Esempio n. 1
0
        private void cmdScan_Click(object sender, System.EventArgs e)
        {
            string strPath="" + Application.StartupPath;
            string strTotalDoc="";
            string strHeader="";
            string strUserAgent="";
            DataSet objPayloads;
            DataSet objSignatures;

            berettaWinForms.classes.loadXml objLoadXml=new berettaWinForms.classes.loadXml();
            objSignatures=objLoadXml.loadSignatures(strPath + "/data/signatures.xml");
            objPayloads=objLoadXml.loadPayloads(strPath + "/data/payloads.xml");

            MessageBox.Show("Starting Scan");

            System.Text.StringBuilder objFormSubmissionStr=new System.Text.StringBuilder();

            string strGuid="" + System.Guid.NewGuid().ToString();

            #region Construct Report Header

            strHeader += "<header>";
            strHeader += "<application>beretta</application>";
            strHeader += "<version>1.0</version>";
            strHeader += "<sessionId>0</sessionId>";
            strHeader += "<date>" + System.DateTime.Now + "</date>";

            strHeader += "<authenticationType>None</authenticationType>";
            strHeader += "<sessionName>New Session</sessionName>";
            strHeader += "<sessionDescription>Description</sessionDescription>";
            strHeader += "</header>";

            #endregion

            foreach(string strUrl in lstUrls.Items)
            {
                //Auto Scan

                    urlWorker objUrlWorkerAuto=new urlWorker();
                    objUrlWorkerAuto.sessionId=0;
                    objUrlWorkerAuto.authenticationType=0;
                    objUrlWorkerAuto.url="" + strUrl;
                    objUrlWorkerAuto.userAgent=strUserAgent;
                    objUrlWorkerAuto.payloadDataSet=objPayloads;
                    objUrlWorkerAuto.signaturesDataSet=objSignatures;
                    objUrlWorkerAuto.scanAuto();

                    if (objUrlWorkerAuto.objBerettaResultHashTable != null && objUrlWorkerAuto.objBerettaResultHashTable.Count>0)
                    {
                        objStringBuilder.Append(buildResults(objUrlWorkerAuto.objBerettaResultHashTable));
                    }

                    objFormSubmissionStr.Append(buildSubmission(objUrlWorkerAuto.objBerettaSubmissionHashTable));

                    objUrlWorkerAuto=null;

                    strUrls=strUrls + "<url>" + strUrl + "</url>";

            }

            #region Construct XML report

            strTotalDoc+="<report>";
            strTotalDoc+="" + strHeader;
            strTotalDoc+="" + "<body>";
            strTotalDoc+="" + "<urlsScanned>" + strUrls + "</urlsScanned>";
            strTotalDoc+="<scanItems>"  + objStringBuilder.ToString() + "</scanItems>";
            strTotalDoc+="<formSubmissions>"  + objFormSubmissionStr.ToString() + "</formSubmissions>";
            strTotalDoc+="" + "</body>";
            strTotalDoc+="</report>";

            #endregion

            #region Write XML report

            string strOutputPath="" + Application.StartupPath + "/output/" + strGuid + ".XML";
            string strXSLPath="" + Application.StartupPath + "/xsl/beretta.xsl";

            StreamWriter objStreamWriter;

            //Add XSL file ref

            strTotalDoc="<?xml-stylesheet href='" + strXSLPath + "' type='text/xsl'?>" + strTotalDoc;

            objStreamWriter = System.IO.File.CreateText(strOutputPath);
            objStreamWriter.WriteLine(strTotalDoc);
            objStreamWriter.Close();

            MessageBox.Show("Finished Scan. Report at: " + strOutputPath);

            #endregion
        }
Esempio n. 2
0
        private void cmdScan_Click(object sender, System.EventArgs e)
        {
            string  strPath      = "" + Application.StartupPath;
            string  strTotalDoc  = "";
            string  strHeader    = "";
            string  strUserAgent = "";
            DataSet objPayloads;
            DataSet objSignatures;

            berettaWinForms.classes.loadXml objLoadXml = new berettaWinForms.classes.loadXml();
            objSignatures = objLoadXml.loadSignatures(strPath + "/data/signatures.xml");
            objPayloads   = objLoadXml.loadPayloads(strPath + "/data/payloads.xml");


            MessageBox.Show("Starting Scan");


            System.Text.StringBuilder objFormSubmissionStr = new System.Text.StringBuilder();

            string strGuid = "" + System.Guid.NewGuid().ToString();



            #region Construct Report Header

            strHeader += "<header>";
            strHeader += "<application>beretta</application>";
            strHeader += "<version>1.0</version>";
            strHeader += "<sessionId>0</sessionId>";
            strHeader += "<date>" + System.DateTime.Now + "</date>";


            strHeader += "<authenticationType>None</authenticationType>";
            strHeader += "<sessionName>New Session</sessionName>";
            strHeader += "<sessionDescription>Description</sessionDescription>";
            strHeader += "</header>";

            #endregion



            foreach (string strUrl in lstUrls.Items)
            {
                //Auto Scan

                urlWorker objUrlWorkerAuto = new urlWorker();
                objUrlWorkerAuto.sessionId          = 0;
                objUrlWorkerAuto.authenticationType = 0;
                objUrlWorkerAuto.url               = "" + strUrl;
                objUrlWorkerAuto.userAgent         = strUserAgent;
                objUrlWorkerAuto.payloadDataSet    = objPayloads;
                objUrlWorkerAuto.signaturesDataSet = objSignatures;
                objUrlWorkerAuto.scanAuto();


                if (objUrlWorkerAuto.objBerettaResultHashTable != null && objUrlWorkerAuto.objBerettaResultHashTable.Count > 0)
                {
                    objStringBuilder.Append(buildResults(objUrlWorkerAuto.objBerettaResultHashTable));
                }

                objFormSubmissionStr.Append(buildSubmission(objUrlWorkerAuto.objBerettaSubmissionHashTable));

                objUrlWorkerAuto = null;

                strUrls = strUrls + "<url>" + strUrl + "</url>";
            }



            #region Construct XML report

            strTotalDoc += "<report>";
            strTotalDoc += "" + strHeader;
            strTotalDoc += "" + "<body>";
            strTotalDoc += "" + "<urlsScanned>" + strUrls + "</urlsScanned>";
            strTotalDoc += "<scanItems>" + objStringBuilder.ToString() + "</scanItems>";
            strTotalDoc += "<formSubmissions>" + objFormSubmissionStr.ToString() + "</formSubmissions>";
            strTotalDoc += "" + "</body>";
            strTotalDoc += "</report>";

            #endregion

            #region Write XML report



            string strOutputPath = "" + Application.StartupPath + "/output/" + strGuid + ".XML";
            string strXSLPath    = "" + Application.StartupPath + "/xsl/beretta.xsl";

            StreamWriter objStreamWriter;

            //Add XSL file ref

            strTotalDoc = "<?xml-stylesheet href='" + strXSLPath + "' type='text/xsl'?>" + strTotalDoc;

            objStreamWriter = System.IO.File.CreateText(strOutputPath);
            objStreamWriter.WriteLine(strTotalDoc);
            objStreamWriter.Close();

            MessageBox.Show("Finished Scan. Report at: " + strOutputPath);


            #endregion
        }