Exemplo n.º 1
0
        static void ProcessBurpMessage(string BurpMessage, string MetaLine)
        {
            string[] BurpMessageParts = BurpMessage.Split(new string[] { "\r\n======================================================\r\n" }, 2, StringSplitOptions.RemoveEmptyEntries);
            Session  IrSe             = null;

            if (BurpMessageParts.Length > 0)
            {
                Request Req = ReadBurpRequest(BurpMessageParts[0], MetaLine);
                if (Req != null)
                {
                    IrSe    = new Session(Req);
                    IrSe.ID = Interlocked.Increment(ref Config.ProxyRequestsCount);
                    IronUpdater.AddProxyRequest(IrSe.Request.GetClone(true));
                    PassiveChecker.AddToCheckRequest(IrSe);
                }
            }
            if (BurpMessageParts.Length == 2)
            {
                if (IrSe != null)
                {
                    try
                    {
                        Response Res = new Response(BurpMessageParts[1]);
                        IrSe.Response    = Res;
                        IrSe.Response.ID = IrSe.Request.ID;
                        IronUpdater.AddProxyResponse(IrSe.Response.GetClone(true));
                        PassiveChecker.AddToCheckResponse(IrSe);
                    }
                    catch
                    {
                    }
                }
            }
        }
Exemplo n.º 2
0
 static void AddImportedResponseToIronWASP(Response Res, Session IrSe)
 {
     IrSe.Response    = Res;
     IrSe.Response.ID = IrSe.Request.ID;
     IronUpdater.AddProxyResponse(IrSe.Response.GetClone(true));
     PassiveChecker.AddToCheckResponse(IrSe);
 }
Exemplo n.º 3
0
 public void Report()
 {
     if (IsSignatureUnique(this.Plugin, this.AffectedHost, this.Type, this.Signature, true))
     {
         IronUpdater.AddPluginResult(this);
     }
 }
Exemplo n.º 4
0
        static Session AddImportedRequestToIronWASP(Request Req)
        {
            Session IrSe = new Session(Req);

            IrSe.ID = Interlocked.Increment(ref Config.ProxyRequestsCount);
            IronUpdater.AddProxyRequest(IrSe.Request.GetClone(true));
            PassiveChecker.AddToCheckRequest(IrSe);
            return(IrSe);
        }
Exemplo n.º 5
0
 internal void Report()
 {
     if (this.Type.Equals("Normal"))
     {
         IronUpdater.AddTrace(this);
     }
     else
     {
         IronUpdater.AddScanTrace(this);
     }
 }
Exemplo n.º 6
0
        void Crawl(Request Req, int Depth, bool Scraped)
        {
            if (Stopped)
            {
                return;
            }
            if (Depth > MaxDepth)
            {
                return;
            }
            if (WasCrawled(Req))
            {
                return;
            }
            if (!CanCrawl(Req))
            {
                return;
            }

            lock (PageSignatures)
            {
                PageSignatures.Add(GetPageSignature(Req));
            }

            Req.Source = RequestSource.Probe;
            Req.SetCookie(Cookies);
            if (UserAgent.Length > 0)
            {
                Req.Headers.Set("User-Agent", UserAgent);
            }
            if (SpecialHeader[0] != null)
            {
                Req.Headers.Set(SpecialHeader[0], SpecialHeader[1]);
            }
            if (Stopped)
            {
                return;
            }
            Response Res = Req.Send();

            if (Stopped)
            {
                return;
            }
            Cookies.Add(Req, Res);
            bool Is404File = IsA404(Req, Res);

            if (!Res.IsHtml)
            {
                return;
            }

            if (Depth + 1 > MaxDepth)
            {
                return;
            }
            List <Request> Redirects = GetRedirects(Req, Res);

            foreach (Request Redirect in Redirects)
            {
                AddToCrawlQueue(Redirect, Depth + 1, true);
            }
            List <Request> LinkClicks = GetLinkClicks(Req, Res);

            foreach (Request LinkClick in LinkClicks)
            {
                AddToCrawlQueue(LinkClick, Depth + 1, true);
            }

            List <Request> FormSubmissions = GetFormSubmissions(Req, Res);

            foreach (Request FormSubmission in FormSubmissions)
            {
                AddToCrawlQueue(FormSubmission, Depth + 1, true);
            }

            Request DirCheck = Req.GetClone();

            DirCheck.Method = "GET";
            DirCheck.Body.RemoveAll();
            DirCheck.Url = DirCheck.UrlDir;

            if (!Req.Url.EndsWith("/"))
            {
                AddToCrawlQueue(DirCheck, Depth + 1, false);
            }

            if (PerformDirAndFileGuessing && !Is404File)
            {
                foreach (string File in FileNamesToCheck)
                {
                    Request FileCheck = DirCheck.GetClone();
                    FileCheck.Url = FileCheck.Url + File;
                    AddToCrawlQueue(FileCheck, Depth + 1, false);
                }

                foreach (string Dir in DirNamesToCheck)
                {
                    Request DirectoryCheck = DirCheck.GetClone();
                    DirectoryCheck.Url = DirectoryCheck.Url + Dir + "/";
                    AddToCrawlQueue(DirectoryCheck, Depth + 1, false);
                }
            }
            if (Stopped)
            {
                return;
            }
            if (Scraped || !Is404File)
            {
                lock (CrawledRequests)
                {
                    CrawledRequests.Enqueue(Req);
                }
                IronUpdater.AddToSiteMap(Req);
            }
        }