public void EditTVF()
{
TrafficViewerFile tvf = UnitTestUtils.GenerateTestTvf();
//check delete
int initialCount = tvf.RequestCount;
//get the first request id
int i = -1;
TVRequestInfo first = tvf.GetNext(ref i);
TVRequestInfo second = tvf.GetNext(ref i);
HttpRequestInfo secondRequest = new HttpRequestInfo(tvf.LoadRequestData(second.Id));
HttpResponseInfo secondResponse = new HttpResponseInfo();
byte [] respBytes = tvf.LoadResponseData(second.Id);
secondResponse.ProcessResponse(respBytes);
int referenceResponseStatus = secondResponse.Status;
int referenceHash = secondRequest.GetHashCode();
Assert.IsTrue(tvf.RemoveRequest(first.Id));
Assert.AreEqual(initialCount - 1, tvf.RequestCount);
Assert.IsNull(tvf.GetPrevious(ref i));
RequestDataCache.Instance.Clear();
//check that
//check add
TVRequestInfo reqInfo = new TVRequestInfo();
reqInfo.RequestLine = "GET /newrequest HTTP/1.1";
string request = "GET /newrequest HTTP/1.1\r\nHeader1:1\r\n\r\n";
string response = "HTTP 200 OK\r\nHeader1:1\r\n\r\n<html><body>Added request</body></html>";
RequestResponseBytes reqData = new RequestResponseBytes();
reqData.AddToRequest(Constants.DefaultEncoding.GetBytes(request));
reqData.AddToResponse(Constants.DefaultEncoding.GetBytes(response));
tvf.AddRequestInfo(reqInfo);
tvf.SaveRequest(reqInfo.Id, reqData);
tvf.SaveResponse(reqInfo.Id, reqData);
//Check that the request was added
response = Constants.DefaultEncoding.GetString(tvf.LoadResponseData(reqInfo.Id));
Assert.AreEqual(38, response.IndexOf("Added request"));
Assert.AreEqual(65, response.Length);
//modify the recently added request slightly
}
//[TestMethod]
public void TestLoginExportType()
{
TempFile temp = new TempFile();
temp.Write(Resources.AltoroLogin);
TrafficViewerFile origFile = new TrafficViewerFile();
origFile.Open(temp.Path);
Assert.AreEqual(4, origFile.RequestCount);
//export
IList <ITrafficExporter> exporters = TrafficViewer.Instance.TrafficExporters;
ITrafficExporter loginExporter = null;
foreach (ITrafficExporter exporter in exporters)
{
if (exporter.Caption == "ASE Login Files (.login)")
{
loginExporter = exporter;
}
}
Assert.IsNotNull(loginExporter);
TempFile exportedFile = new TempFile("exporttest.login");
Stream stream = exportedFile.OpenStream();
loginExporter.Export(origFile, stream, "demo.testfire.net", 80);
stream.Close();
//import the exported file
TrafficViewerFile import = new TrafficViewerFile();
ITrafficParser configurationParser = TrafficViewer.Instance.GetParser("Configuration Parser");
Assert.IsNotNull(configurationParser);
configurationParser.Parse(exportedFile.Path, import, ParsingOptions.GetLegacyAppScanProfile());
Assert.AreEqual(origFile.RequestCount, import.RequestCount);
int i = -1;
TVRequestInfo origInfo;
while ((origInfo = origFile.GetNext(ref i)) != null)
{
TVRequestInfo importInfo = import.GetRequestInfo(origInfo.Id);
string origRequest = Constants.DefaultEncoding.GetString(origFile.LoadRequestData(origInfo.Id));
string importedRequest = Constants.DefaultEncoding.GetString(import.LoadRequestData(origInfo.Id));
Assert.AreEqual(origRequest, importedRequest);
}
}
private TrafficViewerFile removeSimilar(TrafficViewerFile source)
{
TrafficViewerFile dest = new TrafficViewerFile();
TVRequestInfo info;
int id = -1;
List <int> _reqHashes = new List <int>();
while ((info = source.GetNext(ref id)) != null)
{
