private void OnEnterAddSearchPatternRecord(object sender, KeyEventArgs e) { if (e.KeyCode != Keys.Enter) { return; } e.SuppressKeyPress = true; var method = this.cb_Method?.SelectedItem?.ToString() ?? string.Empty; var hostRegex = this.tb_HostRegex?.Text?.Trim() ?? string.Empty; var pathRegex = this.tb_PathRegex?.Text?.Trim() ?? string.Empty; var dataRegex = this.tb_DataRegex?.Text?.Trim() ?? string.Empty; var newRecord = new RecordHttpSearch(method, hostRegex, pathRegex, dataRegex); try { this.AddRecord(newRecord); } catch (Exception ex) { this.Config.HostApplication.LogMessage($"{this.Config.PluginName}: {ex.Message}"); MessageBox.Show(ex.Message, "Warning", MessageBoxButtons.OK, MessageBoxIcon.Warning); } }
public void ProcessData_MatchingPath() { RecordHttpSearch pattern = new RecordHttpSearch("GET", ".*", @"/subdir/index\.html", ".*"); this.inst.AddRecord(pattern); this.inst.OnNewData("HTTPREQ||11-22-33-44-55-66||192.168.10.10||1234||8.8.8.8||80||" + "GET /subdir/index.html HTTP/1.1..Host: host.com....<html><body>hello world</body></html>"); this.inst.ProcessEntries(); Assert.IsTrue(this.inst.HttpSearchRecords.Count == 1); Assert.IsTrue(this.inst.HttpFindingRedcords.Count == 1); }
public void ProcessData_NonMatchingPatterns() { RecordHttpSearch pattern = new RecordHttpSearch("GET", @"invalidhost\.com", "/invalid/path/.*", "invalidDataRegex"); this.inst.HttpSearchRecords.Add(pattern); this.inst.OnNewData("Testrecord"); this.inst.ProcessEntries(); Assert.IsTrue(this.inst.DataBatch.Count == 0); Assert.IsTrue(this.inst.HttpSearchRecords.Count == 1); Assert.IsTrue(this.inst.HttpFindingRedcords.Count == 0); }
public void ProcessData_SearchUsernameAndPassword() { RecordHttpSearch pattern = new RecordHttpSearch("POST", ".*", ".*", @"user=(\w+)\b.*&pass=(\w)"); this.inst.AddRecord(pattern); this.inst.OnNewData("HTTPREQ||11-22-33-44-55-66||192.168.10.10||1234||8.8.8.8||80||" + "POST /login.php HTTP/1.1..Host: host.com....param1=someValue&user=joos¶m2=anotherValue&pass=randomletters¶m3=blah"); this.inst.ProcessEntries(); Assert.IsTrue(this.inst.HttpSearchRecords.Count == 1); Assert.IsTrue(this.inst.HttpFindingRedcords.Count == 1); }
public void AddRecord(RecordHttpSearch newRecord) { if (this.InvokeRequired) { this.BeginInvoke(new AddRecordDelegate(this.AddRecord), new object[] { newRecord }); return; } var firstVisibleRowTop = -1; // Verify whether a comparable record already exists. foreach (RecordHttpSearch tmpRecord in this.httpSearchRecords) { if (tmpRecord.Method == newRecord.Method && tmpRecord.HostRegex == newRecord.HostRegex && tmpRecord.PathRegex == newRecord.PathRegex && tmpRecord.DataRegex == newRecord.DataRegex) { throw new Exception("This entry already exists"); } } // Verify if regular expressions are valid. if (string.IsNullOrEmpty(newRecord.HostRegex) || this.IsRegexPatternValid(newRecord.HostRegex) == false) { throw new Exception("The host regular expression is invalid"); } if (string.IsNullOrEmpty(newRecord.PathRegex) || this.IsRegexPatternValid(newRecord.PathRegex) == false) { throw new Exception("The path regular expression is invalid"); } if (string.IsNullOrEmpty(newRecord.DataRegex) || this.IsRegexPatternValid(newRecord.DataRegex) == false) { throw new Exception("The data regular expression is invalid"); } this.infrastructureLayer.AddSearchPatternRecord(newRecord); }
public void ProcessData_InvalidDataPattern() { RecordHttpSearch pattern = new RecordHttpSearch("GET", ".*", ".*", @"[world"); Assert.ThrowsException <System.Exception>(() => this.inst.AddRecord(pattern)); }
public void AddSearchPatternRecord(RecordHttpSearch newRecord) { this.httpSearchRecords.Add(newRecord); this.NotifyRecordDef(); }