void DeserializeWithFormatPlugin(object PluginNameObject)
{
string PluginName = PluginNameObject.ToString();
try
{
Request Req = DisplayedRequest.GetClone(true);
FormatPlugin FP = FormatPlugin.Get(PluginName);
CurrentFormatXml = FP.ToXmlFromRequest(Req);
CurrentXmlNameValueArray = FormatPlugin.XmlToArray(CurrentFormatXml);
ShowStatusMsg("");
SetDeserializedDataInUi(PluginName, CurrentFormatXml, CurrentXmlNameValueArray);
this.ResetBodyParametersChangedStatus();
ShowProgressBar(false);
}
catch (ThreadAbortException)
{
ShowStatusMsg("");
}
catch (Exception Exp)
{
IronException.Report(string.Format("Error converting Request to {0}", PluginName), Exp);
ShowErrorMsg(string.Format("Unable to parse Request body as {0}", PluginName));
ShowProgressBar(false);
}
}
void SerializeNewXmlWithFormatPlugin(object PluginNameObject)
{
string PluginName = PluginNameObject.ToString();
try
{
Request Req = DisplayedRequest.GetClone(true);
FormatPlugin FP = FormatPlugin.Get(PluginName);
Request NewRequest = FP.ToRequestFromXml(Req, CurrentFormatXml);
this.DisplayedRequest = NewRequest;
ShowStatusMsg("");
this.SetNonFormatPluginRequestFields(NewRequest);
ShowProgressBar(false);
}
catch (ThreadAbortException)
{
ShowStatusMsg("");
}
catch (Exception Exp)
{
IronException.Report(string.Format("Error converting {0} to Request", PluginName), Exp);
ShowErrorMsg(string.Format("Unable to update edited values in {0}", PluginName));
ShowProgressBar(false);
}
}
public static BodyFormatType GetFormatType(Request Req)
{
if (Tools.IsSoap(Req.BodyString))
{
return(BodyFormatType.Soap);
}
else if (Tools.IsXml(Req.BodyString))
{
return(BodyFormatType.Xml);
}
else if (Tools.IsJson(Req.BodyString))
{
return(BodyFormatType.Json);
}
else if (FormatPlugin.Get(BodyFormatType.Multipart).Is(Req))
{
return(BodyFormatType.Multipart);
}
else if (Tools.IsBinary(Req.BodyArray))
{
return(BodyFormatType.UnknownBinary);
}
else if (IsNormal(Req))
{
return(BodyFormatType.UrlFormEncoded);
}
else
{
return(BodyFormatType.Unknown);
}
}
Scanner SetFormatPlugin(Scanner S)
{
Request RequestToScan = S.OriginalRequest;
if (!FormatPlugin.IsNormal(RequestToScan))
{
string FPName = FormatPlugin.Get(RequestToScan, FormatPlugins);
if (FPName.Length > 0 && FPName != "Normal")
{
S.BodyFormat = FormatPlugin.Get(FPName);
}
}
return(S);
}
internal static void LoadNewFormatPlugins(ScriptEngine Engine)
{
string FormatPluginPath = Path.Combine(Config.RootDir, "plugins\\format");
string[] FormatPluginFiles = Directory.GetFiles(FormatPluginPath);
List <string> OldPluginFiles = new List <string>();
List <string> NewPluginFiles = new List <string>();
foreach (string Name in FormatPlugin.List())
{
OldPluginFiles.Add((Config.RootDir + "\\plugins\\format\\" + FormatPlugin.Get(Name).FileName).Replace("/", "\\"));
}
foreach (string PluginFile in FormatPluginFiles)
{
if (!OldPluginFiles.Contains(PluginFile))
{
NewPluginFiles.Add(PluginFile);
}
}
LoadFormatPlugins(Engine, NewPluginFiles);
}
void AutoDetectFormatAndSetBodyParameters(object ReqObj)
{
try
{
Request Req = ((Request)ReqObj).GetClone();
string FPName = FormatPlugin.Get(Req);
if (FPName == "Normal")
{
SetBodyParameters(Req, true);
}
else if (FPName.Length == 0)
{
SetBodyParameters(Req, false);
}
else
{
try
{
FormatPlugin FP = FormatPlugin.Get(FPName);
CurrentFormatXml = FP.ToXmlFromRequest(Req);
