/// <summary>
/// Will construct a new HostEntry object.
/// </summary>
/// <param name="url">The URL of the host.</param>
/// <param name="protocol">The URL protocol of the host.</param>
/// <param name="fillEmpty">True if attributes such as IP should be filled
/// with empty strings.</param>
public HostEntry(string url, string protocol)
{
if (protocol == null) protocol = "https";
_protocol = new HostEntryAttribute(HostEntryAttribute.Type.Protocol, protocol);
_URL = new HostEntryAttribute(HostEntryAttribute.Type.URL, url);
_customAttributes = new List<HostEntryAttribute>();
_differences = new List<AnalyzeDifference>();
_assessmentFailedMessage = "Assessment failed";
}
/// <summary>
/// Will set the ranking for this host entry.
/// </summary>
public void SetRanking(string value)
{
if (value == null) value = _assessmentFailedMessage;
_ranking = new HostEntryAttribute(HostEntryAttribute.Type.Ranking, value);
}
public void HostEntryAttribute_Positive()
{
string ip = "1.1.1.1";
HostEntryAttribute hea =
new HostEntryAttribute(HostEntryAttribute.Type.IP,
ip);
Assert.AreEqual(ip, hea.ToString());
}
/// <summary>
/// Will set the IP address for this host entry.
/// </summary>
public void SetIP(string value)
{
if (value == null) value = _assessmentFailedMessage;
_IP = new HostEntryAttribute(HostEntryAttribute.Type.IP, value);
}
/// <summary>
/// Formulates the difference of two HostEntryAttributes.
/// </summary>
private string getSummary(HostEntryAttribute before, HostEntryAttribute now)
{
if ((before == null || before.ToString().Length <= 1)
&& now.ToString().Length >= 1) return string.Format("Discovered as {0}", now);
else if (before.ToString().Length >= 1 && now.ToString().Length >= 1
&& !before.Equals(now)) return string.Format("Detection from {0} to {1}", before, now);
else if (before.Equals(now)) return string.Format("Unchanged: {0}", now);
return "Assessment failed";
}
/// <summary>
/// Will set the TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA cipher presence.
/// </summary>
public void Set3DESPresence(string value)
{
if (value == null) value = "False";
else
{
value = value.ToLower();
value = value[0].ToString().ToUpper() + value.Substring(1);
}
if (!value.Equals("True") && !value.Equals("False"))
throw new Exception("3DES Cipher presence must either be 'True' or 'False'.");
__3DES = new HostEntryAttribute(HostEntryAttribute.Type._3DES, value);
}
/// <summary>
/// Will set the HTTP Server signature of this host entry.
/// </summary>
public void SetHTTPServerSignature(string value)
{
if (value == null) value = _assessmentFailedMessage;
_httpServerSignature = new HostEntryAttribute(HostEntryAttribute.Type.HTTPServerSignature, value);
}
/// <summary>
/// Will set the OpenSSL CCS vulnerability of this host entry.
/// </summary>
public void SetOpenSSLCCSVulnerable(int value)
{
string str = DataFormatter.Static.OpenSSLCCSToString(value);
_openSSLCCSVulnerable = new HostEntryAttribute(HostEntryAttribute.Type.OpenSSLCCSVulnerable, str);
}
/// <summary>
/// Sets the beast vulnerability of this host entry.
/// </summary>
public void SetBeastVulnerarbility(bool value)
{
string str = "No";
if (value) str = "Yes";
_beast = new HostEntryAttribute(HostEntryAttribute.Type.BeastVulnerability, str);
}
/// <summary>
/// Will set the RC4 support for this host entry.
/// </summary>
/// <param name="value"></param>
public void SetRC4(string value)
{
if (value == null) value = _assessmentFailedMessage;
_RC4 = new HostEntryAttribute(HostEntryAttribute.Type.RC4, value);
}
/// <summary>
/// Will set the TLS versions for this host entry.
/// </summary>
public void SetProtocolVersions(string value)
{
if (value == null) value = _assessmentFailedMessage;
_protocolVersions = new HostEntryAttribute(HostEntryAttribute.Type.ProtocolVersions, value);
}
/// <summary>
/// Will set the TLS versions for this host entry.
/// </summary>
/// <param name="value"></param>
public void SetProtocolVersions(List<Protocol> protocols)
{
if (protocols == null) return;
string str = DataFormatter.Static.ProtocolVersionsToString(protocols);
_protocolVersions = new HostEntryAttribute(HostEntryAttribute.Type.ProtocolVersions, str);
}
/// <summary>
/// Will set the expiration date for this host entry.
