Exemplo n.º 1
0
        public ReportResult SetResultRequest(long scan_id, string report_type, resultClass token)
        {
            try
            {
                ReportRequest request = new ReportRequest()
                {
                    reportType = report_type,
                    scanId     = scan_id
                };

                post   Post         = new post();
                secure token_secure = new secure(token);
                token_secure.findToken(token);
                string path = token_secure.post_rest_Uri(CxConstant.CxReportRegister);
                Post.post_Http(token, path, request);
                if (token.status == 0)
                {
                    ReportResult report = JsonConvert.DeserializeObject <ReportResult>(token.op_result);
                    return(report);
                }
            }
            catch (Exception ex)
            {
                token.status        = -1;
                token.statusMessage = ex.Message;
            }
            return(null);
        }
Exemplo n.º 2
0
 public bool GetResultStatus(long report_id, resultClass token)
 {
     try
     {
         get    httpGet      = new get();
         secure token_secure = new secure(token);
         token_secure.findToken(token);
         string path = token_secure.get_rest_Uri(String.Format(CxConstant.CxReportStatus, report_id));
         httpGet.get_Http(token, path);
         if (token.status == 0)
         {
             ReportReady ready = JsonConvert.DeserializeObject <ReportReady>(token.op_result);
             if (ready.Status.Id == 2)
             {
                 return(true);
             }
         }
     }
     catch (Exception ex)
     {
         token.status        = -1;
         token.statusMessage = ex.Message;
     }
     return(false);
 }
Exemplo n.º 3
0
 private bool writeOutputToFile(ReportTrace rt, resultClass token)
 {
     try
     {
         if ((!String.IsNullOrEmpty(token.save_result)) && (!String.IsNullOrEmpty(token.save_result_path)))
         {
             if (rt.reportType == "XML")
             {
                 XElement xl = XElement.Parse(token.op_result);
                 string filename = token.save_result_path + @"\" + rt.projectName + '-' + rt.scanTime.Value.ToString("yyyyMMddhhmmss") + ".xml";
                 File.WriteAllText(filename, xl.ToString(), System.Text.Encoding.UTF8);
                 return true;
             }
             else if (rt.reportType == "PDF")
             {
                 string filename = token.save_result_path + @"\" + rt.projectName + '-' + rt.scanTime.Value.ToString("yyyyMMddhhmmss") + ".pdf";
                 File.WriteAllBytes(filename, token.byte_result);
                 return true;
             }
             else
             {
                 return false;
             }
         }
     }
     catch (Exception ex)
     {
         Console.Error.WriteLine(ex.Message);
         throw ex;
     }
     return false;
 }
Exemplo n.º 4
0
 public List <ScanObject> filter_by_projects(resultClass token, bool onlyOne = false)
 {
     filter_scans(token, token.max_scans, onlyOne);
     teamId_in_scan(token, CxScans, token.team_name);
     presetId_in_scan(token, CxScans, token.preset);
     return(CxScans);
 }
Exemplo n.º 5
0
        public List <ProjectObject> projectId_in_projects(resultClass token, string project_name)
        {
            getScans             scans          = new getScans();
            List <ProjectObject> projectObjects = get_projects(token);

            if (String.IsNullOrEmpty(project_name))
            {
                foreach (ProjectObject project in projectObjects)
                {
                    if (!CxSettings.ContainsKey(Convert.ToInt64(project.id)))
                    {
                        ScanSettings scanSettings = scans.getScanSettings(token, project.id);
                        CxSettings.Add(Convert.ToInt64(project.id), scanSettings);
                    }
                }
                return(projectObjects);
            }
            else
            {
                List <ProjectObject> pclass = new List <ProjectObject>();
                foreach (ProjectObject project in projectObjects)
                {
                    if (project.name.Contains(project_name))
                    {
                        if (!CxSettings.ContainsKey(Convert.ToInt64(project.id)))
                        {
                            ScanSettings scanSettings = scans.getScanSettings(token, project.id);
                            CxSettings.Add(Convert.ToInt64(project.id), scanSettings);
                        }
                        pclass.Add(project);
                    }
                }
                return(pclass);
            }
        }
Exemplo n.º 6
0
        public bool presetId_in_scan(resultClass token, List <ScanObject> CxScans, string preset_name)
        {
            if (String.IsNullOrEmpty(preset_name))
            {
                return(false);
            }
            getScans getScans = new getScans();

