private TrafficViewerFile removeSimilar(TrafficViewerFile source) { TrafficViewerFile dest = new TrafficViewerFile(); TVRequestInfo info; int id = -1; List <int> _reqHashes = new List <int>(); while ((info = source.GetNext(ref id)) != null) { byte[] request = source.LoadRequestData(info.Id); HttpRequestInfo reqInfo = new HttpRequestInfo(request, true); int hash = reqInfo.GetHashCode(TrafficServerMode.BrowserFriendly); if (!_reqHashes.Contains(hash)) { byte[] response = source.LoadResponseData(info.Id); dest.AddRequestResponse(request, response); _reqHashes.Add(hash); } } //copy profile over dest.Profile = source.Profile; return(dest); }
//[TestMethod] public void TestLoginExportType() { TempFile temp = new TempFile(); temp.Write(Resources.AltoroLogin); TrafficViewerFile origFile = new TrafficViewerFile(); origFile.Open(temp.Path); Assert.AreEqual(4, origFile.RequestCount); //export IList <ITrafficExporter> exporters = TrafficViewer.Instance.TrafficExporters; ITrafficExporter loginExporter = null; foreach (ITrafficExporter exporter in exporters) { if (exporter.Caption == "ASE Login Files (.login)") { loginExporter = exporter; } } Assert.IsNotNull(loginExporter); TempFile exportedFile = new TempFile("exporttest.login"); Stream stream = exportedFile.OpenStream(); loginExporter.Export(origFile, stream, "demo.testfire.net", 80); stream.Close(); //import the exported file TrafficViewerFile import = new TrafficViewerFile(); ITrafficParser configurationParser = TrafficViewer.Instance.GetParser("Configuration Parser"); Assert.IsNotNull(configurationParser); configurationParser.Parse(exportedFile.Path, import, ParsingOptions.GetLegacyAppScanProfile()); Assert.AreEqual(origFile.RequestCount, import.RequestCount); int i = -1; TVRequestInfo origInfo; while ((origInfo = origFile.GetNext(ref i)) != null) { TVRequestInfo importInfo = import.GetRequestInfo(origInfo.Id); string origRequest = Constants.DefaultEncoding.GetString(origFile.LoadRequestData(origInfo.Id)); string importedRequest = Constants.DefaultEncoding.GetString(import.LoadRequestData(origInfo.Id)); Assert.AreEqual(origRequest, importedRequest); } }
protected void SendTestRequestToMockProxy(HttpRequestInfo testRequest, HttpResponseInfo testResponse, out HttpRequestInfo receivedRequest, out HttpResponseInfo receivedResponse, int proxyPort = 0) { TrafficViewerFile mockSite = new TrafficViewerFile(); TrafficViewerFile dataStore = new TrafficViewerFile(); MockProxy mockProxy = new MockProxy(dataStore, mockSite, "127.0.0.1", proxyPort, 0); mockProxy.Start(); //change the requests host and port to be the ones of the mock proxy testRequest.Host = mockProxy.Host; testRequest.Port = mockProxy.Port; mockSite.AddRequestResponse(testRequest.ToArray(false), testResponse.ToArray()); IHttpClient client = GetHttpClient(); receivedResponse = client.SendRequest(testRequest); // check what was received in the proxy byte[] receivedRequestBytes = dataStore.LoadRequestData(0); if (receivedRequestBytes == null) { receivedRequest = null; } else { receivedRequest = new HttpRequestInfo(receivedRequestBytes); } mockProxy.Stop(); }
private void RunRequestLineTest(string expectedValue) { WebRequestClient wrClient = new WebRequestClient(); TrafficViewerFile dataStore = new TrafficViewerFile(); TrafficViewerFile mockSite = new TrafficViewerFile(); MockProxy mockProxy = new MockProxy(dataStore, mockSite); mockProxy.Start(); HttpRequestInfo expectedRequest = new HttpRequestInfo(expectedValue); expectedRequest.Host = mockProxy.Host; expectedRequest.Port = mockProxy.Port; //set the webrequest to use a proxy HttpResponseInfo respInfo = wrClient.SendRequest(expectedRequest); mockProxy.Stop(); if (!expectedRequest.IsConnect) { Assert.AreEqual(1, dataStore.RequestCount); byte[] receivedReqBytes = dataStore.LoadRequestData(0); HttpRequestInfo receivedRequest = new HttpRequestInfo(receivedReqBytes); Assert.AreEqual(expectedValue, receivedRequest.RequestLine); } else { Assert.AreEqual("HTTP/1.1 200 Connection established", respInfo.StatusLine); } }
