public void scanManual()
{
string strReturn = "";
int intX = 0;
//Get Payloads and Signatures for URL
//Dont get form element payloads
objPayloadDataSet = payloadDataAccess.getSelectedForManageSessionScreenExcludeFormElement(mSessionId, System.Convert.ToInt32(mUrlId));
objSignaturesDataSet = signaturesDataAccess.getSelectedForManageSessionScreen(mSessionId, System.Convert.ToInt32(mUrlId));
foreach (DataRow objDataRow in objPayloadDataSet.Tables[0].Rows)
{
berettaSubmission objSubmission = new berettaSubmission();
objSubmission.url = "" + mUrl;
objSubmission.formSubmission = "" + objDataRow["payloadData"].ToString();
mObjBerettaSubmissionHashTable.Add(System.Guid.NewGuid().ToString(), objSubmission);
objSubmission = null;
strReturn = objFormSubmitter.submitData(objDataRow["payloadData"].ToString(), mUrl, false, "POST", mUserAgent);
//Check if result matches any signatures
foreach (DataRow objSignatureRow in objSignaturesDataSet.Tables[0].Rows)
{
berettaResult objResult = new berettaResult();
//Check if matches signature
objResult = isMatch(strReturn, objSignatureRow, System.Convert.ToInt32(objDataRow["id"]), objDataRow["payloadName"].ToString(), "MANUAL", objDataRow["payloadData"].ToString());
if (objResult.isMatch == true)
{
mObjBerettaResultHashTable.Add(intX, objResult);
intX++;
}
objResult = null;
}
}
}
public void scanAuto()
{
string strReturn = "";
string strPayloadData = "";
string strFieldName = "";
string strCurrentUrlFormValues = "";
string strHtml = "";
int intX = 0;
int intReplacerPos = 0;
int intFieldPos = 0;
string strTmpUrl = "";
int intQueryStringPos = 0;
beretta.Objects.response objResponse = new beretta.Objects.response();
//Get Payloads and Signatures for URL
objPayloadDataSet = payloadDataAccess.getAutoPayloads(mSessionId);
objSignaturesDataSet = signaturesDataAccess.getSelectedForManageSessionScreen(mSessionId, 0);
//Get form elements for page
strHtml = objFormSubmitter.getPage(mUrl, true, mUserAgent);
if (strHtml == "")
{
return;
}
objResponse.input = strHtml;
objResponse.analyze();
//For each Payload
foreach (DataRow objDataRow in objPayloadDataSet.Tables[0].Rows)
{
intReplacerPos = 0;
strPayloadData = "" + objDataRow["payloadData"].ToString();
//For Each submit button
foreach (string strUrlFormValues in objResponse.formSubmission)
{
//Have we reached end of submit buttons?
if (strUrlFormValues == null || strUrlFormValues == "")
{
break;
}
//Form submission payload or url?
if (objDataRow["type"].ToString() == "1" || objDataRow["type"].ToString() == "0")
{
strPayloadData = "" + beretta.support.encoding.encodeFormElements(strPayloadData);
//Find placeholder and replace with payload
intReplacerPos = strUrlFormValues.IndexOf("%%r%%", intReplacerPos);
//Insert payload in each form field
while (intReplacerPos != -1)
{
strCurrentUrlFormValues = strUrlFormValues;
//Get name of field we are working on
strFieldName = strUrlFormValues.Substring(0, intReplacerPos);
intFieldPos = strFieldName.LastIndexOf("&");
if (intFieldPos != -1)
{
strFieldName = strFieldName.Substring(intFieldPos);
}
else
{
}
strFieldName = strFieldName.Replace("&", "");
strFieldName = strFieldName.Replace("=", "");
strCurrentUrlFormValues = strUrlFormValues.Remove(intReplacerPos, 5);
strCurrentUrlFormValues = strCurrentUrlFormValues.Insert(intReplacerPos, strPayloadData);
strCurrentUrlFormValues = strCurrentUrlFormValues.Replace("%%r%%", "");
strCurrentUrlFormValues = beretta.support.encoding.encodeForm(strCurrentUrlFormValues);
berettaSubmission objSubmission = new berettaSubmission();
objSubmission.url = "" + mUrl;
objSubmission.formSubmission = "" + strCurrentUrlFormValues;
mObjBerettaSubmissionHashTable.Add(System.Guid.NewGuid().ToString(), objSubmission);
objSubmission = null;
strReturn = objFormSubmitter.submitData(strCurrentUrlFormValues, mUrl, true, "POST", mUserAgent);
