public void Run(IScriptableComponent component) { int i = 0, j = 0, hits = 0; //int Red = -65536; //fu system.drawing cant be found... Form1 f = component.Parent; string pDir = Path.GetDirectoryName(f.txtPcap.Text); string rep = pDir + "\\sqli.txt"; if (File.Exists(rep)) { File.Delete(rep); } StreamWriter w = File.AppendText(rep); foreach (TreeNode n in f.tv.Nodes) { i++; f.setpb(i, f.tv.Nodes.Count, 1); n.Checked = false; foreach (TreeNode nn in n.Nodes) { j++; f.setpb(j, n.Nodes.Count, 2); nn.Checked = false; DataBlock db = (DataBlock)nn.Tag; if (db.LoadData()) { string body = db.GetBody(); string fl = db.HttpFirstLine; if (body.IndexOf("SqlException", StringComparison.CurrentCultureIgnoreCase) > 0) { //mssql and oracle f.setNodeColor(nn, 1); f.setNodeColor(n, 2); w.Write("SQLException Found in: " + n.Text + "\r\n" + nn.Text + "\r\n\r\n"); hits++; nn.Checked = true; } else if (body.IndexOf("SQL syntax", StringComparison.CurrentCultureIgnoreCase) > 0) { //mysql f.setNodeColor(nn, 1); f.setNodeColor(n, 2); w.Write("SQLException Found in: " + n.Text + "\r\n" + nn.Text + "\r\n\r\n"); hits++; nn.Checked = true; } //if (AnyInstr(fl,"500,408,401,403")) //error,timeout,unauthorized,forbidden //413 Entity to large? 405 Method Not Allowed if (AnyInstr(fl, "500,408,401")) { f.setNodeColor(nn, 1); f.setNodeColor(n, 2); w.Write("Http Error code found in: " + n.Text + "\r\n" + nn.Text + "\r\n\r\n"); hits++; nn.Checked = true; } db.FreeData(); } } } f.pb.Value = 0; f.pb2.Value = 0; w.Close(); if (hits > 0) { MessageBox.Show(hits.ToString() + " results found. The nodes have been checked.\n\nYou can prune tree using right click menu"); } else { MessageBox.Show("quick scan had no results..."); } }
public void Run(IScriptableComponent component) { int i = 0, j = 0, hits = 0; Form1 f = component.Parent; string pDir = Path.GetDirectoryName(f.txtPcap.Text); string rep = pDir + "\\exploits.txt"; //if (File.Exists(rep)) File.Delete(rep); StreamWriter w = File.AppendText(rep); foreach (TreeNode n in f.tv.Nodes) { i++; f.setpb(i, f.tv.Nodes.Count, 1); n.Checked = false; foreach (TreeNode nn in n.Nodes) { j++; f.setpb(j, n.Nodes.Count, 2); nn.Checked = false; DataBlock db = (DataBlock)nn.Tag; if (db.LoadData()) { string fl = db.HttpFirstLine; //response codes that may indicate a problem to look at... if (db.DataType == DataBlock.DataTypes.dtHttpResp) { if (AnyInstr(fl, "500,408,401,403,413,405,400")) //error,timeout,unauthorized,forbidden,413 Entity to large,405 Method Not Allowed, 400 bad req { f.setNodeColor(nn, 1); f.setNodeColor(n, 2); w.Write("Http Error code found in: " + n.Text + "\r\n" + nn.Text + "\r\n\r\n"); hits++; nn.Checked = true; } } //http requests to flag as suspecious.. if (db.DataType == DataBlock.DataTypes.dtHttpReq) { string body = db.GetBody(); if (body.IndexOf("SqlException", StringComparison.CurrentCultureIgnoreCase) > 0) { //mssql and oracle f.setNodeColor(nn, 1); f.setNodeColor(n, 2); w.Write("SQLException Found in: " + n.Text + "\r\n" + nn.Text + "\r\n\r\n"); hits++; nn.Checked = true; } //if (AnyInstr(fl,"500,408,401,403")) //error,timeout,unauthorized,forbidden //413 Entity to large? 405 Method Not Allowed if (AnyInstr(fl, "..,script,bak,~,java.lang,jboss.,%252e,passwd,2d%64+%61")) { f.setNodeColor(nn, 1); f.setNodeColor(n, 2); w.Write("Http Error code found in: " + n.Text + "\r\n" + nn.Text + "\r\n\r\n"); hits++; nn.Checked = true; } } db.FreeData(); } } } f.pb.Value = 0; f.pb2.Value = 0; w.Close(); if (hits > 0) { MessageBox.Show(hits.ToString() + " results found. The nodes have been checked.\n\nYou can prune tree using right click menu"); } else { MessageBox.Show("quick scan had no results..."); } }