void Start()
{
status = gameObject.GetComponent <PlayerStatus>();
vulnerability = Vulnerability.Vulnerable;
material.color = defaultColor;
sounds = gameObject.GetComponent <PlayerSoundManager>();
}
protected void OnVulnerabilityDiscovered(Vulnerability vulnerability)
{
lock (vulnerabilityDiscoveredLock)
{
VulnerabilityDiscovered?.Invoke(vulnerability);
}
}
public static void AppendTag(StringBuilder pbn, string tagName,
Vulnerability vulnerability)
{
AppendTag(pbn, tagName,
PBNVulnerabilityMapper
.GetstringFromVulnerability(vulnerability));
}
public void TestToString()
{
var vulnerability = new Vulnerability
{
Code = "ExampleCode",
Title = "Example Vulnerability",
SeverityLevel = SeverityLevel.Critical,
Description = "Description here.",
FilePath = "C:\\Program.cs",
FullyQualifiedName = "Namespace.Class",
LineNumber = 10
};
var result = vulnerability.ToString();
const string expected = @"Code: ExampleCode
Title: Example Vulnerability
SeverityLevel: Critical
Description: Description here.
File path: C:\Program.cs
Fully qualified name: Namespace.Class
Line number: 10
";
Assert.AreEqual(expected, result);
}
private static (bool, Vulnerability) NotHaveLeakageHeaders(HttpResponseMessage response)
{
var leakage = Fuzz.HttpLeakageHeaders.Where(response.HasHeader);
var vulnerability = Vulnerability.Info($"Information leakage of response headers: {String.Join(", ", leakage)}", response);
return(leakage.Any(), vulnerability);
}
// curl -u admin:foobar http://localhost:8228/v1/query/images/by_vulnerability?vulnerability_id="RHSA-2018:2570"
// curl -u admin:foobar http://localhost:8228/v1/query/images/by_vulnerability?vulnerability_id="CVE-2004-0971"
public static async Task <Vulnerability> GetVulnerabilityForVuln(string vuln)
{
var vulnerability = new Vulnerability();
vulnerability.vuln = vuln;
var request = GetRequestMessage();
request.RequestUri = new Uri($"{BaseUrl}/query/images/by_vulnerability?vulnerability_id={vuln}");
var response = await s_client.SendAsync(request);
var resultJson = await response.Content.ReadAsStringAsync();
var resultObj = JsonConvert.DeserializeObject <JToken>(resultJson);
var vulnArray = resultObj.Value <JArray>("images");
if (vulnArray == null || vulnArray.Count == 0)
{
return(vulnerability);
}
var vulnPackages = vulnArray[0].Value <JArray>("vulnerable_packages");
if (vulnPackages == null || vulnPackages.Count == 0)
{
return(vulnerability);
}
var vulnSeverity = vulnPackages[0].Value <string>("severity");
if (vulnSeverity == null)
{
throw new Exception();
}
vulnerability.severity = vulnSeverity;
return(vulnerability);
}
public async Task <IHttpActionResult> PutVulnerability(int id, Vulnerability vulnerability)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != vulnerability.Id)
{
return(BadRequest());
}
db.Entry(vulnerability).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!VulnerabilityExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IVulnerability AddVulnerability(IWeakness weakness)
{
IVulnerability result = null;
if (Instance is IIdentity identity)
{
IThreatModel model = (Instance as IThreatModel) ?? (Instance as IThreatModelChild)?.Model;
if (model != null)
{
if (_vulnerabilities?.All(x => x.WeaknessId != weakness.Id) ?? true)
{
result = new Vulnerability(model, weakness, identity);
if (_vulnerabilities == null)
{
_vulnerabilities = new List <IVulnerability>();
}
_vulnerabilities.Add(result);
if (Instance is IDirty dirtyObject)
{
dirtyObject.SetDirty();
}
if (Instance is IVulnerabilitiesContainer container)
{
_vulnerabilityAdded?.Invoke(container, result);
}
}
}
}
return(result);
}
public override void enterTabPage()
{
// Если вкладка открывается впервые, и еще нет данных об уязвимостях в IS, выходим из метода
if (IS.listOfVulnerabilities.Count == 0)
{
return;
}
int columnVulsNumber = mf.dgvVulnerabilities.Columns["VulnerabilityNumber"].Index;
// Заполняем чекбоксы уязвимостей сохраненной инфой из IS
foreach (DataGridViewRow row in mf.dgvVulnerabilities.Rows)
{
