Exemplo n.º 1
0
        static List<LogRow> SearchDB(string DataSource, string CmdString, LogSearchQuery Query)
        {
            List<LogRow> IronLogRecords = new List<LogRow>();
            using(SQLiteConnection DB = new SQLiteConnection(DataSource))
            {
            DB.Open();
            using (SQLiteCommand cmd = DB.CreateCommand())
            {
                cmd.CommandText = CmdString;
                if (Query.UrlMatchString.Length > 0)
                {
                    cmd.Parameters.AddWithValue("@UrlMatchKeyword", GetUrlSearchQueryValuePart(Query.UrlMatchMode, Query.UrlMatchString));
                }
                if (Query.Keyword.Length > 0)
                {
                    cmd.Parameters.AddWithValue("@Keyword", string.Format("%{0}%", Query.Keyword));
                }

                if (Query.MethodsToCheck.Count > 0)
                {
                    for (int i = 0; i < Query.MethodsToCheck.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@Method{0}", i), Query.MethodsToCheck[i]);
                    }
                }
                else if (Query.MethodsToIgnore.Count > 0)
                {
                    for (int i = 0; i < Query.MethodsToIgnore.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@Method{0}", i), Query.MethodsToIgnore[i]);
                    }
                }

                if (Query.HostNamesToCheck.Count > 0)
                {
                    for (int i = 0; i < Query.HostNamesToCheck.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@HostName{0}", i), Query.HostNamesToCheck[i]);
                    }
                }
                else if (Query.HostNamesToIgnore.Count > 0)
                {
                    for (int i = 0; i < Query.HostNamesToIgnore.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@HostName{0}", i), Query.HostNamesToIgnore[i]);
                    }
                }

                if (Query.CodesToCheck.Count > 0)
                {
                    for (int i = 0; i < Query.CodesToCheck.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@Code{0}", i), Query.CodesToCheck[i]);
                    }
                }
                else if (Query.CodesToIgnore.Count > 0)
                {
                    for (int i = 0; i < Query.CodesToIgnore.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@Code{0}", i), Query.CodesToIgnore[i]);
                    }
                }

                if (Query.FileExtensionsToCheck.Count > 0)
                {
                    for (int i = 0; i < Query.FileExtensionsToCheck.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@File{0}", i), Query.FileExtensionsToCheck[i]);
                    }
                }
                else if (Query.FileExtensionsToIgnore.Count > 0)
                {
                    for (int i = 0; i < Query.FileExtensionsToIgnore.Count; i++)
                    {
                        cmd.Parameters.AddWithValue(string.Format("@File{0}", i), Query.FileExtensionsToIgnore[i]);
                    }
                }