public void TestPOSTRequestToProxy() { TrafficViewerFile dataStore = new TrafficViewerFile(); TrafficViewerFile mockSite = new TrafficViewerFile(); string expectedResponseLine = "HTTP/1.1 200 OK"; mockSite.AddRequestResponse(Resources.POSTRequest, expectedResponseLine); MockProxy proxy = new MockProxy(dataStore, mockSite); proxy.Start(); IHttpClient httpClient = GetHttpClient(proxy.Port); HttpRequestInfo testRequestInfo = new HttpRequestInfo(Resources.POSTRequest); HttpResponseInfo respInfo = httpClient.SendRequest(testRequestInfo); Assert.AreEqual(200, respInfo.Status); HttpRequestInfo storedRequestInfo = new HttpRequestInfo(mockSite.LoadRequestData(0)); Assert.AreEqual("uid=jsmith&passwd=Demo1234", storedRequestInfo.ContentDataString); proxy.Stop(); }
protected void SendTestRequestThroughMockProxy(HttpRequestInfo testRequest, HttpResponseInfo testResponse, out HttpRequestInfo receivedRequest, out HttpResponseInfo receivedResponse, ClientType clientType = ClientType.WebRequestClient, int proxyPort = 0) { TrafficViewerFile mockSite = new TrafficViewerFile(); mockSite.AddRequestResponse(testRequest.ToArray(true), testResponse.ToArray()); TrafficViewerFile dataStore = new TrafficViewerFile(); MockProxy mockProxy = new MockProxy(dataStore, mockSite, "127.0.0.1", proxyPort, 0); mockProxy.Start(); IHttpClient client = GetHttpClient(mockProxy.Port); receivedResponse = client.SendRequest(testRequest); // check what was received in the proxy byte [] receivedRequestBytes = dataStore.LoadRequestData(0); if (receivedRequestBytes == null) { receivedRequest = null; } else { receivedRequest = new HttpRequestInfo(receivedRequestBytes); } mockProxy.Stop(); }
public void TestDataStoreHasRequestAndResponse() { TrafficViewerFile dataStore = new TrafficViewerFile(); TrafficViewerFile mockSite = new TrafficViewerFile(); string testRequest = "GET http://site.com/a HTTP/1.1\r\n"; string expectedResponseLine = "HTTP/1.1 200 OK\r\n\r\n<body>"; mockSite.AddRequestResponse(testRequest, expectedResponseLine); MockProxy proxy = new MockProxy(dataStore, mockSite); proxy.Start(); IHttpClient httpClient = GetHttpClient(proxy.Port); HttpRequestInfo testRequestInfo = new HttpRequestInfo(testRequest); httpClient.SendRequest(testRequestInfo); byte[] testRequestBytes = dataStore.LoadRequestData(0); byte[] testResponseBytes = dataStore.LoadResponseData(0); HttpRequestInfo reqInfo = new HttpRequestInfo(testRequestBytes); Assert.AreEqual(testRequestInfo.FullUrl, reqInfo.FullUrl); HttpResponseInfo respInfo = new HttpResponseInfo(testResponseBytes); Assert.AreEqual(200, respInfo.Status); Assert.AreEqual("<body>", respInfo.ResponseBody.ToString()); proxy.Stop(); }
public void EditARequest() { string originalRequest = "GET / HTTP/1.1"; string originalResponse = "HTTP/1.1 200 OK"; TrafficViewerFile file = new TrafficViewerFile(); int reqId = file.AddRequestResponse(originalRequest, originalResponse); Assert.AreEqual(1, file.RequestCount); TVRequestInfo reqInfo = file.GetRequestInfo(reqId); string newRequest = "POST /login HTTP/1.1"; string newResponse = "HTTP/1.1 302 Redirect"; file.SaveRequest(reqId, Encoding.UTF8.GetBytes(newRequest)); file.SaveResponse(reqId, Encoding.UTF8.GetBytes(newResponse)); //check the response info was updated Assert.AreEqual(newRequest, reqInfo.RequestLine); Assert.AreEqual("302", reqInfo.ResponseStatus); Assert.AreEqual(newRequest.Length, reqInfo.RequestLength); Assert.AreEqual(newResponse.Length, reqInfo.ResponseLength); string loadedRequest = Encoding.UTF8.GetString(file.LoadRequestData(reqId)); Assert.AreEqual(newRequest, loadedRequest); string loadedResponse = Encoding.UTF8.GetString(file.LoadResponseData(reqId)); Assert.AreEqual(newResponse, loadedResponse); file.Close(false); }
