Example #1
0
        private void ScanSelectedWizard_Load(object sender, EventArgs e)
        {
            foreach (string Name in ActivePlugin.List())
            {
                ScanPluginsGrid.Rows.Add(new object[] { true, Name });
            }
            foreach (string Name in FormatPlugin.List())
            {
                FormatGrid.Rows.Add(new object[] { true, Name });
            }
            ScanBranchSessionPluginsCombo.Items.AddRange(SessionPlugin.List().ToArray());

            if (InjectQueryCB.Checked)
            {
                QueryParametersFilterCB.Enabled = true;
            }
            if (InjectBodyCB.Checked)
            {
                BodyParametersFilterCB.Enabled = true;
            }
            if (InjectCookieCB.Checked)
            {
                CookieParametersFilterCB.Enabled = true;
            }
            if (InjectHeadersCB.Checked)
            {
                HeadersParametersFilterCB.Enabled = true;
            }
        }
Example #2
0
 public static void Add(ActivePlugin AP)
 {
     if ((AP.Name.Length > 0) && !(AP.Name.Equals("All") || AP.Name.Equals("None")))
     {
         if (!List().Contains(AP.Name))
         {
             AP.FileName = PluginEngine.FileName;
             Collection.Add(AP);
         }
     }
 }
Example #3
0
 public static void Add(ActivePlugin AP)
 {
     if ((AP.Name.Length > 0) && !(AP.Name.Equals("All") || AP.Name.Equals("None")))
     {
         if (!List().Contains(AP.Name))
         {
             AP.FileName = PluginStore.FileName;
             Collection.Add(AP);
         }
     }
 }
Example #4
0
 public static ActivePlugin Get(string Name)
 {
     foreach (ActivePlugin AP in Collection)
     {
         if (AP.Name.Equals(Name))
         {
             ActivePlugin NewInstance = AP.GetInstance();
             NewInstance.FileName = AP.FileName;
             return(NewInstance);
         }
     }
     return(null);
 }
        private void ScanTraceBehaviourAnalysis_Load(object sender, EventArgs e)
        {
            ScanPluginsGrid.Rows.Add(new object[] { true, "All Checks" });
            foreach (string Name in ActivePlugin.List())
            {
                ScanPluginsGrid.Rows.Add(new object[] { true, Name });
            }

            ConfigKeywordsTB.Text                 = string.Join(", ", DefaultErrorKeywords.ToArray());
            ConfigResponseTimeChangeMSTB.Text     = DefaultResponseTimeChange.ToString();
            ConfigResponseTimeChangeFactorTB.Text = DefaultResponseTimeChangeFactor.ToString();
            ConfigCharsCountTB.Text               = DefaultCharsCount.ToString();
        }
Example #6
0
 internal static void LoadAllInternalActivePlugins()
 {
     ActivePlugin.Add((new CrossSiteScriptingCheck()).GetInstance());
     ActivePlugin.Add((new SqlInjectionCheck()).GetInstance());
     ActivePlugin.Add((new CodeInjectionCheck()).GetInstance());
     ActivePlugin.Add((new CommandInjectionCheck()).GetInstance());
     ActivePlugin.Add((new XpathInjectionCheck()).GetInstance());
     ActivePlugin.Add((new LdapInjectionCheck()).GetInstance());
     ActivePlugin.Add((new HeaderInjectionCheck()).GetInstance());
     ActivePlugin.Add((new ExpressionLanguageInjectionCheck()).GetInstance());
     ActivePlugin.Add((new ServerSideIncludesInjectionCheck()).GetInstance());
     ActivePlugin.Add((new ServerSideRequestForgeryCheck()).GetInstance());
     ActivePlugin.Add((new OpenRedirectCheck()).GetInstance());
     ActivePlugin.Add((new LocalFileIncludeCheck()).GetInstance());
     ActivePlugin.Add((new RemoteFileIncludeCheck()).GetInstance());
 }
Example #7
0
        internal static void ReloadPlugin(PluginType Type, string Name, string PluginFileName)
        {
            string FileName = "";

            switch (Type)
            {
            case PluginType.Passive:
                FileName = Config.RootDir + "\\plugins\\passive\\" + PluginFileName;
                lock (PassivePlugin.Collection)
                {
                    PassivePlugin.Remove(Name);
                    LoadPlugin(FileName);
                }
                break;

