示例#1
0
 Request UpdateLastLoginRequestWithInvalidCreds(Request Req, Analysis.LogAssociation CorrespondingOriginalLogAssociation)
 {
     if (CorrespondingOriginalLogAssociation.DestinationLog.LogId == LoginRequestAsso.DestinationLog.LogId)
     {
         foreach (string Name in Req.Query.GetNames())
         {
             List <string> Vals = Req.Query.GetAll(Name);
             for (int i = 0; i < Vals.Count; i++)
             {
                 if (Vals[i] == Username || Vals[i] == Password)
                 {
                     Vals[i] = "XX" + Vals[i];
                 }
             }
             Req.Query.Set(Name, Vals);
         }
         foreach (string Name in Req.Body.GetNames())
         {
             List <string> Vals = Req.Body.GetAll(Name);
             for (int i = 0; i < Vals.Count; i++)
             {
                 if (Vals[i] == Username || Vals[i] == Password)
                 {
                     Vals[i] = "XX" + Vals[i];
                 }
             }
             Req.Body.Set(Name, Vals);
         }
     }
     return(Req);
 }
示例#2
0
 bool CanBeLoggedInLoggedOutResCandidate(Analysis.LogAssociation LoggedInAsso, Analysis.LogAssociation LoggedOutAsso)
 {
     if (!(LoggedInAsso.DestinationLog != null && LoggedOutAsso.DestinationLog != null && LoggedInAsso.DestinationLog.Response != null && LoggedOutAsso.DestinationLog.Response != null))
     {
         return(false);
     }
     return(CanBeLoggedInLoggedOutResCandidate(LoggedInAsso.DestinationLog.Response, LoggedOutAsso.DestinationLog.Response));
 }
示例#3
0
        public string ToXml()
        {
            StringWriter  SW = new StringWriter();
            XmlTextWriter XW = new XmlTextWriter(SW);

            XW.Formatting = Formatting.Indented;
            XW.WriteStartElement("xml");
            XW.WriteStartElement("version"); XW.WriteValue("1.0"); XW.WriteEndElement();
            XW.WriteStartElement("name"); XW.WriteValue(this.Name); XW.WriteEndElement();
            XW.WriteStartElement("username"); XW.WriteValue(Tools.Base64Encode(Username)); XW.WriteEndElement();
            XW.WriteStartElement("password"); XW.WriteValue(Tools.Base64Encode(Password)); XW.WriteEndElement();
            XW.WriteStartElement("csrf_token"); XW.WriteValue(Tools.Base64Encode(intCsrfParameterName)); XW.WriteEndElement();

            XW.WriteStartElement("sessions");
            foreach (int LogId in LoginAssociations.LogIds)
            {
                try
                {
                    Analysis.LogAssociation Asso = LoginAssociations.GetAssociation(LogId);
                    XW.WriteStartElement("session");
                    XW.WriteStartElement("log_id"); XW.WriteValue(Asso.DestinationLog.LogId); XW.WriteEndElement();
                    XW.WriteStartElement("request"); XW.WriteValue(Asso.DestinationLog.Request.ToBinaryString()); XW.WriteEndElement();
                    XW.WriteStartElement("response"); XW.WriteValue(Asso.DestinationLog.Response.ToBinaryString()); XW.WriteEndElement();
                    XW.WriteEndElement();
                }
                catch { }
            }
            XW.WriteEndElement();

            XW.WriteStartElement("login_check_request"); XW.WriteValue(LoginCheckRequest.ToBinaryString()); XW.WriteEndElement();
            XW.WriteStartElement("response_when_logged_in"); XW.WriteValue(LoginCheckResponseWhenLoggedIn.ToBinaryString()); XW.WriteEndElement();
            XW.WriteStartElement("response_when_logged_out"); XW.WriteValue(LoginCheckResponseWhenLoggedOut.ToBinaryString()); XW.WriteEndElement();

