public void loadWebInspectXmlFile(string fileToProcess) { DI.log.info("Processing Web inspect Xml File {0}", fileToProcess); var webInspectResults = new XmlDocument(); webInspectResults.Load(fileToProcess); // ReSharper disable PossibleNullReferenceException foreach (XmlElement sessionCheckFound in getSessionCheckFound(webInspectResults)) { string sessionId = sessionCheckFound["VulnerableSessionID"].InnerText; foreach (XmlNode session in getSessionsWithSessionID(webInspectResults, sessionId)) { var webInspectFinding = new WebInspectFinding { fullUrl = session["FullURL"].InnerText, //filteredUrl = new FilteredUrl(session["FullURL"].InnerText), payload = session["AttackDescriptor"].InnerText, param = session["AttackParamDescriptor"].InnerText, method = session["Method"].InnerText, engineId = sessionCheckFound["EngineID"].InnerText, sessionId = sessionId }; // hack to deal with ctl: in ParamName webInspectFinding.param = webInspectFinding.param.Replace("%3A", ":"); if (webInspectFinding.param.IndexOf(':') > -1) { webInspectFinding.param = webInspectFinding.param.Split(new[] { ':' })[1]; } if (isFindingUnique(webInspectFinding)) { webInspectFindings.Add(webInspectFinding); } // DI.log.info(webInspectFinding.method + " - " + webInspectFinding.param + " : " + webInspectFinding.fullUrl); } } // ReSharper restore PossibleNullReferenceException /* * * var sessionsCheckFoundWithEngineId = getSessionsCheckFoundWithEngineId(webInspectResults, sqlInjectionEngineId); * foreach (XmlNode sessionCheckFound in sessionsCheckFoundWithEngineId) * { * // ReSharper disable PossibleNullReferenceException * var sessionId = sessionCheckFound["VulnerableSessionID"].InnerText; * * var sessionsFoundWithSessionId = getSessionsWithSessionID(webInspectResults, sessionId); * foreach (XmlNode session in sessionsFoundWithSessionId) * { * var attackParam = session["AttackParamDescriptor"].InnerText; * // Hack to handle crl#: form parameter names in ASP.NET * if (attackParam.IndexOf(':') > -1) * attackParam = attackParam.Split(new char[] {':'})[1]; * var attackPayload = session["AttackDescriptor"].InnerText; * * var filteredUrl = new FilteredUrl(session["FullURL"].InnerText); * } * } */ }
public static IO2Trace createSink(WebInspectFinding webInspectFinding) { var filteredUrl = new FilteredUrl(webInspectFinding.fullUrl); return new O2Trace("WebInspect: " + filteredUrl.pathAndPageAndParameters, TraceType.Known_Sink) { context = webInspectFinding.payload, method = webInspectFinding.param }; }
public static IO2Trace createSink(WebInspectFinding webInspectFinding) { var filteredUrl = new FilteredUrl(webInspectFinding.fullUrl); return(new O2Trace("WebInspect: " + filteredUrl.pathAndPageAndParameters, TraceType.Known_Sink) { context = webInspectFinding.payload, method = webInspectFinding.param }); }
public bool isFindingUnique(WebInspectFinding webInspectFinding) { foreach (WebInspectFinding currentFinding in webInspectFindings) { if (currentFinding.ToString() == webInspectFinding.ToString()) { return(false); } } return(true); }
public void loadWebInspectXmlFile(string fileToProcess) { DI.log.info("Processing Web inspect Xml File {0}", fileToProcess); var webInspectResults = new XmlDocument(); webInspectResults.Load(fileToProcess); // ReSharper disable PossibleNullReferenceException foreach (XmlElement sessionCheckFound in getSessionCheckFound(webInspectResults)) { string sessionId = sessionCheckFound["VulnerableSessionID"].InnerText; foreach (XmlNode session in getSessionsWithSessionID(webInspectResults, sessionId)) { var webInspectFinding = new WebInspectFinding { fullUrl = session["FullURL"].InnerText, //filteredUrl = new FilteredUrl(session["FullURL"].InnerText), payload = session["AttackDescriptor"].InnerText, param = session["AttackParamDescriptor"].InnerText, method = session["Method"].InnerText, engineId = sessionCheckFound["EngineID"].InnerText, sessionId = sessionId }; // hack to deal with ctl: in ParamName webInspectFinding.param = webInspectFinding.param.Replace("%3A", ":"); if (webInspectFinding.param.IndexOf(':') > -1) webInspectFinding.param = webInspectFinding.param.Split(new[] {':'})[1]; if (isFindingUnique(webInspectFinding)) webInspectFindings.Add(webInspectFinding); // DI.log.info(webInspectFinding.method + " - " + webInspectFinding.param + " : " + webInspectFinding.fullUrl); } } // ReSharper restore PossibleNullReferenceException /* var sessionsCheckFoundWithEngineId = getSessionsCheckFoundWithEngineId(webInspectResults, sqlInjectionEngineId); foreach (XmlNode sessionCheckFound in sessionsCheckFoundWithEngineId) { // ReSharper disable PossibleNullReferenceException var sessionId = sessionCheckFound["VulnerableSessionID"].InnerText; var sessionsFoundWithSessionId = getSessionsWithSessionID(webInspectResults, sessionId); foreach (XmlNode session in sessionsFoundWithSessionId) { var attackParam = session["AttackParamDescriptor"].InnerText; // Hack to handle crl#: form parameter names in ASP.NET if (attackParam.IndexOf(':') > -1) attackParam = attackParam.Split(new char[] {':'})[1]; var attackPayload = session["AttackDescriptor"].InnerText; var filteredUrl = new FilteredUrl(session["FullURL"].InnerText); } } */ }
public static O2Finding createO2FindingFromWebInspectFinding(WebInspectFinding webInspectFinding, string keyword) { var o2Trace = new O2Trace("WebInspect -> Ounce Mapping (Sql Injection)"); IO2Trace sink = createSink(webInspectFinding); o2Trace.childTraces.Add(sink); return new O2Finding { o2Traces = new List<IO2Trace> {o2Trace}, //context = webInspectFinding.payload, context = webInspectFinding.fullUrl, vulnName = keyword + "_" + webInspectFinding.param, vulnType = "Sql Injection (from WebInspect)" }; }
public static O2Finding createO2FindingFromWebInspectFinding(WebInspectFinding webInspectFinding, string keyword) { var o2Trace = new O2Trace("WebInspect -> Ounce Mapping (Sql Injection)"); IO2Trace sink = createSink(webInspectFinding); o2Trace.childTraces.Add(sink); return(new O2Finding { o2Traces = new List <IO2Trace> { o2Trace }, //context = webInspectFinding.payload, context = webInspectFinding.fullUrl, vulnName = keyword + "_" + webInspectFinding.param, vulnType = "Sql Injection (from WebInspect)" }); }
public bool isFindingUnique(WebInspectFinding webInspectFinding) { foreach (WebInspectFinding currentFinding in webInspectFindings) if (currentFinding.ToString() == webInspectFinding.ToString()) return false; return true; }