internal static string CheckReflections(Session IrSe) { StringBuilder Result = new StringBuilder(); if (IrSe == null) { return(Result.ToString()); } if (IrSe.Request == null) { return(Result.ToString()); } if (IrSe.Response == null) { return(Result.ToString()); } int TotalReflections = 0; List <Reflection> UrlReflections = new List <Reflection>(); List <Reflection> UrlPathPartReflections = new List <Reflection>(); List <Reflection> QueryReflections = new List <Reflection>(); List <Reflection> BodyReflections = new List <Reflection>(); List <Reflection> CookieReflections = new List <Reflection>(); List <Reflection> HeaderReflections = new List <Reflection>(); string ResString = IrSe.Response.ToString(); //Check if the URL is being reflected back if (IrSe.Request.Url.Length > 1) { Reflection RefResult = GetReflections(IrSe.Request.Url, ResString); if (RefResult.Count > 0) { RefResult.Name = "URL"; RefResult.Value = IrSe.Request.Url; RefResult.Section = "URL"; UrlReflections.Add(RefResult); } } //check if any URL path parts are being reflected. To be checked only when Querystring and File extension are absent (to handle URL rewriting) if ((IrSe.Request.Query.Count == 0) && (IrSe.Request.File.Length == 0) && IrSe.Request.UrlPathParts.Count > 0) { int PathCount = 0; foreach (string UrlPathPart in IrSe.Request.UrlPathParts) { Reflection RefResult = GetReflections(UrlPathPart, ResString); if (RefResult.Count > 0) { RefResult.Name = "UrlPathPart : " + PathCount.ToString(); RefResult.Value = UrlPathPart; RefResult.Section = "UrlPathPart"; UrlPathPartReflections.Add(RefResult); } PathCount++; } } //check if any Query parameters are being reflected foreach (string Name in IrSe.Request.Query.GetNames()) { List <string> SubParametervalues = IrSe.Request.Query.GetAll(Name); List <string> ParameterResults = new List <string>(); foreach (string Value in SubParametervalues) { Reflection RefResult = GetReflections(Value, ResString); if (RefResult.Count > 0) { RefResult.Name = Name; RefResult.Value = Value; RefResult.Section = "Query"; QueryReflections.Add(RefResult); } } } //check if any Body parameters are being reflected foreach (string Name in IrSe.Request.Body.GetNames()) { List <string> SubParametervalues = IrSe.Request.Body.GetAll(Name); List <string> ParameterResults = new List <string>(); foreach (string Value in SubParametervalues) { Reflection RefResult = GetReflections(Value, ResString); if (RefResult.Count > 0) { RefResult.Name = Name; RefResult.Value = Value; RefResult.Section = "Body"; BodyReflections.Add(RefResult); } } } //check if any Cookie parameters are being reflected foreach (string Name in IrSe.Request.Cookie.GetNames()) { List <string> SubParametervalues = IrSe.Request.Cookie.GetAll(Name); List <string> ParameterResults = new List <string>(); foreach (string Value in SubParametervalues) { Reflection RefResult = GetReflections(Value, ResString); if (RefResult.Count > 0) { RefResult.Name = Name; RefResult.Value = Value; RefResult.Section = "Cookie"; CookieReflections.Add(RefResult); } } } //check if any Header parameters are being reflected foreach (string Name in IrSe.Request.Headers.GetNames()) { List <string> SubParametervalues = IrSe.Request.Headers.GetAll(Name); List <string> ParameterResults = new List <string>(); foreach (string Value in SubParametervalues) { Reflection RefResult = GetReflections(Value, ResString); if (RefResult.Count > 0) { RefResult.Name = Name; RefResult.Value = Value; RefResult.Section = "Header"; HeaderReflections.Add(RefResult); } } } TotalReflections = UrlReflections.Count + UrlPathPartReflections.Count + QueryReflections.Count + BodyReflections.Count + CookieReflections.Count + HeaderReflections.Count; Result.Append("<i<hh>>Total Reflections: "); Result.Append(TotalReflections.ToString()); Result.Append("<i</hh>> | "); if (UrlReflections.Count > 0) { Result.Append("<i<hh>> URL : "); Result.Append(UrlReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (UrlPathPartReflections.Count > 0) { Result.Append("<i<hh>> URL Path : "); Result.Append(UrlPathPartReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (QueryReflections.Count > 0) { Result.Append("<i<hh>> Query : "); Result.Append(QueryReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (BodyReflections.Count > 0) { Result.Append("<i<hh>> Body : "); Result.Append(BodyReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (CookieReflections.Count > 0) { Result.Append("<i<hh>> Cookie : "); Result.Append(CookieReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (HeaderReflections.Count > 0) { Result.Append("<i<hh>> Headers : "); Result.Append(HeaderReflections.Count.ToString()); Result.Append("<i</hh>> | "); } Result.Append("<i<br>>"); Dictionary <int, List <Reflection> > OrderedReflections = new Dictionary <int, List <Reflection> >(); List <List <Reflection> > AllReflections = new List <List <Reflection> >() { UrlReflections, UrlPathPartReflections, QueryReflections, BodyReflections, CookieReflections, HeaderReflections }; foreach (List <Reflection> ReflectionList in AllReflections) { foreach (Reflection Refl in ReflectionList) { if (OrderedReflections.ContainsKey(Refl.Length)) { OrderedReflections[Refl.Length].Add(Refl); } else { OrderedReflections.Add(Refl.Length, new List <Reflection>() { Refl }); } } } List <int> LengthOrder = new List <int>(OrderedReflections.Keys); LengthOrder.Sort(); for (int i = LengthOrder.Count - 1; i >= 0; i--) { int Length = LengthOrder[i]; foreach (Reflection Refl in OrderedReflections[Length]) { Result.Append("<i<br>><i<br>>"); Result.Append("<i<h>>Section:<i</h>> "); Result.Append(Refl.Section); Result.Append(" | <i<h>>Parameter:<i</h>> "); Result.Append(Refl.Name); Result.Append(" | <i<h>>Count:<i</h>> "); Result.Append(Refl.Count.ToString()); Result.Append(" | <i<h>>Value:<i</h>><i<hlo>> "); Result.Append(Refl.Value); Result.Append("<i</hlo>>"); foreach (string R in Refl.GetReflections()) { Result.Append("<i<br>> "); Result.Append(R.Replace(Refl.Value, "<i<hlo>>" + Refl.Value + "<i</hlo>>")); } } } return(Result.ToString()); }
public static string CheckReflections(Reflections AllReflections) { StringBuilder Result = new StringBuilder(); if (AllReflections.Count == 0) { return(Result.ToString()); } int TotalReflections = 0; List <Reflection> UrlReflections = AllReflections.Url; List <Reflection> UrlPathPartReflections = AllReflections.UrlPathPart; List <Reflection> QueryReflections = AllReflections.Query; List <Reflection> BodyReflections = AllReflections.Body; List <Reflection> CookieReflections = AllReflections.Cookie; List <Reflection> HeaderReflections = AllReflections.Header; TotalReflections = UrlReflections.Count + UrlPathPartReflections.Count + QueryReflections.Count + BodyReflections.Count + CookieReflections.Count + HeaderReflections.Count; Result.Append("<i<hh>>Total Reflections: "); Result.Append(TotalReflections.ToString()); Result.Append("<i</hh>> | "); if (UrlReflections.Count > 0) { Result.Append("<i<hh>> URL : "); Result.Append(UrlReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (UrlPathPartReflections.Count > 0) { Result.Append("<i<hh>> URL Path : "); Result.Append(UrlPathPartReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (QueryReflections.Count > 0) { Result.Append("<i<hh>> Query : "); Result.Append(QueryReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (BodyReflections.Count > 0) { Result.Append("<i<hh>> Body : "); Result.Append(BodyReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (CookieReflections.Count > 0) { Result.Append("<i<hh>> Cookie : "); Result.Append(CookieReflections.Count.ToString()); Result.Append("<i</hh>> | "); } if (HeaderReflections.Count > 0) { Result.Append("<i<hh>> Headers : "); Result.Append(HeaderReflections.Count.ToString()); Result.Append("<i</hh>> | "); } Result.Append("<i<br>>"); Dictionary <int, List <Reflection> > OrderedReflections = new Dictionary <int, List <Reflection> >(); foreach (List <Reflection> ReflectionList in AllReflections.GetList()) { foreach (Reflection Refl in ReflectionList) { if (OrderedReflections.ContainsKey(Refl.Length)) { OrderedReflections[Refl.Length].Add(Refl); } else { OrderedReflections.Add(Refl.Length, new List <Reflection>() { Refl }); } } } List <int> LengthOrder = new List <int>(OrderedReflections.Keys); LengthOrder.Sort(); for (int i = LengthOrder.Count - 1; i >= 0; i--) { int Length = LengthOrder[i]; foreach (Reflection Refl in OrderedReflections[Length]) { Result.Append("<i<br>><i<br>>"); Result.Append("<i<h>>Section:<i</h>> "); Result.Append(Refl.Section); Result.Append(" | <i<h>>Parameter:<i</h>> "); Result.Append(Refl.Name); Result.Append(" | <i<h>>Count:<i</h>> "); Result.Append(Refl.Count.ToString()); Result.Append(" | <i<h>>Value:<i</h>><i<hlo>> "); Result.Append(Refl.Value); Result.Append("<i</hlo>>"); foreach (string R in Refl.GetReflections()) { Result.Append("<i<br>> "); Result.Append(R); } } } return(Result.ToString()); }