// checkbox
DataGridViewCheckBoxCell chk = (DataGridViewCheckBoxCell)row.Cells[0];
// объект уязвимости соответствующий строке row
Vulnerability v = listVuls.Where(v1 => v1.VulnerabilityNumber == (int)row.Cells[columnVulsNumber].Value).First();
// если уязвимость есть в IS, ставим галочку в checkbox
if (IS.listOfVulnerabilities.Contains(v))
{
chk.Value = chk.TrueValue;
}
else
{
chk.Value = chk.FalseValue;
}
}
}
public override void ParseRBNstring(string rbn)
{
if (!string.IsNullOrEmpty(rbn))
{
Auction = RBNAuctionMapper.GetAuctionFromstring(rbn);
Vulnerability = RBNAuctionMapper.GetVulnerabilityFromstring(rbn);
}
}
public void OnVulnerabilityDiscovered(Vulnerability vulnerability)
{
if (_ignoreObject != null && _ignoreObject.IsIgnored(vulnerability))
{
return;
}
Reporter.Report(vulnerability);
}
private void StunPlayer(GameObject player)
{
Vulnerability vulnerablility = player.GetComponent <Vulnerability>();
if (vulnerablility.IsVulnerable)
{
vulnerablility.MakeInvulnerable();
}
}
private void OnTriggerEnter2D(Collider2D collider)
{
Vulnerability vulnerability = collider.gameObject.GetComponent <Vulnerability>();
if (vulnerability != null && vulnerability.IsVulnerable)
{
vulnerability.MakeInvulnerable();
}
}
private void AddVulnerable(Vulnerability vulnerable)
{
if (vulnerable != null)
{
if (!vulnerables.Contains(vulnerable))
{
vulnerables.Add(vulnerable);
}
}
}
public static Contracts.Vulnerability.Vulnerability ToContract(this Vulnerability dataItem)
{
return(new Contracts.Vulnerability.Vulnerability
{
VulnerabilityId = dataItem.VulnerabilityId,
Name = dataItem.Name,
Description = dataItem.Description,
//VulnerabilityCatalogId = dataItem.VulnerabilityCatalogId
});
}
public void CheckPackageInfoLevel()
{
Vulnerability npm1 = _vulners.CheckPackage("npm", "3.0.0");
Assert.AreEqual(VulnerabilityLevel.High, npm1.Severity);
Vulnerability npm2 = _vulners.CheckPackage("npm", "3.8.2");
Assert.AreEqual(VulnerabilityLevel.None, npm2.Severity);
}
/// <summary>
/// Verifies a vulnerability object has the basic plumbing correct.
/// </summary>
/// <param name="vuln">
/// The vuln.
/// </param>
/// <param name="instance">
/// The instance.
/// </param>
/// <param name="responseHolder">
/// The response holder.
/// </param>
public static void AssertBasicVulnProperties(
Vulnerability vuln,
PluginBaseAbstract instance,
HttpWebResponseHolder responseHolder)
{
vuln.TestPlugin.ShouldEqual(instance.GetType().Name);
vuln.HttpResponse.ShouldEqual(responseHolder);
vuln.TestedParam.ShouldEqual("testedParam");
vuln.TestedVal.ShouldEqual("testedValue");
}
public void OnVulnerabilityDiscovered(Vulnerability vulnerability)
{
if (_ignoreObject != null && _ignoreObject.IsIgnored(vulnerability))
{
return;
}
Console.WriteLine(vulnerability);
Interlocked.Increment(ref _vulnerabilityCount);
}
private void RemoveVulnerable(Vulnerability vulnerable)
{
if (vulnerable != null)
{
if (vulnerables.Contains(vulnerable))
{
vulnerables.Remove(vulnerable);
}
}
}
private void OnCollisionEnter2D(Collision2D collision)
{
Vulnerability vulnerability = collision.gameObject.GetComponent <Vulnerability>();
if (vulnerability != null && vulnerability.IsVulnerable)
{
vulnerability.MakeInvulnerable();
}
Object.Destroy(this.gameObject);
}
public override void Process(Vulnerability vulnerability)
{
_consoleWrapper.WriteLine($"Code: {vulnerability.Code}");
_consoleWrapper.WriteLine($"Title: {vulnerability.Title}");
_consoleWrapper.WriteLine($"SeverityLevel: {vulnerability.SeverityLevel}");
_consoleWrapper.WriteLine($"Description: {vulnerability.Description}");
_consoleWrapper.WriteLine($"File path: {vulnerability.FilePath}");
_consoleWrapper.WriteLine($"Fully qualified name: {vulnerability.FullyQualifiedName}");
_consoleWrapper.WriteLine($"Line number: {vulnerability.LineNumber}");
_consoleWrapper.WriteLine("");
}
public override void CheckForExposures()
{
for (int i = vulnerables.Count - 1; i >= 0; i--)
{
Vulnerability vulnerable = vulnerables[i];
