private List <AuthenticationForm> LoadForms(string URL)
{
List <AuthenticationForm> Forms = new List <AuthenticationForm>();
CreateWebrequest webRequest = new CreateWebrequest();
string HTML = webRequest.StringGetWebPage(URL, string.Empty);
if (HTML != string.Empty)
{
int LastFormIndexEnd = 0;
while (true)
{
string NewHTML = HTML.Substring(LastFormIndexEnd);
int FormIndex = NewHTML.ToLower().IndexOf("<form");
int FormIndexEnd = NewHTML.ToLower().IndexOf("</form>") + 7;
int FormLength = FormIndexEnd - FormIndex;
if (FormIndex == -1 || FormIndex >= FormIndexEnd)
{
break;
}
string HTMLForm = NewHTML.Substring(FormIndex, FormLength);
string action = RegexText(" action\\=\\\"([^\"]*)\\\"", HTMLForm);
string method = RegexText(" method\\=\\\"([^\"]*)\\\"", HTMLForm);
AuthenticationForm authForm = new AuthenticationForm();
authForm.Action = GetURL(textBoxURL.Text, action);
if (method.ToLower() == "get")
{
authForm.Method = AuthenticationForm.Methods.GET;
}
else
{
authForm.Method = AuthenticationForm.Methods.POST;
}
authForm.InputFields = LoadInputFields(HTMLForm);
if (!authForm.Action.ToLower().Contains("javascript:"))
{
Forms.Add(authForm);
}
LastFormIndexEnd += FormIndexEnd;
}
}
return(Forms);
}
private void AttackPOST(string URL, string POST)
{
if (string.IsNullOrEmpty(POST))
{
return;
}
for (int i = 0; i < AttackedUrls.Count; i++)
{
if (AttackedUrls[i].OriginalURL == URL && AttackedUrls[i].OriginalPOST == POST)
{
return;
}
}
QueryModifier queryModifier = new QueryModifier(POST);
if (queryModifier.ParameterCount == 0)
{
return;
}
do
{
string NewPOST = queryModifier.GetModifiedQuery(textBoxModifier.Text);
DateTime Start = DateTime.Now;
CreateWebrequest Request = new CreateWebrequest();
string HTML = Request.StringGetWebPage(URL, POST, new List <string>(), false);
AttackedUrl attackedURL = new AttackedUrl();
attackedURL.HTML = HTML;
attackedURL.OriginalPOST = POST;
attackedURL.OriginalURL = URL;
attackedURL.ModifiedPOST = NewPOST;
AttackedUrls.Add(attackedURL);
ClearAttackBrowser();
ListViewItem Item = new ListViewItem();
Item.Text = URL;
Item.SubItems.Add(NewPOST);
listViewResult.Items.Add(Item);
}while (queryModifier.NextParameter());
}
private void AttackURL(string URL)
{
if (!URL.Contains("?"))
{
return;
}
for (int i = 0; i < AttackedUrls.Count; i++)
{
if (AttackedUrls[i].OriginalURL == URL && string.IsNullOrEmpty(AttackedUrls[i].OriginalPOST))
{
return;
}
}
string Query = URL.Substring(URL.IndexOf('?') + 1);
string BeforeQuery = URL.Substring(0, URL.IndexOf('?') + 1);
QueryModifier queryModifier = new QueryModifier(Query);
if (queryModifier.ParameterCount != 0)
{
do
{
string NewURL = BeforeQuery + queryModifier.GetModifiedQuery(textBoxModifier.Text);
DateTime Start = DateTime.Now;
CreateWebrequest Request = new CreateWebrequest();
string HTML = Request.StringGetWebPage(NewURL, string.Empty, new List <string>(), false);
AttackedUrl attackedURL = new AttackedUrl();
attackedURL.HTML = HTML;
attackedURL.OriginalURL = URL;
attackedURL.ModifiedURL = NewURL;
AttackedUrls.Add(attackedURL);
ClearAttackBrowser();
ListViewItem Item = new ListViewItem();
Item.Text = NewURL;
Item.SubItems.Add(string.Empty);
listViewResult.Items.Add(Item);
}while (queryModifier.NextParameter());
}
}
private void ThreadFunc()
{
var wh = new WaitHandle[] { _newRequestEvent, ManagerStopped };