            case PluginType.Active:
                FileName = Config.RootDir + "\\plugins\\active\\" + PluginFileName;
                lock (ActivePlugin.Collection)
                {
                    ActivePlugin.Remove(Name);
                    LoadPlugin(FileName);
                }
                break;

            case PluginType.Format:
                FileName = Config.RootDir + "\\plugins\\format\\" + PluginFileName;
                lock (FormatPlugin.Collection)
                {
                    FormatPlugin.Remove(Name);
                    LoadPlugin(FileName);
                    IronUI.UpdateAllFormatPluginRows();
                }
                break;

            case PluginType.Session:
                FileName = Config.RootDir + "\\plugins\\session\\" + PluginFileName;
                lock (SessionPlugin.Collection)
                {
                    SessionPlugin.Remove(Name);
                    LoadPlugin(FileName);
                }
                break;
            }
            IronUI.UpdateAllFormatPluginRows();
            IronUI.UpdateAllActivePluginRows();
            IronUI.BuildPluginTree();
        }
Example #8
0
        private void StepOneNextBtn_Click(object sender, EventArgs e)
        {
            ShowStep0Error("");
            string Name = PluginNameTB.Text.Trim();

            if (Name.Length == 0)
            {
                PluginNameTB.BackColor = Color.Red;
                ShowStep0Error("Plugin name cannot be empty");
                return;
            }
            if (!Regex.IsMatch(Name, "^[a-zA-Z]+$"))
            {
                PluginNameTB.BackColor = Color.Red;
                ShowStep0Error("Plugin Name should only contain alphabets (a-z)");
                return;
            }
            if (!Name[0].ToString().ToUpper().Equals(Name[0].ToString()))
            {
                ShowStep0Error("Plugin Name should begin with an upper case letter");
                return;
            }
            if (ActivePlugin.List().Contains(Name))
            {
                PluginNameTB.BackColor = Color.Red;
                ShowStep0Error("An Active Plugin with this name already exists. Select a different name.");
                return;
            }
            string Desc = PluginDescTB.Text;

            if (Desc.Trim().Length == 0)
            {
                PluginDescTB.BackColor = Color.Red;
                ShowStep0Error("Plugin description cannot be empty");
                return;
            }
            this.PluginName        = Name;
            this.PluginDescription = Desc;
            this.CurrentStep       = 1;
            this.BaseTabs.SelectTab("PayloadsTab");
        }
Example #9
0
        internal static void LoadNewActivePlugins(ScriptEngine Engine)
        {
            string ActivePluginPath = Path.Combine(Config.RootDir, "plugins\\active");

            string[]      ActivePluginFiles = Directory.GetFiles(ActivePluginPath);
            List <string> OldPluginFiles    = new List <string>();
            List <string> NewPluginFiles    = new List <string>();

            foreach (string Name in ActivePlugin.List())
            {
                OldPluginFiles.Add((Config.RootDir + "\\plugins\\active\\" + ActivePlugin.Get(Name).FileName).Replace("/", "\\"));
            }
            foreach (string PluginFile in ActivePluginFiles)
            {
                if (!OldPluginFiles.Contains(PluginFile))
                {
                    NewPluginFiles.Add(PluginFile);
                }
            }
            LoadActivePlugins(Engine, NewPluginFiles);
        }
Example #10
0
 private void StartScanWizard_Load(object sender, EventArgs e)
 {
     foreach (string Name in ActivePlugin.List())
     {
         ScanPluginsGrid.Rows.Add(new object[] { true, Name });
     }
     if (InjectQueryCB.Checked)
     {
         QueryParametersFilterCB.Enabled = true;
     }
     if (InjectBodyCB.Checked)
     {
         BodyParametersFilterCB.Enabled = true;
     }
     if (InjectCookieCB.Checked)
     {
         CookieParametersFilterCB.Enabled = true;
     }
     if (InjectHeadersCB.Checked)
     {
         HeadersParametersFilterCB.Enabled = true;
     }
     if (BaseRequest != null)
     {
         StartingUrlTB.Text = BaseRequest.Url;
         BaseUrlTB.Text     = "/";
         if (BaseRequest.SSL)
         {
             CrossProtoQuestionLbl.Text = string.Format(CrossProtoQuestionLbl.Text, "HTTP");
         }
         else
         {
             CrossProtoQuestionLbl.Text = string.Format(CrossProtoQuestionLbl.Text, "HTTPS");
         }
     }
     Step1StatusLbl.Text   = "Checking if the provided Url is reachable, please wait...";
     Step1Progress.Visible = true;
     T = new Thread(CheckTargetConnectivity);
     T.Start();
 }
Example #11
0
 void CheckWithActivePlugin(ActivePlugin AP)
 {
     this.ActivePluginName = AP.Name;
     if (!SessionHandler.CanInject(this, this.CurrentRequest))
     {
         return;
     }
     AP.Check(this.CurrentRequest.GetClone(), this);
 }
Example #12
0
        static void GetNewPlugins(XmlNode ManifestNode)
        {
            string PluginType = ManifestNode.Name;