            /*
             * XW.WriteStartElement("csrf_token_sessions");
             * foreach (int LogId in CsrfAssociations.LogIds)
             * {
             *  try
             *  {
             *      Analysis.LogAssociation Asso = LoginAssociations.GetAssociation(LogId);
             *      XW.WriteStartElement("session");
             *      XW.WriteStartElement("log_id"); XW.WriteValue(Asso.DestinationLog.LogId); XW.WriteEndElement();
             *      XW.WriteStartElement("request"); XW.WriteValue(Asso.DestinationLog.Request.ToBinaryString()); XW.WriteEndElement();
             *      XW.WriteStartElement("response"); XW.WriteValue(Asso.DestinationLog.Response.ToBinaryString()); XW.WriteEndElement();
             *      XW.WriteEndElement();
             *  }
             *  catch { }
             * }
             * XW.WriteEndElement();
             */
            XW.WriteEndElement();
            XW.Close();
            SW.Close();
            return(SW.ToString().Trim());
        }
示例#4
0
        public List <Analysis.LogAssociation> GetAssociationsWithParameterValues(List <string> ParameterValues)
        {
            List <Analysis.LogAssociation> Results = new List <LogAssociation>();

            foreach (int i in this.LogIds)
            {
                Analysis.LogAssociation Asso = this.GetAssociation(i);
                if (Asso.DoesHaveParameterValues(ParameterValues))
                {
                    Results.Add(Asso);
                }
            }
            return(Results);
        }
示例#5
0
 static void ScanAssociation(Analysis.LogAssociations Association, List <string> HostsToScan, int[] Marker)
 {
     if (Association.NonIgnorableCount > 0)
     {
         int Index = 0;
         foreach (int Id in Association.LogIds)
         {
             Analysis.LogAssociation Asso = Association.GetAssociation(Id);
             if (!Asso.IsIgnorable && HostsToScan.Contains(Asso.DestinationLog.Request.BaseUrl))
             {
                 Scanner S = new Scanner(Asso.DestinationLog.Request);
                 if (S.BaseRequest.File.Length == 0 && S.BaseRequest.Query.Count == 0 && S.BaseRequest.UrlPathParts.Count > 1)
                 {
                     S.InjectUrl();
                 }
                 S.InjectQuery();
                 if (S.BaseRequest.BodyType == BodyFormatType.Soap ||
                     S.BaseRequest.BodyType == BodyFormatType.Json ||
                     S.BaseRequest.BodyType == BodyFormatType.Multipart ||
                     S.BaseRequest.BodyType == BodyFormatType.Xml)
                 {
                     S.BodyFormat = FormatPlugin.Get(S.BaseRequest.BodyType);
                 }
                 S.InjectBody();
                 S.CheckAll();
                 if (S.InjectionPointsCount > 0)
                 {
                     S.WorkFlowLogAssociations = Association;
                     S.IndexOfRequestToScanInWorkFlowLogAssociations = Index;
                     WorkflowScannerWindow.UpdateScanStatusInUi(true, string.Format("Scanning Request no.{0} in workflow between logs {1}-{2}", Index, Marker[0], Marker[1]));
                     S.Scan();
                 }
                 Index++;
             }
         }
     }
 }
示例#6
0
        void FindLoggedInAndLoggedOutSampleResponses()
        {
            Analysis.LogAssociation LoginAsso = LoginAssociations.GetLastAssociationWithParameterValues(new List <string>()
            {
                Username, Password
            });
            if (LoginAsso == null)
            {
                throw new Exception("Unable to find login request in the login recording");
            }
            this.LoginRequestAsso = LoginAsso;

            Analysis.LogReplayer           ValidCredsReplayer     = new Analysis.LogReplayer(LoginAssociations);
            Analysis.LogReplayAssociations ValidCredsAssociations = ValidCredsReplayer.Play();

            Analysis.LogReplayer           InvalidCredsReplayer     = new Analysis.LogReplayer(LoginAssociations, UpdateLastLoginRequestWithInvalidCreds);
            Analysis.LogReplayAssociations InValidCredsAssociations = InvalidCredsReplayer.Play();

