public static string CheckReflections(Reflections AllReflections)
{
StringBuilder Result = new StringBuilder();
if (AllReflections.Count == 0)
{
return(Result.ToString());
}
int TotalReflections = 0;
List <Reflection> UrlReflections = AllReflections.Url;
List <Reflection> UrlPathPartReflections = AllReflections.UrlPathPart;
List <Reflection> QueryReflections = AllReflections.Query;
List <Reflection> BodyReflections = AllReflections.Body;
List <Reflection> CookieReflections = AllReflections.Cookie;
List <Reflection> HeaderReflections = AllReflections.Header;
TotalReflections = UrlReflections.Count + UrlPathPartReflections.Count + QueryReflections.Count + BodyReflections.Count + CookieReflections.Count + HeaderReflections.Count;
Result.Append("<i<hh>>Total Reflections: "); Result.Append(TotalReflections.ToString()); Result.Append("<i</hh>> | ");
if (UrlReflections.Count > 0)
{
Result.Append("<i<hh>> URL : "); Result.Append(UrlReflections.Count.ToString()); Result.Append("<i</hh>> | ");
}
if (UrlPathPartReflections.Count > 0)
{
Result.Append("<i<hh>> URL Path : "); Result.Append(UrlPathPartReflections.Count.ToString()); Result.Append("<i</hh>> | ");
}
if (QueryReflections.Count > 0)
{
Result.Append("<i<hh>> Query : "); Result.Append(QueryReflections.Count.ToString()); Result.Append("<i</hh>> | ");
}
if (BodyReflections.Count > 0)
{
Result.Append("<i<hh>> Body : "); Result.Append(BodyReflections.Count.ToString()); Result.Append("<i</hh>> | ");
}
if (CookieReflections.Count > 0)
{
Result.Append("<i<hh>> Cookie : "); Result.Append(CookieReflections.Count.ToString()); Result.Append("<i</hh>> | ");
}
if (HeaderReflections.Count > 0)
{
Result.Append("<i<hh>> Headers : "); Result.Append(HeaderReflections.Count.ToString()); Result.Append("<i</hh>> | ");
}
Result.Append("<i<br>>");
Dictionary <int, List <Reflection> > OrderedReflections = new Dictionary <int, List <Reflection> >();
foreach (List <Reflection> ReflectionList in AllReflections.GetList())
{
foreach (Reflection Refl in ReflectionList)
{
if (OrderedReflections.ContainsKey(Refl.Length))
{
OrderedReflections[Refl.Length].Add(Refl);
}
else
{
OrderedReflections.Add(Refl.Length, new List <Reflection>()
{
Refl
});
}
}
}
List <int> LengthOrder = new List <int>(OrderedReflections.Keys);
LengthOrder.Sort();
for (int i = LengthOrder.Count - 1; i >= 0; i--)
{
int Length = LengthOrder[i];
foreach (Reflection Refl in OrderedReflections[Length])
{
Result.Append("<i<br>><i<br>>");
Result.Append("<i<h>>Section:<i</h>> "); Result.Append(Refl.Section); Result.Append(" | <i<h>>Parameter:<i</h>> "); Result.Append(Refl.Name); Result.Append(" | <i<h>>Count:<i</h>> "); Result.Append(Refl.Count.ToString()); Result.Append(" | <i<h>>Value:<i</h>><i<hlo>> "); Result.Append(Refl.Value); Result.Append("<i</hlo>>");
foreach (string R in Refl.GetReflections())
{
Result.Append("<i<br>> "); Result.Append(R);
}
}
}
return(Result.ToString());
}
internal static Reflections GetAllReflections(Session IrSe)
{
Reflections AllReflections = new Reflections();
if (IrSe == null)
{
return(AllReflections);
}
if (IrSe.Request == null)
{
return(AllReflections);
}
if (IrSe.Response == null)
{
return(AllReflections);
}
int TotalReflections = 0;
List <Reflection> UrlReflections = new List <Reflection>();
List <Reflection> UrlPathPartReflections = new List <Reflection>();
List <Reflection> QueryReflections = new List <Reflection>();
List <Reflection> BodyReflections = new List <Reflection>();
List <Reflection> CookieReflections = new List <Reflection>();
