public static string Highlight(Request Req, List<string> ToHighlight) { string ReqHeader = Req.GetHeadersAsString(); string Body = Req.BodyString; ReqHeader = InsertHighlights(ReqHeader, ToHighlight); Body = InsertHighlights(Body, ToHighlight); StringBuilder SB = new StringBuilder(); SB.Append(SnipHeaderSection(ReqHeader)); SB.AppendLine(); SB.AppendLine(); SB.Append(SnipBodySection(Body)); return SB.ToString(); }
public static string Highlight(Request Req, List <string> ToHighlight) { string ReqHeader = Req.GetHeadersAsString(); string Body = Req.BodyString; ReqHeader = InsertHighlights(ReqHeader, ToHighlight); Body = InsertHighlights(Body, ToHighlight); StringBuilder SB = new StringBuilder(); SB.Append(SnipHeaderSection(ReqHeader)); SB.AppendLine(); SB.AppendLine(); SB.Append(SnipBodySection(Body)); return(SB.ToString()); }
internal static void UpdateScan(int ScanID, Request Req, string Status, string InjectionPoints, string FormatPlugin, string ScanPlugins, string SessionPlugin) { using(SQLiteConnection DB = new SQLiteConnection("data source=" + IronProjectFile)) { DB.Open(); using(SQLiteCommand Cmd = DB.CreateCommand()) { Cmd.CommandText = "UPDATE ScanQueue SET RequestHeaders=@RequestHeaders, RequestBody=@RequestBody, BinaryRequest=@BinaryRequest, Status=@Status, Method=@Method, URL=@URL, SessionPlugin=@SessionPlugin, InjectionPoints=@InjectionPoints, FormatPlugin=@FormatPlugin, ScanPlugins=@ScanPlugins WHERE ScanID=@ScanID"; Cmd.Parameters.AddWithValue("@ScanID", ScanID); Cmd.Parameters.AddWithValue("@RequestHeaders", Req.GetHeadersAsString()); if(Req.IsBinary) Cmd.Parameters.AddWithValue("@RequestBody", Req.BinaryBodyString); else Cmd.Parameters.AddWithValue("@RequestBody", Req.BodyString); Cmd.Parameters.AddWithValue("@BinaryRequest", AsInt(Req.IsBinary)); Cmd.Parameters.AddWithValue("@Status", Status); Cmd.Parameters.AddWithValue("@Method", Req.Method); Cmd.Parameters.AddWithValue("@URL", Req.FullUrl); Cmd.Parameters.AddWithValue("@SessionPlugin", SessionPlugin); Cmd.Parameters.AddWithValue("@InjectionPoints", InjectionPoints); Cmd.Parameters.AddWithValue("@FormatPlugin", FormatPlugin); Cmd.Parameters.AddWithValue("@ScanPlugins", ScanPlugins); Cmd.ExecuteNonQuery(); } } }
internal static void CreateScan(int ScanID, Request Req) { using(SQLiteConnection DB = new SQLiteConnection("data source=" + IronProjectFile)) { DB.Open(); using (SQLiteCommand Cmd = DB.CreateCommand()) { Cmd.CommandText = "INSERT INTO ScanQueue (ScanID, RequestHeaders, RequestBody, BinaryRequest, Status, Method, URL) VALUES (@ScanID, @RequestHeaders, @RequestBody, @BinaryRequest, @Status, @Method, @URL)"; Cmd.Parameters.AddWithValue("@ScanID", ScanID); Cmd.Parameters.AddWithValue("@RequestHeaders", Req.GetHeadersAsString()); if (Req.IsBinary) Cmd.Parameters.AddWithValue("@RequestBody", Req.BinaryBodyString); else Cmd.Parameters.AddWithValue("@RequestBody", Req.BodyString); Cmd.Parameters.AddWithValue("@BinaryRequest", AsInt(Req.IsBinary)); Cmd.Parameters.AddWithValue("@Status", "Not Started"); Cmd.Parameters.AddWithValue("@Method", Req.Method); Cmd.Parameters.AddWithValue("@URL", Req.FullUrl); Cmd.ExecuteNonQuery(); } } //CreateScan(ScanID, Req, "Not Started", "", "", "", ""); }
internal static void LogMTRequest(Request Request) { using (SQLiteConnection MT_DB = new SQLiteConnection("data source=" + TestLogFile)) { MT_DB.Open(); using (SQLiteCommand Cmd = MT_DB.CreateCommand()) { Cmd.CommandText = "INSERT INTO TestLog (ID, SSL, HostName, Method, URL, File, Parameters, RequestHeaders, RequestBody, BinaryRequest, Notes) VALUES (@ID, @SSL, @HostName, @Method, @URL, @File, @Parameters, @RequestHeaders, @RequestBody, @BinaryRequest, @Notes)"; Cmd.Parameters.AddWithValue("@ID", Request.ID); Cmd.Parameters.AddWithValue("@SSL", AsInt(Request.SSL)); Cmd.Parameters.AddWithValue("@HostName", Request.Host); Cmd.Parameters.AddWithValue("@Method", Request.Method); Cmd.Parameters.AddWithValue("@URL", Request.URL); Cmd.Parameters.AddWithValue("@File", Request.File); Cmd.Parameters.AddWithValue("@Parameters", Request.GetParametersString()); //Cmd.Parameters.AddWithValue("@RequestHeaders", Request.GetHeadersAsStringWithoutFullURL()); Cmd.Parameters.AddWithValue("@RequestHeaders", Request.GetHeadersAsString()); if (Request.IsBinary) Cmd.Parameters.AddWithValue("@RequestBody", Request.BinaryBodyString); else Cmd.Parameters.AddWithValue("@RequestBody", Request.BodyString); //Cmd.Parameters.AddWithValue("@RequestBody", Request.BodyString); Cmd.Parameters.AddWithValue("@BinaryRequest", AsInt(Request.IsBinary)); Cmd.Parameters.AddWithValue("@Notes", "Some Notes"); Cmd.ExecuteNonQuery(); } } }