            List <string[]> AllPluginInfo = new List <string[]>();

            switch (PluginType)
            {
            case ("active"):
                foreach (string Name in ActivePlugin.List())
                {
                    ActivePlugin P = ActivePlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;

            case ("passive"):
                foreach (string Name in PassivePlugin.List())
                {
                    PassivePlugin P = PassivePlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;

            case ("format"):
                foreach (string Name in FormatPlugin.List())
                {
                    FormatPlugin P = FormatPlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;

            case ("session"):
                foreach (string Name in SessionPlugin.List())
                {
                    SessionPlugin P = SessionPlugin.Get(Name);
                    AllPluginInfo.Add(new string[] { P.FileName, P.Version });
                }
                break;
            }

            StringBuilder SB = new StringBuilder();
            XmlWriter     XW = XmlWriter.Create(SB);

            XW.WriteStartDocument();
            XW.WriteStartElement("manifest");

            foreach (XmlNode FileNode in ManifestNode.ChildNodes)
            {
                string          Version          = "";
                string          Action           = "";
                string          FileName         = "";
                string          DownloadFileName = "";
                string          Comment          = "";
                List <string[]> SupportFiles     = new List <string[]>();

                foreach (XmlNode PropertyNode in FileNode.ChildNodes)
                {
                    switch (PropertyNode.Name)
                    {
                    case ("version"):
                        Version = PropertyNode.InnerText;
                        break;

                    case ("action"):
                        Action = PropertyNode.InnerText;
                        break;

                    case ("filename"):
                        FileName = PropertyNode.InnerText;
                        break;

                    case ("downloadname"):
                        DownloadFileName = PropertyNode.InnerText;
                        break;

                    case ("comment"):
                        Comment = PropertyNode.InnerText;
                        break;

                    case ("support_file"):
                        string SupportFileName         = "";
                        string SupportFileDownloadName = "";
                        foreach (XmlNode SupportFileNode in PropertyNode.ChildNodes)
                        {
                            switch (SupportFileNode.Name)
                            {
                            case ("filename"):
                                SupportFileName = SupportFileNode.InnerText;
                                break;

                            case ("downloadname"):
                                SupportFileDownloadName = SupportFileNode.InnerText;
                                break;
                            }
                        }
                        SupportFiles.Add(new string[] { SupportFileName, SupportFileDownloadName });
                        break;
                    }
                }

                if (Action.Equals("add") || Action.Equals("update"))
                {
                    bool     MatchFound        = false;
                    string[] MatchedPluginInfo = new string[2];
                    foreach (string[] PluginInfo in AllPluginInfo)
                    {
                        if (PluginInfo[0].Equals(FileName))
                        {
                            MatchFound        = true;
                            MatchedPluginInfo = PluginInfo;
                            break;
                        }
                    }

                    if ((MatchFound && !MatchedPluginInfo[1].Equals(Version)) || !MatchFound)
                    {
                        DownloadPlugin(PluginType, FileName, DownloadFileName);
                        XW.WriteStartElement("file");
                        XW.WriteStartElement("action"); XW.WriteValue(Action); XW.WriteEndElement();
                        XW.WriteStartElement("filename"); XW.WriteValue(FileName); XW.WriteEndElement();
                        XW.WriteStartElement("comment"); XW.WriteValue(Comment); XW.WriteEndElement();
                        XW.WriteEndElement();
                        foreach (string[] SupportFile in SupportFiles)
                        {
                            DownloadPlugin(PluginType, SupportFile[0], SupportFile[1]);
                            XW.WriteStartElement("file");
                            XW.WriteStartElement("action"); XW.WriteValue(Action); XW.WriteEndElement();
                            XW.WriteStartElement("filename"); XW.WriteValue(SupportFile[0]); XW.WriteEndElement();
                            XW.WriteStartElement("comment"); XW.WriteValue(Comment); XW.WriteEndElement();
                            XW.WriteEndElement();
                        }
                    }
                }
            }

