Example #1
0
 internal void AbsorbInjectionString(string InjectionString)
 {
     string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
     if(InjectionStringsArray.Length != 5)
     {
         throw new Exception("Invalid Injection String");
     }
     this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Replace("Url:",""));
     this.QueryInjections = GetParametersFromInjectionString(InjectionStringsArray[1].Replace("Query:", ""));
     if (this.BodyFormat.Name.Length == 0)
     {
         this.BodyInjections = GetParametersFromInjectionString(InjectionStringsArray[2].Replace("Body:", ""));
     }
     else
     {
         this.AbsorbFormatBodyParametersFromInjectionString(InjectionStringsArray[2].Replace("Body:", ""));
     }
     this.CookieInjections = GetParametersFromInjectionString(InjectionStringsArray[3].Replace("Cookie:", ""));
     this.HeadersInjections = GetParametersFromInjectionString(InjectionStringsArray[4].Replace("Headers:", ""));
 }
Example #2
0
 void AbsorbFormatBodyParametersFromInjectionString(string InjectionString)
 {
     InjectionParameters InjectionParameters = new InjectionParameters();
     string[] Parameters = InjectionString.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
     this.BodyXmlInjectionParameters = new Parameters();
     this.BodyXmlInjections.Clear();
     int i = 0;
     foreach (string Parameter in Parameters)
     {
         string[] ParameterParts = Parameter.Split(new string[] { ":" }, StringSplitOptions.RemoveEmptyEntries);
         if (ParameterParts.Length != 2) throw new Exception("Invalid Injection String");
         string[] SecondParameterParts = ParameterParts[1].Split(new string[] { "-" }, StringSplitOptions.RemoveEmptyEntries);
         if (SecondParameterParts.Length < 1 || SecondParameterParts.Length > 2) throw new Exception("Invalid Injection String");
         try
         {
             string Value = "";
             if (SecondParameterParts.Length == 2) Value = SecondParameterParts[0];
             string InjectionState = "";
             if (SecondParameterParts.Length == 2)
                 InjectionState = SecondParameterParts[1];
             else
                 InjectionState = SecondParameterParts[0];
             this.BodyXmlInjectionParameters.Add(Encoding.UTF8.GetString(Convert.FromBase64String(ParameterParts[0])), Encoding.UTF8.GetString(Convert.FromBase64String(Value)));
             if (InjectionState.Equals("1")) this.BodyXmlInjections.Add(i);
         }
         catch
         {
             throw new Exception("Invalid Injection String");
         }
         i++;
     }
 }
Example #3
0
 void ResetInjectionParameters()
 {
     this.URLInjections = new List<int>();
     this.QueryInjections = new InjectionParameters();
     this.BodyInjections = new InjectionParameters();
     this.BodyXmlInjections = new List<int>();
     this.CookieInjections = new InjectionParameters();
     this.HeadersInjections = new InjectionParameters();
 }
Example #4
0
 static InjectionParameters GetParametersFromInjectionString(string InjectionString)
 {
     InjectionParameters InjectionParameters = new InjectionParameters();
     string[] Parameters = InjectionString.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
     foreach(string Parameter in Parameters)
     {
         string[] ParameterParts = Parameter.Split(new string[]{"="}, StringSplitOptions.RemoveEmptyEntries);
         if (ParameterParts.Length != 2) throw new Exception("Invalid Injection String");
         string[] SubParameterPositions = ParameterParts[1].Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries);
         foreach (string SubParameterPosition in SubParameterPositions)
         {
             try
             {
                 InjectionParameters.Add(ParameterParts[0], Int32.Parse(SubParameterPosition));
             }
             catch
             {
                 throw new Exception("Invalid Injection String");
             }
         }
     }
     return InjectionParameters;
 }
Example #5
0
 static string GetStringFromInjectionParameters(InjectionParameters InjectionParameters)
 {
     StringBuilder IS = new StringBuilder();
     foreach (string Name in InjectionParameters.GetAll())
     {
         IS.Append(Name); IS.Append("=");
         foreach (int i in InjectionParameters.GetAll(Name))
         {
             IS.Append(i.ToString()); IS.Append(",");
         }
         IS.Append(";");
     }
     return IS.ToString();
 }
Example #6
0
 public void InjectBody(string StartMarker, string EndMarker)
 {
     if (StartMarker.Length == 0)
     {
         throw new Exception("Start Marker cannot be empty");
     }
     if (EndMarker.Length == 0)
     {
         throw new Exception("End Marker cannot be empty");
     }
     if (StartMarker.Equals(EndMarker))
     {
         throw new Exception("Start Marker and End Marker cannot be the same");
     }
     this.CustomInjectionPointStartMarker = StartMarker;
     this.CustomInjectionPointEndMarker = EndMarker;
     this.BodyFormat = new FormatPlugin();
     this.BodyXmlInjectionParameters = new Parameters();
     this.BodyXmlInjections = new List<int>();
     this.BodyInjections = new InjectionParameters();
 }
Example #7
0
