public override void Check(Session session) { String[] bods = null; String body = null; alertbody = ""; findingnum = 0; if (WatcherEngine.Configuration.IsOriginDomain(session.hostname)) { if (session.responseCode == 200) { if (Utility.IsResponseHtml(session) || Utility.IsResponseJavascript(session)) { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); if (parser.Parser == null) { return; } HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { if (chunk.oType == HTMLchunkType.Script) { CheckJavascriptEvalUsage(session, chunk.oHTML); } } parser.Close(); } if (Utility.IsResponseJavascript(session)) { body = Utility.GetResponseText(session); CheckJavascriptEvalUsage(session, body); } if (!String.IsNullOrEmpty(alertbody)) { AddAlert(session); } } } }
public override void Check(Session session) { String[] bods = null; String body = null; alertbody = ""; findingnum = 0; if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname)) { if (session.responseCode == 200) { if (Utility.IsResponseHtml(session)) { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); parser.Parser.bAutoKeepScripts = true; if (parser.Parser == null) { return; } HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { if (chunk.oType == HTMLchunkType.Script) { CheckJavascriptCrossDomainReferenceProperty(session, chunk.oHTML, "src"); CheckJavascriptCrossDomainReferenceProperty(session, chunk.oHTML, "href"); CheckJavascriptCrossDomainReferenceWindowOpen(session, chunk.oHTML); } } parser.Close(); //body = Utility.GetResponseText(session); //if (body != null) //{ // bods = Utility.GetHtmlTagBodies(body, "script"); // if (bods != null) // { // foreach (String b in bods) // { // CheckJavascriptCrossDomainReferenceProperty(session, b, "src"); // CheckJavascriptCrossDomainReferenceProperty(session, b, "href"); // CheckJavascriptCrossDomainReferenceWindowOpen(session, b); // } // } //} } if (Utility.IsResponseJavascript(session)) { body = Utility.GetResponseText(session); if (body != null) { CheckJavascriptCrossDomainReferenceProperty(session, body, "src"); CheckJavascriptCrossDomainReferenceProperty(session, body, "href"); CheckJavascriptCrossDomainReferenceWindowOpen(session, body); } } if (!String.IsNullOrEmpty(alertbody)) { AddAlert(session); } } } }
public override void Check(Session session) { String pat = null; String bod = null; String dom = null; alertbody = ""; findingnum = 0; // This is a check for cross-domain issues. So if Watcher is not configured with // an origin domain, treat the session response hostname as the origin. if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname)) { if (session.responseCode == 200) { if (Utility.IsResponseXml(session) || Utility.IsResponsePlain(session)) { pat = Path.GetFileName(session.PathAndQuery); if (pat != null && pat.ToLower() == "crossdomain.xml") { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); parser.Parser.bKeepRawHTML = true; HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { // Check if this is a Flash cross-domain-policy //if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "cross-domain-policy") //{ //} if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "allow-access-from") { try { dom = chunk.oParams["domain"].ToString(); } catch (ArgumentOutOfRangeException) { continue; } if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom)) { AssembleAlert(dom, chunk.oHTML); } } if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "allow-http-request-headers-from") { try { dom = chunk.oParams["domain"].ToString(); } catch (ArgumentOutOfRangeException) { continue; } if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom)) { AssembleAlert(dom, chunk.oHTML); } } } parser.Close(); if (!String.IsNullOrEmpty(alertbody)) { AddAlert(session); } } } } } }
