internal static Session GetIronSessionFromIronLogRecord(IronLogRecord ILR, bool IsFromProxy, int ID)
{
Session IrSe;
Request Req = GetRequest(ILR.RequestHeaders, ILR.RequestBody, ILR.IsRequestBinary);
Req.ID = ID;
if (ILR.ResponseHeaders.Length > 0)
{
Response Res = GetResponse(ILR.ResponseHeaders, ILR.ResponseBody, ILR.IsResponseBinary);
Res.TTL = ILR.RoundTrip;
IrSe = new Session(Req, Res);
IrSe.Request.ID = ID;
}
else
{
IrSe = new Session(Req);
IrSe.Request.ID = ID;
}
if (IsFromProxy)
{
if (ILR.OriginalRequestHeaders.Length > 0)
{
IrSe.OriginalRequest = GetRequest(ILR.OriginalRequestHeaders, ILR.OriginalRequestBody, ILR.IsOriginalRequestBinary);
IrSe.OriginalRequest.ID = ID;
}
else
{
IrSe.OriginalRequest = null;
}
if (ILR.OriginalResponseHeaders.Length > 0)
{
IrSe.OriginalResponse = GetResponse(ILR.OriginalResponseHeaders, ILR.OriginalResponseBody, ILR.IsOriginalResponseBinary);
IrSe.OriginalResponse.TTL = ILR.RoundTrip;
IrSe.OriginalResponse.ID = ID;
}
else
{
IrSe.OriginalResponse = null;
}
}
return(IrSe);
}
public static Session FromLog(int ID, string Source)
{
switch (Source)
{
case ("Proxy"):
return(FromProxyLog(ID));
case ("Probe"):
return(FromProbeLog(ID));
case ("Test"):
return(FromTestLog(ID));
case ("Shell"):
return(FromShellLog(ID));
case ("Scan"):
return(FromScanLog(ID));
default:
IronLogRecord ILR = IronDB.GetRecordFromOtherSourceLog(ID, Source);
return(Session.GetIronSessionFromIronLogRecord(ILR, ID));
}
}
internal static Session GetIronSessionFromIronLogRecord(IronLogRecord ILR, bool IsFromProxy, int ID)
{
Session IrSe;
Request Req = GetRequest(ILR.RequestHeaders, ILR.RequestBody, ILR.IsRequestBinary);
Req.ID = ID;
if (ILR.ResponseHeaders.Length > 0)
{
Response Res = GetResponse(ILR.ResponseHeaders, ILR.ResponseBody, ILR.IsResponseBinary);
Res.TTL = ILR.RoundTrip;
IrSe = new Session(Req, Res);
IrSe.Request.ID = ID;
}
else
{
IrSe = new Session(Req);
IrSe.Request.ID = ID;
}
if (IsFromProxy)
{
if (ILR.OriginalRequestHeaders.Length > 0)
{
IrSe.OriginalRequest = GetRequest(ILR.OriginalRequestHeaders, ILR.OriginalRequestBody, ILR.IsOriginalRequestBinary);
IrSe.OriginalRequest.ID = ID;
}
else
{
IrSe.OriginalRequest = null;
}
if (ILR.OriginalResponseHeaders.Length > 0)
{
IrSe.OriginalResponse = GetResponse(ILR.OriginalResponseHeaders, ILR.OriginalResponseBody, ILR.IsOriginalResponseBinary);
IrSe.OriginalResponse.TTL = ILR.RoundTrip;
IrSe.OriginalResponse.ID = ID;
}
else
{
IrSe.OriginalResponse = null;
}
}
return IrSe;
}
internal static Session GetIronSessionFromIronLogRecord(IronLogRecord ILR, int ID)
{
return GetIronSessionFromIronLogRecord(ILR, false, ID);
}
internal static Scanner GetScannerFromDB(int ScanID)
{
Scanner ScannerFromLog = null;
using (SQLiteConnection DB = new SQLiteConnection("data source=" + IronProjectFile))
{
DB.Open();
using (SQLiteCommand cmd = DB.CreateCommand())
{
cmd.CommandText = "SELECT RequestHeaders, RequestBody, BinaryRequest, Status, InjectionPoints, FormatPlugin, SessionPlugin, ScanPlugins FROM ScanQueue WHERE ScanID=@ScanID LIMIT 1";
cmd.Parameters.AddWithValue("@ScanID", ScanID);
using (SQLiteDataReader result = cmd.ExecuteReader())
{
IronLogRecord ILR = new IronLogRecord();
ILR.RequestHeaders = result["RequestHeaders"].ToString();
ILR.RequestBody = result["RequestBody"].ToString();
ILR.IsRequestBinary = (result["BinaryRequest"].ToString().Equals("1"));
Session Irse = Session.GetIronSessionFromIronLogRecord(ILR, 0);
