private void checkedListBox1_ItemCheck(object sender, ItemCheckEventArgs e) { //Should always be true,lt in logic though to allow for a option to control the box itself in case Transformation t = (Transformation)0x0; List <int> indexes = new List <int>(); foreach (int index in this.checkedListBox1.CheckedIndices) { indexes.Add(index); } if (e.NewValue == CheckState.Checked) { indexes.Add(e.Index); } else if (e.NewValue == CheckState.Unchecked) { indexes.Remove(e.Index); } foreach (int index in indexes) { string s = this.checkedListBox1.Items[index].ToString(); t |= UAUtilities.GetTransformationFromString(s); } view.ApplyFilter(delegate(ResponseResult rr) { return(((rr.Transformation) & t) > 0); }); this.refreshBindings(); }
/// <summary> /// /// </summary> /// <param name="s"></param> /// <returns></returns> public MatchCollection TokenizeHeaders(Session s) { MatchCollection mc = new MatchCollection(); foreach (IHeaderParser parser in headerParsers) { if (parser is ParserBase && UAUtilities.isMatch(((ParserBase)parser).ContentTypePatterns, s.Request.ContentType)) { mc.AddRange(parser.TokenizeHeaders(s)); } } return(mc); }
private static Transformation GetTransformationFromXmlNode(XmlNode TransformationNode) { Transformation t = Transformation.None; if (TransformationNode.Name == "Transformations") { //Next setup the transformations foreach (XmlAttribute attr in TransformationNode.Attributes) { t |= UAUtilities.GetTransformationFromString(attr.Name.Trim()); } } return(t); }
public static UnicodeTestCases LoadUnicodeCharMappingsFromFile(string fPath) { XmlDocument doc = new XmlDocument(); UnicodeTestCases list = new UnicodeTestCases(); try { doc.Load(fPath); } catch (FileNotFoundException e) { Trace.WriteLine(String.Format("Error opening XML document contained test cases: Error {0}", e.Message)); } //Parsing into structures.. try { foreach (XmlNode node in doc.SelectNodes("/UnicodeTestMappings/UnicodeTestMapping")) { UnicodeTestCaseTypes t = UAUtilities.GetMappingTypeFromString(node.Attributes["Type"].Value); switch (t) { case UnicodeTestCaseTypes.Transformable: list.Add(ParseTransformable(node)); break; case UnicodeTestCaseTypes.Traditional: list.Add(ParseTraditional(node)); break; case UnicodeTestCaseTypes.Overlong: list.Add(ParseOverlong(node)); break; } } } catch (Exception e) { Trace.WriteLine(String.Format("Error parsing XML Document {0]", e.Message)); throw e; } return(list); }
public UASettings() { this.canary = "pqz"; this.domainFilters = new List <string>(); this.UnicodeTestMappings = XmlMappingLoader.LoadUnicodeCharMappingsFromFile(UAUtilities.GetModuleLocation() + MappingFileName); }
public static UASettings Load() { UASettings settings; XmlSerializer s = new XmlSerializer(typeof(Secsay.UASettings)); string myDoc = Environment.GetEnvironmentVariable("UserProfile"); TextReader r = new StreamReader(fileName); settings = (UASettings)s.Deserialize(r); r.Close(); settings.UnicodeTestMappings = XmlMappingLoader.LoadUnicodeCharMappingsFromFile(UAUtilities.GetModuleLocation() + MappingFileName); return(settings); }
// Called before the user can edit a response using the Fiddler Inspectors public void AutoTamperResponseBefore(Session oSession) { if (this.engine == null || !setup) { return; } if (this.engine.Settings.Enabled) { if (this.engine.Settings.domainFilterEnabled && this.engine.Settings.filterResponse && UAUtilities.isMatch(this.engine.Settings.domainFilters, oSession.host)) { List <Secsay.ResponseResult> results = this.engine.InspectResponse(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); if (results.Count > 0) { ui.Invoke(ui.ar, results); } } else if (!this.engine.Settings.domainFilterEnabled) { List <Secsay.ResponseResult> results = this.engine.InspectResponse(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); if (results.Count > 0) { foreach (Secsay.ResponseResult rr in results) { if (rr.Transformation == Secsay.Transformation.None) { if (!allXSSSessions.Contains(oSession)) { List <Fiddler.Session> XSSSessions = new List <Fiddler.Session>(); XSSSessions.Add(oSession); XNMD.Comman.WriteWarning("xss url£º" + oSession.fullUrl); XNMD.MySession.SaveSessionsTo(XSSSessions, @"XSSresult"); } Monitor.Enter(allXSSSessions); allXSSSessions.Add(oSession); Monitor.Exit(allXSSSessions); } //Capture.Comman.WriteWarning("type:" + rr.Transformation.ToString() + " xss url£º" + oSession.fullUrl); } //ui.Invoke(ui.ar, results); } } } }
// Called before the user can edit a request using the Fiddler Inspectors public void AutoTamperRequestBefore(Session oSession) { if (this.engine == null || !setup) { return; } if (this.engine.Settings.Enabled) { if (oSession.oFlags[Secsay.UASettings.casabaFlag] == null) { if (this.engine.Settings.domainFilterEnabled && this.engine.Settings.filterRequests && UAUtilities.isMatch(this.engine.Settings.domainFilters, oSession.host)) { this.engine.ProcessRequest(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); } else if (!this.engine.Settings.domainFilterEnabled) { this.engine.ProcessRequest(Secsay.xss.FiddlerUtils.FiddlerSessionToSession(oSession)); } } } }
private char GetUnicodeCharFromCodePoint(uint codePoint) { return(UAUtilities.uintCodePointToChar(codePoint)); }
public static char uintCodePointToChar(uint codePoint) { byte[] bytes = UAUtilities.uintToBytes(codePoint); return(Encoding.UTF32.GetChars(bytes)[0]); }