List <Reflection> HeaderReflections = new List <Reflection>();
string ResString = IrSe.Response.ToString();
//Check if the URL is being reflected back
if (IrSe.Request.Url.Length > 1)
{
Reflection RefResult = GetReflections(IrSe.Request.Url, ResString);
if (RefResult.Count > 0)
{
RefResult.Name = "URL";
RefResult.Value = IrSe.Request.Url;
RefResult.Section = "URL";
UrlReflections.Add(RefResult);
}
}
//check if any URL path parts are being reflected. To be checked only when Querystring and File extension are absent (to handle URL rewriting)
if ((IrSe.Request.Query.Count == 0) && (IrSe.Request.File.Length == 0) && IrSe.Request.UrlPathParts.Count > 0)
{
int PathCount = 0;
foreach (string UrlPathPart in IrSe.Request.UrlPathParts)
{
Reflection RefResult = GetReflections(UrlPathPart, ResString);
if (RefResult.Count > 0)
{
RefResult.Name = "UrlPathPart : " + PathCount.ToString();
RefResult.Value = UrlPathPart;
RefResult.Section = "UrlPathPart";
UrlPathPartReflections.Add(RefResult);
}
PathCount++;
}
}
//check if any Query parameters are being reflected
foreach (string Name in IrSe.Request.Query.GetNames())
{
List <string> SubParametervalues = IrSe.Request.Query.GetAll(Name);
List <string> ParameterResults = new List <string>();
foreach (string Value in SubParametervalues)
{
Reflection RefResult = GetReflections(Value, ResString);
if (RefResult.Count > 0)
{
RefResult.Name = Name;
RefResult.Value = Value;
RefResult.Section = "Query";
QueryReflections.Add(RefResult);
}
}
}
//check if any Body parameters are being reflected
foreach (string Name in IrSe.Request.Body.GetNames())
{
List <string> SubParametervalues = IrSe.Request.Body.GetAll(Name);
List <string> ParameterResults = new List <string>();
foreach (string Value in SubParametervalues)
{
Reflection RefResult = GetReflections(Value, ResString);
if (RefResult.Count > 0)
{
RefResult.Name = Name;
RefResult.Value = Value;
RefResult.Section = "Body";
BodyReflections.Add(RefResult);
}
}
}
//check if any Cookie parameters are being reflected
foreach (string Name in IrSe.Request.Cookie.GetNames())
{
List <string> SubParametervalues = IrSe.Request.Cookie.GetAll(Name);
List <string> ParameterResults = new List <string>();
foreach (string Value in SubParametervalues)
{
Reflection RefResult = GetReflections(Value, ResString);
if (RefResult.Count > 0)
{
RefResult.Name = Name;
RefResult.Value = Value;
RefResult.Section = "Cookie";
CookieReflections.Add(RefResult);
}
}
}
//check if any Header parameters are being reflected
foreach (string Name in IrSe.Request.Headers.GetNames())
{
List <string> SubParametervalues = IrSe.Request.Headers.GetAll(Name);
List <string> ParameterResults = new List <string>();
foreach (string Value in SubParametervalues)
{
Reflection RefResult = GetReflections(Value, ResString);
if (RefResult.Count > 0)
{
RefResult.Name = Name;
RefResult.Value = Value;
RefResult.Section = "Header";
HeaderReflections.Add(RefResult);
}
}
}
TotalReflections = UrlReflections.Count + UrlPathPartReflections.Count + QueryReflections.Count + BodyReflections.Count + CookieReflections.Count + HeaderReflections.Count;
AllReflections.Url = UrlReflections;
AllReflections.UrlPathPart = UrlPathPartReflections;
AllReflections.Query = QueryReflections;
AllReflections.Body = BodyReflections;
AllReflections.Cookie = CookieReflections;
AllReflections.Header = HeaderReflections;
return(AllReflections);
}
public static string CheckReflections(Session IrSe)
{
Reflections AllReflections = GetAllReflections(IrSe);
return(CheckReflections(AllReflections));
}