            XW.WriteEndElement();
            XW.WriteEndDocument();
            XW.Close();

            StreamWriter SW = File.CreateText(Config.Path + "\\updates\\" + PluginType + "_plugin_manifest.xml");

            SW.Write(SB.ToString());
            SW.Close();
        }
Example #13
0
        static void DoScan()
        {
            Spider = new Crawler();
            try
            {
                Spider.PrimaryHost = PrimaryHost;
                Spider.BaseUrl     = BaseUrl;
                Spider.StartingUrl = StartingUrl;
                Spider.PerformDirAndFileGuessing = PerformDirAndFileGuessing;
                Spider.IncludeSubDomains         = IncludeSubDomains;
                Spider.HTTP           = HTTP;
                Spider.HTTPS          = HTTPS;
                Spider.UrlsToAvoid    = UrlsToAvoid;
                Spider.HostsToInclude = HostsToInclude;


                Spider.Start();
            }
            catch (Exception Exp)
            {
                IronException.Report("Error starting Crawler", Exp);
                try
                {
                    Stop();
                }
                catch { }
                return;
            }

            ScanItemUniquenessChecker UniqueChecker = new ScanItemUniquenessChecker(Mode != ScanMode.Default);

            List <int>     ScanIDs                = new List <int>();
            bool           ScanActive             = true;
            List <string>  ActivePlugins          = ActivePlugin.List();
            int            TotalRequestsCrawled   = 0;
            int            TotalScanJobsCreated   = 0;
            int            TotalScanJobsCompleted = 0;
            List <Request> ScannedRequests        = new List <Request>();
            int            SleepCounter           = 0;

            while (ScanActive)
            {
                ScanActive = false;
                List <Request> Requests = Spider.GetCrawledRequests();
                if (Stopped)
                {
                    return;
                }
                if (Requests.Count > 0 || Spider.IsActive())
                {
                    ScanActive = true;
                    if (CrawlAndScan)
                    {
                        TotalRequestsCrawled = TotalRequestsCrawled + Requests.Count;
                        //update the ui with the number of requests crawled
                        foreach (Request Req in Requests)
                        {
                            if (Stopped)
                            {
                                return;
                            }
                            if (!CanScan(Req))
                            {
                                continue;
                            }
                            if (!UniqueChecker.IsUniqueToScan(Req, ScannedRequests, false))
                            {
                                continue;
                            }
                            try
                            {
                                Scanner S = new Scanner(Req);
                                S.CheckAll();

                                if (S.OriginalRequest.Query.Count == 0 && S.OriginalRequest.File.Length != 3 && S.OriginalRequest.File.Length != 4)
                                {
                                    S.InjectUrl();
                                }
                                S.InjectQuery();
                                S.InjectBody();
                                //S.InjectHeaders();
                                //S.InjectCookie();