public static string GetRequestTriggerHighlighting(string Trigg, Request Req) { StringBuilder SB = new StringBuilder(); string ReqHeader = Req.GetHeadersAsString(); string ReqBody = Req.BodyString; List<string> AllTriggerVariations = new List<string>(); AllTriggerVariations.Add(Trigg); if (!AllTriggerVariations.Contains(Request.PathPartEncode(Trigg))) AllTriggerVariations.Add(Request.PathPartEncode(Trigg)); if (!AllTriggerVariations.Contains(QueryParameters.Encode(Trigg))) AllTriggerVariations.Add(QueryParameters.Encode(Trigg)); if (!AllTriggerVariations.Contains(CookieParameters.Encode(Trigg))) AllTriggerVariations.Add(CookieParameters.Encode(Trigg)); if (!AllTriggerVariations.Contains(HeaderParameters.Encode(Trigg))) AllTriggerVariations.Add(HeaderParameters.Encode(Trigg)); try { List<string> HeaderAdjustments = GetHeaderVariations(Trigg, Req.Headers, ReqHeader); foreach (string HA in HeaderAdjustments) { if (!AllTriggerVariations.Contains(HA)) { AllTriggerVariations.Add(HA); } } } catch { } List<string> HeaderTriggerVariations = new List<string>(); foreach (string CurrentVariation in AllTriggerVariations) { if (!HeaderTriggerVariations.Contains(CurrentVariation) && ReqHeader.Contains(CurrentVariation)) { HeaderTriggerVariations.Add(CurrentVariation); } } ReqHeader = Highlighter.InsertHighlights(ReqHeader, HeaderTriggerVariations); ReqBody = GetRequestBodyHighlighting(ReqBody, Trigg); if (!ReqHeader.Contains("<i<hlg>>") && !ReqBody.Contains("<i<hlg>>")) { foreach (string TriggLine in Tools.SplitLines(Trigg)) { ReqBody = GetRequestBodyHighlighting(ReqBody, TriggLine); } } SB.Append(Highlighter.SnipHeaderSection(ReqHeader).TrimEnd()); SB.AppendLine(); SB.AppendLine(); SB.Append(Highlighter.SnipBodySection(ReqBody)); return SB.ToString().Replace("\n", "<i<br>>"); }
public static bool IsSame(Request A, Request B) { try { if (!A.GetHeadersAsString().Equals(B.GetHeadersAsString())) return false; if (A.BodyLength != B.BodyLength) return false; for (int i = 0; i < A.BodyLength; i++) { if (A.BodyArray[i] != B.BodyArray[i]) return false; } } catch { return false; } return true; }
public static string GetRequestTriggerHighlighting(string Trigg, Request Req) { StringBuilder SB = new StringBuilder(); string ReqHeader = Req.GetHeadersAsString(); string ReqBody = Req.BodyString; List <string> AllTriggerVariations = new List <string>(); AllTriggerVariations.Add(Trigg); if (!AllTriggerVariations.Contains(Request.PathPartEncode(Trigg))) { AllTriggerVariations.Add(Request.PathPartEncode(Trigg)); } if (!AllTriggerVariations.Contains(QueryParameters.Encode(Trigg))) { AllTriggerVariations.Add(QueryParameters.Encode(Trigg)); } if (!AllTriggerVariations.Contains(CookieParameters.Encode(Trigg))) { AllTriggerVariations.Add(CookieParameters.Encode(Trigg)); } if (!AllTriggerVariations.Contains(HeaderParameters.Encode(Trigg))) { AllTriggerVariations.Add(HeaderParameters.Encode(Trigg)); } try { List <string> HeaderAdjustments = GetHeaderVariations(Trigg, Req.Headers, ReqHeader); foreach (string HA in HeaderAdjustments) { if (!AllTriggerVariations.Contains(HA)) { AllTriggerVariations.Add(HA); } } } catch { } List <string> HeaderTriggerVariations = new List <string>(); foreach (string CurrentVariation in AllTriggerVariations) { if (!HeaderTriggerVariations.Contains(CurrentVariation) && ReqHeader.Contains(CurrentVariation)) { HeaderTriggerVariations.Add(CurrentVariation); } } ReqHeader = Highlighter.InsertHighlights(ReqHeader, HeaderTriggerVariations); ReqBody = GetRequestBodyHighlighting(ReqBody, Trigg); if (!ReqHeader.Contains("<i<hlg>>") && !ReqBody.Contains("<i<hlg>>")) { foreach (string TriggLine in Tools.SplitLines(Trigg)) { ReqBody = GetRequestBodyHighlighting(ReqBody, TriggLine); } } SB.Append(Highlighter.SnipHeaderSection(ReqHeader).TrimEnd()); SB.AppendLine(); SB.AppendLine(); SB.Append(Highlighter.SnipBodySection(ReqBody)); return(SB.ToString().Replace("\n", "<i<br>>")); }