internal void AbsorbInjectionString(string InjectionString)
{
string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
if(InjectionStringsArray.Length != 5)
{
throw new Exception("Invalid Injection String");
}
this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Replace("Url:",""));
this.QueryInjections = GetParametersFromInjectionString(InjectionStringsArray[1].Replace("Query:", ""));
if (this.BodyFormat.Name.Length == 0)
{
this.BodyInjections = GetParametersFromInjectionString(InjectionStringsArray[2].Replace("Body:", ""));
}
else
{
this.AbsorbFormatBodyParametersFromInjectionString(InjectionStringsArray[2].Replace("Body:", ""));
}
this.CookieInjections = GetParametersFromInjectionString(InjectionStringsArray[3].Replace("Cookie:", ""));
this.HeadersInjections = GetParametersFromInjectionString(InjectionStringsArray[4].Replace("Headers:", ""));
}
void AbsorbFormatBodyParametersFromInjectionString(string InjectionString)
{
InjectionParameters InjectionParameters = new InjectionParameters();
string[] Parameters = InjectionString.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
this.BodyXmlInjectionParameters = new Parameters();
this.BodyXmlInjections.Clear();
int i = 0;
foreach (string Parameter in Parameters)
{
string[] ParameterParts = Parameter.Split(new string[] { ":" }, StringSplitOptions.RemoveEmptyEntries);
if (ParameterParts.Length != 2) throw new Exception("Invalid Injection String");
string[] SecondParameterParts = ParameterParts[1].Split(new string[] { "-" }, StringSplitOptions.RemoveEmptyEntries);
if (SecondParameterParts.Length < 1 || SecondParameterParts.Length > 2) throw new Exception("Invalid Injection String");
try
{
string Value = "";
if (SecondParameterParts.Length == 2) Value = SecondParameterParts[0];
string InjectionState = "";
if (SecondParameterParts.Length == 2)
InjectionState = SecondParameterParts[1];
else
InjectionState = SecondParameterParts[0];
this.BodyXmlInjectionParameters.Add(Encoding.UTF8.GetString(Convert.FromBase64String(ParameterParts[0])), Encoding.UTF8.GetString(Convert.FromBase64String(Value)));
if (InjectionState.Equals("1")) this.BodyXmlInjections.Add(i);
}
catch
{
throw new Exception("Invalid Injection String");
}
i++;
}
}
void ResetInjectionParameters()
{
this.URLInjections = new List<int>();
this.QueryInjections = new InjectionParameters();
this.BodyInjections = new InjectionParameters();
this.BodyXmlInjections = new List<int>();
this.CookieInjections = new InjectionParameters();
this.HeadersInjections = new InjectionParameters();
}
static InjectionParameters GetParametersFromInjectionString(string InjectionString)
{
InjectionParameters InjectionParameters = new InjectionParameters();
string[] Parameters = InjectionString.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
foreach(string Parameter in Parameters)
{
string[] ParameterParts = Parameter.Split(new string[]{"="}, StringSplitOptions.RemoveEmptyEntries);
if (ParameterParts.Length != 2) throw new Exception("Invalid Injection String");
string[] SubParameterPositions = ParameterParts[1].Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
foreach (string SubParameterPosition in SubParameterPositions)
{
try
{
InjectionParameters.Add(ParameterParts[0], Int32.Parse(SubParameterPosition));
}
catch
{
throw new Exception("Invalid Injection String");
}
}
}
return InjectionParameters;
}
static string GetStringFromInjectionParameters(InjectionParameters InjectionParameters)
{
StringBuilder IS = new StringBuilder();
foreach (string Name in InjectionParameters.GetAll())
{
IS.Append(Name); IS.Append("=");
foreach (int i in InjectionParameters.GetAll(Name))
{
IS.Append(i.ToString()); IS.Append(",");
}
IS.Append(";");
}
return IS.ToString();
}
public void InjectBody(string StartMarker, string EndMarker)
{
if (StartMarker.Length == 0)
{
throw new Exception("Start Marker cannot be empty");
}
if (EndMarker.Length == 0)
{
throw new Exception("End Marker cannot be empty");
}
if (StartMarker.Equals(EndMarker))
{
throw new Exception("Start Marker and End Marker cannot be the same");
}
this.CustomInjectionPointStartMarker = StartMarker;
this.CustomInjectionPointEndMarker = EndMarker;
this.BodyFormat = new FormatPlugin();
this.BodyXmlInjectionParameters = new Parameters();
this.BodyXmlInjections = new List<int>();
this.BodyInjections = new InjectionParameters();
}
public void InjectBody(int XmlInjectionPoint)
{