//Check if result matches any signatures
foreach (DataRow objSignatureRow in objSignaturesDataSet.Tables[0].Rows)
{
berettaResult objResult = new berettaResult();
//Check if matches signature
objResult = isMatch(strReturn, objSignatureRow, System.Convert.ToInt32(objDataRow["id"]), objDataRow["payloadName"].ToString(), strFieldName, strCurrentUrlFormValues);
if (objResult.isMatch == true)
{
mObjBerettaResultHashTable.Add(intX, objResult);
intX++;
}
objResult = null;
}
intReplacerPos = strUrlFormValues.IndexOf("%%r%%", intReplacerPos + 1);
}
}
else
{
//Query String Replace
strTmpUrl = mUrl;
//4= query string replace auto
if (objDataRow["type"].ToString() == "4")
{
intQueryStringPos = strTmpUrl.IndexOf("?");
if (intQueryStringPos > 0)
{
strTmpUrl = strTmpUrl.Substring(0, intQueryStringPos);
strTmpUrl = strTmpUrl + "?" + strPayloadData;
}
else
{
strTmpUrl = strTmpUrl + "?" + strPayloadData;
}
}
//5= query string append auto
if (objDataRow["type"].ToString() == "5")
{
intQueryStringPos = strTmpUrl.IndexOf("?");
if (intQueryStringPos > 0)
{
strTmpUrl = strTmpUrl + "&" + strPayloadData;
}
else
{
strTmpUrl = strTmpUrl + "?" + strPayloadData;
}
}
berettaSubmission objSubmission = new berettaSubmission();
objSubmission.url = "" + strTmpUrl;
objSubmission.formSubmission = "" + strCurrentUrlFormValues;
mObjBerettaSubmissionHashTable.Add(System.Guid.NewGuid().ToString(), objSubmission);
objSubmission = null;
strReturn = objFormSubmitter.submitData(strCurrentUrlFormValues, strTmpUrl, true, "POST", mUserAgent);
//Check if result matches any signatures
foreach (DataRow objSignatureRow in objSignaturesDataSet.Tables[0].Rows)
{
berettaResult objResult = new berettaResult();
//Check if matches signature
objResult = isMatch(strReturn, objSignatureRow, System.Convert.ToInt32(objDataRow["id"]), objDataRow["payloadName"].ToString(), strTmpUrl, strCurrentUrlFormValues);
if (objResult.isMatch == true)
{
mObjBerettaResultHashTable.Add(intX, objResult);
intX++;
}
objResult = null;
}
}
}
}
}
public void scanManual()
{
string strReturn="";
int intX=0;
//Get Payloads and Signatures for URL
//Dont get form element payloads
foreach(DataRow objDataRow in mObjPayloadDataSet.Tables[0].Rows)
{
berettaSubmission objSubmission=new berettaSubmission();
objSubmission.url="" + mUrl;
objSubmission.formSubmission="" + objDataRow["payloadData"].ToString();
mObjBerettaSubmissionHashTable.Add(System.Guid.NewGuid().ToString(), objSubmission);
objSubmission=null;
strReturn=objFormSubmitter.submitData(objDataRow["payloadData"].ToString(), mUrl, false, "POST", mUserAgent);
//Check if result matches any signatures
foreach(DataRow objSignatureRow in mObjSignaturesDataSet.Tables[0].Rows)
{
berettaResult objResult=new berettaResult();
//Check if matches signature
objResult=isMatch(strReturn, objSignatureRow, System.Convert.ToInt32(objDataRow["id"]), objDataRow["payloadName"].ToString(), "MANUAL", objDataRow["payloadData"].ToString());
if (objResult.isMatch==true)
{
mObjBerettaResultHashTable.Add(intX, objResult);
intX++;
}
objResult=null;
}
}
}
public void scanAuto()
{
string strReturn="";
string strPayloadData="";
string strFieldName="";
string strCurrentUrlFormValues="";
string strHtml="";
int intX=0;
int intReplacerPos=0;
int intFieldPos=0;
string strTmpUrl="";
int intQueryStringPos=0;
beretta.Objects.response objResponse= new beretta.Objects.response();
//Get form elements for page
strHtml=objFormSubmitter.getPage(mUrl, true, mUserAgent);
if(strHtml=="") return;
objResponse.input=strHtml;
objResponse.analyze();
//For each Payload
foreach(DataRow objDataRow in mObjPayloadDataSet.Tables[0].Rows)
{
intReplacerPos=0;
strPayloadData="" + objDataRow["payloadData"].ToString();
//For Each submit button
foreach(string strUrlFormValues in objResponse.formSubmission)
{
//Have we reached end of submit buttons?
