/// <summary> /// /// </summary> /// <param name="s"></param> /// <returns></returns> public MatchCollection TokenizeHeaders(Session s) { MatchCollection mc = new MatchCollection(); foreach (IHeaderParser parser in headerParsers) { if (parser is ParserBase && UAUtilities.isMatch(((ParserBase)parser).ContentTypePatterns, s.Request.ContentType)) { mc.AddRange(parser.TokenizeHeaders(s)); } } return(mc); }
// Called before the user can edit a response using the Fiddler Inspectors public void AutoTamperResponseBefore(Session oSession) { if (this.engine == null || !setup) { return; } if (this.engine.Settings.Enabled) { if (this.engine.Settings.domainFilterEnabled && this.engine.Settings.filterResponse && UAUtilities.isMatch(this.engine.Settings.domainFilters, oSession.host)) { List <Secsay.ResponseResult> results = this.engine.InspectResponse(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); if (results.Count > 0) { ui.Invoke(ui.ar, results); } } else if (!this.engine.Settings.domainFilterEnabled) { List <Secsay.ResponseResult> results = this.engine.InspectResponse(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); if (results.Count > 0) { foreach (Secsay.ResponseResult rr in results) { if (rr.Transformation == Secsay.Transformation.None) { if (!allXSSSessions.Contains(oSession)) { List <Fiddler.Session> XSSSessions = new List <Fiddler.Session>(); XSSSessions.Add(oSession); XNMD.Comman.WriteWarning("xss url£º" + oSession.fullUrl); XNMD.MySession.SaveSessionsTo(XSSSessions, @"XSSresult"); } Monitor.Enter(allXSSSessions); allXSSSessions.Add(oSession); Monitor.Exit(allXSSSessions); } //Capture.Comman.WriteWarning("type:" + rr.Transformation.ToString() + " xss url£º" + oSession.fullUrl); } //ui.Invoke(ui.ar, results); } } } }
// Called before the user can edit a request using the Fiddler Inspectors public void AutoTamperRequestBefore(Session oSession) { if (this.engine == null || !setup) { return; } if (this.engine.Settings.Enabled) { if (oSession.oFlags[Secsay.UASettings.casabaFlag] == null) { if (this.engine.Settings.domainFilterEnabled && this.engine.Settings.filterRequests && UAUtilities.isMatch(this.engine.Settings.domainFilters, oSession.host)) { this.engine.ProcessRequest(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); } else if (!this.engine.Settings.domainFilterEnabled) { this.engine.ProcessRequest(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); } } } }