private void PerformTests(ScannerSetting setting)
{
if (ResponseSummary == null)
{
return;
}
if (setting.CheckMultipleSignInPages)
{
this.PerformMultiplySignInPagesTest(setting);
ResponseSummary.SignInPagesOk = this.CollectSummaryItem(Categories.SignInPages, true);
VpnScanner.ResponseDetails.ClearBody(ResponseDetails, true);
}
if (setting.CheckAdminAccess)
{
this.PerformAdminAccessTest();
ResponseSummary.AdminAccessOk = this.CollectSummaryItem(Categories.AdminAccess, false);
}
if (setting.CheckMeetingTest)
{
this.PerformCheckMeetingTest();
ResponseSummary.MeetingTestOk = this.CollectSummaryItem(Categories.MeetingTest, false);
}
if (setting.CheckXssVulnerability)
{
this.PerformScriptingAttacksTest();
this.PerformXssVulnerabilityTests();
ResponseSummary.XssTestOk = this.CollectSummaryItem(Categories.XssTest, true);
}
if (setting.CheckSetupFiles)
{
this.PerformCheckFilesExistenceTest();
ResponseSummary.SetupFilesOk = this.CollectSummaryItem(Categories.SetupFiles, true);
}
if (setting.CheckWebRoot)
{
this.PerformCheckWebRootTest();
ResponseSummary.WebRootOk = this.CollectSummaryItem(Categories.WebRoot, false);
}
if (setting.CheckAuthByPass)
{
this.PerformAuthByPassTest();
ResponseSummary.AuthByPassOk = this.CollectSummaryItem(Categories.AuthByPass, false);
}
}
public void CheckResource(ScannerSetting setting)
{
if (String.IsNullOrEmpty(_baseUrl))
{
return;
}
ResponseDetails = new List <ResponseDetails>();
ResponseSummary = new ResponseSummary();
_existingSignInUrls = new List <string>();
_mutex = new Mutex(false);
this.PerformTests(setting);
}
private void PerformMultiplySignInPagesTest(ScannerSetting setting)
{
this._threads = new List <Thread>();
for (int i = setting.MinId; i < setting.MaxId; i++)
{
if (!_terminate)
{
var url = String.Format("{0}{1}", _baseUrl, Properties.Settings.Default.CheckByIdUrlPart).Replace("$URLID", i.ToString(CultureInfo.InvariantCulture));
var completedUrl = new Uri(url);
var request = ConfigureGetRequest(completedUrl);
var thread = new Thread(ScanResource);
this._threads.Add(thread);
thread.Start(request);
ResponseSummary.SignInGeneratedUrls.Add(url);
}
}
this.WaitForCompletedThreads();
}
private void btnStart_Click( object sender, EventArgs e )
{
if( String.IsNullOrEmpty( this.tbUrl.Text ) )
{
MessageBox.Show( "You need to enter url!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Warning );
return;
}
if( !this.AtLeastOneCheckSelected() )
{
MessageBox.Show( "You must select at least one check!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Warning );
return;
}
this.gvResults.DataSource = null;
this.ClearResponseSummary();
this._juniperManager = new JuniperManager( this.GetBaseUrl() );
this._scannerSetting = new ScannerSetting
{
MinId = ( int )this.nudMin.Value,
MaxId = ( int )this.nudMax.Value,
CheckMultipleSignInPages = this.chbMultipleSignInPages.Checked,
CheckWebRoot = this.chbWebRoot.Checked,
CheckSetupFiles = this.chbSetupFiles.Checked,
CheckAuthByPass = this.chbAuthByPass.Checked,
CheckXssVulnerability = this.chbCheckXss.Checked,
CheckAdminAccess = this.chbAdminAccess.Checked,
CheckMeetingTest = this.chbMeetingTest.Checked
};
this.ActivateStatusLabel( true );
this.DisableControls( this.Controls, false );
this.bgWorker.RunWorkerAsync();
}
private void BgWorkerRunWorkerCompleted( object sender, RunWorkerCompletedEventArgs e )
{
if( this._juniperManager != null )
{
this.gvResults.DataSource = JuniperManager.ResponseDetails;
this.DisableControls( this.Controls, true );
this.ActivateStatusLabel( false );
this.SetResponseSummary();
if( JuniperManager.ResponseDetails != null )
{
MessageBox.Show( "Scanning completed!", String.Empty, MessageBoxButtons.OK, MessageBoxIcon.Information );
if( this.chbMultipleSignInPages.Checked )
{
this.cbUrlsToAttack.DataSource = JuniperManager.ResponseSummary.SignInGeneratedUrls;
this._scannerSetting = new ScannerSetting();
}
}
}
}
public void CheckResource( ScannerSetting setting )
{
if( String.IsNullOrEmpty( _baseUrl ) )
{
return;
}
ResponseDetails = new List< ResponseDetails >();
ResponseSummary = new ResponseSummary();
_existingSignInUrls = new List< string >();
_mutex = new Mutex( false );
this.PerformTests( setting );
}
private void PerformMultiplySignInPagesTest( ScannerSetting setting )
{
this._threads = new List< Thread >();
for( int i = setting.MinId; i < setting.MaxId; i++ )
{
if( !_terminate )
{
var url = String.Format( "{0}{1}", _baseUrl, Properties.Settings.Default.CheckByIdUrlPart ).Replace( "$URLID", i.ToString( CultureInfo.InvariantCulture ) );
var completedUrl = new Uri( url );
var request = ConfigureGetRequest( completedUrl );
var thread = new Thread( ScanResource );
this._threads.Add( thread );
thread.Start( request );
ResponseSummary.SignInGeneratedUrls.Add( url );
}
}
this.WaitForCompletedThreads();
}
private void PerformTests( ScannerSetting setting )
{
if( ResponseSummary == null )
{
return;
}
if( setting.CheckMultipleSignInPages )
{
this.PerformMultiplySignInPagesTest( setting );
ResponseSummary.SignInPagesOk = this.CollectSummaryItem( Categories.SignInPages, true );
VpnScanner.ResponseDetails.ClearBody( ResponseDetails, true );
}
if( setting.CheckAdminAccess )
{
this.PerformAdminAccessTest();
ResponseSummary.AdminAccessOk = this.CollectSummaryItem( Categories.AdminAccess, false );
}
if( setting.CheckMeetingTest )
{
this.PerformCheckMeetingTest();
ResponseSummary.MeetingTestOk = this.CollectSummaryItem( Categories.MeetingTest, false );
}
if( setting.CheckXssVulnerability )
{
this.PerformScriptingAttacksTest();
this.PerformXssVulnerabilityTests();
ResponseSummary.XssTestOk = this.CollectSummaryItem( Categories.XssTest, true );
}
if( setting.CheckSetupFiles )
{
this.PerformCheckFilesExistenceTest();
ResponseSummary.SetupFilesOk = this.CollectSummaryItem( Categories.SetupFiles, true );
}
if( setting.CheckWebRoot )
{
this.PerformCheckWebRootTest();
ResponseSummary.WebRootOk = this.CollectSummaryItem( Categories.WebRoot, false );
}
if( setting.CheckAuthByPass )
{
this.PerformAuthByPassTest();
ResponseSummary.AuthByPassOk = this.CollectSummaryItem( Categories.AuthByPass, false );
}
}