C# (CSharp) ListHelpers.ListToCommaSeparatedValues 예제들

예제 #1

        public bool TestIfVulnerable()
        {
            bool result = false;

            StringBuilder sbCurExploit = new StringBuilder();
            string        query        = string.Empty;
            string        pageHtml     = string.Empty;

            if (string.IsNullOrEmpty(Url))
            {
                throw new Exception("No url provided so cannot test vulnerability");
            }

            for (int i = 0; i < _maxCols; i++)
            {
                if (i > 0)
                {
                    sbCurExploit.Append(",");
                }
                //sbCurExploit.AppendFormat(GeneralPayloads.UnionBasedSelectValue,i);
                sbCurExploit.Append(UrlHelpers.HexEncodeValue(string.Format(GeneralPayloads.UnionBasedSelectValue, i)));
                //ExploitDetails - check if null because it breaks
                query    = QueryHelper.CreateQuery(Url, ExploitDetails.Exploit, sbCurExploit.ToString());
                pageHtml = QueryRunner.GetPageHtml(query, UseProxy ? ProxyDetails : null);
                if (pageHtml.Contains(GeneralPayloads.UnionBasedErrorMessage) && !pageHtml.Contains(GeneralPayloads.UnionBasedTestValue))
                {
                    continue;
                }
                else
                {
                    if (i > 0)
                    {
                        _nrCols = i + 1;

                        var stringResults = HtmlHelpers.GetMultipleAnswersFromHtml(pageHtml, query, ExploitDetails, DetailedExceptions);
                        _visibleColumnIndexes = stringResults.Where(r => !string.IsNullOrEmpty(r)).Distinct().Select(r => int.Parse(r)).ToList();
                        _nrVisibleCols        = _visibleColumnIndexes.Count();

                        if (_nrVisibleCols > 0)
                        {
                            #region write to mapping file
                            if (!string.IsNullOrEmpty(MappingFile))
                            {
                                XmlHelpers.ChangeMappingFileElementValue(MappingFile, "/map/injection-strategy/columns/originalquery", _nrCols.ToString(),
                                                                         this, (this.ExploitDetails != null) ? this.ExploitDetails.Dbms : string.Empty);
                                XmlHelpers.ChangeMappingFileElementValue(MappingFile, "/map/injection-strategy/columns/resultinghtml",
                                                                         _nrVisibleCols.ToString(), this, (this.ExploitDetails != null) ? this.ExploitDetails.Dbms : string.Empty);
                                XmlHelpers.ChangeMappingFileElementValue(MappingFile, "/map/injection-strategy/columns/indexes",
                                                                         ListHelpers.ListToCommaSeparatedValues(_visibleColumnIndexes),
                                                                         this, (this.ExploitDetails != null) ? this.ExploitDetails.Dbms : string.Empty);
                            }
                            #endregion write to mapping file

                            result = true;
                        }
                        else
                        {
                            result = false;
                            break;
                        }
                    }
                    else
                    {
                        result = false;
                    }

                    break;
                }
            }

            return(result);
        }