Request Req = Irse.Request;
string Status = result["Status"].ToString();
string FormatPluginName = result["FormatPlugin"].ToString();
string SessionPluginName = result["SessionPlugin"].ToString();
string InjectionString = result["InjectionPoints"].ToString();
string[] ScanPluginsArray = result["ScanPlugins"].ToString().Split(new char[] { ',' });
ScannerFromLog = new Scanner(Req);
ScannerFromLog.ScanID = ScanID;
if (Status.Equals("Not Started")) return ScannerFromLog;
if (SessionPluginName.Length > 0)
{
if (!SessionPluginName.Equals("None") && SessionPlugin.List().Contains(SessionPluginName))
{
ScannerFromLog.SessionHandler = SessionPlugin.Get(SessionPluginName);
}
}
if (FormatPluginName.Length > 0)
{
if (!FormatPluginName.Equals("None") && FormatPlugin.List().Contains(FormatPluginName))
{
ScannerFromLog.BodyFormat = FormatPlugin.Get(FormatPluginName);
}
}
if (ScanPluginsArray.Length > 0)
{
List<string> ValidScanPlugins = ActivePlugin.List();
foreach (string Name in ScanPluginsArray)
{
if (ValidScanPlugins.Contains(Name))
{
ScannerFromLog.AddCheck(Name);
}
}
}
ScannerFromLog.AbsorbInjectionString(InjectionString);
ScannerFromLog.Status = Status;
}
}
}
return ScannerFromLog;
}
static List<IronLogRecord> GetRecordsFromDB(string DataSource, string CmdString, bool IsProxyLog)
{
List<IronLogRecord> IronLogRecords = new List<IronLogRecord>();
using(SQLiteConnection DB = new SQLiteConnection(DataSource))
{
DB.Open();
using (SQLiteCommand cmd = DB.CreateCommand())
{
cmd.CommandText = CmdString;
using (SQLiteDataReader result = cmd.ExecuteReader())
{
while (result.Read())
{
try
{
IronLogRecord ILR = new IronLogRecord();
try
{
ILR.ID = Int32.Parse(result["ID"].ToString());
}
catch
{
ILR.ID = 0;
}
ILR.RequestHeaders = result["RequestHeaders"].ToString();
ILR.RequestBody = result["RequestBody"].ToString();
ILR.ResponseHeaders = result["ResponseHeaders"].ToString();
ILR.ResponseBody = result["ResponseBody"].ToString();
//ILR.SSL = (result["SSL"].ToString().Equals("1"));
ILR.IsRequestBinary = (result["BinaryRequest"].ToString().Equals("1"));
ILR.IsResponseBinary = (result["BinaryResponse"].ToString().Equals("1"));
try
{
ILR.RoundTrip = Int32.Parse(result["RoundTrip"].ToString());
}
catch { }
if (IsProxyLog)
{
ILR.OriginalRequestHeaders = result["OriginalRequestHeaders"].ToString();
ILR.OriginalRequestBody = result["OriginalRequestBody"].ToString();
ILR.IsOriginalRequestBinary = (result["BinaryOriginalRequest"].ToString().Equals("1"));
ILR.OriginalResponseHeaders = result["OriginalResponseHeaders"].ToString();
ILR.OriginalResponseBody = result["OriginalResponseBody"].ToString();
ILR.IsOriginalResponseBinary = (result["BinaryOriginalResponse"].ToString().Equals("1"));
}
IronLogRecords.Add(ILR);
}
catch { }
}
}
}
}
return IronLogRecords;
}
static IronLogRecord GetRecordFromDB(string DataSource, string CmdString, int ID, bool IsProxyLog)
{
IronLogRecord ILR = new IronLogRecord();
using(SQLiteConnection DB = new SQLiteConnection(DataSource))
{
DB.Open();
using(SQLiteCommand cmd = DB.CreateCommand())
{
cmd.CommandText = CmdString;
cmd.Parameters.AddWithValue("@ID", ID);
using (SQLiteDataReader result = cmd.ExecuteReader())
{
if (!result.HasRows)
{
throw new Exception("ID not found in DB");
}
ILR.RequestHeaders = result["RequestHeaders"].ToString();
ILR.RequestBody = result["RequestBody"].ToString();
ILR.ResponseHeaders = result["ResponseHeaders"].ToString();