while (_managerActive)
{
if (WaitHandle.WaitAny(wh) == 0)
{
Request req = GetRequest();
if (req != null)
{
var cwr = new CreateWebrequest
{
CustomCookieCollection = CustomCookieCollection
};
req.HTML = cwr.StringGetWebPage(req.URL, req.POST);
OnRequestFinish(req);
}
}
}
}
private void ThreadFunc()
{
var wh = new WaitHandle[] { _newRequestEvent, ManagerStopped };
while (_managerActive)
{
if (WaitHandle.WaitAny(wh) == 0)
{
Request req = GetRequest();
if (req != null)
{
var cwr = new CreateWebrequest
{
CustomCookieCollection = CustomCookieCollection
};
req.HTML = cwr.StringGetWebPage(req.URL, req.POST);
OnRequestFinish(req);
}
}
}
}
private void toolStripButtonSendRequest_Click(object sender, EventArgs e)
{
if (FieldsValid())
{
bool mediatype = false;
string URL = string.Empty;
string Post = string.Empty;
headers = new List <string>();
listViewResponseHeaders.Items.Clear();
richTextBoxSource.Text = "";
webBrowserSource.Navigate("about:blank");
URL = toolStripTextBoxURL.Text;
if (toolStripComboBoxMethod.SelectedIndex == 1)
{
Post = richTextBoxPOST.Text;
}
if (listViewRequestHeaders.Items.Count > 0)
{
foreach (ListViewItem item in listViewRequestHeaders.Items)
{
if (item.SubItems.Count > 1)
{
headers.Add(item.Text + ":" + item.SubItems[1].Text);
}
}
}
if (toolStripComboBoxProtocol.SelectedIndex == 0)
{
mediatype = true;
}
else
{
mediatype = false;
}
CreateWebrequest webrequest = new CreateWebrequest();
webrequest.netCredentials = netCred;
webrequest.CustomCookieCollection = cookieCollection;
string HTML = webrequest.StringGetWebPage(URL, Post, headers, mediatype);
richTextBoxSource.Text = HTML;
webBrowserSource.DocumentText = HTML;
if (webrequest.Response != null)
{
for (int i = 0; i < webrequest.Response.Headers.Count; i++)
{
ListViewItem Item = new ListViewItem();
Item.Text = webrequest.Response.Headers.Keys[i];
string Value = string.Empty;
string[] HeaderValues = webrequest.Response.Headers.GetValues(i);
for (int iHv = 0; iHv < HeaderValues.Length; iHv++)
{
Value += HeaderValues[iHv] + " ";
}
Item.SubItems.Add(Value);
listViewResponseHeaders.Items.Add(Item);
}
}
}
}
private List<AuthenticationForm> LoadForms(string URL)
{
List<AuthenticationForm> Forms = new List<AuthenticationForm>();
CreateWebrequest webRequest = new CreateWebrequest();
string HTML = webRequest.StringGetWebPage(URL, string.Empty);
if (HTML != string.Empty)
{
int LastFormIndexEnd = 0;
while (true)
{
string NewHTML = HTML.Substring(LastFormIndexEnd);
int FormIndex = NewHTML.ToLower().IndexOf("<form");
int FormIndexEnd = NewHTML.ToLower().IndexOf("</form>") + 7;
int FormLength = FormIndexEnd - FormIndex;
if (FormIndex == -1 || FormIndex >= FormIndexEnd)
break;
string HTMLForm = NewHTML.Substring(FormIndex, FormLength);
string action = RegexText(" action\\=\\\"([^\"]*)\\\"", HTMLForm);
string method = RegexText(" method\\=\\\"([^\"]*)\\\"", HTMLForm);
AuthenticationForm authForm = new AuthenticationForm();
authForm.Action = GetURL(textBoxURL.Text, action);
if (method.ToLower() == "get")
authForm.Method = AuthenticationForm.Methods.GET;
else
authForm.Method = AuthenticationForm.Methods.POST;
authForm.InputFields = LoadInputFields(HTMLForm);
if (!authForm.Action.ToLower().Contains("javascript:"))
Forms.Add(authForm);
LastFormIndexEnd += FormIndexEnd;
}
}
return Forms;
}