            List <ScanObject> pclass = new List <ScanObject>();

            foreach (ScanObject scan in CxScans)
            {
                if (CxSettings.ContainsKey(scan.Project.Id))
                {
                    ScanSettings settings = CxSettings[scan.Project.Id];
                    string       preset   = CxPresets[settings.preset.id].name;
                    if (preset.Contains(preset_name))
                    {
                        pclass.Add(scan);
                    }
                }
            }
            CxScans = pclass;
            return(true);
        }
Exemplo n.º 7
0
        public bool get_Http(resultClass token, string path)
        {
            token.status = -1;
            try
            {
                HttpClient client = new HttpClient();
                client.DefaultRequestHeaders.Accept.Clear();
                client.DefaultRequestHeaders.Add("Accept", "application/json;v=1.0");
                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.bearer_token);
                var response = client.GetAsync(path).Result;
                if (response != null)
                {
                    if (response.IsSuccessStatusCode)
                    {
                        Console.WriteLine("Results found");
                        token.op_result = response.Content.ReadAsStringAsync().Result;

                        token.status = 0;
                        return(true);
                    }
                    else
                    {
                        Console.Error.Write(response);
                        return(false);
                    }
                }
            }
            catch (Exception ex)
            {
                token.status        = -1;
                token.statusMessage = ex.Message;
            }
            return(false);
        }
Exemplo n.º 8
0
        public resultClass decrypt_Token(resultClass token)
        {
            if (token == null)
            {
                token = new resultClass();
            }

            encryptClass decrypt    = get_decrypted_file();
            DateTime     timestamp  = DateTime.MinValue;
            Int32        expiration = 0;

            token.user_name    = (decrypt.user_name == null) ? String.Empty : decrypt.user_name;
            token.credential   = (decrypt.credential == null) ? String.Empty : decrypt.credential;
            token.bearer_token = (decrypt.token == null) ? String.Empty : decrypt.token;

            Int32.TryParse(decrypt.token_expires, out expiration);
            token.expiration = 60;
            DateTime.TryParse(decrypt.token_creation, out timestamp);
            token.timestamp = timestamp;

            //Console.WriteLine(string.Format("Decrypted username: {0}", token.user_name));
            //Console.WriteLine(string.Format("Decrypted credential: {0}", token.credential));
            //Console.WriteLine(string.Format("Decrypted bearer_token: {0}", token.bearer_token));
            //Console.WriteLine(string.Format("Decrypted token_expires: {0}", token.expiration));
            //Console.WriteLine(string.Format("Decrypted token_creation: {0}", token.timestamp));

            return(token);
        }
Exemplo n.º 9
0
 public bool post_Http(resultClass token, string path, object JsonObject)
 {
     token.status = -1;
     try
     {
         HttpClient client = new HttpClient();
         client.DefaultRequestHeaders.Accept.Clear();
         client.DefaultRequestHeaders.Add("Accept", "application/json;v=1.0");
         client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.bearer_token);
         var content = new StringContent(JsonConvert.SerializeObject(JsonObject), Encoding.UTF8, "application/json");
         var result  = client.PostAsync(path, content).Result;
         if (result != null)
         {
             if (result.IsSuccessStatusCode)
             {
                 Console.WriteLine("Results found");
                 token.op_result = result.Content.ReadAsStringAsync().Result;
                 token.status    = 0;
                 return(true);
             }
             else
             {
                 Console.Error.Write(result);
                 return(false);
             }
         }
     }
     catch (Exception ex)
     {
         token.status        = -1;
         token.statusMessage = ex.Message;
     }
     return(false);
 }
Exemplo n.º 10
0
        public ScanStatistics getScansStatistics(long scanId, resultClass token)
        {
            ScanStatistics scanStatistics = new ScanStatistics();
            string         path           = String.Empty;

            try
            {
                get    httpGet      = new get();
                secure token_secure = new secure(token);
                token_secure.findToken(token);
                path = token_secure.get_rest_Uri(String.Format(CxConstant.CxScanStatistics, scanId));
                if (token.debug && token.verbosity > 1)
                {
                    Console.WriteLine("API: {0}", path);
                }


                httpGet.get_Http(token, path);
                if (token.status == 0)
                {
                    scanStatistics = JsonConvert.DeserializeObject <ScanStatistics>(token.op_result);
                }
            }
            catch (Exception ex)
            {
                if (token.debug && token.verbosity > 0)
                {
                    Console.Error.WriteLine("getScansStatistics: {0}, Message: {1} Trace: {2}", path, ex.Message, ex.StackTrace);
                }
            }
            return(scanStatistics);
        }
Exemplo n.º 11
0
        public List <ScanObject> getScanbyId(resultClass token, string projectId)
        {
            List <ScanObject> sclass = new List <ScanObject>();
            string            path   = String.Empty;

