/// <summary> /// /// </summary> /// <returns></returns> public static string FillStatusPage() { DefenceMainSettings innerDefence = DefenceMainSettings.GetDefenceInstance(); string statusPage = ""; if (innerDefence != null) { statusPage = CreateStatusPage(); if (statusPage != "") { } } return(statusPage); }
private void loadXmlValidatorRules(DefenceMainSettings main) { if (main.IsFoundStoneActive) { FS_HttpModule_XMLRulesDatabase = main.FS_HttpModule_XMLRulesDatabase; FS_HttpModule_Validator_FormMappings = main.FS_HttpModule_Validator_FormMappings; FS_HttpModule_Validator_Rules = main.FS_HttpModule_Validator_Rules; string resolvedAddressOf_Validator_FormMappings = AppDomain.CurrentDomain.BaseDirectory + "/" + FS_HttpModule_XMLRulesDatabase + "/" + FS_HttpModule_Validator_FormMappings; string resolvedAddressOf_Validator_Rules = AppDomain.CurrentDomain.BaseDirectory + "/" + FS_HttpModule_XMLRulesDatabase + "/" + FS_HttpModule_Validator_Rules; ProcessRequest.xmlFile_Validator_FormMappings.Load(resolvedAddressOf_Validator_FormMappings); ProcessRequest.xmlFile_Validator_Rules.Load(resolvedAddressOf_Validator_Rules); loadPagesToProcessList(); convertValidatorFormMappingsXML_into_Hashtable(); convertValidatorRulesMappingsXML_into_Hashtable(); } }
public object OldCreate(object parent, object configContext, XmlNode section) { log.Info("Beginning with the parsing of the web.config"); //Read The Debug and Activity Attributes Before Creating The //Configuration Storage Object XmlElement activation = section["Activation"]; log.Info("Reading The Main Attributes"); string debug = activation.Attributes["Debug"].Value; if (XmlConvert.ToBoolean(debug)) { BasicConfigurator.Configure(new TraceAppender(pat)); } string active = activation.Attributes["Active"].Value; string keywordcheck = activation.Attributes["KeywordCheck"].Value; string regexcheck = activation.Attributes["RegExCheck"].Value; string cookies = section["Handlers"].ChildNodes[0].Attributes["Action"].Value; string formfields = section["Handlers"].ChildNodes[1].Attributes["Action"].Value; string querystring = section["Handlers"].ChildNodes[2].Attributes["Action"].Value; log.Info("Finished successfully Mapping The Main Attributes"); //DefenceMainSettings settings = new DefenceMainSettings(); ViewStateStatus viewStateHiding = new ViewStateStatus(true, ViewStateStatus.Method.GUID); DefenceMainSettings settings = new DefenceMainSettings(viewStateHiding); ArrayList ary = settings.DenyList; if (keywordcheck == "true") { if (section["KeywordList"] != null && section["KeywordList"].ChildNodes != null) { for (int i = 0; i < section["KeywordList"].ChildNodes.Count; i++) { string patterns = section["KeywordList"].ChildNodes[i].InnerText; if (GeneralUtilities.CheckString(patterns)) { try { string names = section["KeywordList"].ChildNodes[i].Attributes["name"].Value; ary.Add(new Textrule(names, patterns, Rule.ActionTypes.Deny)); } catch (Exception ex) { log.Error("Error in keywordlist configuration parsing", ex); } } } } } if (regexcheck == "true") { for (int x = 0; x < section["RegExDeny"].ChildNodes.Count; x++) { string patterns = section["RegExDeny"].ChildNodes[x].InnerText; if (GeneralUtilities.CheckString(patterns)) { try { ary.Add(new Regexrule(section["RegExDeny"].ChildNodes[x].Attributes["name"].Value, patterns, Rule.ActionTypes.Deny)); } catch (Exception ex) { log.Error("Error in regex configuration parsing", ex); } } } } settings.HandleCookies = int.Parse(cookies); settings.HandleForms = int.Parse(formfields); settings.HandleQueries = int.Parse(querystring); //Disabled Prior To Release v0.3 //settings.IsSqlInjectionBlock = (sqlinjection == "true"?true:false); settings.IsDebug = XmlConvert.ToBoolean(debug); settings.IsActive = XmlConvert.ToBoolean(active); log.Info("Finished Parsing of The Web.Config"); return(settings); }