if (this.BodyFormat.Name.Length == 0)
{
throw new Exception("Format Plugin Not Selected");
}
if (this.BodyXmlInjectionParameters.Count == 0)
{
DeserializeRequestBodyWithFormatPlugin();
//string Xml = BodyFormat.ToXmlFromRequest(this.OriginalRequest);
//InjectionArrayXML = Xml;
//XmlInjectionArray = FormatPlugin.XmlToArray(Xml);
//XmlInjectionSignature = Tools.MD5("Name:" + BodyFormat.Name + "|Body" + this.OriginalRequest.BodyString);
//for (int i = 0; i < XmlInjectionArray.GetLength(0); i++)
//{
// this.BodyXmlInjectionParameters.Add(XmlInjectionArray[i, 0], XmlInjectionArray[i, 1]);
//}
}
//if (this.BodyXmlInjectionParameters.Count == 0 || !XmlInjectionSignature.Equals(Tools.MD5("Name:" + BodyFormat.Name + "|Body" + this.OriginalRequest.BodyString)))
if (BodyXmlInjectionParameters.Count == 0) throw new Exception("No parameters to Inject");
//if (!XmlInjectionSignature.Equals(Tools.MD5("Name:" + BodyFormat.Name + "|Body:" + this.OriginalRequest.BodyString)))
//{
// string Xml = BodyFormat.ToXmlFromRequest(this.OriginalRequest);
// XmlInjectionArray = FormatPlugin.XmlToArray(Xml);
// for (int i = 0; i < XmlInjectionArray.GetLength(0); i++)
// {
// this.BodyXmlInjectionParameters.Add(XmlInjectionArray[i, 0], XmlInjectionArray[i, 1]);
// }
//}
if (XmlInjectionPoint >= BodyXmlInjectionParameters.Count) throw new Exception("Injection point is outside the list of available values");
if (!this.BodyXmlInjections.Contains(XmlInjectionPoint)) this.BodyXmlInjections.Add(XmlInjectionPoint);
this.CustomInjectionPointStartMarker = "";
this.CustomInjectionPointEndMarker = "";
this.BodyInjections = new InjectionParameters();
}
static string GetStringFromInjectionParameters(InjectionParameters InjectionParameters)
{
StringBuilder IS = new StringBuilder();
foreach (string Name in InjectionParameters.GetAll())
{
//IS.Append(Name); IS.Append("="); - old format
IS.Append(Tools.Base64Encode(Name)); IS.Append("-");
foreach (int i in InjectionParameters.GetAll(Name))
{
IS.Append(i.ToString()); IS.Append(",");
}
IS.Append(";");
}
return IS.ToString();
}
internal void AbsorbOldFormatInjectionString(string InjectionString)
{
string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
if(InjectionStringsArray.Length != 5)
{
throw new Exception("Invalid Injection String");
}
this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Substring(4));//Remove 'Url:'
this.QueryInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[1].Substring(6));//Remove 'Query:'
if (this.BodyFormat.Name.Length == 0)
{
this.BodyInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[2].Substring(5));//Remove 'Body:'
}
else
{
this.AbsorbFormatBodyParametersFromInjectionString(InjectionStringsArray[2].Substring(5));//Remove 'Body:'
}
this.CookieInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[3].Substring(7));//Remove 'Cookie:'
this.HeadersInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[4].Substring(8));//Remove 'Headers:'
}
internal void AbsorbNewFormatInjectionString(string InjectionString)
{
string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
if (InjectionStringsArray.Length != 6)
{
throw new Exception("Invalid Injection String");
}
this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Substring(4));//Remove 'Url|'
this.QueryInjections = GetParametersFromInjectionString(InjectionStringsArray[1].Substring(6));//Remove 'Query|'
string BodyInjectionStringPart = InjectionStringsArray[2].Substring(5);
if (BodyInjectionStringPart.StartsWith("CustomMarker|"))//Remove 'Body|'
{
string[] CustomMarkers = GetCustomMarkersFromInjectionString(BodyInjectionStringPart.Substring(13));//Remove 'CustomMarker|'
this.CustomInjectionPointStartMarker = CustomMarkers[0];
this.CustomInjectionPointEndMarker = CustomMarkers[1];
}
else if (BodyInjectionStringPart.StartsWith("FormatPlugin|"))
{
this.AbsorbFormatBodyParametersFromInjectionString(BodyInjectionStringPart.Substring(13));//Remove 'FormatPlugin|'
}
else
{
this.BodyInjections = GetParametersFromInjectionString(BodyInjectionStringPart.Substring(7));//Remove 'Normal|'
}
this.CookieInjections = GetParametersFromInjectionString(InjectionStringsArray[3].Substring(7));//Remove 'Cookie|'
this.HeadersInjections = GetParametersFromInjectionString(InjectionStringsArray[4].Substring(8));//Remove 'Headers|'
this.ParameterNameInjections = GetParametersFromInjectionString(InjectionStringsArray[5].Substring(6));//Remove 'Names|'
}