CurrentXmlNameValueArray = FormatPlugin.XmlToArray(CurrentFormatXml);
SetDeserializedDataInUi(FP.Name, CurrentFormatXml, CurrentXmlNameValueArray);
}
catch
{
SetBodyParameters(Req, false);
}
}
this.ResetBodyParametersChangedStatus();
}
catch (ThreadAbortException) { }
finally
{
ShowStatusMsg("");
ShowProgressBar(false);
}
}
void AutoDetectFormatAndSetBodyParameters(object ResObj)
{
try
{
Response Res = ((Response)ResObj).GetClone();
string FPName = FormatPlugin.Get(Res);
if (FPName.Length > 0 && FPName != "Normal")
{
try
{
FormatPlugin FP = FormatPlugin.Get(FPName);
CurrentFormatXml = FP.ToXmlFromResponse(Res);
CurrentXmlNameValueArray = FormatPlugin.XmlToArray(CurrentFormatXml);
SetDeserializedDataInUi(FP.Name, CurrentFormatXml, CurrentXmlNameValueArray);
}
catch
{ }
}
this.ResetBodyTypeFormatPluginsParametersChangedStatus();
ShowStatusMsg("");
ShowProgressBar(false);
}
catch {}
}
static void GetNewPlugins(XmlNode ManifestNode)
{
string PluginType = ManifestNode.Name;
List <string[]> AllPluginInfo = new List <string[]>();
switch (PluginType)
{
case ("active"):
foreach (string Name in ActivePlugin.List())
{
ActivePlugin P = ActivePlugin.Get(Name);
AllPluginInfo.Add(new string[] { P.FileName, P.Version });
}
break;
case ("passive"):
foreach (string Name in PassivePlugin.List())
{
PassivePlugin P = PassivePlugin.Get(Name);
AllPluginInfo.Add(new string[] { P.FileName, P.Version });
}
break;
case ("format"):
foreach (string Name in FormatPlugin.List())
{
FormatPlugin P = FormatPlugin.Get(Name);
AllPluginInfo.Add(new string[] { P.FileName, P.Version });
}
break;
case ("session"):
foreach (string Name in SessionPlugin.List())
{
SessionPlugin P = SessionPlugin.Get(Name);
AllPluginInfo.Add(new string[] { P.FileName, P.Version });
}
break;
}
StringBuilder SB = new StringBuilder();
XmlWriter XW = XmlWriter.Create(SB);
XW.WriteStartDocument();
XW.WriteStartElement("manifest");
foreach (XmlNode FileNode in ManifestNode.ChildNodes)
{
string Version = "";
string Action = "";
string FileName = "";
string DownloadFileName = "";
string Comment = "";
List <string[]> SupportFiles = new List <string[]>();
foreach (XmlNode PropertyNode in FileNode.ChildNodes)
{
switch (PropertyNode.Name)
{
case ("version"):
Version = PropertyNode.InnerText;
break;
case ("action"):
Action = PropertyNode.InnerText;
break;
case ("filename"):
FileName = PropertyNode.InnerText;
break;
case ("downloadname"):
DownloadFileName = PropertyNode.InnerText;
break;
case ("comment"):
Comment = PropertyNode.InnerText;
break;
case ("support_file"):
string SupportFileName = "";
string SupportFileDownloadName = "";
foreach (XmlNode SupportFileNode in PropertyNode.ChildNodes)
{
switch (SupportFileNode.Name)
{
case ("filename"):
SupportFileName = SupportFileNode.InnerText;
break;
case ("downloadname"):
SupportFileDownloadName = SupportFileNode.InnerText;
break;
}
}
SupportFiles.Add(new string[] { SupportFileName, SupportFileDownloadName });
break;
}
}
if (Action.Equals("add") || Action.Equals("update"))
{
bool MatchFound = false;
string[] MatchedPluginInfo = new string[2];
foreach (string[] PluginInfo in AllPluginInfo)
{
if (PluginInfo[0].Equals(FileName))
{
MatchFound = true;
MatchedPluginInfo = PluginInfo;
break;
}
}
if ((MatchFound && !MatchedPluginInfo[1].Equals(Version)) || !MatchFound)
{