private static void ValidateASEFile(TrafficViewerFile tvFile) { //after the import we should have 2 requests Assert.AreEqual(2, tvFile.RequestCount); int i = -1; TVRequestInfo first = tvFile.GetNext(ref i); TVRequestInfo second = tvFile.GetNext(ref i); Assert.AreEqual("GET /index1 HTTP/1.1", first.RequestLine); Assert.AreEqual("[1000]", first.ThreadId); Assert.AreEqual("Stage::Purpose1", first.Description); Assert.AreEqual("POST /index2 HTTP/1.1", second.RequestLine); Assert.AreEqual("[2000]", second.ThreadId); Assert.AreEqual("Stage::Purpose2", second.Description); TimeSpan diff = second.RequestTime.Subtract(first.RequestTime); Assert.AreEqual(10, diff.Milliseconds); Assert.AreEqual(" 0.03s", first.Duration); //check the requests HttpRequestInfo req1 = new HttpRequestInfo(tvFile.LoadRequestData(first.Id)); HttpRequestInfo req2 = new HttpRequestInfo(tvFile.LoadRequestData(second.Id)); Assert.AreEqual("demo.testfire.net", req1.Host); Assert.AreEqual("www.altoromutual.com", req2.Host); //check the responses Assert.AreEqual("200", first.ResponseStatus); Assert.AreEqual("302", second.ResponseStatus); HttpResponseInfo resp1 = new HttpResponseInfo(); HttpResponseInfo resp2 = new HttpResponseInfo(); resp1.ProcessResponse(tvFile.LoadResponseData(first.Id)); resp2.ProcessResponse(tvFile.LoadResponseData(second.Id)); string firstBody = resp1.ResponseBody.ToString(); string secondBody = resp2.ResponseBody.ToString(); Assert.IsTrue(firstBody.Contains("interrupt")); Assert.IsFalse(firstBody.Contains("--function")); Assert.IsTrue(secondBody.Contains("inter\nrupt")); }
public void EditTVF() { TrafficViewerFile tvf = UnitTestUtils.GenerateTestTvf(); //check delete int initialCount = tvf.RequestCount; //get the first request id int i = -1; TVRequestInfo first = tvf.GetNext(ref i); TVRequestInfo second = tvf.GetNext(ref i); HttpRequestInfo secondRequest = new HttpRequestInfo(tvf.LoadRequestData(second.Id)); HttpResponseInfo secondResponse = new HttpResponseInfo(); byte [] respBytes = tvf.LoadResponseData(second.Id); secondResponse.ProcessResponse(respBytes); int referenceResponseStatus = secondResponse.Status; int referenceHash = secondRequest.GetHashCode(); Assert.IsTrue(tvf.RemoveRequest(first.Id)); Assert.AreEqual(initialCount - 1, tvf.RequestCount); Assert.IsNull(tvf.GetPrevious(ref i)); RequestDataCache.Instance.Clear(); //check that //check add TVRequestInfo reqInfo = new TVRequestInfo(); reqInfo.RequestLine = "GET /newrequest HTTP/1.1"; string request = "GET /newrequest HTTP/1.1\r\nHeader1:1\r\n\r\n"; string response = "HTTP 200 OK\r\nHeader1:1\r\n\r\n<html><body>Added request</body></html>"; RequestResponseBytes reqData = new RequestResponseBytes(); reqData.AddToRequest(Constants.DefaultEncoding.GetBytes(request)); reqData.AddToResponse(Constants.DefaultEncoding.GetBytes(response)); tvf.AddRequestInfo(reqInfo); tvf.SaveRequest(reqInfo.Id, reqData); tvf.SaveResponse(reqInfo.Id, reqData); //Check that the request was added response = Constants.DefaultEncoding.GetString(tvf.LoadResponseData(reqInfo.Id)); Assert.AreEqual(38, response.IndexOf("Added request")); Assert.AreEqual(65, response.Length); //modify the recently added request slightly }
