Пример #1
0
        private IList <IInjectionStrategy> createInjectionStrategies(Type type)
        {
            var result = new List <IInjectionStrategy>();

            if (type.IsAbstract)
            {
                throw new MiniocException(string.Format("Type {0} is abstract, cannot instantiate", type));
            }
            if (type.IsInterface)
            {
                throw new MiniocException(string.Format("Type {0} is an interface, cannot instantiate", type));
            }
            if (type.IsPrimitive || type.IsEnum)
            {
                return(new List <IInjectionStrategy> {
                    new PrimitiveInjectionStrategy()
                });
            }

            IInjectionStrategy propertiesStrategy = tryInjectProperties(type);

            if (!propertiesStrategy.IsVoid())
            {
                result.Add(propertiesStrategy);
            }

            IInjectionStrategy methodsStrategy = tryInjectMethods(type);

            if (!methodsStrategy.IsVoid())
            {
                result.Add(methodsStrategy);
            }

            return(result);
        }
Пример #2
0
 public static string GetData(string placeholder,IInjectionStrategy injectionStrategy)
 {
     switch (placeholder)
     {
         case "SelectedDb":
             return injectionStrategy.SelectedDb;
         case "SelectedTable":
             return injectionStrategy.SelectedTable;
         default:
             return string.Empty;
     }
 }
Пример #3
0
        public static string GetData(string placeholder, IInjectionStrategy injectionStrategy)
        {
            switch (placeholder)
            {
            case "SelectedDb":
                return(injectionStrategy.SelectedDb);

            case "SelectedTable":
                return(injectionStrategy.SelectedTable);

            default:
                return(string.Empty);
            }
        }
Пример #4
0
        private void PopulateExploits(string dbms, IInjectionStrategy injectionStrategy)
        {
            string        xpath = "";
            StringBuilder sb    = new StringBuilder();

            sb.Append("/exploits/exploit[@dbms = \"");
            sb.Append(dbms);
            sb.Append("\" and @injection-strategy = \"");
            sb.Append(injectionStrategy != null ? injectionStrategy.GetType().Name : string.Empty);
            sb.Append("\"]");
            xpath = sb.ToString();

            cbExploits.DataContext = XmlHelpers.GetValuesFromDocByXpath(FileHelpers.GetCurrentDirectory() + "\\xml\\exploits.xml",
                                                                        xpath, "user-friendly-name");
        }
Пример #5
0
        protected DepedencyInjectionFactoryService(IComponentContext resolver, IInjectionStrategy injectionStrat)
        {
            if (resolver == null)
            {
                throw new ArgumentNullException(nameof(resolver), $"Provided {nameof(IComponentContext)} service provided is null.");
            }

            if (injectionStrat == null)
            {
                throw new ArgumentNullException(nameof(injectionStrat), $"Provided {nameof(IInjectionStrategy)} service provided is null.");
            }

            InjectionStrategy = injectionStrat;
            ResolverService   = resolver;
        }
Пример #6
0
        public static void ChangeMappingFileAttributeValue(string mappingFile, string elementXpath, string attributeName, string discoveredValue,
                                                           IInjectionStrategy injectionStrategy, string dbmsName)
        {
            XDocument document = null;
            string    error    = string.Empty;

            if (!CreateOrLoadMappingFile(mappingFile, injectionStrategy, dbmsName, ref error, out document))
            {
                return;//TODO: write message to UI
            }
            bool save = true;

            var element = document.XPathSelectElement(elementXpath);

            if (element != null)
            {
                var attribute = element.Attribute(attributeName);
                if (attribute != null)
                {
                    attribute.Value = discoveredValue;
                }
                else
                {
                    element.Add(new XAttribute(attributeName, discoveredValue));
                }
            }
            else
            {
                element = document.XPathSelectElement(elementXpath.Substring(0, elementXpath.LastIndexOf("/")));
                if (element != null)
                {
                    int last = elementXpath.LastIndexOf("/");
                    element.Add(new XElement(elementXpath.Substring(last, elementXpath.Length - last), new XAttribute(attributeName, discoveredValue)));
                }
                else
                {
                    save = false;
                }
            }
            if (save)
            {
                document.Save(mappingFile);
            }
        }
Пример #7
0
 public DLLInjector(InjectionMethod injectionMethod)
 {
     this._injectionStrategy = InjectionStrategyFactory.Create(injectionMethod);
 }
Пример #8
0
 public ContextualGameObjectDependencyBuilder(IComponentContext defaultResolver, IInjectionStrategy injectionStrategy)
     : base(defaultResolver, injectionStrategy)
 {
     ServiceMap = new Dictionary <Type, Func <IComponentContext, object> >(5);
 }
Пример #9
0
 public DLLInjector(InjectionMethod injectionMethod)
 {
     _injectionStrategy = InjectionStrategyFactory.Create(injectionMethod);
 }
Пример #10
0
        public static bool CreateOrLoadMappingFile(string mappingFile, IInjectionStrategy injectionStrategy,
                                                   string dbmsName, ref string error, out XDocument doc)
        {
            bool      outcome  = true;
            XDocument document = null;