public DefenceMainSettings() { FS_Page_Output = true; _innerDefenceMainSetting = this; }
/// <summary> /// Used By The Configuration Parser To Parser The Config Section /// </summary> /// <param name="parent"></param> /// <param name="configContext"></param> /// <param name="section"></param> /// <returns></returns> public object Create(object parent, object configContext, XmlNode section) { log.Info("Beginning with the parsing of the web.config"); #region XmlElement Creation Section XmlElement activation = section["Activation"]; XmlElement FoundStone = section["FoundStoneModule"]; XmlElement Plugin = section["Plugins"]; XmlElement ViewStateHiding = section["ViewStateHiding"]; #endregion log.Info("Reading The Main Attributes"); #region Debug Handling Section //BasicConfigurator.Configure(new FileAppender(pat, "c:\\defapplog.log", true)); bool debug = XmlConvert.ToBoolean(activation.Attributes["Debug"].Value); if ((debug)) { string debugFile = activation.Attributes["DebugFile"].Value; if (debugFile != null && debugFile.Length > 0) { try { BasicConfigurator.Configure(new FileAppender(pat, debugFile, true)); } catch { } } //Configures The MemoryAppender BasicConfigurator.Configure(new HttpAppender(pat, MemoryLogs)); //Configures The Trace Appender BasicConfigurator.Configure(new TraceAppender(pat)); } #endregion #region General Settings And Handling Orders string active = activation.Attributes["Active"].Value; //string keywordcheck = activation.Attributes["KeywordCheck"].Value; //string regexcheck = activation.Attributes["RegExCheck"].Value; string cookies = ""; string formfields = ""; string querystring = ""; string headers = ""; for (int ixy = 0; ixy < section["Handlers"].ChildNodes.Count; ixy++) { string Name = section["Handlers"].ChildNodes[ixy].Name; switch (Name) { case "HandleCookies": cookies = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; case "HandleFormFields": formfields = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; case "HandleQueryString": querystring = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; case "HandleHeaders": headers = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; default: break; } } DefenceMainSettings settings = new DefenceMainSettings(); if (!GeneralUtilities.IsNull(ViewStateHiding)) { if (ViewStateHiding.Attributes.Count == 2) { if (!GeneralUtilities.IsNull(ViewStateHiding.Attributes["Active"])) { bool tmpActivation = XmlConvert.ToBoolean(ViewStateHiding.Attributes["Active"].Value); string tmpMethod = ViewStateHiding.Attributes["Method"].Value; ViewStateStatus viewStateHiding = null; switch (tmpMethod) { case "MD5": viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.MD5); break; case "GUID": viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.SHA1); break; case "SHA1": viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.GUID); break; default: viewStateHiding = new ViewStateStatus(tmpActivation, ViewStateStatus.Method.NONE); break; } settings = new DefenceMainSettings(viewStateHiding); } } } settings.HandleCookies = int.Parse(cookies); settings.HandleForms = int.Parse(formfields); settings.HandleQueries = int.Parse(querystring); settings.HandleHeaders = int.Parse(headers); settings.IsDebug = debug; settings.IsActive = XmlConvert.ToBoolean(active); //settings #endregion #region Handle FoundStone Settings //log.Debug(AppDomain.CurrentDomain.BaseDirectory + "/bin/" + "DefAppPluginTest.dll"); //ArrayList lists = //Plugins.DefAppPlugin.XmlToPlugin(AppDomain.CurrentDomain.BaseDirectory + "/bin/" + "DefAppPluginTest.dll",10); //log.Debug(defApp.PluginName()); log.Info("Begin Parsing Dinis Attributes"); if (!GeneralUtilities.IsNull(FoundStone) && !GeneralUtilities.IsNull(FoundStone.Attributes["Active"])) { string dinisActive = FoundStone.Attributes["Active"].Value; settings.IsFoundStoneActive = XmlConvert.ToBoolean(dinisActive); if (!GeneralUtilities.IsNull(FoundStone.Attributes["ValidatorFormMappings"])) { settings.FS_HttpModule_Validator_FormMappings = FoundStone.Attributes["ValidatorFormMappings"].Value; } if (!GeneralUtilities.IsNull(FoundStone.Attributes["ValidatorRules"])) { settings.FS_HttpModule_Validator_Rules = FoundStone.Attributes["ValidatorRules"].Value; } if (!GeneralUtilities.IsNull(FoundStone.Attributes["XMLRulesDatabase"])) { settings.FS_HttpModule_XMLRulesDatabase = FoundStone.Attributes["XMLRulesDatabase"].Value; } if (!GeneralUtilities.IsNull(FoundStone.Attributes["FSPageOutput"])) { settings.FSPageOutput = XmlConvert.ToBoolean(FoundStone.Attributes["FSPageOutput"].Value); } } log.Info("End Parsing Dinis Attributes"); #endregion #region Plugin Handling Section if (GeneralUtilities.CheckNode(Plugin)) { ArrayList pluginArray = settings.PluginList; IEnumerator pluginEnum = Plugin.ChildNodes.GetEnumerator(); while (pluginEnum.MoveNext()) { XmlNode Pluginen = (XmlNode)pluginEnum.Current; if (!GeneralUtilities.IsNull(Pluginen.Attributes["assembly"].Value)) { string paths = AppDomain.CurrentDomain.BaseDirectory + "/bin/" + Pluginen.Attributes["assembly"].Value; log.Info(paths); DefAppPlugin.XmlToPlugin(paths, 999, pluginArray); } } } #endregion log.Info("Finished successfully Mapping The Main Attributes"); #region Rule Processing Section ArrayList ary = settings.DenyList; XmlNode Rulenode = section["RuleList"]; if (GeneralUtilities.CheckNode(Rulenode)) { IEnumerator enums = Rulenode.ChildNodes.GetEnumerator(); while (enums.MoveNext()) { XmlNode Rules = (XmlNode)enums.Current; Rule.XmlToRule(Rules, ary); } } #endregion log.Info("Finished Parsing of The Web.Config"); return(settings); }
public object OldCreate(object parent, object configContext, XmlNode section) { log.Info("Beginning with the parsing of the web.config"); //Read The Debug and Activity Attributes Before Creating The //Configuration Storage Object XmlElement activation = section["Activation"]; log.Info("Reading The Main Attributes"); string debug = activation.Attributes["Debug"].Value; if (XmlConvert.ToBoolean(debug)) BasicConfigurator.Configure(new TraceAppender(pat)); string active = activation.Attributes["Active"].Value; string keywordcheck = activation.Attributes["KeywordCheck"].Value; string regexcheck = activation.Attributes["RegExCheck"].Value; string cookies = section["Handlers"].ChildNodes[0].Attributes["Action"].Value; string formfields = section["Handlers"].ChildNodes[1].Attributes["Action"].Value; string querystring = section["Handlers"].ChildNodes[2].Attributes["Action"].Value; log.Info("Finished successfully Mapping The Main Attributes"); //DefenceMainSettings settings = new DefenceMainSettings(); ViewStateStatus viewStateHiding = new ViewStateStatus(true,ViewStateStatus.Method.GUID); DefenceMainSettings settings = new DefenceMainSettings(viewStateHiding); ArrayList ary = settings.DenyList; if (keywordcheck == "true") { if (section["KeywordList"] != null && section["KeywordList"].ChildNodes != null) { for (int i = 0; i < section["KeywordList"].ChildNodes.Count; i++) { string patterns = section["KeywordList"].ChildNodes[i].InnerText; if (GeneralUtilities.CheckString(patterns)) { try { string names = section["KeywordList"].ChildNodes[i].Attributes["name"].Value; ary.Add(new Textrule(names, patterns, Rule.ActionTypes.Deny)); } catch (Exception ex) { log.Error("Error in keywordlist configuration parsing", ex); } } } } } if (regexcheck == "true") { for (int x = 0; x < section["RegExDeny"].ChildNodes.Count; x++) { string patterns = section["RegExDeny"].ChildNodes[x].InnerText; if (GeneralUtilities.CheckString(patterns)) { try { ary.Add(new Regexrule(section["RegExDeny"].ChildNodes[x].Attributes["name"].Value, patterns, Rule.ActionTypes.Deny)); } catch (Exception ex) { log.Error("Error in regex configuration parsing", ex); } } } } settings.HandleCookies = int.Parse(cookies); settings.HandleForms = int.Parse(formfields); settings.HandleQueries = int.Parse(querystring); //Disabled Prior To Release v0.3 //settings.IsSqlInjectionBlock = (sqlinjection == "true"?true:false); settings.IsDebug = XmlConvert.ToBoolean(debug); settings.IsActive = XmlConvert.ToBoolean(active); log.Info("Finished Parsing of The Web.Config"); return settings; }
/// <summary> /// Used By The Configuration Parser To Parser The Config Section /// </summary> /// <param name="parent"></param> /// <param name="configContext"></param> /// <param name="section"></param> /// <returns></returns> public object Create(object parent, object configContext, XmlNode section) { log.Info("Beginning with the parsing of the web.config"); #region XmlElement Creation Section XmlElement activation = section["Activation"]; XmlElement FoundStone = section["FoundStoneModule"]; XmlElement Plugin = section["Plugins"]; XmlElement ViewStateHiding = section["ViewStateHiding"]; #endregion log.Info("Reading The Main Attributes"); #region Debug Handling Section //BasicConfigurator.Configure(new FileAppender(pat, "c:\\defapplog.log", true)); bool debug = XmlConvert.ToBoolean(activation.Attributes["Debug"].Value); if ((debug)) { string debugFile = activation.Attributes["DebugFile"].Value; if (debugFile != null && debugFile.Length > 0) { try { BasicConfigurator.Configure(new FileAppender(pat, debugFile, true)); } catch { } } //Configures The MemoryAppender BasicConfigurator.Configure(new HttpAppender(pat, MemoryLogs)); //Configures The Trace Appender BasicConfigurator.Configure(new TraceAppender(pat)); } #endregion #region General Settings And Handling Orders string active = activation.Attributes["Active"].Value; //string keywordcheck = activation.Attributes["KeywordCheck"].Value; //string regexcheck = activation.Attributes["RegExCheck"].Value; string cookies = ""; string formfields = ""; string querystring = ""; string headers = ""; for (int ixy=0;ixy<section["Handlers"].ChildNodes.Count;ixy++) { string Name = section["Handlers"].ChildNodes[ixy].Name; switch(Name) { case "HandleCookies": cookies = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; case "HandleFormFields": formfields = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; case "HandleQueryString": querystring = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; case "HandleHeaders": headers = section["Handlers"].ChildNodes[ixy].Attributes["Action"].Value; break; default: break; } } DefenceMainSettings settings = new DefenceMainSettings(); if (!GeneralUtilities.IsNull(ViewStateHiding)) { if (ViewStateHiding.Attributes.Count == 2) { if (!GeneralUtilities.IsNull(ViewStateHiding.Attributes["Active"])) { bool tmpActivation = XmlConvert.ToBoolean(ViewStateHiding.Attributes["Active"].Value); string tmpMethod = ViewStateHiding.Attributes["Method"].Value; ViewStateStatus viewStateHiding = null; switch(tmpMethod) { case "MD5": viewStateHiding = new ViewStateStatus(tmpActivation,ViewStateStatus.Method.MD5); break; case "GUID": viewStateHiding = new ViewStateStatus(tmpActivation,ViewStateStatus.Method.SHA1); break; case "SHA1": viewStateHiding = new ViewStateStatus(tmpActivation,ViewStateStatus.Method.GUID); break; default: viewStateHiding = new ViewStateStatus(tmpActivation,ViewStateStatus.Method.NONE); break; } settings = new DefenceMainSettings(viewStateHiding); } } } settings.HandleCookies = int.Parse(cookies); settings.HandleForms = int.Parse(formfields); settings.HandleQueries = int.Parse(querystring); settings.HandleHeaders = int.Parse(headers); settings.IsDebug = debug; settings.IsActive = XmlConvert.ToBoolean(active); //settings #endregion #region Handle FoundStone Settings //log.Debug(AppDomain.CurrentDomain.BaseDirectory + "/bin/" + "DefAppPluginTest.dll"); //ArrayList lists = //Plugins.DefAppPlugin.XmlToPlugin(AppDomain.CurrentDomain.BaseDirectory + "/bin/" + "DefAppPluginTest.dll",10); //log.Debug(defApp.PluginName()); log.Info("Begin Parsing Dinis Attributes"); if (!GeneralUtilities.IsNull(FoundStone) && !GeneralUtilities.IsNull(FoundStone.Attributes["Active"])) { string dinisActive = FoundStone.Attributes["Active"].Value; settings.IsFoundStoneActive = XmlConvert.ToBoolean(dinisActive); if (!GeneralUtilities.IsNull(FoundStone.Attributes["ValidatorFormMappings"])) settings.FS_HttpModule_Validator_FormMappings = FoundStone.Attributes["ValidatorFormMappings"].Value; if (!GeneralUtilities.IsNull(FoundStone.Attributes["ValidatorRules"])) settings.FS_HttpModule_Validator_Rules = FoundStone.Attributes["ValidatorRules"].Value; if (!GeneralUtilities.IsNull(FoundStone.Attributes["XMLRulesDatabase"])) settings.FS_HttpModule_XMLRulesDatabase = FoundStone.Attributes["XMLRulesDatabase"].Value; if (!GeneralUtilities.IsNull(FoundStone.Attributes["FSPageOutput"])) settings.FSPageOutput = XmlConvert.ToBoolean(FoundStone.Attributes["FSPageOutput"].Value); } log.Info("End Parsing Dinis Attributes"); #endregion #region Plugin Handling Section if (GeneralUtilities.CheckNode(Plugin)) { ArrayList pluginArray = settings.PluginList; IEnumerator pluginEnum = Plugin.ChildNodes.GetEnumerator(); while (pluginEnum.MoveNext()) { XmlNode Pluginen = (XmlNode) pluginEnum.Current; if (!GeneralUtilities.IsNull(Pluginen.Attributes["assembly"].Value)) { string paths = AppDomain.CurrentDomain.BaseDirectory + "/bin/" + Pluginen.Attributes["assembly"].Value; log.Info(paths); DefAppPlugin.XmlToPlugin(paths, 999, pluginArray); } } } #endregion log.Info("Finished successfully Mapping The Main Attributes"); #region Rule Processing Section ArrayList ary = settings.DenyList; XmlNode Rulenode = section["RuleList"]; if (GeneralUtilities.CheckNode(Rulenode)) { IEnumerator enums = Rulenode.ChildNodes.GetEnumerator(); while (enums.MoveNext()) { XmlNode Rules = (XmlNode) enums.Current; Rule.XmlToRule(Rules, ary); } } #endregion log.Info("Finished Parsing of The Web.Config"); return settings; }
/// <summary> /// Disposes The Main Application /// </summary> public void Dispose() { main = null; GC.Collect(); }
/// <summary> /// Parses The Configurations From The Web.Config File /// </summary> private void parseConfigurations() { main = (DefenceMainSettings) ConfigurationSettings.GetConfig("AppSec/AppGenerals"); log.Info("Mapping Of The Configuration Files Has Been Finished"); ReflectionUtils.IsComAllowed(); }
/// <summary> /// Parses The Configurations From The Web.Config File /// </summary> private void parseConfigurations() { main = (DefenceMainSettings)ConfigurationSettings.GetConfig("AppSec/AppGenerals"); log.Info("Mapping Of The Configuration Files Has Been Finished"); ReflectionUtils.IsComAllowed(); }