private void AttackPOST(string URL, string POST) { if (string.IsNullOrEmpty(POST)) return; for (int i = 0; i < AttackedUrls.Count; i++) { if (AttackedUrls[i].OriginalURL == URL && AttackedUrls[i].OriginalPOST == POST) return; } QueryModifier queryModifier = new QueryModifier(POST); if (queryModifier.ParameterCount == 0) return; do { string NewPOST = queryModifier.GetModifiedQuery(textBoxModifier.Text); DateTime Start = DateTime.Now; CreateWebrequest Request = new CreateWebrequest(); string HTML = Request.StringGetWebPage(URL, POST, new List<string>(), false); AttackedUrl attackedURL = new AttackedUrl(); attackedURL.HTML = HTML; attackedURL.OriginalPOST = POST; attackedURL.OriginalURL = URL; attackedURL.ModifiedPOST = NewPOST; AttackedUrls.Add(attackedURL); ClearAttackBrowser(); ListViewItem Item = new ListViewItem(); Item.Text = URL; Item.SubItems.Add(NewPOST); listViewResult.Items.Add(Item); } while (queryModifier.NextParameter()); }
private void toolStripButtonSendRequest_Click(object sender, EventArgs e) { if (FieldsValid()) { bool mediatype = false; string URL = string.Empty; string Post = string.Empty; headers = new List<string>(); listViewResponseHeaders.Items.Clear(); richTextBoxSource.Text = ""; webBrowserSource.Navigate("about:blank"); URL = toolStripTextBoxURL.Text; if (toolStripComboBoxMethod.SelectedIndex == 1) Post = richTextBoxPOST.Text; if (listViewRequestHeaders.Items.Count > 0) foreach (ListViewItem item in listViewRequestHeaders.Items) { if (item.SubItems.Count > 1) headers.Add(item.Text + ":" + item.SubItems[1].Text); } if (toolStripComboBoxProtocol.SelectedIndex == 0) mediatype = true; else mediatype = false; CreateWebrequest webrequest = new CreateWebrequest(); webrequest.netCredentials = netCred; webrequest.CustomCookieCollection = cookieCollection; string HTML = webrequest.StringGetWebPage(URL, Post, headers, mediatype); richTextBoxSource.Text = HTML; webBrowserSource.DocumentText = HTML; if (webrequest.Response != null) { for (int i = 0; i < webrequest.Response.Headers.Count; i++) { ListViewItem Item = new ListViewItem(); Item.Text = webrequest.Response.Headers.Keys[i]; string Value = string.Empty; string[] HeaderValues = webrequest.Response.Headers.GetValues(i); for (int iHv = 0; iHv < HeaderValues.Length; iHv++) { Value += HeaderValues[iHv] + " "; } Item.SubItems.Add(Value); listViewResponseHeaders.Items.Add(Item); } } } }
private void AttackURL(string URL) { if (!URL.Contains("?")) return; for (int i = 0; i < AttackedUrls.Count; i++) { if (AttackedUrls[i].OriginalURL == URL && string.IsNullOrEmpty(AttackedUrls[i].OriginalPOST)) return; } string Query = URL.Substring(URL.IndexOf('?') + 1); string BeforeQuery = URL.Substring(0, URL.IndexOf('?') + 1); QueryModifier queryModifier = new QueryModifier(Query); if (queryModifier.ParameterCount != 0) { do { string NewURL = BeforeQuery + queryModifier.GetModifiedQuery(textBoxModifier.Text); DateTime Start = DateTime.Now; CreateWebrequest Request = new CreateWebrequest(); string HTML = Request.StringGetWebPage(NewURL, string.Empty, new List<string>(), false); AttackedUrl attackedURL = new AttackedUrl(); attackedURL.HTML = HTML; attackedURL.OriginalURL = URL; attackedURL.ModifiedURL = NewURL; AttackedUrls.Add(attackedURL); ClearAttackBrowser(); ListViewItem Item = new ListViewItem(); Item.Text = NewURL; Item.SubItems.Add(string.Empty); listViewResult.Items.Add(Item); } while (queryModifier.NextParameter()); } }