                using (SQLiteDataReader result = cmd.ExecuteReader())
                {
                    while (result.Read())
                    {
                        try
                        {
                            LogRow LR = new LogRow();
                            try { LR.ID = Int32.Parse(result["ID"].ToString()); }
                            catch { continue; }
                            LR.Host = result["HostName"].ToString();
                            LR.Method = result["Method"].ToString();
                            LR.Url = result["URL"].ToString();
                            LR.File = result["File"].ToString();
                            LR.SSL = result["SSL"].ToString().Equals("1");
                            LR.Parameters = result["Parameters"].ToString();
                            try
                            { LR.Code = Int32.Parse(result["Code"].ToString()); }
                            catch { LR.Code = -1; }
                            try
                            { LR.Length = Int32.Parse(result["Length"].ToString()); }
                            catch { LR.Length = 0; }
                            LR.Mime = result["MIME"].ToString();
                            LR.SetCookie = result["SetCookie"].ToString().Equals("1");
                            IronLogRecords.Add(LR);
                        }
                        catch { }
                    }
                }
            }
            }
            return IronLogRecords;
        }
Exemplo n.º 2
0
 static List<LogRow> GetRecordsFromDBForUrl(string DataSource, string CmdString, string Host, string Url, string LogType, int StartIndex, int Count)
 {
     List<LogRow> IronLogRecords = new List<LogRow>();
     using(SQLiteConnection DB = new SQLiteConnection(DataSource))
     {
     DB.Open();
     using (SQLiteCommand cmd = DB.CreateCommand())
     {
         cmd.CommandText = CmdString;
         cmd.Parameters.AddWithValue("@HostName", Host);
         cmd.Parameters.AddWithValue("@URL", Url);
         cmd.Parameters.AddWithValue("@ID", StartIndex);
         cmd.Parameters.AddWithValue("@LIMIT", Count);
         using (SQLiteDataReader result = cmd.ExecuteReader())
         {
             while (result.Read())
             {
                 try
                 {
                     LogRow LR = new LogRow();
                     try { LR.ID = Int32.Parse(result["ID"].ToString()); }
                     catch { continue; }
                     if (LogType.Equals("proxy"))
                         LR.Source = "Proxy";
                     else if (LogType.Equals("probe"))
                         LR.Source = "Probe";
                     else
                         break;
                     LR.Host = Host;
                     LR.Method = result["Method"].ToString();
                     LR.Url = result["URL"].ToString();
                     LR.File = result["File"].ToString();
                     LR.SSL = result["SSL"].ToString().Equals("1");
                     LR.Parameters = result["Parameters"].ToString();
                     try
                     { LR.Code = Int32.Parse(result["Code"].ToString()); }
                     catch { LR.Code = -1; }
                     try
                     { LR.Length = Int32.Parse(result["Length"].ToString()); }
                     catch { LR.Length = 0; }
                     LR.Mime = result["MIME"].ToString();
                     LR.SetCookie = result["SetCookie"].ToString().Equals("1");
                     try
                     {
                         LR.RoundTrip = Int32.Parse(result["RoundTrip"].ToString());
                     }
                     catch { }
                     IronLogRecords.Add(LR);
                 }
                 catch { }
             }
         }
     }
     }
     return IronLogRecords;
 }
Exemplo n.º 3
0
        internal static bool CanScan(LogRow Row, string Source)
        {
            if (!Row.Host.Equals(HostName, StringComparison.OrdinalIgnoreCase))
            {
                return(false);
            }
            if (UrlPattern.EndsWith("*"))
            {
                string Url = UrlPattern.TrimEnd(new char[] { '*' });
                if (!Row.Url.StartsWith(Url, StringComparison.OrdinalIgnoreCase))
                {
                    return(false);
                }
            }
            else
            {
                if (!Row.Url.Equals(UrlPattern, StringComparison.OrdinalIgnoreCase))
                {
                    return(false);
                }
            }
            if (!HTTPS)
            {
                if ((bool)Row.SSL)
                {
                    return(false);
                }
            }
            if (!HTTP)
            {
                if (!(bool)Row.SSL)
                {
                    return(false);
                }
            }
            switch (Row.Method)
            {
            case "POST":
                if (!SelectPOST)
                {
                    return(false);
                }
                break;

            case "GET":
                if (!SelectGET)
                {
                    return(false);
                }
                break;

            default:
                if (!SelectOtherMethods)
                {
                    return(false);
                }
                break;
            }

            if (SelectCheckFileExtensions)
            {
                string FileExtension = Row.File;

                if (SelectCheckFileExtensions && FileExtension.Length > 0)
                {
                    if (SelectCheckFileExtensionsPlus && SelectFileExtensions.Count > 0)
                    {
                        bool Match = false;
                        foreach (string File in SelectFileExtensions)
                        {
                            if (FileExtension.Equals(File, StringComparison.InvariantCultureIgnoreCase))
                            {
                                Match = true;
                                break;
                            }
                        }
                        if (!Match)
                        {
                            return(false);
                        }
                    }
                    if (SelectCheckFileExtensionsMinus && DontSelectFileExtensions.Count > 0)
                    {
                        foreach (string File in DontSelectFileExtensions)
                        {
                            if (FileExtension.Equals(File, StringComparison.InvariantCultureIgnoreCase))
                            {
                                return(false);
                            }
                        }
                    }
                }
            }

            //Response based checks start. Return true if any values are null as the response field would be empty by the request would be valid
            if (Row.Code == 0)
            {
                return(true);
            }

            int Code = Row.Code;

            switch (Code)
            {
            case 200:
                if (!Select200)
                {
                    return(false);
                }
                break;

            case 301:
            case 302:
                if (!Select301_2)
                {
                    return(false);
                }
                break;

            case 304:
                if (!Select304)
                {
                    return(false);
                }
                break;

            case 403:
                if (!Select403)
                {
                    return(false);
                }
                break;

            case 500:
                if (!Select500)
                {
                    return(false);
                }
                break;

            default:
                if (Code > 199 && Code < 300)
                {
                    if (!Select2xx)
                    {
                        return(false);
                    }
                }
                else if (Code > 299 && Code < 400)
                {
                    if (!Select3xx)
                    {
                        return(false);
                    }
                }
                else if (Code > 399 && Code < 500)
                {
                    if (!Select500)
                    {
                        return(false);
                    }
                }
                else if (Code > 499 && Code < 600)
                {
                    if (!Select5xx)
                    {
                        return(false);
                    }
                }
                break;
            }


            string ContentType = Row.Mime;

