コード例 #1
0
ファイル: Files.cs プロジェクト: LSTANCZYK/FluentSharp 
        public static string getSafeFileNameString(string stringToParse, bool prependBase64EncodedString)

        {
            var validCharsRegEx = @"[A-Z]|[a-z]|[0-9]|[\.]";   //|[\(\)\s]";

            var safeString = new StringBuilder(stringToParse);

            for (int i = 0; i < safeString.Length; i++)
            {
                try
                {
                    if (false == RegEx.findStringInString(safeString[i].str(), validCharsRegEx))
                    {
                        //var cc = safeString[i];
                        safeString[i] = '_';
                    }
                }
                catch
                {
                    safeString[i] = '_';
                }
            }
            if (prependBase64EncodedString)
            {
                return("{1} - {0}".format(stringToParse.base64Encode(), safeString.ToString()));
            }
            return(safeString.ToString());
        }
コード例 #2
0
        public List <TextSearchResult> executeSearch(List <String> lsRegExToSearch)
        {
            var lreSearchRegEx = new List <Regex>();

            try
            {
                foreach (String sSearchCriteria in lsRegExToSearch)
                {
                    lreSearchRegEx.Add(RegEx.createRegEx(sSearchCriteria));
                }
            }
            catch (Exception ex)
            {
                PublicDI.log.ex(ex);
            }

            return(executeSearch(lreSearchRegEx));
        }
コード例 #3
0
ファイル: AspNetAnalysis.cs プロジェクト: njmube/FluentSharp 
        public static List<IO2Finding> findWebControlSources(List<IO2Finding> o2Findings)
        {
            var methodsToFind = new RegEx("System.Web.UI.WebControls.*get_Text");
            //var methodsToFind = new RegEx("HttpRequest");
            var results = new List<IO2Finding>();
            foreach (IO2Finding o2Finding in o2Findings)
            {
                IO2Trace source = ((O2Finding)o2Finding).getSource();
                if (source != null && methodsToFind.find(source.ToString()))
                    // && o2Finding.getSource.ToString() != "")
                {
                    if (source.context.Contains("txt"))
                    {
                        // PublicDI.log.info(source + " -> " + (o2Finding.getSink != null ? o2Finding.getSink.ToString() : ""));
                        string variableName = OzasmtContext.getVariableNameFromThisObject(source);
                        // PublicDI.log.info(o2Finding.o2Trace + "  :::  " + );// + "    :    " + source.context);
                        foreach (IO2Trace o2Trace in o2Finding.o2Traces)
                        {
                            List<string> wordsFromSignature =
                                OzasmtUtils.getListWithWordsFromSignature(o2Trace.signature);
                            foreach (string word in wordsFromSignature)
                            {
                                //           var sourceO2Trace = new O2Trace("OunceLabs:  " + word);
                                //           var sinkO2Trace = new O2Trace("OunceLabs:   " + variableName);
                                //           sinkO2Trace.childTraces.Add(o2Finding.o2Trace);
                                //           sourceO2Trace.childTraces.Add(sinkO2Trace);

                              	var newO2Finding = new O2Finding();
                                newO2Finding.o2Traces = o2Finding.o2Traces;
                                newO2Finding.vulnName = word + "_" + variableName;
                                newO2Finding.vulnType = "ASP.NET Attack Surface";

                                results.Add(newO2Finding);
                            }
                        }
                    }
                    // PublicDI.log.info("    " + o2Finding.getSource + " -> " + o2Finding.getSource.context + "\n\n");
                }
            }
            return results;
        }