public void TestRemovingCachedHeaders() { //setup a mock web server TrafficViewerFile serverdataStore = new TrafficViewerFile(); serverdataStore.Profile.SetExclusions(new string[0] { }); TrafficViewerFile mockSiteData = new TrafficViewerFile(); string testRequest = "GET /a HTTP/1.1\r\nIf-Modified-Since: 10-10-2012\r\nIf-None-Match: 123\r\nProxy-Connection: keep-alive\r\nAccept-Encoding: gzip\r\n\r\n"; string testResponse = "HTTP/1.1 200 OK\r\nConnection: close\r\n\r\n"; mockSiteData.AddRequestResponse(testRequest, testResponse); MockProxy mockServer = new MockProxy(serverdataStore, mockSiteData); mockServer.Start(); //setup a mock proxy TrafficViewerFile proxyDataStore = new TrafficViewerFile(); proxyDataStore.Profile.SetExclusions(new string[1] { @".*\.gif" }); ManualExploreProxy meProxy = new ManualExploreProxy("127.0.0.1", 17777, proxyDataStore); meProxy.Start(); IHttpClient httpClient = GetHttpClient(ClientType.TrafficViewerHttpClient, meProxy.Port); //need to use the traffic viewer client here //the webrequestclient does not allow requests to localhost through a proxy on localhost HttpRequestInfo testRequestInfo = new HttpRequestInfo(testRequest); testRequestInfo.Host = mockServer.Host; testRequestInfo.Port = mockServer.Port; httpClient.SendRequest(testRequestInfo); HttpRequestInfo savedReqInfo = new HttpRequestInfo(serverdataStore.LoadRequestData(0)); Assert.IsNull(savedReqInfo.Headers["If-Modified-Since"]); Assert.IsNull(savedReqInfo.Headers["If-None-Match"]); Assert.IsNull(savedReqInfo.Headers["Accept-Encoding"]); Assert.IsNull(savedReqInfo.Headers["Proxy-Connection"]); meProxy.Stop(); mockServer.Stop(); }
public void SaveAndOpen() { string expectedRequest = "GET / HTTP/1.1"; string expectedResponse = "HTTP/1.1 200 OK"; TrafficViewerFile file = new TrafficViewerFile(); int reqId = file.AddRequestResponse(expectedRequest, expectedResponse); file.GetRequestInfo(reqId).IsHttps = true; Assert.AreEqual(1, file.RequestCount); TempFile temp = new TempFile(".tvf"); file.Save(temp.Path); //verify that the file can be saved Assert.IsTrue(File.Exists(temp.Path), "Cannot save the file"); file.Close(false); //make a new file and verify we can open TrafficViewerFile file2 = new TrafficViewerFile(); file2.Open(temp.Path); //verify actual file was open Assert.AreEqual(1, file2.RequestCount, "Incorrect request count after opening saved file"); //verify request data is correct int requestId = -1; TVRequestInfo info = file2.GetNext(ref requestId); Assert.IsNotNull(info, "Cannot obtain request info"); //veryfy transport info Assert.IsTrue(info.IsHttps); //verify request data string loadedRequest = Encoding.UTF8.GetString(file2.LoadRequestData(info.Id)); Assert.AreEqual(expectedRequest, loadedRequest); string loadedResponse = Encoding.UTF8.GetString(file2.LoadResponseData(info.Id)); Assert.AreEqual(expectedResponse, loadedResponse); file2.Close(false); }
public void TestExclusions() { TrafficViewerFile dataStore = new TrafficViewerFile(); dataStore.Profile.SetExclusions(new string[1] { @".*\.gif" }); TrafficViewerFile mockSite = new TrafficViewerFile(); string nonExcludedRequest = "GET http://site.com/a HTTP/1.1\r\n\r\n"; string excludedRequest = "GET http://site.com/image.gif HTTP/1.1\r\n\r\n"; string testResponse = "HTTP/1.1 200 OK"; mockSite.AddRequestResponse(nonExcludedRequest, testResponse); mockSite.AddRequestResponse(excludedRequest, testResponse); MockProxy proxy = new MockProxy(dataStore, mockSite); proxy.Start(); IHttpClient httpClient = GetHttpClient(proxy.Port); HttpRequestInfo testRequestInfo = new HttpRequestInfo(excludedRequest); HttpResponseInfo respInfo = httpClient.SendRequest(testRequestInfo); Assert.AreEqual(200, respInfo.Status); //verify