Esempio n. 1
0
        private void Xssscan()
        {
            if (InvokeRequired)
            {
                this.Invoke(new chang(delegate()
                {
                    progressPanel2.Caption = "测试漏洞中...";
                }));
            }
            else
            {
                progressPanel2.Caption = "测试漏洞中...";
            }


            Analysis analysis = new Analysis();

            analysis.analysis();


            //List<string> copyList = new List<copyList>();


            Hashtable hash = new Hashtable();

            foreach (string str in Common.poc)//源LIST去重
            {
                if (!hash.ContainsKey(str))
                {
                    hash.Add(str, str);
                    Common.zuihou.Add(str);//把不重复的列加入
                }
            }
            foreach (var item in Common.zuihou)
            {
                try
                {
                    if (InvokeRequired)
                    {
                        this.Invoke(new chang(delegate()
                        {
                            progressPanel2.Description = item.ToString();
                        }));
                    }
                    else
                    {
                        progressPanel2.Description = item.ToString();
                    }
                    HttpWebRequest request = (HttpWebRequest)WebRequest.Create(item);
                    request.Method      = "GET";
                    request.ContentType = "text/html;charset=UTF-8";
                    request.UserAgent   = "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36";
                    if (Common.cookie != null)
                    {
                        request.Headers.Set("Cookie", Common.cookie);
                        request.Referer = "http://*****:*****@"((\<script.*script\>))", RegexOptions.Multiline);
                    for (int i = 0; i < mc.Count; i++)
                    {
                        //Task task = new Task(n => Changtext(url), 0);
                        //task.Start();
                        //验证问题。。。。
                        foreach (var item1 in Common.replayload)
                        {
                            if (mc[i].Value == item1)
                            {
                                WritePlayLoad(item);
                            }
                        }
                    }
                }

                catch (Exception)
                {
                }
                //string script="<script>alert(document.cookie)</script>";
                //string url = "http://localhost:8888/DVWA-master/vulnerabilities/xss_r/?name=" + slinr + "#";
                //HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
            }
            if (InvokeRequired)
            {
                this.Invoke(new chang(delegate()
                {
                    progressPanel2.Visible = false;
                }));
            }
            else
            {
                progressPanel2.Visible = false;
            }
            MessageBox.Show("扫描完成");
        }