            try
            {
                get    httpGet      = new get();
                secure token_secure = new secure(token);
                token_secure.findToken(token);
                path = token_secure.get_rest_Uri(String.Format(CxConstant.CxProjectScan, projectId));
                if (token.debug && token.verbosity > 1)
                {
                    Console.WriteLine("API: {0}", path);
                }
                httpGet.get_Http(token, path, 10);
                if (token.status == 0)
                {
                    sclass = JsonConvert.DeserializeObject <List <ScanObject> >(token.op_result);
                }
                else
                {
                    throw new MissingFieldException("Failure to get scan results. Please check token validity and try again");
                }
            }
            catch (Exception ex)
            {
                if (token.debug && token.verbosity > 0)
                {
                    Console.Error.WriteLine("getScan: {0}, Message: {1} Trace: {2}", path, ex.Message, ex.StackTrace);
                }
            }
            return(sclass);
        }
Exemplo n.º 12
0
        public bool GetResultStatus(long report_id, resultClass token)
        {
            string path = String.Empty;

            try
            {
                get    httpGet      = new get();
                secure token_secure = new secure(token);
                token_secure.findToken(token);
                path = token_secure.get_rest_Uri(String.Format(CxConstant.CxReportStatus, report_id));
                if (token.debug && token.verbosity > 1)
                {
                    Console.WriteLine("API: {0}", path);
                }
                httpGet.get_Http(token, path);
                if (token.status == 0)
                {
                    ReportReady ready = JsonConvert.DeserializeObject <ReportReady>(token.op_result);
                    if (ready.Status.Id == 2)
                    {
                        return(true);
                    }
                }
            }
            catch (Exception ex)
            {
                token.status        = -1;
                token.statusMessage = ex.Message;
                if (token.debug && token.verbosity > 0)
                {
                    Console.Error.WriteLine("GetResultStatus: {0}, Message: {1} Trace: {2}", path, ex.Message, ex.StackTrace);
                }
            }
            return(false);
        }
Exemplo n.º 13
0
        public byte[] GetGenaricResult(long report_id, resultClass token)
        {
            string path = String.Empty;

            try
            {
                get httpGet = new get();

                secure token_secure = new secure(token);
                token_secure.findToken(token);
                path = token_secure.get_rest_Uri(String.Format(CxConstant.CxReportFetch, report_id));
                if (token.debug && token.verbosity > 1)
                {
                    Console.WriteLine("API: {0}", path);
                }
                httpGet.get_Http(token, path);
                if (token.status == 0)
                {
                    return(token.byte_result);
                }
            }
            catch (Exception ex)
            {
                token.status        = -1;
                token.statusMessage = ex.Message;
                if (token.debug && token.verbosity > 0)
                {
                    Console.Error.WriteLine("GetGenaricResult: {0}, Message: {1} Trace: {2}", path, ex.Message, ex.StackTrace);
                }
            }
            return(null);
        }
Exemplo n.º 14
0
        private static void Main(string[] args)
        {
            dispatcher dsp = new dispatcher();

            try
            {
                Console.WriteLine(Configuration.getVersion());
                Console.WriteLine(Configuration.getdotNet());
                resultClass token = dsp.dispatch(args);
                if (token.debug)
                {
                    Console.WriteLine("Successful completion.");
                }
                dsp.Elapsed_Time();
                if (token.test)
                {
                    Console.ReadKey();
                }
            }
            catch (Exception ex)
            {
                dsp.Elapsed_Time();
                Console.WriteLine(ex.ToString());
                if (_options.test)
                {
                    Console.ReadKey();
                }
            }
        }
Exemplo n.º 15
0
 public getProjects(resultClass token)
 {
     CxResultStatistics = new Dictionary <long, ScanStatistics>();
     CxSettings         = new Dictionary <long, ScanSettings>();
     CxProjects         = projectId_in_projects(token, token.project_name);
     CxTeams            = get_team_list(token);
     CxPresets          = get_preset_list(token);
 }
Exemplo n.º 16
0
        public static resultClass mono_command_args()
        {
            resultClass token = new resultClass();