byte[] request = source.LoadRequestData(info.Id);
HttpRequestInfo reqInfo = new HttpRequestInfo(request, true);
int hash = reqInfo.GetHashCode(TrafficServerMode.BrowserFriendly);
if (!_reqHashes.Contains(hash))
{
byte[] response = source.LoadResponseData(info.Id);
dest.AddRequestResponse(request, response);
_reqHashes.Add(hash);
}
}
//copy profile over
dest.Profile = source.Profile;
return(dest);
}
private static void ValidateASEFile(TrafficViewerFile tvFile)
{
//after the import we should have 2 requests
Assert.AreEqual(2, tvFile.RequestCount);
int i = -1;
TVRequestInfo first = tvFile.GetNext(ref i);
TVRequestInfo second = tvFile.GetNext(ref i);
Assert.AreEqual("GET /index1 HTTP/1.1", first.RequestLine);
Assert.AreEqual("[1000]", first.ThreadId);
Assert.AreEqual("Stage::Purpose1", first.Description);
Assert.AreEqual("POST /index2 HTTP/1.1", second.RequestLine);
Assert.AreEqual("[2000]", second.ThreadId);
Assert.AreEqual("Stage::Purpose2", second.Description);
TimeSpan diff = second.RequestTime.Subtract(first.RequestTime);
Assert.AreEqual(10, diff.Milliseconds);
Assert.AreEqual(" 0.03s", first.Duration);
//check the requests
HttpRequestInfo req1 = new HttpRequestInfo(tvFile.LoadRequestData(first.Id));
HttpRequestInfo req2 = new HttpRequestInfo(tvFile.LoadRequestData(second.Id));
Assert.AreEqual("demo.testfire.net", req1.Host);
Assert.AreEqual("www.altoromutual.com", req2.Host);
//check the responses
Assert.AreEqual("200", first.ResponseStatus);
Assert.AreEqual("302", second.ResponseStatus);
HttpResponseInfo resp1 = new HttpResponseInfo();
HttpResponseInfo resp2 = new HttpResponseInfo();
resp1.ProcessResponse(tvFile.LoadResponseData(first.Id));
resp2.ProcessResponse(tvFile.LoadResponseData(second.Id));
string firstBody = resp1.ResponseBody.ToString();
string secondBody = resp2.ResponseBody.ToString();
Assert.IsTrue(firstBody.Contains("interrupt"));
Assert.IsFalse(firstBody.Contains("--function"));
Assert.IsTrue(secondBody.Contains("inter\nrupt"));
}
public void SaveAndOpen()
{
string expectedRequest = "GET / HTTP/1.1";
string expectedResponse = "HTTP/1.1 200 OK";
TrafficViewerFile file = new TrafficViewerFile();
int reqId = file.AddRequestResponse(expectedRequest, expectedResponse);
file.GetRequestInfo(reqId).IsHttps = true;
Assert.AreEqual(1, file.RequestCount);
TempFile temp = new TempFile(".tvf");
file.Save(temp.Path);
//verify that the file can be saved
Assert.IsTrue(File.Exists(temp.Path), "Cannot save the file");
file.Close(false);
//make a new file and verify we can open
TrafficViewerFile file2 = new TrafficViewerFile();
file2.Open(temp.Path);
//verify actual file was open
Assert.AreEqual(1, file2.RequestCount, "Incorrect request count after opening saved file");
//verify request data is correct
int requestId = -1;
TVRequestInfo info = file2.GetNext(ref requestId);
Assert.IsNotNull(info, "Cannot obtain request info");
//veryfy transport info
Assert.IsTrue(info.IsHttps);
//verify request data
string loadedRequest = Encoding.UTF8.GetString(file2.LoadRequestData(info.Id));
Assert.AreEqual(expectedRequest, loadedRequest);
string loadedResponse = Encoding.UTF8.GetString(file2.LoadResponseData(info.Id));
Assert.AreEqual(expectedResponse, loadedResponse);
file2.Close(false);
}
public void Clear()
{
TrafficViewerFile tvf = MakeDummyTrafficFile();
TempFile temp = new TempFile(".tvf");