/// </summary>
public void SetExpirationDate(string value)
{
if (value == null) value = DateTime.Now.ToString("dd.MM.yyyy");
DateTime warningDate =
DateTime.Parse(value).Subtract(TimeSpan.FromSeconds(Settings.Static.AnalyzerSettings.WarningDays));
_warningExpired =
warningDate <= DateTime.Today.Subtract(TimeSpan.FromDays(Settings.Static.AnalyzerSettings.WarningDays));
_expiration = new HostEntryAttribute(HostEntryAttribute.Type.Expiration, value);
_warningExpiration = new HostEntryAttribute(HostEntryAttribute.Type.WarningExpiration,
warningDate.ToString("dd.MM.yyyy"));
}
/// <summary>
/// Will set the expiration date for this host entry.
/// </summary>
public void SetExpirationDate(long value)
{
if (value == 0) value = 0;
DateTime dt = DataFormatter.Static.UnixToDateTime(value);
DateTime warningDate = dt.Subtract(TimeSpan.FromDays(Settings.Static.AnalyzerSettings.WarningDays));
_warningExpired = DateTime.Now <= DateTime.Today.Subtract(TimeSpan.FromDays(Settings.Static.AnalyzerSettings.WarningDays));
_expiration = new HostEntryAttribute(HostEntryAttribute.Type.Expiration,
dt.ToString("dd.MM.yyyy"));
_warningExpiration = new HostEntryAttribute(HostEntryAttribute.Type.WarningExpiration,
warningDate.ToString("dd.MM.yyyy"));
}
/// <summary>
/// Will set the fingerprint certificate for this
/// host entry.
/// </summary>
public void SetFingerPrintCert(string value)
{
if (value == null) value = _assessmentFailedMessage;
_FingerPrintCert = new HostEntryAttribute(HostEntryAttribute.Type.Fingerprint, value);
}
/// <summary>
/// Will set whether this host entry is vulnerable to Poddle.
/// </summary>
public void SetPoodleVulnerability(string value)
{
if (value == null) value = _assessmentFailedMessage;
_poodleVulnarable = new HostEntryAttribute(HostEntryAttribute.Type.PoodleVulnerable, value);
}
/// <summary>
/// Will set the extended validation of this host entry.
/// </summary>
public void SetExtendedValidation(string value)
{
string str = "Uknown";
if (value != null) str = DataFormatter.Static.ExtendedValidationToString(value);
_extendedValidation = new HostEntryAttribute(HostEntryAttribute.Type.ExtendedValidation, value);
}
/// <summary>
/// Sets the beast vulnerability of this host entry.
/// </summary>
public void SetBeastVulnerarbility(string value)
{
if (value == null) value = _assessmentFailedMessage;
_beast = new HostEntryAttribute(HostEntryAttribute.Type.BeastVulnerability, value);
}
/// <summary>
/// Will set the OpenSSL CCS vulnerability of this host entry.
/// </summary>
public void SetOpenSSLCCSVulnerable(string value)
{
if (value == null) value = _assessmentFailedMessage;
_openSSLCCSVulnerable = new HostEntryAttribute(HostEntryAttribute.Type.OpenSSLCCSVulnerable, value);
}
/// <summary>
/// Sets the forward secrecy attribute of this host entry.
/// </summary>
public void SetForwardSecrecy(string value)
{
if (value == null) value = _assessmentFailedMessage;
_forwardSecrecy = new HostEntryAttribute(HostEntryAttribute.Type.ForwardSecrecy, value);
}
/// <summary>
/// Will set the server host name of this host entry.
/// </summary>
public void SetServerHostName(string value)
{
if (value == null) value = _assessmentFailedMessage;
_serverHostname = new HostEntryAttribute(HostEntryAttribute.Type.ServerHostName, value);
}
/// <summary>
/// Sets the forward secrecy attribute of this host entry.
/// </summary>
public void SetForwardSecrecy(int value)
{
string str = "No";
if (value == 1) str = "(0) For at least one browser from simulator.";
else if (value == 2) str = "(1) ECDHE suites, but not DHE.";
else if (value == 4) str = "(2) Robust: ECDHE + DHE.";
_forwardSecrecy = new HostEntryAttribute(HostEntryAttribute.Type.ForwardSecrecy
,str);
}
public void AddCustomAttribute(string name, string value)
{
var attr = new HostEntryAttribute(HostEntryAttribute.Type.CustomAttribute, value, name);
_customAttributes.Add(attr);
}
/// <summary>
/// Sets the heartbleed vulnerability for this host entry.