if (FloodLevel > 0 && vulnerable != null)
{
vulnerable.Expose(hazardType);
}
}
}
public async Task <IHttpActionResult> GetVulnerability(int id)
{
Vulnerability vulnerability = await db.Vulnerabilities.FindAsync(id);
if (vulnerability == null)
{
return(NotFound());
}
return(Ok(vulnerability));
}
public static Vulnerability ToDataModel(this Contracts.Vulnerability.CreateVulnerability create)
{
var Vulnerability = new Vulnerability
{
Name = create.Name,
Description = create.Description,
//VulnerabilityCatalogId = create.VulnerabilityCatalogId,
};
return(Vulnerability);
}
public void CompleteMatch()
{
var vulnerability = new Vulnerability
{
FullyQualifiedName = "BankingApp.TestFiles",
Code = "Example"
};
bool result = _ignoreObject.IsIgnored(vulnerability);
Assert.IsTrue(result);
}
private static string GetVulnerability(Vulnerability vulnerability)
{
switch (vulnerability)
{
case Vulnerability.None:
return("-");
default:
return(PBNVulnerabilityMapper
.GetstringFromVulnerability(vulnerability));
}
}
public async Task <IHttpActionResult> PostVulnerability(Vulnerability vulnerability)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.Vulnerabilities.Add(vulnerability);
await db.SaveChangesAsync();
return(CreatedAtRoute("DefaultApi", new { id = vulnerability.Id }, vulnerability));
}
public void MatchingCode()
{
var vulnerability = new Vulnerability
{
FullyQualifiedName = "AnotherBankingApp.TestFiles",
Code = "Example"
};
bool result = _ignoreObject.IsIgnored(vulnerability);
Assert.IsFalse(result);
}
public Score(Seat declarer, Contract contract, IEnumerable <Trick> tricks, Vulnerability vulnerability)
{
//FIXME add error checking
Declarer = declarer;
Contract = contract;
Vulnerability = vulnerability;
_tricks = tricks.ToList();
_vulnerable = Declarer.IsVulnerable(vulnerability);
TricksTaken = GetTricksTaken();
TricksDefeated = contract.Bid.Tricks - TricksTaken; //todo limit to positive numbers ??
ContractScore = GetContractScore();
}
public Score(Seat declarer, Contract contract, IEnumerable<Trick> tricks, Vulnerability vulnerability)
{
//FIXME add error checking
Declarer = declarer;
Contract = contract;
Vulnerability = vulnerability;
_tricks = tricks.ToList();
_vulnerable = Declarer.IsVulnerable(vulnerability);
TricksTaken = GetTricksTaken();
TricksDefeated = contract.Bid.Tricks - TricksTaken; //todo limit to positive numbers ??
ContractScore = GetContractScore();
}
public bool Test()
{
Util.Log("Testing for vulnerabilities: " + URL, Color.DarkBlue);
SQL_Vulnerable = false;
PHP_Vulnerable = false;
string[] chars = { "'", @"\" };
foreach (string ch in chars)
{
string ret = GetString(URL + ch);
if (ret.Contains("You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax") ||
ret.Contains("supplied argument is not a valid MySQL result resource") ||
ret.Contains("Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given"))
{
SQL_Vulnerable = true;
Util.Log("Target is vulnerable to SQL injection", Color.Green);
return(true);
}
else if (ret.Contains("Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE"))
{
if (GetString(URL + "';echo('" + Delimiter + "').'").Contains(Delimiter))
{
PHP_Vulnerable = true;
Util.Log("Target is vulnerable to PHP injection", Color.Green);
PHP_GetShell();
}
}
}
UserAgent = "'";
string ss = GetString(URL);
if (ss.Contains("You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax") ||
ss.Contains("supplied argument is not a valid MySQL result resource") ||
ss.Contains("Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given"))
{
Util.Log("Target vulnerable to User Agent injection", Color.Green);
SQL_Vulnerable = true;
Vulnerability = Razorblade.Vulnerability.USERAGENT;
return(true);
}
else
{
Util.Log("Target is not vulnerable to SQL injection", Color.Red);
return(false);
}
}
public void SetVulnerability(TowerType towerType, Vulnerability type)
{
VulnerabilityState[(int)towerType] = type;
}
public BossState()
{
VulnerabilityState = new Vulnerability[NumberOfTowerTypes];
SetVulnerabilitiesToNormal();
}