that nothing was added to the file Assert.AreEqual(0, dataStore.RequestCount); //verify that when sending a request that is not excluded the request is being added testRequestInfo = new HttpRequestInfo(nonExcludedRequest); respInfo = httpClient.SendRequest(testRequestInfo); Assert.AreEqual(200, respInfo.Status); //verify that the request was added to the file Assert.AreEqual(1, dataStore.RequestCount); HttpRequestInfo savedReqInfo = new HttpRequestInfo(dataStore.LoadRequestData(0)); Assert.AreEqual(testRequestInfo.FullUrl, savedReqInfo.FullUrl); proxy.Stop(); }
public void TestEncryptedRequest() { TrafficViewerFile file = new TrafficViewerFile(); string request1 = "GET /unencrypted HTTP/1.1"; string request2 = "GET /encrypted\r\n\r\nsecret=123456789 HTTP/1.1"; string response1 = "HTTP 200 OK\r\n\r\nUnencrypted Response"; string response2 = "HTTP 200 OK\r\n\r\nEncrypted Response (secret 1234567789)"; file.AddRequestResponse(request1, response1); file.AddRequestResponse(request2, response2); var reqInfo = file.GetRequestInfo(1); Assert.IsFalse(reqInfo.IsEncrypted, "Default should be unencrypted"); reqInfo.IsEncrypted = true; //resave the request file.SaveRequestResponse(1, request2, response2); TempFile tempFile = new TempFile(); file.EnableDefrag = true; //defrag the raw file file.Save(tempFile.Path); file = new TrafficViewerFile(); file.Open(tempFile.Path); Assert.IsFalse(file.GetRequestInfo(0).IsEncrypted, "First request should not be encrypted"); Assert.IsTrue(file.GetRequestInfo(1).IsEncrypted, "Second request should be encrypted"); string testRequest = Constants.DefaultEncoding.GetString(file.LoadRequestData(1)); Assert.AreEqual(request2, testRequest); string testResponse = Constants.DefaultEncoding.GetString(file.LoadResponseData(1)); Assert.AreEqual(response2, testResponse); file.Close(false); File.Delete(tempFile.Path); }
//[TestMethod] public void ExportExdUtil() { string sourcePath = @"c:\_transfer\jaguarmanualexplorefiltered.htd"; TrafficViewerFile source = new TrafficViewerFile(); source.Open(sourcePath); int id = -1; int index = 0; int count = source.RequestCount; int partNo = 1; int numberOfParts = 6; int partSize = count / numberOfParts; TVRequestInfo info; TrafficViewerFile currentPart = new TrafficViewerFile(); while ((info = source.GetNext(ref id)) != null) { if (index < partSize * partNo) { byte [] request = source.LoadRequestData(info.Id); byte [] response = source.LoadResponseData(info.Id); currentPart.AddRequestResponse(request, response); } else { ExportPart(partNo, currentPart); currentPart.Close(false); currentPart = new TrafficViewerFile(); partNo++; } index++; } if (currentPart.RequestCount > 0) { ExportPart(partNo, currentPart); } }
public void Test_HTTP_WebRequestClient_Cookies() { string[] testRequestList = new string[5]; string[] testResponseList = new string[5]; testRequestList[0] = "GET http://site.com/a/1 HTTP/1.1\r\n\r\n"; testResponseList[0] = "HTTP/1.1 302 Redirect\r\nSet-Cookie:a=1; Path=/a\r\nLocation: http://site.com/a\r\n\r\n"; testRequestList[1] = "GET http://site.com/a/2 HTTP/1.1\r\n\r\n"; testResponseList[1] = "HTTP/1.1 302 OK\r\n\r\n"; testRequestList[2] = "GET http://site.com/b HTTP/1.1\r\nCookie:b=2\r\n\r\n"; testResponseList[2] = "HTTP/1.1 302 OK\r\n\r\n"; testRequestList[3] = "GET http://site.com/a/3 HTTP/1.1\r\n\r\n"; testResponseList[3] = "HTTP/1.1 302 Redirect\r\nSet-Cookie:a=2; Path=/a; Expires=Thu, 01-Jan-1970 00:00:01 GMT;\r\nLocation: http://site.com/a\r\n\r\n"; testRequestList[4] = "GET http://site.com/a/4 HTTP/1.1\r\n\r\n"; testResponseList[4] = "HTTP/1.1 200 OK\r\n\r\n"; WebRequestClient client = new WebRequestClient(); client.ShouldHandleCookies = true; TrafficViewerFile mockSite = new TrafficViewerFile(); for (int idx = 0; idx < testRequestList.Length; idx++) { mockSite.AddRequestResponse(testRequestList[idx], testResponseList[idx]); } TrafficViewerFile dataStore = new TrafficViewerFile(); MockProxy mockProxy = new MockProxy(dataStore, mockSite); mockProxy.Start(); client.SetProxySettings(mockProxy.Host, mockProxy.Port, null); for (int idx = 0; idx < testRequestList.Length; idx++) { client.SendRequest(new HttpRequestInfo(testRequestList[idx])); } //second request should have the extra cookie byte[] receivedRequestBytes = dataStore.LoadRequestData(1);//index starts from 0 Assert.IsNotNull(receivedRequestBytes, "Missing second request"); HttpRequestInfo receivedRequest = new HttpRequestInfo(receivedRequestBytes, true); Assert.IsNotNull(receivedRequest.Cookies); Assert.AreEqual(1, receivedRequest.Cookies.Count); Assert.IsTrue(receivedRequest.Cookies.ContainsKey("a")); //third request should not have the a cookie it's sent to /b but should have the b cookie receivedRequestBytes = dataStore.LoadRequestData(2); Assert.IsNotNull(receivedRequestBytes, "Missing third request"); receivedRequest = new HttpRequestInfo(receivedRequestBytes, true); Assert.IsNotNull(receivedRequest.Cookies); Assert.AreEqual(1, receivedRequest.Cookies.Count, "Request to /b should have 1 cookie"); Assert.IsTrue(receivedRequest.Cookies.ContainsKey("b")); //last request should have no cookies because the a cookie is expired receivedRequestBytes = dataStore.LoadRequestData(4); Assert.IsNotNull(receivedRequestBytes, "Missing fifth request"); receivedRequest = new HttpRequestInfo(receivedRequestBytes, true); Assert.IsNotNull(receivedRequest.Cookies); Assert.AreEqual(0, receivedRequest.Cookies.Count, "Last request should have no cookies"); mockProxy.Stop(); }
private void TestSelectedRequests() { var customTests = _testFile.GetCustomTests().Values; Tester tester = new Tester(this, _testFile); if (_requestsToTest.Count == 0) { //load the requests to test foreach (var tvReqInfo in _selectedRequests) { _requestsToTest.Enqueue(tvReqInfo); } } _trafficFile.SetState(AccessorState.Loading); while (_runnable && _requestsToTest.Count > 0) { TVRequestInfo workingEntry = _requestsToTest.Peek(); //check the request; byte[] reqBytes = _trafficFile.LoadRequestData(workingEntry.Id); byte[] respBytes = _trafficFile.LoadResponseData(workingEntry.Id); HttpRequestInfo workingReqInfo = null; if (reqBytes == null) { Log("SELECT A NEW REQUEST"); _requestsToTest.Dequeue(); //remove the request; continue; } else { workingReqInfo = new HttpRequestInfo(reqBytes, true); workingReqInfo.IsSecure = workingEntry.IsHttps; } string rawRequest = workingReqInfo.ToString(); string rawResponse = respBytes != null?Constants.DefaultEncoding.GetString(respBytes) : String.Empty; if (ShouldBeTested(rawRequest, _testFile.GetAttackTargetList())) { MultiThreadedTestExecution testExecution = new MultiThreadedTestExecution(tester, rawRequest, rawResponse, new Uri(workingReqInfo.FullUrl), _testFile.NumberOfThreads); bool containsFuzz = rawRequest.Contains(Constants.FUZZ_STRING); foreach (CustomTestDef testDef in customTests) { if (containsFuzz) { testExecution.TestsQueue.Enqueue(new TestJob(String.Empty, String.Empty, RequestLocation.Path, testDef)); } else { //iterate through parameters, cookies and headers foreach (var parameter in workingReqInfo.PathVariables) { testExecution.TestsQueue.Enqueue(new TestJob(parameter.Key, parameter.Value, RequestLocation.Path, testDef)); } foreach (var parameter in workingReqInfo.QueryVariables) { testExecution.TestsQueue.Enqueue(new TestJob(parameter.Key, parameter.Value, RequestLocation.Query, testDef)); } foreach (var parameter in workingReqInfo.BodyVariables) { testExecution.TestsQueue.Enqueue(new TestJob(parameter.Key, parameter.Value, RequestLocation.Body, testDef)); } if (!