private void AttackPOST(string URL, string POST)
{
if (string.IsNullOrEmpty(POST))
return;
for (int i = 0; i < AttackedUrls.Count; i++)
{
if (AttackedUrls[i].OriginalURL == URL && AttackedUrls[i].OriginalPOST == POST)
return;
}
QueryModifier queryModifier = new QueryModifier(POST);
if (queryModifier.ParameterCount == 0)
return;
do
{
string NewPOST = queryModifier.GetModifiedQuery(textBoxModifier.Text);
DateTime Start = DateTime.Now;
CreateWebrequest Request = new CreateWebrequest();
string HTML = Request.StringGetWebPage(URL, POST, new List<string>(), false);
AttackedUrl attackedURL = new AttackedUrl();
attackedURL.HTML = HTML;
attackedURL.OriginalPOST = POST;
attackedURL.OriginalURL = URL;
attackedURL.ModifiedPOST = NewPOST;
AttackedUrls.Add(attackedURL);
ClearAttackBrowser();
ListViewItem Item = new ListViewItem();
Item.Text = URL;
Item.SubItems.Add(NewPOST);
listViewResult.Items.Add(Item);
}
while (queryModifier.NextParameter());
}
private void toolStripButtonSendRequest_Click(object sender, EventArgs e)
{
if (FieldsValid())
{
bool mediatype = false;
string URL = string.Empty;
string Post = string.Empty;
headers = new List<string>();
listViewResponseHeaders.Items.Clear();
richTextBoxSource.Text = "";
webBrowserSource.Navigate("about:blank");
URL = toolStripTextBoxURL.Text;
if (toolStripComboBoxMethod.SelectedIndex == 1)
Post = richTextBoxPOST.Text;
if (listViewRequestHeaders.Items.Count > 0)
foreach (ListViewItem item in listViewRequestHeaders.Items)
{
if (item.SubItems.Count > 1)
headers.Add(item.Text + ":" + item.SubItems[1].Text);
}
if (toolStripComboBoxProtocol.SelectedIndex == 0)
mediatype = true;
else mediatype = false;
CreateWebrequest webrequest = new CreateWebrequest();
webrequest.netCredentials = netCred;
webrequest.CustomCookieCollection = cookieCollection;
string HTML = webrequest.StringGetWebPage(URL, Post, headers, mediatype);
richTextBoxSource.Text = HTML;
webBrowserSource.DocumentText = HTML;
if (webrequest.Response != null)
{
for (int i = 0; i < webrequest.Response.Headers.Count; i++)
{
ListViewItem Item = new ListViewItem();
Item.Text = webrequest.Response.Headers.Keys[i];
string Value = string.Empty;
string[] HeaderValues = webrequest.Response.Headers.GetValues(i);
for (int iHv = 0; iHv < HeaderValues.Length; iHv++)
{
Value += HeaderValues[iHv] + " ";
}
Item.SubItems.Add(Value);
listViewResponseHeaders.Items.Add(Item);
}
}
}
}
private void AttackURL(string URL)
{
if (!URL.Contains("?"))
return;
for (int i = 0; i < AttackedUrls.Count; i++)
{
if (AttackedUrls[i].OriginalURL == URL && string.IsNullOrEmpty(AttackedUrls[i].OriginalPOST))
return;
}
string Query = URL.Substring(URL.IndexOf('?') + 1);
string BeforeQuery = URL.Substring(0, URL.IndexOf('?') + 1);
QueryModifier queryModifier = new QueryModifier(Query);
if (queryModifier.ParameterCount != 0)
{
do
{
string NewURL = BeforeQuery + queryModifier.GetModifiedQuery(textBoxModifier.Text);
DateTime Start = DateTime.Now;
CreateWebrequest Request = new CreateWebrequest();
string HTML = Request.StringGetWebPage(NewURL, string.Empty, new List<string>(), false);
AttackedUrl attackedURL = new AttackedUrl();
attackedURL.HTML = HTML;
attackedURL.OriginalURL = URL;
attackedURL.ModifiedURL = NewURL;
AttackedUrls.Add(attackedURL);
ClearAttackBrowser();
ListViewItem Item = new ListViewItem();
Item.Text = NewURL;
Item.SubItems.Add(string.Empty);
listViewResult.Items.Add(Item);
}
while (queryModifier.NextParameter());
}
}
