
                    }
                    else if (SleepCounter < 10)
                    {
                        ScanActive = true;
                        Thread.Sleep(2000);
                        SleepCounter = SleepCounter + 2;
                    }
                }
                if (Stopped)
                {
                    return;
                }
                IronUI.UpdateConsoleCrawledRequestsCount(TotalRequestsCrawled);
                IronUI.UpdateConsoleScanJobsCreatedCount(TotalScanJobsCreated);
                IronUI.UpdateConsoleScanJobsCompletedCount(TotalScanJobsCompleted);
            }
            if (Stopped)
            {
                return;
            }
            Stop();
        }
Ejemplo n.º 10
0
        static void GetNewPlugins()
        {
            string[] PluginManifestLines = PluginManifestFile.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);

            foreach (string Line in PluginManifestLines)
            {
                string[] LineParts = Line.Split(new char[] { '|' }, 6);
                if (LineParts.Length != 6)
                {
                    throw new Exception("Invalid 'Plugin Manifest File' recieved from server");
                }
                PluginManifestInfo.Add(LineParts);
            }
            List <string[]> CurrentPluginInfo = new List <string[]>();

            foreach (string Name in ActivePlugin.List())
            {
                ActivePlugin AP          = ActivePlugin.Get(Name);
                string[]     CurrentInfo = new string[] { "active", AP.Version, AP.FileName.Substring(AP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string Name in PassivePlugin.List())
            {
                PassivePlugin PP          = PassivePlugin.Get(Name);
                string[]      CurrentInfo = new string[] { "passive", PP.Version, PP.FileName.Substring(PP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string Name in FormatPlugin.List())
            {
                FormatPlugin FP          = FormatPlugin.Get(Name);
                string[]     CurrentInfo = new string[] { "format", FP.Version, FP.FileName.Substring(FP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string Name in SessionPlugin.List())
            {
                SessionPlugin SP          = SessionPlugin.Get(Name);
                string[]      CurrentInfo = new string[] { "session", SP.Version, SP.FileName.Substring(SP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string[] PluginManifestInfoLine in PluginManifestInfo)
            {
                if (PluginManifestInfoLine[0].StartsWith("+") || PluginManifestInfoLine[0].StartsWith("*"))
                {
                    bool MatchFound = false;
                    foreach (string[] CurrentPluginLineInfo in CurrentPluginInfo)
                    {
                        if (PluginManifestInfoLine[1].Equals(CurrentPluginLineInfo[0]) && PluginManifestInfoLine[3].Equals(CurrentPluginLineInfo[2]))
                        {
                            MatchFound = true;
                            if (!PluginManifestInfoLine[2].Equals(CurrentPluginLineInfo[1]))
                            {
                                DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
                            }
                            break;
                        }
                        else if (PluginManifestInfoLine[0].Contains("_"))
                        {
                            string[] SupportDetailParts = PluginManifestInfoLine[0].Split(new char[] { '_' }, 2);
                            if (PluginManifestInfoLine[1].Equals(CurrentPluginLineInfo[0]) && SupportDetailParts[1].Equals(CurrentPluginLineInfo[2]))
                            {
                                MatchFound = true;
                                if (!PluginManifestInfoLine[2].Equals(CurrentPluginLineInfo[1]))
                                {
                                    DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
                                }
                                break;
                            }
                        }
                    }
                    if (!MatchFound)
                    {
                        DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
                    }
                }
            }
        }