_testFile.TestOnlyParameters) { foreach (var header in workingReqInfo.Headers) { if (!header.Name.Equals("Host")) { testExecution.TestsQueue.Enqueue(new TestJob(header.Name, header.Value, RequestLocation.Headers, testDef)); } } foreach (var cookie in workingReqInfo.Cookies) { testExecution.TestsQueue.Enqueue(new TestJob(cookie.Key, cookie.Value, RequestLocation.Cookies, testDef)); } } } } testExecution.StartTestsAsync(); while (testExecution.IsRunning) { if (!_runnable) { testExecution.CancelTests(); } //wait for the test execution to complete HttpServerConsole.Instance.WriteLine(LogMessageType.Notification, "Requests in queue: {0}, Tests in queue for current request: {1}.", _requestsToTest.Count, testExecution.TestsQueue.Count); Thread.Sleep(10); } HttpServerConsole.Instance.WriteLine(LogMessageType.Notification, "Test execution completed."); } if (_requestsToTest.Count > 0) { _requestsToTest.Dequeue(); } } }
public void Run() { _runnable = true; var customTests = _testFile.GetCustomTests().Values; Tester tester = new Tester(this, _testFile); if (_requestsToTest.Count == 0) { //load the requests to test foreach (var tvReqInfo in _selectedRequests) { _requestsToTest.Enqueue(tvReqInfo); } } _trafficFile.SetState(AccessorState.Loading); while (_runnable && _requestsToTest.Count > 0) { TVRequestInfo workingEntry = _requestsToTest.Peek(); //check the request; byte[] reqBytes = _trafficFile.LoadRequestData(workingEntry.Id); byte[] respBytes = _trafficFile.LoadResponseData(workingEntry.Id); HttpRequestInfo workingReqInfo = null; if (reqBytes == null) { Log("SELECT A NEW REQUEST"); _requestsToTest.Dequeue(); //remove the request; continue; } else { workingReqInfo = new HttpRequestInfo(reqBytes, true); workingReqInfo.IsSecure = workingEntry.IsHttps; } string rawRequest = workingReqInfo.ToString(); string rawResponse = respBytes != null?Constants.DefaultEncoding.GetString(respBytes) : String.Empty; if (ShouldBeTested(rawRequest, _testFile.GetAttackTargetList())) { MultiThreadedTestExecution testExecution = new MultiThreadedTestExecution(tester, rawRequest, rawResponse, new Uri(workingReqInfo.FullUrl), _testFile.NumberOfThreads); bool containsFuzz = rawRequest.Contains(Constants.FUZZ_STRING); foreach (CustomTestDef testDef in customTests) { if (containsFuzz) { testExecution.TestsQueue.Enqueue(new TestJob(String.Empty, String.Empty, RequestLocation.Path, testDef)); } else { //iterate through parameters, cookies and headers foreach (var parameter in workingReqInfo.PathVariables) { testExecution.TestsQueue.Enqueue(new TestJob(parameter.Key, parameter.Value, RequestLocation.Path, testDef)); } foreach (var parameter in workingReqInfo.QueryVariables) { testExecution.TestsQueue.Enqueue(new TestJob(parameter.Key, parameter.Value, RequestLocation.Query, testDef)); } foreach (var parameter in workingReqInfo.BodyVariables) { testExecution.TestsQueue.Enqueue(new TestJob(parameter.Key, parameter.Value, RequestLocation.Body, testDef)); } if (!_testFile.TestOnlyParameters) { foreach (var header in workingReqInfo.Headers) { if (!header.Name.Equals("Host")) { testExecution.TestsQueue.Enqueue(new TestJob(header.Name, header.Value, RequestLocation.Headers, testDef)); } } foreach (var cookie in workingReqInfo.Cookies) { testExecution.TestsQueue.Enqueue(new TestJob(cookie.Key, cookie.Value, RequestLocation.Cookies, testDef)); } } } testExecution.StartTestsAsync(); while (testExecution.IsRunning) { if (!