DownloadPlugin(PluginType, FileName, DownloadFileName);
XW.WriteStartElement("file");
XW.WriteStartElement("action"); XW.WriteValue(Action); XW.WriteEndElement();
XW.WriteStartElement("filename"); XW.WriteValue(FileName); XW.WriteEndElement();
XW.WriteStartElement("comment"); XW.WriteValue(Comment); XW.WriteEndElement();
XW.WriteEndElement();
foreach (string[] SupportFile in SupportFiles)
{
DownloadPlugin(PluginType, SupportFile[0], SupportFile[1]);
XW.WriteStartElement("file");
XW.WriteStartElement("action"); XW.WriteValue(Action); XW.WriteEndElement();
XW.WriteStartElement("filename"); XW.WriteValue(SupportFile[0]); XW.WriteEndElement();
XW.WriteStartElement("comment"); XW.WriteValue(Comment); XW.WriteEndElement();
XW.WriteEndElement();
}
}
}
}
XW.WriteEndElement();
XW.WriteEndDocument();
XW.Close();
StreamWriter SW = File.CreateText(Config.Path + "\\updates\\" + PluginType + "_plugin_manifest.xml");
SW.Write(SB.ToString());
SW.Close();
}
static void DoScan()
{
Spider = new Crawler();
try
{
Spider.PrimaryHost = PrimaryHost;
Spider.BaseUrl = BaseUrl;
Spider.StartingUrl = StartingUrl;
Spider.PerformDirAndFileGuessing = PerformDirAndFileGuessing;
Spider.IncludeSubDomains = IncludeSubDomains;
Spider.HTTP = HTTP;
Spider.HTTPS = HTTPS;
Spider.UrlsToAvoid = UrlsToAvoid;
Spider.HostsToInclude = HostsToInclude;
Spider.Start();
}
catch (Exception Exp)
{
IronException.Report("Error starting Crawler", Exp);
try
{
Stop();
}
catch { }
return;
}
ScanItemUniquenessChecker UniqueChecker = new ScanItemUniquenessChecker(Mode != ScanMode.Default);
List <int> ScanIDs = new List <int>();
bool ScanActive = true;
List <string> ActivePlugins = ActivePlugin.List();
int TotalRequestsCrawled = 0;
int TotalScanJobsCreated = 0;
int TotalScanJobsCompleted = 0;
List <Request> ScannedRequests = new List <Request>();
int SleepCounter = 0;
while (ScanActive)
{
ScanActive = false;
List <Request> Requests = Spider.GetCrawledRequests();
if (Stopped)
{
return;
}
if (Requests.Count > 0 || Spider.IsActive())
{
ScanActive = true;
if (CrawlAndScan)
{
TotalRequestsCrawled = TotalRequestsCrawled + Requests.Count;
//update the ui with the number of requests crawled
foreach (Request Req in Requests)
{
if (Stopped)
{
return;
}
if (!CanScan(Req))
{
continue;
}
if (!UniqueChecker.IsUniqueToScan(Req, ScannedRequests, false))
{
continue;
}
try
{
Scanner S = new Scanner(Req);
S.CheckAll();
if (S.OriginalRequest.Query.Count == 0 && S.OriginalRequest.File.Length != 3 && S.OriginalRequest.File.Length != 4)
{
S.InjectUrl();
}
S.InjectQuery();
S.InjectBody();
//S.InjectHeaders();
//S.InjectCookie();
if (!FormatPlugin.IsNormal(Req))
{
List <FormatPlugin> RightList = FormatPlugin.Get(Req);
if (RightList.Count > 0)
{
S.BodyFormat = RightList[0];
}
}
if (S.InjectionPointsCount == 0)
{
continue;
}
TotalScanJobsCreated++;
if (Stopped)
{
return;
}
int ScanID = S.LaunchScan();
if (Stopped)
{
Stop(true);
return;
}
if (ScanID > 0)
{
ScannedRequests.Add(Req);
ScanIDs.Add(ScanID);
}
}
catch (Exception Exp)
{
IronException.Report(string.Format("Error creating Scan Job with Request - {0}", Req.Url), Exp);
}
}
}
}
if (CrawlAndScan)
{
List <int> ScanIDsToRemove = new List <int>();
List <int> AbortedScanIDs = Scanner.GetAbortedScanIDs();
List <int> CompletedScanIDs = Scanner.GetCompletedScanIDs();
for (int i = 0; i < ScanIDs.Count; i++)
