public void Inspect(RequestAnalysisContext context, CancellationToken cancellationToken) { var method = context.Request.Method; if (!HttpMethods.IsGet(method) && !HttpMethods.IsHead(method) && !HttpMethods.IsOptions(method) && !HttpMethods.IsPost(method) && !HttpMethods.IsDelete(method) && !HttpMethods.IsPut(method) && !HttpMethods.IsPatch(method) && !HttpMethods.IsConnect(method) ) { // TRACE must be disabled if (HttpMethods.IsTrace(method)) { context.ReportDiagnostic(new Diagnostic(RuleTrace, Location.Method)); return; } // unknown method context.ReportDiagnostic(new Diagnostic(Rule, Location.Method)); // Apache directory listing exploit if (method.Equals("GETS", StringComparison.OrdinalIgnoreCase)) { context.ReportDiagnostic(new Diagnostic(RuleGets, Location.Method)); } } }
public void Inspect(RequestAnalysisContext context, CancellationToken cancellationToken) { if (context.Request.Headers.ContainsKey("X-Scanner")) { context.ReportDiagnostic(new Diagnostic(Rule, Location.RequestHeader("X-Scanner"))); } }
public void Inspect(RequestAnalysisContext context, CancellationToken cancellationToken) { if (context.Request.Path.Value.Any(Char.IsControl)) { context.ReportDiagnostic(new Diagnostic(Rule, Location.Path)); return; } if (context.Request.QueryString.Value.Any(Char.IsControl)) { context.ReportDiagnostic(new Diagnostic(Rule, Location.QueryString())); return; } foreach (var header in context.Request.Headers.Where(h => h.Key.Any(Char.IsControl) || h.Value.Any(v => v.Any(Char.IsControl)))) { context.ReportDiagnostic(new Diagnostic(Rule, Location.RequestHeader(header.Key))); return; } }
public async Task InspectAsync(RequestAnalysisContext context, CancellationToken cancellationToken) { if (context.Request.Method.Equals("post", StringComparison.OrdinalIgnoreCase) && context.Request.HasFormContentType) { bool valid = await Antiforgery.IsRequestValidAsync(context.HttpContext); if (!valid) { context.ReportDiagnostic(new Diagnostic(Rule, Location.RequestBody)); } } }
public void Inspect(RequestAnalysisContext context, CancellationToken cancellationToken) { var options = Options.CurrentValue; // inspect file extension var file = context.TokenizedPath.LastOrDefault(); if (file != null && file.Contains('.')) { foreach (var found in Extensions.Where(e => file.EndsWith(e.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.Path)); if (options.Depth == AnalysisDepth.FindFirst) { return; } } } // inspect directories foreach (var found in Folders.Where(s => context.TokenizedPath.Any(d => d.Equals(s.Term, StringComparison.OrdinalIgnoreCase)))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.Path)); if (options.Depth == AnalysisDepth.FindFirst) { return; } } // inspect file name if (file != null) { foreach (var found in Files.Where(e => file.Equals(e.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.Path)); if (options.Depth == AnalysisDepth.FindFirst) { return; } } } // inspect path var path = context.Request.Path.Value; foreach (var found in RequestBody.Where(i => path.Contains(i.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.Path)); if (options.Depth == AnalysisDepth.FindFirst) { return; } } // inspect query string var queryString = context.Request.QueryString.Value; if (!String.IsNullOrEmpty(queryString)) { foreach (var found in RequestBody.Where(i => queryString.Contains(i.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.QueryString())); if (options.Depth == AnalysisDepth.FindFirst) { return; } } } // inspect headers foreach (var header in context.Request.Headers) { foreach (var value in header.Value) { foreach (var found in RequestBody.Where(i => value.Contains(i.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.RequestHeader(header.Key))); if (options.Depth == AnalysisDepth.FindFirst) { return; } } } } // inspect user agent if (context.Request.Headers.TryGetValue("User-Agent", out var userAgent)) { foreach (var ua in userAgent) { foreach (var found in UserAgents.Where(u => ua.Contains(u.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.RequestHeader("User-Agent"))); if (options.Depth == AnalysisDepth.FindFirst) { return; } } } } // inspect headers if (context.Request.HasFormContentType && context.Request.Form != null) { // inspect files foreach (var formFile in context.Request.Form.Files) { var fileName = Path.GetFileName(formFile.FileName); // inspect file extension foreach (var found in FormFileNameExtension.Where(i => fileName.EndsWith(i.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.RequestFormFile(formFile.FileName))); if (options.Depth == AnalysisDepth.FindFirst) { return; } } // inspect file name foreach (var found in FormFileName.Where(i => fileName.Equals(i.Term, StringComparison.OrdinalIgnoreCase))) { context.ReportDiagnostic(new Diagnostic(Rule.With(found), Location.RequestFormFile(formFile.FileName))); if (options.Depth == AnalysisDepth.FindFirst) { return; } } } } }