 public void InjectBody(int XmlInjectionPoint)
 {
     if (this.BodyFormat.Name.Length == 0)
     {
         throw new Exception("Format Plugin Not Selected");
     }
     if (this.BodyXmlInjectionParameters.Count == 0)
     {
         DeserializeRequestBodyWithFormatPlugin();
         //string Xml = BodyFormat.ToXmlFromRequest(this.OriginalRequest);
         //InjectionArrayXML = Xml;
         //XmlInjectionArray = FormatPlugin.XmlToArray(Xml);
         //XmlInjectionSignature = Tools.MD5("Name:" + BodyFormat.Name + "|Body" + this.OriginalRequest.BodyString);
         //for (int i = 0; i < XmlInjectionArray.GetLength(0); i++)
         //{
         //    this.BodyXmlInjectionParameters.Add(XmlInjectionArray[i, 0], XmlInjectionArray[i, 1]);
         //}
     }
     //if (this.BodyXmlInjectionParameters.Count == 0 || !XmlInjectionSignature.Equals(Tools.MD5("Name:" + BodyFormat.Name + "|Body" + this.OriginalRequest.BodyString)))
     if (BodyXmlInjectionParameters.Count == 0) throw new Exception("No parameters to Inject");
     //if (!XmlInjectionSignature.Equals(Tools.MD5("Name:" + BodyFormat.Name + "|Body:" + this.OriginalRequest.BodyString)))
     //{
     //    string Xml = BodyFormat.ToXmlFromRequest(this.OriginalRequest);
     //    XmlInjectionArray = FormatPlugin.XmlToArray(Xml);
     //    for (int i = 0; i < XmlInjectionArray.GetLength(0); i++)
     //    {
     //        this.BodyXmlInjectionParameters.Add(XmlInjectionArray[i, 0], XmlInjectionArray[i, 1]);
     //    }
     //}
     if (XmlInjectionPoint >= BodyXmlInjectionParameters.Count) throw new Exception("Injection point is outside the list of available values");
     if (!this.BodyXmlInjections.Contains(XmlInjectionPoint)) this.BodyXmlInjections.Add(XmlInjectionPoint);
     this.CustomInjectionPointStartMarker = "";
     this.CustomInjectionPointEndMarker = "";
     this.BodyInjections = new InjectionParameters();
 }
Example #8
0
 static string GetStringFromInjectionParameters(InjectionParameters InjectionParameters)
 {
     StringBuilder IS = new StringBuilder();
     foreach (string Name in InjectionParameters.GetAll())
     {
         //IS.Append(Name); IS.Append("="); - old format
         IS.Append(Tools.Base64Encode(Name)); IS.Append("-");
         foreach (int i in InjectionParameters.GetAll(Name))
         {
             IS.Append(i.ToString()); IS.Append(",");
         }
         IS.Append(";");
     }
     return IS.ToString();
 }
Example #9
0
 internal void AbsorbOldFormatInjectionString(string InjectionString)
 {
     string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
     if(InjectionStringsArray.Length != 5)
     {
         throw new Exception("Invalid Injection String");
     }
     this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Substring(4));//Remove 'Url:'
     this.QueryInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[1].Substring(6));//Remove 'Query:'
     if (this.BodyFormat.Name.Length == 0)
     {
         this.BodyInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[2].Substring(5));//Remove 'Body:'
     }
     else
     {
         this.AbsorbFormatBodyParametersFromInjectionString(InjectionStringsArray[2].Substring(5));//Remove 'Body:'
     }
     this.CookieInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[3].Substring(7));//Remove 'Cookie:'
     this.HeadersInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[4].Substring(8));//Remove 'Headers:'
 }
Example #10
0
        internal void AbsorbNewFormatInjectionString(string InjectionString)
        {
            string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries);
            if (InjectionStringsArray.Length != 6)
            {
                throw new Exception("Invalid Injection String");
            }
            this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Substring(4));//Remove 'Url|'
            this.QueryInjections = GetParametersFromInjectionString(InjectionStringsArray[1].Substring(6));//Remove 'Query|'
            string BodyInjectionStringPart = InjectionStringsArray[2].Substring(5);
            if (BodyInjectionStringPart.StartsWith("CustomMarker|"))//Remove 'Body|'
            {
                string[] CustomMarkers = GetCustomMarkersFromInjectionString(BodyInjectionStringPart.Substring(13));//Remove 'CustomMarker|'
                this.CustomInjectionPointStartMarker = CustomMarkers[0];
                this.CustomInjectionPointEndMarker = CustomMarkers[1];
            }
            else if (BodyInjectionStringPart.StartsWith("FormatPlugin|"))
            {
                this.AbsorbFormatBodyParametersFromInjectionString(BodyInjectionStringPart.Substring(13));//Remove 'FormatPlugin|'
            }
            else
            {
                this.BodyInjections = GetParametersFromInjectionString(BodyInjectionStringPart.Substring(7));//Remove 'Normal|'
            }

            this.CookieInjections = GetParametersFromInjectionString(InjectionStringsArray[3].Substring(7));//Remove 'Cookie|'
            this.HeadersInjections = GetParametersFromInjectionString(InjectionStringsArray[4].Substring(8));//Remove 'Headers|'
            this.ParameterNameInjections = GetParametersFromInjectionString(InjectionStringsArray[5].Substring(6));//Remove 'Names|'
        }