Ejemplo n.º 1
0
        /// <summary>
        /// Reads the first row to determine which column is located on which column-index.
        /// After that HostEntries will be created using those indexes and added to the internal
        /// list of HostEntries.
        /// </summary>
        private void parse(IExcelDataReader reader)
        {
            int ipIndex = -1;
            int urlIndex = -1;
            int protocolIndex = -1;
            int rankingIndex = -1;
            int fingerPrintIndex = -1;
            int expirationIndex = -1;
            int protocolVersionsIndex = -1;
            int RC4Index = -1;
            int beastIndex = -1;
            int forwardSecrecyIndex = -1;
            int heartbleedIndex = -1;
            int signatureAlgoIndex = -1;
            int poodleIndex = -1;
            int extendedValidIndex = -1;
            int openSSLCCSIndex = -1;
            int HTTPServerSigIndex = -1;
            int serverHostnameIndex = -1;
            int _3DESCipherIndex = -1;

            // Get headers
            reader.Read();
            int columnIndex = 0;
            try
            {
                while (reader.GetString(columnIndex) != null)
                {
                    string cmp = reader.GetString(columnIndex);

                    #region Column finding
                    if (cmp.Equals("IP") && ipIndex == -1) ipIndex = columnIndex;
                    else if (cmp.Contains("URL") && urlIndex == -1) urlIndex = columnIndex;
                    else if (cmp.ToLower().Contains("protocol versions") && protocolVersionsIndex == -1)
                        protocolVersionsIndex = columnIndex;
                    else if (cmp.Contains("RC4") && RC4Index == -1) RC4Index = columnIndex;
                    else if (cmp.ToLower().Contains("ranking") && rankingIndex == -1)
                        rankingIndex = columnIndex;
                    else if (cmp.ToLower().Equals("protocol") && protocolIndex == -1)
                        protocolIndex = columnIndex;
                    else if (cmp.ToLower().Contains("fingerprint") && fingerPrintIndex == -1)
                        fingerPrintIndex = columnIndex;
                    else if (cmp.ToLower().Contains("expiration") && expirationIndex == -1)
                        expirationIndex = columnIndex;
                    else if (cmp.ToLower().Contains("beast") && beastIndex == -1)
                        beastIndex = columnIndex;
                    else if (cmp.ToLower().Contains("forward secrecy") && forwardSecrecyIndex == -1)
                        forwardSecrecyIndex = columnIndex;
                    else if (cmp.ToLower().Contains("heartbleed") && heartbleedIndex == -1)
                        heartbleedIndex = columnIndex;
                    else if (cmp.ToLower().Contains("signature algorithm") && signatureAlgoIndex == -1)
                        signatureAlgoIndex = columnIndex;
                    else if (cmp.ToLower().Contains("poodle") && poodleIndex == -1)
                        poodleIndex = columnIndex;
                    else if (cmp.ToLower().Contains("extended validation") && extendedValidIndex == -1)
                        extendedValidIndex = columnIndex;
                    else if (cmp.ToLower().Contains("openssl ccs") && openSSLCCSIndex == -1)
                        openSSLCCSIndex = columnIndex;
                    else if (cmp.ToLower().Contains("http server sig") && HTTPServerSigIndex == -1)
                        HTTPServerSigIndex = columnIndex;
                    else if (cmp.ToLower().Contains("server host name") && serverHostnameIndex == -1)
                        serverHostnameIndex = columnIndex;
                    else if (cmp.ToLower().Contains("3des cipher presence") && _3DESCipherIndex == -1)
                        _3DESCipherIndex = columnIndex;
                    else
                    {
                        _customAttributes[columnIndex] = cmp;
                    }
                    #endregion

                    columnIndex += 1;
                }
            }
            catch (Exception ex)
            {
                Debug.WriteLine(string.Format("Excel header reading touched outer bounds: {0}", ex.Message));
            }

            // Get rows and add them as children of each header
            while (reader.Read())
            {
                HostEntry h = new HostEntry(getColumn(reader, urlIndex),
                    getColumn(reader, protocolIndex));

                h.SetIP(getColumn(reader, ipIndex));
                h.SetRanking(getColumn(reader, rankingIndex));
                h.SetFingerPrintCert(getColumn(reader, fingerPrintIndex));
                h.SetExpirationDate(getColumn(reader, expirationIndex));
                h.SetProtocolVersions(getColumn(reader, protocolVersionsIndex));
                h.SetBeastVulnerarbility(getColumn(reader, beastIndex));
                h.SetForwardSecrecy(getColumn(reader, forwardSecrecyIndex));
                h.SetHeartbleedVulnerability(getColumn(reader, heartbleedIndex));
                h.SetSignatureAlgorithm(getColumn(reader, signatureAlgoIndex));
                h.SetPoodleVulnerability(getColumn(reader, poodleIndex));
                h.SetExtendedValidation(getColumn(reader, extendedValidIndex));
                h.SetOpenSSLCCSVulnerable(getColumn(reader, openSSLCCSIndex));
                h.SetHTTPServerSignature(getColumn(reader, HTTPServerSigIndex));
                h.SetServerHostName(getColumn(reader, serverHostnameIndex));
                h.Set3DESPresence(getColumn(reader, _3DESCipherIndex));
                
                foreach (DictionaryEntry entry in _customAttributes)
                {
                    h.AddCustomAttribute((string) entry.Value, 
                        getColumn(reader, (int) entry.Key));
                }
                if (!h.IsEmpty()) entries.Add(h);
            }
            reader.Close();
            ParserDelegator.CallOnParseComplete();
        }
Ejemplo n.º 2
0
 /// <summary>
 /// Takes the result of the analysis and extracts the information to a new HostEntry.
 /// If the extraction fails, the same HostEntry as passed will be returned.
 /// Otherwise the fresh HostEntry gets returned.
 /// </summary>
 private HostEntry extractInfoFromAnalysis(Analyze a, HostEntry he)
 {
     HostEntry extracted = new HostEntry(he.URL.ToString(), he.Protocol.ToString());
     try
     {
         extracted.SetIP(a.endpoints[0].ipAddress);
         extracted.SetRanking(a.endpoints[0].grade);
         extracted.SetFingerPrintCert(a.endpoints[0].Details.cert.sigAlg);
         extracted.SetExpirationDate(a.endpoints[0].Details.cert.notAfter);
         extracted.SetProtocolVersions(a.endpoints[0].Details.protocols);
         extracted.SetRC4(a.endpoints[0].Details.supportsRc4.ToString());
         extracted.SetBeastVulnerarbility(a.endpoints[0].Details.vulnBeast);
         extracted.SetForwardSecrecy(a.endpoints[0].Details.forwardSecrecy);
         extracted.SetHeartbleedVulnerability(a.endpoints[0].Details.heartbleed);
         extracted.SetSignatureAlgorithm(a.endpoints[0].Details.cert.sigAlg);
         extracted.SetPoodleVulnerability(a.endpoints[0].Details.poodle, a.endpoints[0].Details.poodleTls);
         extracted.SetExtendedValidation(a.endpoints[0].Details.cert.validationType);
         extracted.SetOpenSSLCCSVulnerable(a.endpoints[0].Details.openSslCcs);
         extracted.SetHTTPServerSignature(a.endpoints[0].Details.serverSignature);
         extracted.SetServerHostName(a.endpoints[0].serverName);
         extracted.Set3DESPresence(check3DESCipherPresence(a.endpoints[0].Details.suites));
     }
     catch (Exception ex)
     {
         Debug.WriteLine(ex);
     }
     return extracted;
 }