tvf.Save(temp.Path);
Assert.AreNotSame(0, tvf.RequestCount);
tvf.Clear(false);
Assert.AreEqual(0, tvf.RequestCount);
int i = -1;
Assert.IsNull(tvf.GetNext(ref i));
tvf.Close(false);
}
//[TestMethod]
public void ExportExdUtil()
{
string sourcePath = @"c:\_transfer\jaguarmanualexplorefiltered.htd";
TrafficViewerFile source = new TrafficViewerFile();
source.Open(sourcePath);
int id = -1;
int index = 0;
int count = source.RequestCount;
int partNo = 1;
int numberOfParts = 6;
int partSize = count / numberOfParts;
TVRequestInfo info;
TrafficViewerFile currentPart = new TrafficViewerFile();
while ((info = source.GetNext(ref id)) != null)
{
if (index < partSize * partNo)
{
byte [] request = source.LoadRequestData(info.Id);
byte [] response = source.LoadResponseData(info.Id);
currentPart.AddRequestResponse(request, response);
}
else
{
ExportPart(partNo, currentPart);
currentPart.Close(false);
currentPart = new TrafficViewerFile();
partNo++;
}
index++;
}
if (currentPart.RequestCount > 0)
{
ExportPart(partNo, currentPart);
}
}
private HttpResponseInfo StopProxy(HttpRequestInfo requestInfo)
{
string report = "";
//get the port from the url
string portString = null;
requestInfo.QueryVariables.TryGetValue("port", out portString);
//optional secret to protect the recording session
string secret = null;
requestInfo.QueryVariables.TryGetValue("secret", out secret);
//optional flag indicating if similar requests should be skiped
string skipSimilar = null;
requestInfo.QueryVariables.TryGetValue("skipSimilar", out skipSimilar);
//the file to save to
string fileName = null;
requestInfo.QueryVariables.TryGetValue("fileName", out fileName);
//optional parameter to cancel the scan
string cancel = null;
requestInfo.QueryVariables.TryGetValue("cancel", out cancel);
if (fileName == null)
{
//assign a random file name
fileName = DateTime.Now.Ticks.ToString();
}
if (!Utils.IsMatch(fileName, "^[\\w._-]+$"))
{
return(GetResponse(400, "Bad Request", "Invalid file name."));
}
int port;
if (int.TryParse(portString, out port))
{
if (!CollectorProxyList.Instance.ProxyList.ContainsKey(port))
{
return(GetResponse(400, "Bad Request", "Port not found."));
}
else
{
IHttpProxy proxy = CollectorProxyList.Instance.ProxyList[port];
TrafficViewerFile trafficFile = (proxy as ManualExploreProxy).TrafficDataStore as TrafficViewerFile;
//check the secret if it exists
string configuredSecret = trafficFile.Profile.GetOption("secret") as String;
if (!String.IsNullOrWhiteSpace(configuredSecret) && !configuredSecret.Equals(secret))
{
return(GetResponse(401, "Unauthorized", "Invalid secret."));
}
string filePath = Path.Combine(TrafficCollectorSettings.Instance.DumpDir, fileName + ".htd");
if (proxy is DriveByAttackProxy)
{
DriveByAttackProxy dProx = proxy as DriveByAttackProxy;
int requestsLeft = dProx.RequestsLeft;
if (requestsLeft > 0 && (cancel == null || !cancel.Equals("true")))
{
return(GetResponse(206, "Partial Content", "Please wait... {0} request(s) left, {1} test job(s) in queue", requestsLeft, dProx.TestCount));
}
else
{
int id = -1;
TVRequestInfo info = null;
report = "\r\n\r\nVulnerability List\r\n";
report += "============================\r\n";
int count = 0;
while ((info = trafficFile.GetNext(ref id)) != null)
{
if (info.Description.Contains("Vulnerability"))
{
count++;
report += String.Format("Request {0} - {1} ({2})\r\n", info.RequestLine, info.Description, info.Validation);