ILR.ResponseBody = result["ResponseBody"].ToString();
//ILR.SSL = (result["SSL"].ToString().Equals("1"));
ILR.IsRequestBinary = (result["BinaryRequest"].ToString().Equals("1"));
ILR.IsResponseBinary = (result["BinaryResponse"].ToString().Equals("1"));
try
{
ILR.RoundTrip = Int32.Parse(result["RoundTrip"].ToString());
}
catch { }
if (IsProxyLog)
{
ILR.OriginalRequestHeaders = result["OriginalRequestHeaders"].ToString();
ILR.OriginalRequestBody = result["OriginalRequestBody"].ToString();
ILR.IsOriginalRequestBinary = (result["BinaryOriginalRequest"].ToString().Equals("1"));
ILR.OriginalResponseHeaders = result["OriginalResponseHeaders"].ToString();
ILR.OriginalResponseBody = result["OriginalResponseBody"].ToString();
ILR.IsOriginalResponseBinary = (result["BinaryOriginalResponse"].ToString().Equals("1"));
}
}
}
}
return ILR;
}
internal static Finding GetPluginResultFromDB(int ID)
{
Finding PR = null;
using (SQLiteConnection DB = new SQLiteConnection("data source=" + PluginResultsLogFile))
{
DB.Open();
using (SQLiteCommand cmd = DB.CreateCommand())
{
cmd.CommandText = "SELECT HostName, Title, FinderName, FinderType, Meta, Summary, Severity, Confidence, Type, UniquenessString FROM Findings WHERE ID=@ID LIMIT 1";
cmd.Parameters.AddWithValue("@ID", ID);
using(SQLiteDataReader result = cmd.ExecuteReader())
{
PR = new Finding(result["HostName"].ToString());
PR.Id = ID;
PR.Title = result["Title"].ToString();
PR.FinderName = result["FinderName"].ToString();
PR.FinderType = result["FinderType"].ToString();
try
{
PR.XmlSummary = result["Summary"].ToString();
}
catch
{
PR.Summary = result["Summary"].ToString();
}
try
{
PR.XmlMeta = result["Meta"].ToString();
}
catch { }
PR.Severity = GetSeverity(Int32.Parse(result["Severity"].ToString()));
PR.Confidence = GetConfidence(Int32.Parse(result["Confidence"].ToString()));
PR.Type = GetResultType(Int32.Parse(result["Type"].ToString()));
PR.Signature = result["UniquenessString"].ToString();
}
cmd.CommandText = "SELECT TriggersEncoded, RequestTriggerDesc, RequestTrigger, RequestHeaders, RequestBody, BinaryRequest, ResponseTriggerDesc, ResponseTrigger, ResponseHeaders, ResponseBody, BinaryResponse, RoundTrip FROM Triggers WHERE ID=@ID";
cmd.Parameters.AddWithValue("@ID", ID);
using (SQLiteDataReader result = cmd.ExecuteReader())
{
while (result.Read())
{
string RequestTrigger = result["RequestTrigger"].ToString();
string ResponseTrigger = result["ResponseTrigger"].ToString();
if (result["TriggersEncoded"].ToString().Equals("1"))
{
try
{
RequestTrigger = Tools.Base64Decode(RequestTrigger);
}
catch { }
try
{
ResponseTrigger = Tools.Base64Decode(ResponseTrigger);
}
catch { }
}
IronLogRecord ILR = new IronLogRecord();
ILR.RequestHeaders = result["RequestHeaders"].ToString();
ILR.RequestBody = result["RequestBody"].ToString();
ILR.IsRequestBinary = (result["BinaryRequest"].ToString().Equals("1"));
ILR.ResponseHeaders = result["ResponseHeaders"].ToString();
ILR.ResponseBody = result["ResponseBody"].ToString();
ILR.IsResponseBinary = (result["BinaryResponse"].ToString().Equals("1"));
try
{
ILR.RoundTrip = Int32.Parse(result["RoundTrip"].ToString());
}
catch { }
Session IrSe = Session.GetIronSessionFromIronLogRecord(ILR, 0);
if (IrSe.Response != null)
{
PR.Triggers.Add(RequestTrigger, result["RequestTriggerDesc"].ToString(), IrSe.Request, ResponseTrigger, result["ResponseTriggerDesc"].ToString(), IrSe.Response);