            if (!File.Exists(mappingFile))
            {
                var file = File.Create(mappingFile);
                file.Dispose();
            }
            else
            {
                try
                {
                    document = XDocument.Load(mappingFile);
                }
                catch (Exception ex)
                {
                    //TODO: do something
                }
            }

            try
            {
                if (document == null || (document != null && document.Element("map") == null))
                {
                    //create xml document from scratch
                    document = new XDocument(
                        new XElement("map",

                                     new XElement("vulnerable-url", injectionStrategy.Url),
                                     new XElement("injection-strategy",

                                                  new XAttribute("name", injectionStrategy.GetType().Name),
                                                  new XElement("columns",
                                                               new List <XElement>()
                    {
                        new XElement("originalquery", injectionStrategy.NrColumnsInOriginalQuery),
                        new XElement("resultinghtml", injectionStrategy.NumberOfResultsPerRequest),
                        new XElement("indexes",
                                     ListHelpers.ListToCommaSeparatedValues(injectionStrategy.ColumnIndexes)),
                    })),

                                     new XElement("dbms", new XAttribute("name", dbmsName),
                                                  new XElement("users", "")
                                                  ),
                                     new XElement("databases", "")
                                     )
                        );

                    //save constructed document
                    document.Save(mappingFile);
                }
            }
            catch (Exception ex)
            {
                error   = ex.Message;
                outcome = false;
            }

            doc = document;
            return(outcome);
        }
Пример #11
0
 public DefaultGameObjectFactory(IComponentContext resolver, IInjectionStrategy injectionStrat)
     : base(resolver, injectionStrat)
 {
 }
Пример #12
0
        public static bool SaveToMappingFile(string mappingFile, PayloadDetails payloadDetails, string discoveredValue, IInjectionStrategy strategy,
                                             string dbmsName)
        {
            if (string.IsNullOrEmpty(payloadDetails.NodeToMapTo))
            {
                return(false);
            }

            XDocument document = null;
            string    error    = string.Empty;

            if (!CreateOrLoadMappingFile(mappingFile, strategy, dbmsName, ref error, out document))
            {
                return(false);//TODO: write message to UI
            }
            var element = document.XPathSelectElement(CreateProperMapToNodeFinderXpath(payloadDetails, strategy));

            if (element.XPathSelectElement(CreateProperMapToNodeCreatorXpath(payloadDetails, discoveredValue)) == null)
            {
                if (!string.IsNullOrEmpty(payloadDetails.AttributeToMapTo))
                {
                    element.Add(
                        new XElement(payloadDetails.NodeToMapTo, new XAttribute(payloadDetails.AttributeToMapTo, discoveredValue))
                        );
                }
                else
                {
                    element.Add(new XElement(payloadDetails.NodeToMapTo, discoveredValue));
                }

                //For simplicity, I just use the Save() method to overwrite the current .xml file
                document.Save(mappingFile);
                return(true);
            }
            return(false);
        }
Пример #13
0
        private void btnOverrideCurrentSettings_Click(object sender, RoutedEventArgs e)
        {
            string mappingFile = txtMappingFile.Text.Trim();

            if (!string.IsNullOrEmpty(mappingFile))
            {
                if (!File.Exists(mappingFile))
                {
                    MessageBox.Show("Could not load file");
                    return;
                }

                string injectionStrategyTypeName = XmlHelpers.GetAttributeValueFromDoc <string>(mappingFile, "/map/injection-strategy", "name",
                                                                                                string.Empty);

                int injectionStrategyNrOriginalQueryCols = XmlHelpers.GetElementValueFromDoc <int>(mappingFile,
                                                                                                   "/map/injection-strategy/columns/originalquery", 0);

                int injectionStrategyNrHtmlCols = XmlHelpers.GetElementValueFromDoc <int>(mappingFile,
                                                                                          "/map/injection-strategy/columns/resultinghtml", 0);

                string injectionStrategyColumnIndexes = XmlHelpers.GetElementValueFromDoc <string>(mappingFile,
                                                                                                   "/map/injection-strategy/columns/indexes", string.Empty);


                string vulnerableUrl = XmlHelpers.GetElementValueFromDoc <string>(mappingFile, "/map/vulnerable-url", string.Empty);

                string dbms = XmlHelpers.GetAttributeValueFromDoc <string>(mappingFile, "/map/dbms", "name",
                                                                           string.Empty);