}
}
report += String.Format("Total: {0}\r\n", count);
}
}
if (File.Exists(filePath)) //load the existing file and check the secret
{
TrafficViewerFile existingFile = new TrafficViewerFile();
existingFile.Open(filePath);
configuredSecret = existingFile.Profile.GetOption("secret") as String;
existingFile.Close(false);
if (String.IsNullOrWhiteSpace(configuredSecret) || String.IsNullOrWhiteSpace(secret) || !configuredSecret.Equals(secret))
{
return(GetResponse(401, "Unauthorized", "Cannot override existing file."));
}
}
proxy.Stop();
CollectorProxyList.Instance.ProxyList.Remove(port);
if (trafficFile.RequestCount > 0)
{
if (skipSimilar != null && skipSimilar.Equals("true", StringComparison.OrdinalIgnoreCase))
{
trafficFile = removeSimilar(trafficFile);
}
trafficFile.Save(filePath);
report += String.Format("Traffic file saved at '{0}'\r\n", filePath);
}
else
{
report += "Nothing recorded.";
}
}
}
else
{
return(GetResponse(400, "Bad Request", "Invalid 'port' parameter."));
}
return(GetResponse(200, "OK", "Proxy stopped. {0}", report));
}
static void Main(string[] args)
{
if (args.Length < 2)
{
Console.WriteLine("Usage: Traffic2Exd <traffic file path> <EXD file path>");
Console.WriteLine("Supported import formats: .har, .txt, .htd");
Console.WriteLine("If the EXD file already exists the tool will append to it.");
Console.WriteLine("Exit codes: 1 - No args, 2 - Incorrect file path, 3 - Parsing error, 4 - Export error, 5 - Unsupported Exception.");
Environment.ExitCode = 1;
}
else
{
string trafficFilePath = args[0];
string exdFilePath = args[1];
if (!File.Exists(trafficFilePath))
{
Console.WriteLine("Could not find har file: '{0}'", trafficFilePath);
Environment.ExitCode = 2;
}
else
{
TrafficViewerFile tvf = new TrafficViewerFile();
try
{
if (File.Exists(exdFilePath))
{
Console.WriteLine("EXD file {0} already exists. Appending to it.", exdFilePath);
ConfigurationParser exdParser = new ConfigurationParser();
exdParser.Parse(exdFilePath, tvf, ParsingOptions.GetDefaultProfile());
}
Console.WriteLine("Importing from '{0}'...", trafficFilePath);
ITrafficParser parser = null;
if (trafficFilePath.ToLower().EndsWith(".har"))
{
parser = new HarParser();
}
else if (trafficFilePath.ToLower().EndsWith(".txt"))
{
parser = new DefaultTrafficParser();
}
else if (trafficFilePath.ToLower().EndsWith(".htd"))
{
TrafficViewerFile tvf2 = new TrafficViewerFile();
tvf2.Open(trafficFilePath);
int id = -1;
TVRequestInfo info = null;
while ((info = tvf2.GetNext(ref id)) != null)
{
tvf.AddRequestResponse(tvf2.LoadRequestData(info.Id), tvf2.LoadResponseData(info.Id));
}
}
else
{
Console.WriteLine("File extension is unsupported. Supported extensions/formats: .har, .txt, .htd");
Environment.ExitCode = 5;
}
if (parser != null)
{
parser.Parse(trafficFilePath, tvf, ParsingOptions.GetRawProfile());
}
}
catch (Exception ex)
{
Console.WriteLine("Parsing exception: '{0}'", ex.Message);
Environment.ExitCode = 3;
}
//now export
try
{
Console.WriteLine("Exporting to '{0}'...", exdFilePath);
var exporter = new ManualExploreExporter();
exporter.Export(tvf, new FileStream(exdFilePath, FileMode.Create, FileAccess.ReadWrite));
}
catch (Exception ex)
{
Console.WriteLine("Export exception: '{0}'", ex.Message);
Environment.ExitCode = 4;
}
tvf.Close(false);
Console.WriteLine("Done.");
}
}
}