            var p = new OptionSet()
            {
                { "t|get_token", "Fetch the bearer token from the CxSAST service",
                  v => token.api_action = api_action.getToken },
                { "c|store_credentials", "Store username and credential in an encrypted file",
                  v => token.api_action = api_action.storeCredentials },
                { "s|scan_results", "Get scan results, filtered by time and project",
                  v => token.api_action = api_action.scanResults },
                { "rn|report_name=", "Select desired report",
                  v => token.report_name = v },
                { "pn|project_name=", "Filter with project name, Will return project if any portion of the project name is a match",
                  v => token.project_name = v },
                { "pi|pipe", "Do not write to file but pipe output to stdout. Useful when using other API's",
                  v => token.pipe = true },
                { "path|file_path=", "Override file path in configuration",
                  v => token.file_path = v },
                { "file|file_name=", "Override file_name in configuration",
                  v => token.file_name = v },
                { "u|user_name=", "The username to use to retreive the token (REST) or session (SOAP)",
                  v => token.user_name = v },
                { "p|password="******"The password needed to retreive the token (REST) or session (SOAP)",
                  v => token.credential = v },
                { "st|start_time=", "Last scan start time",
                  v => token.start_time = DateTime.Parse(v) },
                { "et|end_time=", "Last scan end time",
                  v => token.end_time = DateTime.Parse(v) },
                { "v|verbose", "Change degrees of debugging info",
                  v => token.verbosity++ },
                { "d|debug", "Output debugging info ",
                  v => token.debug = true },
                { "?|h|help", "show you your options",
                  v => token.api_action = api_action.help },
            };

            List <string> extra;

            try
            {
                extra = p.Parse(_keys);
            }
            catch (OptionException e)
            {
                Console.Write("CxApi_Core: ");
                Console.WriteLine(e.Message);
                Console.WriteLine("Try CxApi --help' for more information.");
                token.status = -1;
            }

            if (token.api_action == api_action.help)
            {
                ShowHelp(p);
            }
            return(token);
        }
Exemplo n.º 17
0
 public secure(resultClass token)
 {
     _configuration = Configuration.configuration();
     _cipherService = new CipherService();
     _os            = RuntimeInformation.OSDescription;
     _token         = token;
     _settings      = get_settings();
     _debug         = token.debug;
 }
Exemplo n.º 18
0
 public CxSoapSDK(resultClass token)
 {
     using (secure secure = new secure())
     {
         _settings = secure.get_settings();
     }
     _token = token;
     _debug = token.debug;
 }
Exemplo n.º 19
0
        public void encrypt_Token(resultClass token)
        {
            encryptClass decrypt = get_decrypted_file();

            decrypt.token          = token.bearer_token;
            decrypt.token_creation = token.timestamp.ToString();
            decrypt.token_expires  = token.expiration.ToString();
            set_encrypted_file(decrypt);
            return;
        }
Exemplo n.º 20
0
        /*
         *     public List<ScanObject> projectId_in_scan(List<ScanObject> scans, string project_name)
         *     {
         *         if (String.IsNullOrEmpty(project_name))
         *         {
         *             return scans;
         *         }
         *         List<ScanObject> pclass = new List<ScanObject>();
         *         foreach (ScanObject scan in scans)
         *         {
         *             if (scan.Project.Name.Contains(project_name))
         *             {
         *                 pclass.Add(scan);
         *             }
         *         }
         *         return pclass;
         *     }
         *
         */
        public bool get_result_statistics(resultClass token, long scanId)
        {
            getScans scans = new getScans();

            if (!CxSettings.ContainsKey(scanId))
            {
                ScanStatistics scanStatistics = scans.getScansStatistics(scanId, token);
                CxResultStatistics.Add(scanId, scanStatistics);
            }
            return(true);
        }
Exemplo n.º 21
0
        public bool get_scan_settings(resultClass token, long projectId)
        {
            getScans scans = new getScans();

            if (!CxSettings.ContainsKey(projectId))
            {
                ScanSettings scanSettings = scans.getScanSettings(token, projectId.ToString());
                CxSettings.Add(projectId, scanSettings);
            }
            return(true);
        }
Exemplo n.º 22
0
        private static void Main(string[] args)
        {
            Configuration.configuration(args);
            dispatcher dsp = new dispatcher();

            resultClass token = dsp.dispatch();

            if (token.debug)
            {
                Console.ReadKey();
            }
        }
Exemplo n.º 23
0
        public resultClass encrypt_Credentials()
        {
            if (_token == null)
            {
                _token = new resultClass();
            }
            encryptClass decrypt = get_decrypted_file();

            decrypt.user_name  = _token.user_name;
            decrypt.credential = _token.credential;
            set_encrypted_file(decrypt);
            return(_token);
        }
Exemplo n.º 24
0
 public secure(resultClass token)
 {
     _configuration = Configuration.configuration();
     _cipherService = new CipherService();
     _os            = RuntimeInformation.OSDescription;
     _token         = token;
     _settings      = get_settings();
     _debug         = token.debug;
     if (_debug)
     {
         Console.WriteLine("exe path: {0}", System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location));
     }
 }
Exemplo n.º 25
0
        public resultClass save_credentials(resultClass token)
        {
            secure encrypt = new secure(token);