                IInjectionStrategy strategy = _injectionStrategies.Where(i => i.GetType().Name == injectionStrategyTypeName).FirstOrDefault();
                if (strategy != null)
                {
                    cbCurrentInjectionStrategy.SelectedValue = strategy.DisplayName;
                }
                if (_currentInjectionStrategy != null)
                {
                    if (!string.IsNullOrEmpty(vulnerableUrl))
                    {
                        txtUrl.Text = vulnerableUrl;
                        UrlOrStrategyChange();
                        //ParameterChange();
                    }
                    _currentInjectionStrategy.NrColumnsInOriginalQuery  = injectionStrategyNrOriginalQueryCols;
                    _currentInjectionStrategy.NumberOfResultsPerRequest = injectionStrategyNrHtmlCols;
                    _currentInjectionStrategy.ColumnIndexes             = ListHelpers.CommaSeparatedValuesToList <int>(injectionStrategyColumnIndexes);
                }

                if (!string.IsNullOrEmpty(dbms))
                {
                    cbDbms.SelectedValue = dbms;
                }

                var databasesElem = XmlHelpers.GetXmlElementViaXpath(mappingFile, "/map/databases");
                if (databasesElem != null)
                {
                    var newRootElement = UIHelpers.ClearTreeView(tvDs);

                    UIHelpers.BuildNodes(newRootElement, databasesElem);

                    #region different approach
                    //    XmlDataProvider dataProvider = this.FindResource("xmlDataProvider") as XmlDataProvider;
                    //    var bindDoc = new XmlDocument();
                    //    var reader = databasesElem.CreateReader();
                    //    reader.MoveToContent();
                    //    bindDoc.LoadXml(reader.ReadOuterXml());
                    //    dataProvider.Document = bindDoc;
                    #endregion different approach
                }
            }
        }
Пример #14
0
 private void cbCurrentInjectionStrategy_SelectionChanged(object sender, System.Windows.Controls.SelectionChangedEventArgs e)
 {
     _currentInjectionStrategy = (IInjectionStrategy)_injectionStrategies[cbCurrentInjectionStrategy.SelectedIndex];
     UrlOrStrategyChange();
     //ParameterChange();
 }
Пример #15
0
        public static string CreateProperMapToNodeFinderXpath(PayloadDetails payloadDetails, IInjectionStrategy strategy)
        {
            string result = string.Empty;

            result = payloadDetails.ParentNodeToMapTo;

            string[] replaceVars = payloadDetails.MapToParams.Split(',');

            for (int i = 0; i < replaceVars.Count(); i++)
            {
                result = result.Replace("{" + i + "}", PayloadHelpers.GetData(replaceVars[i], strategy));
            }

            return(result);
        }
Пример #16
0
        private void PopulateExploits(string dbms, IInjectionStrategy injectionStrategy)
        {
            string xpath = "";
            StringBuilder sb = new StringBuilder();
            sb.Append("/exploits/exploit[@dbms = \"");
            sb.Append(dbms);
            sb.Append("\" and @injection-strategy = \"");
            sb.Append(injectionStrategy != null ? injectionStrategy.GetType().Name : string.Empty);
            sb.Append("\"]");
            xpath = sb.ToString();

            cbExploits.DataContext = XmlHelpers.GetValuesFromDocByXpath(FileHelpers.GetCurrentDirectory() + "\\xml\\exploits.xml",
                                                                            xpath, "user-friendly-name");
        }
Пример #17
0
 private void cbCurrentInjectionStrategy_SelectionChanged(object sender, System.Windows.Controls.SelectionChangedEventArgs e)
 {
     _currentInjectionStrategy = (IInjectionStrategy)_injectionStrategies[cbCurrentInjectionStrategy.SelectedIndex];
     UrlOrStrategyChange();
     //ParameterChange();
 }