public override void Check(Session session) { String body = null; String comment = null; String script = null; alertbody = ""; findingnum = 0; if (WatcherEngine.Configuration.IsOriginDomain(session.hostname)) { if (session.responseCode == 200) { if (Utility.IsResponseHtml(session) && session.responseBodyBytes.Length > 0) { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { if (chunk.oType == HTMLchunkType.Comment) { // TODO: Must call Finalise() first! comment = chunk.oHTML; if (comment != null) { CheckComment(session, comment); } } if (chunk.oType == HTMLchunkType.Script) { script = chunk.oHTML.Trim(); if (script != null) { foreach (Match comments in Utility.GetJavascriptMultiLineComment(script)) { comment = comments.ToString(); CheckComment(session, comment); } foreach (Match comments in Utility.GetJavascriptSingleLineComment(script)) { comment = comments.ToString(); CheckComment(session, comment); } } } } parser.Close(); } if (Utility.IsResponseJavascript(session)) { body = Utility.GetResponseText(session); // Look at application/javascript responses if (Utility.IsResponseJavascript(session)) { foreach (Match comments in Utility.GetJavascriptMultiLineComment(body)) { comment = comments.ToString(); if (comment != null) { CheckComment(session, comment); } } foreach (Match comments in Utility.GetJavascriptSingleLineComment(body)) { comment = comments.ToString(); if (comment != null) { CheckComment(session, comment); } } } } if (!String.IsNullOrEmpty(alertbody)) { AddAlert(session); } } } }
public override void Check(Session session) { String bod = null; String src = null; String dom = null; String rel = null; String[] bods = null; alertbody = ""; findingnum = 0; if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname)) { if (session.responseCode == 200 && session.responseBodyBytes.Length > 0) { if (Utility.IsResponseHtml(session)) { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); parser.Parser.bKeepRawHTML = true; HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "style") { // Get the stuff between style tags chunk = parser.Parser.ParseNext(); CheckCssImport(session, chunk.oHTML); } if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "link" && chunk.oParams.ContainsKey("rel")) { rel = chunk.oParams["rel"].ToString().ToLower(); if (rel == "stylesheet" && chunk.oParams.ContainsKey("href")) { src = chunk.oParams["href"].ToString(); if (!String.IsNullOrEmpty(src)) { dom = Utility.GetUriDomainName(src); if (dom != null) { if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom)) { AssembleAlert(dom, chunk.oHTML); } } } } } } // close the parser parser.Close(); } if (Utility.IsResponseCss(session)) { bod = Utility.GetResponseText(session); if (bod != null) { CheckCssImport(session, bod); } } if (!String.IsNullOrEmpty(alertbody)) { AddAlert(session); } } } }
//public override void Check(WatcherEngine watcher, Session session, UtilityHtmlParser htmlparser) public override void Check(Session session) { String body = null; String hteq = null; String cont = null; String enc = null; String header = null; alertbody = String.Empty; findingnum = 0; if (WatcherEngine.Configuration.IsOriginDomain(session.hostname)) { if (session.responseCode == 200) { if (Utility.UrlNotInList(session.fullUrl, urls)) { // We only care about HTML and XML content, see: // http://www.w3.org/International/O-charset // if (Utility.IsResponseHtml(session)) { header = session.oResponse.headers.GetTokenValue("Content-Type", "charset"); // skip cases where the HTTP Header is null or empty, these are covered by another check. if (session.responseBodyBytes.Length > 0 && !String.IsNullOrEmpty(header)) { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "meta") { if (chunk.oParams.ContainsKey("http-equiv") && chunk.oParams.ContainsKey("content")) { hteq = chunk.oParams["http-equiv"].ToString(); if (hteq.ToString().Equals("content-type", StringComparison.InvariantCultureIgnoreCase)) { cont = chunk.oParams["content"].ToString(); if (!String.IsNullOrEmpty(cont)) { CheckContentTypeCharset(cont, "html", header); } } } } } parser.Close(); } } else if (Utility.IsResponseXml(session)) { header = session.oResponse.headers.GetTokenValue("Content-Type", "charset"); // skip cases where the HTTP Header is null or empty, these are covered by another check. if (session.responseBodyBytes.Length > 0 && !String.IsNullOrEmpty(header)) { UtilityHtmlParser parser = new UtilityHtmlParser(); parser.Open(session); HTMLchunk chunk; while ((chunk = parser.Parser.ParseNext()) != null) { if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "?xml") { if (chunk.oParams.ContainsKey("encoding")) { enc = chunk.oParams["encoding"].ToString(); if (!String.IsNullOrEmpty(enc)) { CheckContentTypeCharset(enc, "xml", header); } } } } parser.Close(); } } if (!String.IsNullOrEmpty(alertbody)) { AddAlert(session); } } } } }