            if (String.IsNullOrEmpty(token.user_name) || String.IsNullOrEmpty(token.credential))
            {
                Console.Error.WriteLine("username and/or credential cannot be empty strings.");
                token.status = -1;
                return(token);
            }
            encrypt.encrypt_Credentials();
            Console.WriteLine("Credentials stored successfully.");
            token.status = 0;
            return(token);
        }
Exemplo n.º 26
0
        public Dictionary <long, Presets> get_preset_list(resultClass token)
        {
            getScans scans = new getScans();
            Dictionary <long, Presets> result  = new Dictionary <long, Presets>();
            List <Presets>             presets = get_presets(token);

            foreach (Presets p in presets)
            {
                if (!result.ContainsKey(Convert.ToInt64(p.id)))
                {
                    result.Add(Convert.ToInt64(p.id), p);
                }
            }
            return(result);
        }
Exemplo n.º 27
0
        public Dictionary <long, ProjectObject> get_all_projects(resultClass token)
        {
            List <ProjectObject>             projects           = get_projects(token);
            Dictionary <long, ProjectObject> project_dictionary = new Dictionary <long, ProjectObject>();

            foreach (ProjectObject project in projects)
            {
                if (!project_dictionary.ContainsKey(Convert.ToInt64(project.id)))
                {
                    project_dictionary.Add(Convert.ToInt64(project.id), project);
                }
            }

            return(project_dictionary);
        }
Exemplo n.º 28
0
        public Dictionary <string, Teams> get_team_list(resultClass token)
        {
            getScans scans = new getScans();
            Dictionary <string, Teams> result = new Dictionary <string, Teams>();
            List <Teams> tclass = scans.getTeams(token);

            foreach (Teams t in tclass)
            {
                if (!result.ContainsKey(t.id))
                {
                    result.Add(t.id, t);
                }
            }
            return(result);
        }
Exemplo n.º 29
0
 public static HttpClient _HttpClient(resultClass token)
 {
     if (token.use_proxy)
     {
         Uri uri = new Uri(token.proxy_url);
         Console.WriteLine(@"Proxy found {0}://{1}:{2}", uri.Scheme, uri.Host, uri.Port);
         HttpClientHandler handler = new HttpClientHandler()
         {
             Proxy    = new WebProxy(uri),
             UseProxy = true
         };
         if (!String.IsNullOrEmpty(token.proxy_username))
         {
             handler.Credentials = new NetworkCredential(token.proxy_username, token.proxy_password, token.proxy_domain);
             if (token.debug)
             {
                 Console.WriteLine(@"Using proxy {0} with credentials {1}\\{2}", token.proxy_url, token.proxy_domain, token.proxy_username);
             }
         }
         else if (token.proxy_use_default)
         {
             string[] domain = token.user_name.Replace(@"\\", "").Split('\\');
             if (domain.Length == 1)
             {
                 handler.Credentials = new NetworkCredential(domain[0], token.credential);
                 if (token.debug)
                 {
                     Console.WriteLine(@"Using proxy {0} with credentials {1}", token.proxy_url, domain[0]);
                 }
             }
             else
             {
                 handler.Credentials = new NetworkCredential(domain[1], token.credential, domain[0]);
                 if (token.debug)
                 {
                     Console.WriteLine(@"Using proxy {0} with credentials {1}\\{2}", token.proxy_url, domain[0], domain[1]);
                 }
             }
         }
         HttpClient httpclient = new HttpClient(handler, true);
         Console.WriteLine(@"Proxy configuration {0}", handler.Proxy.GetProxy(new Uri(token.CxUrl)));
         return(httpclient);
     }
     else
     {
         return(new HttpClient());
     }
 }
Exemplo n.º 30
0
        public ScanStatistics getScansStatistics(long scanId, resultClass token)
        {
            get            httpGet        = new get();
            ScanStatistics scanStatistics = new ScanStatistics();
            secure         token_secure   = new secure(token);

            token_secure.findToken(token);
            string path = token_secure.get_rest_Uri(String.Format(CxConstant.CxScanStatistics, scanId));

            httpGet.get_Http(token, path);
            if (token.status == 0)
            {
                scanStatistics = JsonConvert.DeserializeObject <ScanStatistics>(token.op_result);
            }
            return(scanStatistics);
        }