コード例 #1
0
        void ReportRemoteFileInclude()
        {
            Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);

            pr.Title = "Remote File Include Found";
            //#pr.Summary = "Remote File Include been detected in the '{0}' parameter of the {1} section of the request.<i<br>>This was tested by injecting a payload with a unique domain name, then time taken to fetch the response is noted. If subsequent requests with the same payload return quicker then it is inferred that DNS cachcing of the domain name in the payload by the server has sped up the response times.<i<br>><i<br>><i<hh>>Test Trace:<i</hh>>{2}".format(this.Scnr.InjectedParameter, this.Scnr.InjectedSection, this.Scnr.GetTrace());
            pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Remote File Include"), this.GetSummary());
            foreach (FindingReason reason in this.Reasons)
            {
                pr.AddReason(reason);
            }

            for (int i = 0; i < this.RequestTriggers.Count; i++)
            {
                pr.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
            }
            pr.Type     = FindingType.Vulnerability;
            pr.Severity = FindingSeverity.High;
            if (this.ConfidenceLevel == 3)
            {
                pr.Confidence = FindingConfidence.High;
            }
            else if (this.ConfidenceLevel == 2)
            {
                pr.Confidence = FindingConfidence.Medium;
            }
            else
            {
                pr.Confidence = FindingConfidence.Low;
            }
            this.Scnr.AddFinding(pr);
            this.Scnr.SetTraceTitle("Remote File Include", 10);
        }
コード例 #2
0
        void ReportLocalFileInclude()
        {
            this.Scnr.SetTraceTitle("Local File Include Found", 10);
            Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);

            pr.Title   = "Local File Include Found";
            pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Local File Include/Path Traversal"), this.GetSummary());
            foreach (FindingReason reason in this.Reasons)
            {
                pr.AddReason(reason);
            }

            for (int i = 0; i < this.RequestTriggers.Count; i++)
            {
                pr.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
            }
            pr.Type     = FindingType.Vulnerability;
            pr.Severity = FindingSeverity.High;
            if (this.ConfidenceLevel == 3)
            {
                pr.Confidence = FindingConfidence.High;
            }
            else if (this.ConfidenceLevel == 2)
            {
                pr.Confidence = FindingConfidence.Medium;
            }
            else
            {
                pr.Confidence = FindingConfidence.Low;
            }
            this.Scnr.AddFinding(pr);
        }
コード例 #3
0
        void ReportCRLFInjection(string req_trigger, string req_trigger_desc, string res_trigger, string res_trigger_desc)
        {
            this.Scnr.SetTraceTitle("Header Injection Found", 10);
            Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);

            pr.Title   = "Header Injection Found";
            pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Header Injection"), this.GetSummary());
            pr.AddReason(this.reason);
            pr.Triggers.Add(req_trigger, req_trigger_desc, this.Scnr.InjectedRequest, res_trigger, res_trigger_desc, this.Scnr.InjectionResponse);
            pr.Type       = FindingType.Vulnerability;
            pr.Severity   = FindingSeverity.High;
            pr.Confidence = FindingConfidence.High;
            this.Scnr.AddFinding(pr);
        }
コード例 #4
0
        void ReportCommandInjection()
        {
            this.Scnr.SetTraceTitle("Command Injection Found", 10);
            Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);