            if (ContentType != null)
            {
                if (ContentType.ToLower().Contains("html"))
                {
                    if (!SelectHTML)
                    {
                        return(false);
                    }
                }
                else if (ContentType.ToLower().Contains("css"))
                {
                    if (!SelectCSS)
                    {
                        return(false);
                    }
                }
                else if (ContentType.ToLower().Contains("javascript"))
                {
                    if (!SelectJS)
                    {
                        return(false);
                    }
                }
                else if (ContentType.ToLower().Contains("xml"))
                {
                    if (!SelectXML)
                    {
                        return(false);
                    }
                }
                else if (ContentType.ToLower().Contains("json"))
                {
                    if (!SelectJSON)
                    {
                        return(false);
                    }
                }
                else if (ContentType.ToLower().Contains("text"))
                {
                    if (!SelectOtherText)
                    {
                        return(false);
                    }
                }
                else if (ContentType.ToLower().Contains("jpg") || ContentType.ToLower().Contains("png") || ContentType.ToLower().Contains("jpeg") || ContentType.ToLower().Contains("gif") || ContentType.ToLower().Contains("ico"))
                {
                    if (!SelectImg)
                    {
                        return(false);
                    }
                }
                else
                {
                    if (!SelectOtherBinary)
                    {
                        return(false);
                    }
                }
            }
            return(true);
        }
Exemplo n.º 4
0
 static List<LogRow> GetRecordsFromDB(string DataSource, string CmdString, string LogType, int StartIndex, int Count)
 {
     List<LogRow> IronLogRecords = new List<LogRow>();
     SQLiteConnection DB = new SQLiteConnection(DataSource);
     DB.Open();
     try
     {
         SQLiteCommand cmd = DB.CreateCommand();
         cmd.CommandText = CmdString;
         cmd.Parameters.AddWithValue("@ID", StartIndex);
         cmd.Parameters.AddWithValue("@LIMIT", Count);
         SQLiteDataReader result = cmd.ExecuteReader();
         while (result.Read())
         {
             try
             {
                 LogRow LR = new LogRow();
                 try { LR.ID = Int32.Parse(result["ID"].ToString()); }
                 catch { continue; }
                 if (LogType.Equals("scan"))
                 {
                     try { LR.ScanID = Int32.Parse(result["ScanID"].ToString()); }
                     catch { continue; }
                 }
                 if (LogType.Equals("proxy"))LR.Editied = result["Edited"].ToString().Equals("1");
                 LR.Host = result["HostName"].ToString();
                 LR.Method = result["Method"].ToString();
                 LR.Url = result["URL"].ToString();
                 LR.File = result["File"].ToString();
                 LR.SSL = result["SSL"].ToString().Equals("1");
                 LR.Parameters = result["Parameters"].ToString();
                 try
                 { LR.Code = Int32.Parse(result["Code"].ToString()); }
                 catch { LR.Code = -1; }
                 try
                 { LR.Length = Int32.Parse(result["Length"].ToString()); }
                 catch { LR.Length = 0; }
                 LR.Mime = result["MIME"].ToString();
                 LR.SetCookie = result["SetCookie"].ToString().Equals("1");
                 IronLogRecords.Add(LR);
             }
             catch { }
         }
         result.Close();
     }
     catch (Exception Exp)
     {
         DB.Close();
         throw Exp;
     }
     DB.Close();
     return IronLogRecords;
 }
Exemplo n.º 5
0
 internal static List<LogRow> GetTestLogRecords(int StartID)
 {
     List<LogRow> MTLogRecords = new List<LogRow>();
     SQLiteConnection DB = new SQLiteConnection("data source=" + TestLogFile);
     DB.Open();
     SQLiteCommand cmd = DB.CreateCommand();
     cmd.CommandText = "SELECT ID, SSL, HostName, Method, URL, File, Parameters, Code, Length, MIME, SetCookie FROM TestLog WHERE ID > @StartID LIMIT 1000";
     cmd.Parameters.AddWithValue("@StartID", StartID);
     SQLiteDataReader result = cmd.ExecuteReader();
     while (result.Read())
     {
         LogRow LR = new LogRow();
         try { LR.ID = Int32.Parse(result["ID"].ToString()); }
         catch { continue; }
         LR.Host = result["HostName"].ToString();
         LR.Method = result["Method"].ToString();
         LR.Url = result["URL"].ToString();
         LR.File = result["File"].ToString();
         LR.SSL = result["SSL"].ToString().Equals("1");
         LR.Parameters = result["Parameters"].ToString();
         try
         { LR.Code = Int32.Parse(result["Code"].ToString()); }
         catch { LR.Code = -1; }
         try
         { LR.Length = Int32.Parse(result["Length"].ToString()); }
         catch { LR.Length = 0; }
         LR.Mime = result["MIME"].ToString();
         LR.SetCookie = result["SetCookie"].ToString().Equals("1");
         MTLogRecords.Add(LR);
     }
     result.Close();
     DB.Close();
     return MTLogRecords;
 }