                                if (!FormatPlugin.IsNormal(Req))
                                {
                                    List <FormatPlugin> RightList = FormatPlugin.Get(Req);
                                    if (RightList.Count > 0)
                                    {
                                        S.BodyFormat = RightList[0];
                                    }
                                }
                                if (S.InjectionPointsCount == 0)
                                {
                                    continue;
                                }
                                TotalScanJobsCreated++;
                                if (Stopped)
                                {
                                    return;
                                }
                                int ScanID = S.LaunchScan();
                                if (Stopped)
                                {
                                    Stop(true);
                                    return;
                                }
                                if (ScanID > 0)
                                {
                                    ScannedRequests.Add(Req);
                                    ScanIDs.Add(ScanID);
                                }
                            }
                            catch (Exception Exp)
                            {
                                IronException.Report(string.Format("Error creating Scan Job with Request - {0}", Req.Url), Exp);
                            }
                        }
                    }
                }
                if (CrawlAndScan)
                {
                    List <int> ScanIDsToRemove  = new List <int>();
                    List <int> AbortedScanIDs   = Scanner.GetAbortedScanIDs();
                    List <int> CompletedScanIDs = Scanner.GetCompletedScanIDs();
                    for (int i = 0; i < ScanIDs.Count; i++)
                    {
                        if (Stopped)
                        {
                            return;
                        }
                        if (CompletedScanIDs.Contains(ScanIDs[i]))
                        {
                            ScanIDsToRemove.Add(i);
                            TotalScanJobsCompleted++;
                        }
                        else if (AbortedScanIDs.Contains(ScanIDs[i]))
                        {
                            ScanIDsToRemove.Add(i);
                        }
                    }
                    for (int i = 0; i < ScanIDsToRemove.Count; i++)
                    {
                        if (Stopped)
                        {
                            return;
                        }
                        ScanIDs.RemoveAt(ScanIDsToRemove[i] - i);
                    }
                }
                if (ScanActive)
                {
                    Thread.Sleep(2000);
                }
                else
                {
                    if (ScanIDs.Count > 0)
                    {
                        ScanActive = true;
                        Thread.Sleep(5000);
                    }
                    else if (SleepCounter < 10)
                    {
                        ScanActive = true;
                        Thread.Sleep(2000);
                        SleepCounter = SleepCounter + 2;
                    }
                }
                if (Stopped)
                {
                    return;
                }
                IronUI.UpdateConsoleCrawledRequestsCount(TotalRequestsCrawled);
                IronUI.UpdateConsoleScanJobsCreatedCount(TotalScanJobsCreated);
                IronUI.UpdateConsoleScanJobsCompletedCount(TotalScanJobsCompleted);
            }
            if (Stopped)
            {
                return;
            }
            Stop();
        }
Example #14
0
        static void GetNewPlugins()
        {
            string[] PluginManifestLines = PluginManifestFile.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);

            foreach (string Line in PluginManifestLines)
            {
                string[] LineParts = Line.Split(new char[] { '|' }, 6);
                if (LineParts.Length != 6)
                {
                    throw new Exception("Invalid 'Plugin Manifest File' recieved from server");
                }
                PluginManifestInfo.Add(LineParts);
            }
            List <string[]> CurrentPluginInfo = new List <string[]>();

            foreach (string Name in ActivePlugin.List())
            {
                ActivePlugin AP          = ActivePlugin.Get(Name);
                string[]     CurrentInfo = new string[] { "active", AP.Version, AP.FileName.Substring(AP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string Name in PassivePlugin.List())
            {
                PassivePlugin PP          = PassivePlugin.Get(Name);
                string[]      CurrentInfo = new string[] { "passive", PP.Version, PP.FileName.Substring(PP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string Name in FormatPlugin.List())
            {
                FormatPlugin FP          = FormatPlugin.Get(Name);
                string[]     CurrentInfo = new string[] { "format", FP.Version, FP.FileName.Substring(FP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string Name in SessionPlugin.List())
            {
                SessionPlugin SP          = SessionPlugin.Get(Name);
                string[]      CurrentInfo = new string[] { "session", SP.Version, SP.FileName.Substring(SP.FileName.LastIndexOf('\\') + 1) };
                CurrentPluginInfo.Add(CurrentInfo);
            }
            foreach (string[] PluginManifestInfoLine in PluginManifestInfo)
            {
                if (PluginManifestInfoLine[0].StartsWith("+") || PluginManifestInfoLine[0].StartsWith("*"))
                {
                    bool MatchFound = false;
                    foreach (string[] CurrentPluginLineInfo in CurrentPluginInfo)
                    {
                        if (PluginManifestInfoLine[1].Equals(CurrentPluginLineInfo[0]) && PluginManifestInfoLine[3].Equals(CurrentPluginLineInfo[2]))
                        {
                            MatchFound = true;
                            if (!PluginManifestInfoLine[2].Equals(CurrentPluginLineInfo[1]))
                            {
                                DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
                            }
                            break;
                        }
                        else if (PluginManifestInfoLine[0].Contains("_"))
                        {
                            string[] SupportDetailParts = PluginManifestInfoLine[0].Split(new char[] { '_' }, 2);
                            if (PluginManifestInfoLine[1].Equals(CurrentPluginLineInfo[0]) && SupportDetailParts[1].Equals(CurrentPluginLineInfo[2]))
                            {
                                MatchFound = true;
                                if (!PluginManifestInfoLine[2].Equals(CurrentPluginLineInfo[1]))
                                {
                                    DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
                                }
                                break;
                            }
                        }
                    }
                    if (!MatchFound)
                    {
                        DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
                    }
                }
            }
        }