/// <summary>
/// Verifies a vulnerability object has the basic plumbing correct.
/// </summary>
/// <param name="vuln">
/// The vuln.
/// </param>
/// <param name="instance">
/// The instance.
/// </param>
/// <param name="responseHolder">
/// The response holder.
/// </param>
public static void AssertBasicVulnProperties(
Vulnerability vuln,
PluginBaseAbstract instance,
HttpWebResponseHolder responseHolder)
{
vuln.TestPlugin.ShouldEqual(instance.GetType().Name);
vuln.HttpResponse.ShouldEqual(responseHolder);
vuln.TestedParam.ShouldEqual("testedParam");
vuln.TestedVal.ShouldEqual("testedValue");
}
/// <summary>
/// Executes the detector operation.
/// </summary>
/// <param name="detectorInstance">
/// The detector instance.
/// </param>
/// <param name="requestTarget">
/// The request target.
/// </param>
/// <param name="responseTarget">
/// The response target.
/// </param>
/// <param name="webResponseHolder">
/// The web response holder.
/// </param>
/// <param name="plugInName">
/// Name of the plug in.
/// </param>
/// <param name="testCase">
/// The test case.
/// </param>
/// <param name="testParameter">
/// The tested parameter.
/// </param>
/// <param name="testValue">
/// The tested value.
/// </param>
private void RunDetector(
PluginBaseAbstract detectorInstance,
ITarget requestTarget,
ITarget responseTarget,
HttpWebResponseHolder webResponseHolder,
string plugInName,
TestCase testCase,
string testParameter,
string testValue)
{
try
{
Logger.WriteDebug("Run detector: {0}", detectorInstance.GetType().Name);
detectorInstance.Init(
this,
responseTarget);
detectorInstance.InspectResponse(
requestTarget,
responseTarget,
webResponseHolder,
plugInName,
testCase,
testParameter,
testValue);
foreach (var vuln in detectorInstance.Vulnerabilities)
{
this.Vulnerabilities[Guid.NewGuid().ToString()] = vuln;
}
}
catch (Exception ex)
{
// write to the tests and detectors log.
Library.Logger.Logger.WriteError(ex);
}
}
/// <summary>
/// Executes the test operation.
/// </summary>
/// <param name="pluginInstance">
/// The plugin instance.
/// </param>
/// <param name="context">
/// The context.
/// </param>
/// <param name="target">
/// The target.
/// </param>
private void RunTest(
PluginBaseAbstract pluginInstance,
IContext context,
ITarget target)
{
try
{
Logger.WriteDebug("Run test: {0}", pluginInstance.GetType().Name);
pluginInstance.Init(context, target);
pluginInstance.DoTests();
// get vulnerabilities
foreach (var vuln in pluginInstance.Vulnerabilities)
{
this.Vulnerabilities.Enqueue(vuln);
}
}
catch (Exception ex)
{
Logger.WriteError(ex);
}
}