            pr.Title   = "Command Injection Found";
            pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Command Injection"), this.GetSummary());
            foreach (FindingReason reason in this.Reasons)
            {
                pr.AddReason(reason);
            }
            for (int i = 0; i < this.RequestTriggers.Count; i++)
            {
                pr.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
            }
            pr.Type       = FindingType.Vulnerability;
            pr.Severity   = FindingSeverity.High;
            pr.Confidence = FindingConfidence.High;
            this.Scnr.AddFinding(pr);
        }
コード例 #5
0
 void ReportCommandInjection()
 {
     this.Scnr.SetTraceTitle("Command Injection Found", 10);
     Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);
     pr.Title = "Command Injection Found";
     pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Command Injection"), this.GetSummary());
     foreach (FindingReason reason in this.Reasons)
     {
         pr.AddReason(reason);
     }
     for (int i = 0; i < this.RequestTriggers.Count; i++)
     {
         pr.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
     }
     pr.Type = FindingType.Vulnerability;
     pr.Severity = FindingSeverity.High;
     pr.Confidence = FindingConfidence.High;
     this.Scnr.AddFinding(pr);
 }
コード例 #6
0
 void ReportSSI(string req_trigger, string req_trigger_desc, string res_trigger, string res_trigger_desc)
 {
     this.Scnr.SetTraceTitle("Server Side Includes Injection Found", 10);
     Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);
     pr.Title = "Server Side Includes Injection Found";
     pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Server Side Includes Injection"), this.GetSummary());
     pr.AddReason(this.reason);
     pr.Triggers.Add(req_trigger, req_trigger_desc, this.Scnr.InjectedRequest, res_trigger, res_trigger_desc, this.Scnr.InjectionResponse);
     pr.Type = FindingType.Vulnerability;
     pr.Severity = FindingSeverity.High;
     pr.Confidence = FindingConfidence.High;
     this.Scnr.AddFinding(pr);
 }
コード例 #7
0
ファイル: SqlInjectionCheck.cs プロジェクト: 0ks3ii/IronWASP
        void ReportSQLInjection(FindingConfidence Confidence)
        {
            this.Scnr.SetTraceTitle("SQLi Found", 100);
            Finding PR = new Finding(this.Scnr.InjectedRequest.BaseUrl);
            PR.Title = "SQL Injection Detected";
            PR.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("SQL Injection"), this.GetSummary());
            foreach (FindingReason reason in this.reasons)
            {
                PR.AddReason(reason);
            }

            for (int i = 0; i < this.RequestTriggers.Count; i++)
            {
                PR.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
            }
            PR.Type = FindingType.Vulnerability;
            PR.Severity = FindingSeverity.High;
            PR.Confidence = Confidence;
            this.Scnr.AddFinding(PR);
        }
コード例 #8
0
        void ReportRemoteFileInclude()
        {
            Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);
            pr.Title = "Remote File Include Found";
            //#pr.Summary = "Remote File Include been detected in the '{0}' parameter of the {1} section of the request.<i<br>>This was tested by injecting a payload with a unique domain name, then time taken to fetch the response is noted. If subsequent requests with the same payload return quicker then it is inferred that DNS cachcing of the domain name in the payload by the server has sped up the response times.<i<br>><i<br>><i<hh>>Test Trace:<i</hh>>{2}".format(this.Scnr.InjectedParameter, this.Scnr.InjectedSection, this.Scnr.GetTrace());
            pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Remote File Include"), this.GetSummary());
            foreach (FindingReason reason in this.Reasons)
            {
                pr.AddReason(reason);
            }

            for (int i = 0; i < this.RequestTriggers.Count; i++)
            {
                pr.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
            }
            pr.Type = FindingType.Vulnerability;
            pr.Severity = FindingSeverity.High;
            if (this.ConfidenceLevel == 3)
            {
                pr.Confidence = FindingConfidence.High;
            }
            else if (this.ConfidenceLevel == 2)
            {
                pr.Confidence = FindingConfidence.Medium;
            }
            else
            {
                pr.Confidence = FindingConfidence.Low;
            }
            this.Scnr.AddFinding(pr);
            this.Scnr.SetTraceTitle("Remote File Include", 10);
        }
コード例 #9
0
        void ReportSSRF()
        {
            this.Scnr.SetTraceTitle("Server Side Request Forgery Found", 10);
            Finding pr = new Finding(this.Scnr.InjectedRequest.BaseUrl);
            pr.Title = "Server Side Request Forgery Found";
            pr.Summary = string.Format("{0}<i<br>><i<br>>{1}", this.GetFindingOpeningDesc("Server Side Request Forgery"), this.GetSummary());
            foreach (FindingReason reason in this.Reasons)
            {
                pr.AddReason(reason);
            }

            for (int i = 0; i < this.RequestTriggers.Count; i++)
            {
                pr.Triggers.Add(this.RequestTriggers[i], this.RequestTriggerDescs[i], this.TriggerRequests[i], this.ResponseTriggers[i], this.ResponseTriggerDescs[i], this.TriggerResponses[i]);
            }
            pr.Type = FindingType.Vulnerability;
            pr.Severity = FindingSeverity.High;
            if (this.ConfidenceLevel == 3)
            {
                pr.Confidence = FindingConfidence.High;
            }
            else if (this.ConfidenceLevel == 2)
            {
                pr.Confidence = FindingConfidence.Medium;
            }
            else
            {
                pr.Confidence = FindingConfidence.Low;
            }
            this.Scnr.AddFinding(pr);
        }