if (strUrlFormValues==null || strUrlFormValues=="")
{
break;
}
//Form submission payload or url?
if (objDataRow["type"].ToString()=="1" || objDataRow["type"].ToString()=="0")
{
strPayloadData="" + beretta.support.encoding.encodeFormElements(strPayloadData);
//Find placeholder and replace with payload
intReplacerPos=strUrlFormValues.IndexOf("%%r%%", intReplacerPos);
//Insert payload in each form field
while(intReplacerPos != -1)
{
strCurrentUrlFormValues=strUrlFormValues;
//Get name of field we are working on
strFieldName=strUrlFormValues.Substring(0, intReplacerPos);
intFieldPos=strFieldName.LastIndexOf("&");
if(intFieldPos!=-1)
{
strFieldName=strFieldName.Substring(intFieldPos);
}
else
{
}
strFieldName=strFieldName.Replace("&", "");
strFieldName=strFieldName.Replace("=", "");
strCurrentUrlFormValues=strUrlFormValues.Remove(intReplacerPos, 5);
strCurrentUrlFormValues=strCurrentUrlFormValues.Insert(intReplacerPos, strPayloadData);
strCurrentUrlFormValues=strCurrentUrlFormValues.Replace("%%r%%", "");
strCurrentUrlFormValues=beretta.support.encoding.encodeForm(strCurrentUrlFormValues);
berettaSubmission objSubmission=new berettaSubmission();
objSubmission.url="" + mUrl;
objSubmission.formSubmission="" + strCurrentUrlFormValues;
mObjBerettaSubmissionHashTable.Add(System.Guid.NewGuid().ToString(), objSubmission);
objSubmission=null;
strReturn=objFormSubmitter.submitData(strCurrentUrlFormValues, mUrl, true, "POST", mUserAgent);
//Check if result matches any signatures
foreach(DataRow objSignatureRow in mObjSignaturesDataSet.Tables[0].Rows)
{
berettaResult objResult=new berettaResult();
//Check if matches signature
objResult=isMatch(strReturn, objSignatureRow, System.Convert.ToInt32(objDataRow["id"]), objDataRow["payloadName"].ToString(), strFieldName, strCurrentUrlFormValues);
if (objResult.isMatch==true)
{
mObjBerettaResultHashTable.Add(intX, objResult);
intX++;
}
objResult=null;
}
intReplacerPos=strUrlFormValues.IndexOf("%%r%%", intReplacerPos + 1);
}
}
else
{
//Query String Replace
strTmpUrl=mUrl;
//4= query string replace auto
if (objDataRow["type"].ToString()=="4")
{
intQueryStringPos= strTmpUrl.IndexOf("?");
if (intQueryStringPos>0)
{
strTmpUrl=strTmpUrl.Substring(0, intQueryStringPos);
strTmpUrl=strTmpUrl + "?" + strPayloadData;
}
else
{
strTmpUrl=strTmpUrl + "?" + strPayloadData;
}
}
//5= query string append auto
if (objDataRow["type"].ToString()=="5")
{
intQueryStringPos= strTmpUrl.IndexOf("?");
if (intQueryStringPos>0)
{
strTmpUrl=strTmpUrl + "&" + strPayloadData;
}
else
{
strTmpUrl=strTmpUrl + "?" + strPayloadData;
}
}
berettaSubmission objSubmission=new berettaSubmission();
objSubmission.url="" + strTmpUrl;
objSubmission.formSubmission="" + strCurrentUrlFormValues;
mObjBerettaSubmissionHashTable.Add(System.Guid.NewGuid().ToString(), objSubmission);
objSubmission=null;
strReturn=objFormSubmitter.submitData(strCurrentUrlFormValues, strTmpUrl, true, "POST", mUserAgent);
//Check if result matches any signatures
foreach(DataRow objSignatureRow in mObjSignaturesDataSet.Tables[0].Rows)
{
berettaResult objResult=new berettaResult();
//Check if matches signature
objResult=isMatch(strReturn, objSignatureRow, System.Convert.ToInt32(objDataRow["id"]), objDataRow["payloadName"].ToString(), strTmpUrl, strCurrentUrlFormValues);
if (objResult.isMatch==true)
{
mObjBerettaResultHashTable.Add(intX, objResult);
intX++;
}
objResult=null;
}
}
}
}
}