/// </summary>
public void SetHeartbleedVulnerability(string value)
{
if (value == null) value = _assessmentFailedMessage;
_heartbleed = new HostEntryAttribute(HostEntryAttribute.Type.Heartbleed
,value);
}
/// <summary>
/// Sets the beast vulnerability of this host entry.
/// </summary>
public void SetHeartbleedVulnerability(bool value)
{
string str = "No";
if (value) str = "Yes";
_heartbleed = new HostEntryAttribute(HostEntryAttribute.Type.Heartbleed, str);
}
/// <summary>
/// Will set the signature algorithm of this host entry.
/// </summary>
public void SetSignatureAlgorithm(string value)
{
if (value == null) value = _assessmentFailedMessage;
_signatureAlgorithm = new HostEntryAttribute(HostEntryAttribute.Type.SignatureAlgorithm, value);
}
public void HostEntryAttribute_Equals()
{
string ip = "1.1.1.1";
HostEntryAttribute.Type type =
HostEntryAttribute.Type.IP;
HostEntryAttribute hea = new HostEntryAttribute(type, ip);
HostEntryAttribute hea2 = new HostEntryAttribute(type, ip);
Assert.AreEqual(hea, hea2);
}
/// <summary>
/// Will set whether this host entry is vulnerable to Poddle.
/// </summary>
public void SetPoodleVulnerability(bool poodleSSL, int poodleTLS)
{
string str = DataFormatter.Static.PoodleToString(poodleSSL, poodleTLS);
_poodleVulnarable = new HostEntryAttribute(HostEntryAttribute.Type.PoodleVulnerable, str);
}
public void HostEntryAttribute_Negative()
{
HostEntryAttribute hea =
new HostEntryAttribute(HostEntryAttribute.Type.IP,
null);
Assert.AreEqual("?", hea.ToString());
}
/// <summary>
/// Will determine the coloring of the cell based on the content it holds
/// for its type.
/// </summary>
private coloring detemineCellColoring(HostEntryAttribute s, HostEntry he = null)
{
if (s.Attribute == HostEntryAttribute.Type.Protocol)
{
if (s.ToString().ToLower().Equals("http")) return coloring.negative;
return coloring.positive;
}
else if (s.Attribute == HostEntryAttribute.Type.Ranking)
{
if (s.ToString().ToLower().StartsWith("a")) return coloring.positive;
else if (s.ToString().ToLower().StartsWith("b")) return coloring.neutral;
else return coloring.negative;
}
else if (s.Attribute == HostEntryAttribute.Type.Fingerprint)
{
if (s.ToString().Contains("256")) return coloring.positive;
else return coloring.neutral;
}
else if (s.Attribute == HostEntryAttribute.Type.Expiration)
{
DateTime dt = DateTime.Parse(s.ToString());
if (dt > DateTime.Today.AddDays(10)) return coloring.positive;
else if (dt < DateTime.Today) return coloring.negative;
}
else if (s.Attribute == HostEntryAttribute.Type.WarningExpiration)
{
if (he.WarningExpired) return coloring.negative;
else return coloring.positive;
}
else if (s.Attribute == HostEntryAttribute.Type.RC4)
{
if (s.ToString().Contains("True")) return coloring.negative;
else if (s.ToString().Contains("False")) return coloring.positive;
}
else if (s.Attribute == HostEntryAttribute.Type.MD5)
{
if (s.ToString().Contains("Yes")) return coloring.negative;
else if (s.ToString().Contains("No")) return coloring.positive;
}
else if (s.Attribute == HostEntryAttribute.Type.BeastVulnerability)
{
if (s.ToString().Contains("Yes")) return coloring.negative;
else if (s.ToString().Contains("No")) return coloring.positive;
}
else if (s.Attribute == HostEntryAttribute.Type.ForwardSecrecy)
{
if (s.ToString().Contains("Yes")) return coloring.positive;
else if (s.ToString().Contains("No")) return coloring.negative;
}
else if (s.Attribute == HostEntryAttribute.Type.Heartbleed)
{
if (s.ToString().Contains("Yes")) return coloring.negative;
else if (s.ToString().Contains("No")) return coloring.positive;
}
else if (s.Attribute == HostEntryAttribute.Type.OpenSSLCCSVulnerable)
{
if (s.ToString().Contains("Not")) return coloring.positive;
else return coloring.negative;
}
else if (s.Attribute == HostEntryAttribute.Type.OpenSSLCCSVulnerable)
{
if (s.ToString().Contains("Not")) return coloring.positive;
else return coloring.neutral;
}
else if (s.Attribute == HostEntryAttribute.Type._3DES)
{
if (s.ToString().Contains("True")) return coloring.negative;
else return coloring.positive;
}
return coloring.none;
}