}
else
{
PR.Triggers.Add(RequestTrigger, result["RequestTriggerDesc"].ToString(), IrSe.Request);
}
}
}
if (PR.FromActiveScan)
{
try
{
cmd.CommandText = "SELECT RequestHeaders, RequestBody, BinaryRequest, ResponseHeaders, ResponseBody, BinaryResponse, RoundTrip FROM BaseLine WHERE FindingID=@FindingID LIMIT 1";
cmd.Parameters.AddWithValue("@FindingID", ID);
using (SQLiteDataReader result = cmd.ExecuteReader())
{
if (result.HasRows)
{
IronLogRecord ILR = new IronLogRecord();
ILR.RequestHeaders = result["RequestHeaders"].ToString();
ILR.RequestBody = result["RequestBody"].ToString();
ILR.IsRequestBinary = (result["BinaryRequest"].ToString().Equals("1"));
ILR.ResponseHeaders = result["ResponseHeaders"].ToString();
ILR.ResponseBody = result["ResponseBody"].ToString();
ILR.IsResponseBinary = (result["BinaryResponse"].ToString().Equals("1"));
try
{
ILR.RoundTrip = Int32.Parse(result["RoundTrip"].ToString());
}
catch { }
Session IrSe = Session.GetIronSessionFromIronLogRecord(ILR, 0);
PR.BaseRequest = IrSe.Request;
PR.BaseResponse = IrSe.Response;
}
}
}
catch { }
}
}
}
return PR;
}
internal static Session GetIronSessionFromIronLogRecord(IronLogRecord ILR, int ID)
{
return(GetIronSessionFromIronLogRecord(ILR, false, ID));
}
public static Session FromScanLog(int ID)
{
IronLogRecord ILR = IronDB.GetRecordFromScanLog(ID);
return(Session.GetIronSessionFromIronLogRecord(ILR, ID));
}
internal static PluginResult GetPluginResultFromDB(int ID)
{
SQLiteConnection DB = new SQLiteConnection("data source=" + PluginResultsLogFile);
DB.Open();
SQLiteCommand cmd = DB.CreateCommand();
cmd.CommandText = "SELECT HostName, Title, Plugin, Summary, Severity, Confidence, Type, UniquenessString FROM PluginResult WHERE ID=@ID LIMIT 1";
cmd.Parameters.AddWithValue("@ID", ID);
SQLiteDataReader result = cmd.ExecuteReader();
PluginResult PR = new PluginResult(result["HostName"].ToString());
PR.Id = ID;
PR.Title = result["Title"].ToString();
PR.Plugin = result["Plugin"].ToString();
PR.Summary = result["Summary"].ToString();
PR.Severity = GetSeverity(Int32.Parse(result["Severity"].ToString()));
PR.Confidence = GetConfidence(Int32.Parse(result["Confidence"].ToString()));
PR.ResultType = GetResultType(Int32.Parse(result["Type"].ToString()));
PR.Signature = result["UniquenessString"].ToString();
result.Close();
cmd.CommandText = "SELECT RequestTrigger, RequestHeaders, RequestBody, BinaryRequest, ResponseTrigger, ResponseHeaders, ResponseBody, BinaryResponse FROM Triggers WHERE ID=@ID";
cmd.Parameters.AddWithValue("@ID", ID);
result = cmd.ExecuteReader();
while (result.Read())
{
string RequestTrigger = result["RequestTrigger"].ToString();
string ResponseTrigger = result["ResponseTrigger"].ToString();
IronLogRecord ILR = new IronLogRecord();
ILR.RequestHeaders = result["RequestHeaders"].ToString();
ILR.RequestBody = result["RequestBody"].ToString();
ILR.IsRequestBinary = (result["BinaryRequest"].ToString().Equals("1"));
ILR.ResponseHeaders = result["ResponseHeaders"].ToString();
ILR.ResponseBody = result["ResponseBody"].ToString();
ILR.IsResponseBinary = (result["BinaryResponse"].ToString().Equals("1"));
Session IrSe = Session.GetIronSessionFromIronLogRecord(ILR,0);
if (IrSe.Response != null)
{
PR.Triggers.Add(RequestTrigger, IrSe.Request, ResponseTrigger, IrSe.Response);
}
else
{
PR.Triggers.Add(RequestTrigger, IrSe.Request);
}
}
result.Close();
DB.Close();
return PR;
}