{
if (Stopped)
{
return;
}
if (CompletedScanIDs.Contains(ScanIDs[i]))
{
ScanIDsToRemove.Add(i);
TotalScanJobsCompleted++;
}
else if (AbortedScanIDs.Contains(ScanIDs[i]))
{
ScanIDsToRemove.Add(i);
}
}
for (int i = 0; i < ScanIDsToRemove.Count; i++)
{
if (Stopped)
{
return;
}
ScanIDs.RemoveAt(ScanIDsToRemove[i] - i);
}
}
if (ScanActive)
{
Thread.Sleep(2000);
}
else
{
if (ScanIDs.Count > 0)
{
ScanActive = true;
Thread.Sleep(5000);
}
else if (SleepCounter < 10)
{
ScanActive = true;
Thread.Sleep(2000);
SleepCounter = SleepCounter + 2;
}
}
if (Stopped)
{
return;
}
IronUI.UpdateConsoleCrawledRequestsCount(TotalRequestsCrawled);
IronUI.UpdateConsoleScanJobsCreatedCount(TotalScanJobsCreated);
IronUI.UpdateConsoleScanJobsCompletedCount(TotalScanJobsCompleted);
}
if (Stopped)
{
return;
}
Stop();
}
static void GetNewPlugins()
{
string[] PluginManifestLines = PluginManifestFile.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
foreach (string Line in PluginManifestLines)
{
string[] LineParts = Line.Split(new char[] { '|' }, 6);
if (LineParts.Length != 6)
{
throw new Exception("Invalid 'Plugin Manifest File' recieved from server");
}
PluginManifestInfo.Add(LineParts);
}
List <string[]> CurrentPluginInfo = new List <string[]>();
foreach (string Name in ActivePlugin.List())
{
ActivePlugin AP = ActivePlugin.Get(Name);
string[] CurrentInfo = new string[] { "active", AP.Version, AP.FileName.Substring(AP.FileName.LastIndexOf('\\') + 1) };
CurrentPluginInfo.Add(CurrentInfo);
}
foreach (string Name in PassivePlugin.List())
{
PassivePlugin PP = PassivePlugin.Get(Name);
string[] CurrentInfo = new string[] { "passive", PP.Version, PP.FileName.Substring(PP.FileName.LastIndexOf('\\') + 1) };
CurrentPluginInfo.Add(CurrentInfo);
}
foreach (string Name in FormatPlugin.List())
{
FormatPlugin FP = FormatPlugin.Get(Name);
string[] CurrentInfo = new string[] { "format", FP.Version, FP.FileName.Substring(FP.FileName.LastIndexOf('\\') + 1) };
CurrentPluginInfo.Add(CurrentInfo);
}
foreach (string Name in SessionPlugin.List())
{
SessionPlugin SP = SessionPlugin.Get(Name);
string[] CurrentInfo = new string[] { "session", SP.Version, SP.FileName.Substring(SP.FileName.LastIndexOf('\\') + 1) };
CurrentPluginInfo.Add(CurrentInfo);
}
foreach (string[] PluginManifestInfoLine in PluginManifestInfo)
{
if (PluginManifestInfoLine[0].StartsWith("+") || PluginManifestInfoLine[0].StartsWith("*"))
{
bool MatchFound = false;
foreach (string[] CurrentPluginLineInfo in CurrentPluginInfo)
{
if (PluginManifestInfoLine[1].Equals(CurrentPluginLineInfo[0]) && PluginManifestInfoLine[3].Equals(CurrentPluginLineInfo[2]))
{
MatchFound = true;
if (!PluginManifestInfoLine[2].Equals(CurrentPluginLineInfo[1]))
{
DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
}
break;
}
else if (PluginManifestInfoLine[0].Contains("_"))
{
string[] SupportDetailParts = PluginManifestInfoLine[0].Split(new char[] { '_' }, 2);
if (PluginManifestInfoLine[1].Equals(CurrentPluginLineInfo[0]) && SupportDetailParts[1].Equals(CurrentPluginLineInfo[2]))
{
MatchFound = true;
if (!PluginManifestInfoLine[2].Equals(CurrentPluginLineInfo[1]))
{
DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
}
break;
}
}
}
if (!MatchFound)
{
DownloadPlugin(PluginManifestInfoLine[1], PluginManifestInfoLine[3], PluginManifestInfoLine[4]);
}
}
}
}