private void StartFuzzing() { while (true) { CreateWebrequest webRequest = GetWork(); if (webRequest == null || userStopped) { Thread.Sleep(4000); finished = true; break; } else { Process(webRequest); } } //string HTML = SendWebRequest(RequestList[i], string.Empty); //if (Filtered(HTML)) //{ // if (useMatchFile) // { // string Match = GetMatch(HTML); // WriteMatch(Match); // } //} }
private void PrepareQueue() { RequestGenerator RG = new RequestGenerator(Generators); List <string> RequestListGET = RG.GenerateRequestList(URL); List <string> RequestListPOST = RG.GenerateRequestList(URL); if (RequestListGET.Count > 0) { requestAnzahl = RequestListGET.Count; } else { requestAnzahl = RequestListPOST.Count; } foreach (string _URL in RequestListGET) { if (post.Length == 0) { CreateWebrequest webRequest = new CreateWebrequest(); webRequest.URL = _URL; Work.Enqueue(webRequest); } else { foreach (string _POST in RequestListPOST) { CreateWebrequest webRequest = new CreateWebrequest(); webRequest.URL = _URL; webRequest.POST = _POST; Work.Enqueue(webRequest); } } } }
private string SendWebRequest(string URL, string POST) { CreateWebrequest request = new CreateWebrequest(); request.CustomCookieCollection = CustomCookieCollection; string HTML = request.StringGetWebPage(URL, POST); return(HTML); }
private string SendWebRequest(string URL, string POST) { CreateWebrequest request = new CreateWebrequest(); request.CustomCookieCollection = CustomCookieCollection; string HTML = request.StringGetWebPage(URL, POST); return HTML; }
private void Process(CreateWebrequest webRequest) { string HTML = webRequest.StringGetWebPage(); if (webRequest.Response != null) { string ResponseHeaders = ""; for (int iKey = 0; iKey < webRequest.Response.Headers.Keys.Count; iKey++) { string Values = ""; string[] ValuesSplitted = webRequest.Response.Headers.GetValues(iKey); for (int iValue = 0; iValue < ValuesSplitted.Length; iValue++) Values += ValuesSplitted[iValue] + " "; ResponseHeaders += webRequest.Response.Headers.Keys[iKey] + ": " + Values + "\r\n"; } string RequestHeaders = ""; if (webRequest.Request != null) { for (int iKey = 0; iKey < webRequest.Request.Headers.Keys.Count; iKey++) { string Values = ""; string[] ValuesSplitted = webRequest.Request.Headers.GetValues(iKey); for (int iValue = 0; iValue < ValuesSplitted.Length; iValue++) Values += ValuesSplitted[iValue] + " "; RequestHeaders += webRequest.Request.Headers.Keys[iKey] + ": " + Values + "\r\n"; } } bool RequestSuccess = true; for (int i = 0; i < fuzzerFilters.Count; i++) { bool Filtered = true; FuzzerFilter Filter = fuzzerFilters[i]; if (Filter.ConditionType == FuzzerFilter.ConditionTypes.ResponseHeaders) { if (!RegexMatch(ResponseHeaders, Filter.ConditionValue)) Filtered = false; } if (Filter.ConditionType == FuzzerFilter.ConditionTypes.ResponseHTML) { if (!RegexMatch(HTML, Filter.ConditionValue)) Filtered = false; } if (Filter.ConditionType == FuzzerFilter.ConditionTypes.ResponseStatusCode) { if (!RegexMatch(Convert.ToInt32(webRequest.Response.StatusCode).ToString(), Filter.ConditionValue)) Filtered = false; } if (Filtered && Filter.FilterType == FuzzerFilter.FilterTypes.Exclude) RequestSuccess = false; } if (RequestSuccess) { FilteredRequest filteredRequest = new FilteredRequest(); filteredRequest.HTML = HTML; filteredRequest.URL = webRequest.URL; filteredRequest.RequestHeaders = RequestHeaders; filteredRequest.ResponseHeaders = ResponseHeaders; filteredRequests.Add(filteredRequest); } } }
private void PrepareQueue() { RequestGenerator RG = new RequestGenerator(Generators); List<string> RequestListGET = RG.GenerateRequestList(URL); List<string> RequestListPOST = RG.GenerateRequestList(URL); if (RequestListGET.Count > 0) requestAnzahl = RequestListGET.Count; else requestAnzahl = RequestListPOST.Count; foreach (string _URL in RequestListGET) { if (post.Length == 0) { CreateWebrequest webRequest = new CreateWebrequest(); webRequest.URL = _URL; Work.Enqueue(webRequest); } else { foreach (string _POST in RequestListPOST) { CreateWebrequest webRequest = new CreateWebrequest(); webRequest.URL = _URL; webRequest.POST = _POST; Work.Enqueue(webRequest); } } } }
private void Process(CreateWebrequest webRequest) { string HTML = webRequest.StringGetWebPage(); if (webRequest.Response != null) { string ResponseHeaders = ""; for (int iKey = 0; iKey < webRequest.Response.Headers.Keys.Count; iKey++) { string Values = ""; string[] ValuesSplitted = webRequest.Response.Headers.GetValues(iKey); for (int iValue = 0; iValue < ValuesSplitted.Length; iValue++) { Values += ValuesSplitted[iValue] + " "; } ResponseHeaders += webRequest.Response.Headers.Keys[iKey] + ": " + Values + "\r\n"; } string RequestHeaders = ""; if (webRequest.Request != null) { for (int iKey = 0; iKey < webRequest.Request.Headers.Keys.Count; iKey++) { string Values = ""; string[] ValuesSplitted = webRequest.Request.Headers.GetValues(iKey); for (int iValue = 0; iValue < ValuesSplitted.Length; iValue++) { Values += ValuesSplitted[iValue] + " "; } RequestHeaders += webRequest.Request.Headers.Keys[iKey] + ": " + Values + "\r\n"; } } bool RequestSuccess = true; for (int i = 0; i < fuzzerFilters.Count; i++) { bool Filtered = true; FuzzerFilter Filter = fuzzerFilters[i]; if (Filter.ConditionType == FuzzerFilter.ConditionTypes.ResponseHeaders) { if (!RegexMatch(ResponseHeaders, Filter.ConditionValue)) { Filtered = false; } } if (Filter.ConditionType == FuzzerFilter.ConditionTypes.ResponseHTML) { if (!RegexMatch(HTML, Filter.ConditionValue)) { Filtered = false; } } if (Filter.ConditionType == FuzzerFilter.ConditionTypes.ResponseStatusCode) { if (!RegexMatch(Convert.ToInt32(webRequest.Response.StatusCode).ToString(), Filter.ConditionValue)) { Filtered = false; } } if (Filtered && Filter.FilterType == FuzzerFilter.FilterTypes.Exclude) { RequestSuccess = false; } } if (RequestSuccess) { FilteredRequest filteredRequest = new FilteredRequest(); filteredRequest.HTML = HTML; filteredRequest.URL = webRequest.URL; filteredRequest.RequestHeaders = RequestHeaders; filteredRequest.ResponseHeaders = ResponseHeaders; filteredRequests.Add(filteredRequest); } } }