_runnable) { testExecution.CancelTests(); } //wait for the test execution to complete Thread.Sleep(10); } } } if (_requestsToTest.Count > 0) { _requestsToTest.Dequeue(); } } //we also initialize all multi-step operations List <string> multiStepList = _testFile.GetMultiStepList(); _multiStepsToTest = new Queue <string>(); foreach (string path in multiStepList) { if (File.Exists(path)) { _multiStepsToTest.Enqueue(path); } else { SdkSettings.Instance.Logger.Log(TraceLevel.Error, "Multi-Step path '{0}' does not exist.", path); } } while (_multiStepsToTest.Count > 0) { if (!_runnable) { return; } string path = _multiStepsToTest.Peek(); bool isAbl = path.EndsWith(".login"); TrafficViewerFile htd = new TrafficViewerFile(); if (isAbl) { SdkSettings.Instance.Logger.Log(TraceLevel.Error, "ABL files are not supported"); continue; } else { htd.Open(path); } SequentialAttackProxy proxy = GetTestProxy(_netSettings, true) as SequentialAttackProxy; proxy.Start(); DefaultNetworkSettings netSettings = new DefaultNetworkSettings(); netSettings.WebProxy = new WebProxy(proxy.Host, proxy.Port); netSettings.CertificateValidationCallback = _netSettings.CertificateValidationCallback; RequestSender.RequestSender reqSender = new RequestSender.RequestSender(netSettings); do { reqSender.Send(htd); }while (!proxy.TestComplete && _runnable); proxy.Stop(); if (_runnable) { _multiStepsToTest.Dequeue(); } } _trafficFile.SetState(AccessorState.Idle); _runnable = false; }
static void Main(string[] args) { if (args.Length < 2) { Console.WriteLine("Usage: Traffic2Exd <traffic file path> <EXD file path>"); Console.WriteLine("Supported import formats: .har, .txt, .htd"); Console.WriteLine("If the EXD file already exists the tool will append to it."); Console.WriteLine("Exit codes: 1 - No args, 2 - Incorrect file path, 3 - Parsing error, 4 - Export error, 5 - Unsupported Exception."); Environment.ExitCode = 1; } else { string trafficFilePath = args[0]; string exdFilePath = args[1]; if (!File.Exists(trafficFilePath)) { Console.WriteLine("Could not find har file: '{0}'", trafficFilePath); Environment.ExitCode = 2; } else { TrafficViewerFile tvf = new TrafficViewerFile(); try { if (File.Exists(exdFilePath)) { Console.WriteLine("EXD file {0} already exists. Appending to it.", exdFilePath); ConfigurationParser exdParser = new ConfigurationParser(); exdParser.Parse(exdFilePath, tvf, ParsingOptions.GetDefaultProfile()); } Console.WriteLine("Importing from '{0}'...", trafficFilePath); ITrafficParser parser = null; if (trafficFilePath.ToLower().EndsWith(".har")) { parser = new HarParser(); } else if (trafficFilePath.ToLower().EndsWith(".txt")) { parser = new DefaultTrafficParser(); } else if (trafficFilePath.ToLower().EndsWith(".htd")) { TrafficViewerFile tvf2 = new TrafficViewerFile(); tvf2.Open(trafficFilePath); int id = -1; TVRequestInfo info = null; while ((info = tvf2.GetNext(ref id)) != null) { tvf.AddRequestResponse(tvf2.LoadRequestData(info.Id), tvf2.LoadResponseData(info.Id)); } } else { Console.WriteLine("File extension is unsupported. Supported extensions/formats: .har, .txt, .htd"); Environment.ExitCode = 5; } if (parser != null) { parser.Parse(trafficFilePath, tvf, ParsingOptions.GetRawProfile()); } } catch (Exception ex) { Console.WriteLine("Parsing exception: '{0}'", ex.Message); Environment.ExitCode = 3; } //now export try { Console.WriteLine("Exporting to '{0}'...", exdFilePath); var exporter = new ManualExploreExporter(); exporter.Export(tvf, new FileStream(exdFilePath, FileMode.Create, FileAccess.ReadWrite)); } catch (Exception ex) { Console.WriteLine("Export exception: '{0}'", ex.Message); Environment.ExitCode = 4; } tvf.Close(false); Console.WriteLine("Done."); } } }