            //now compare ValidCredsAssociations and InvalidCredsAssociations and decide which one will be the LoginCheckRequest and also update the LoginCheckResponseWhenLoggedIn and LoginCheckResponseWhenLoggedOut values
            List <Analysis.LogAssociation> LoggedInCheckResponeCandidates  = new List <Analysis.LogAssociation>();
            List <Analysis.LogAssociation> LoggedOutCheckResponeCandidates = new List <Analysis.LogAssociation>();

            foreach (int i in ValidCredsAssociations.OriginalLogIds)// . FirstOriginalLogId; i <= ValidCredsAssociations.LastOriginalLogId; i++)
            {
                if (i <= LoginAsso.DestinationLog.LogId)
                {
                    continue;                                     //We don't want to include the
                }
                if (InValidCredsAssociations.HasOriginalLog(i))
                {
                    if (CanBeLoggedInLoggedOutResCandidate(ValidCredsAssociations.GetAssociationByOriginalId(i).ReplayAssociation, InValidCredsAssociations.GetAssociationByOriginalId(i).ReplayAssociation))
                    {
                        LoggedInCheckResponeCandidates.Add(ValidCredsAssociations.GetAssociationByOriginalId(i).ReplayAssociation);
                        LoggedOutCheckResponeCandidates.Add(InValidCredsAssociations.GetAssociationByOriginalId(i).ReplayAssociation);
                    }
                }
            }
            for (int i = 0; i < LoggedInCheckResponeCandidates.Count; i++)
            {
                Analysis.LogAssociation InResCand  = LoggedInCheckResponeCandidates[i];
                Analysis.LogAssociation OutResCand = LoggedOutCheckResponeCandidates[i];
                if (InResCand.DestinationLog.Request.Host.Equals(LoginAsso.DestinationLog.Request.Host))
                {
                    LoginCheckRequest = InResCand.DestinationLog.Request.GetClone();
                    LoginCheckResponseWhenLoggedIn  = InResCand.DestinationLog.Response.GetClone();
                    LoginCheckResponseWhenLoggedOut = OutResCand.DestinationLog.Response.GetClone();
                    break;
                }
                else if (!Tools.IsValidIpv4(InResCand.DestinationLog.Request.Host) && !Tools.IsValidIpv6(LoginAsso.DestinationLog.Request.Host))
                {
                    string[] InReqParts    = InResCand.DestinationLog.Request.Host.Split('.');
                    string[] LoginReqParts = LoginAsso.DestinationLog.Request.Host.Split('.');
                    if (InReqParts.Length > 1 && LoginReqParts.Length > 1)
                    {
                        if (LoginReqParts[LoginReqParts.Length - 1].Equals(InReqParts[InReqParts.Length - 1]) && LoginReqParts[LoginReqParts.Length - 2].Equals(InReqParts[InReqParts.Length - 2]))
                        {
                            LoginCheckRequest = InResCand.DestinationLog.Request.GetClone();
                            LoginCheckResponseWhenLoggedIn  = InResCand.DestinationLog.Response.GetClone();
                            LoginCheckResponseWhenLoggedOut = OutResCand.DestinationLog.Response.GetClone();
                            break;
                        }
                    }
                }
            }
            if (LoginCheckRequest == null || LoginCheckResponseWhenLoggedIn == null || LoginCheckResponseWhenLoggedOut == null)
            {
                if (LoggedInCheckResponeCandidates.Count > 0 && LoggedOutCheckResponeCandidates.Count > 0)
                {
                    LoginCheckRequest = LoggedInCheckResponeCandidates[LoggedInCheckResponeCandidates.Count - 1].DestinationLog.Request.GetClone();
                    LoginCheckResponseWhenLoggedIn  = LoggedInCheckResponeCandidates[LoggedInCheckResponeCandidates.Count - 1].DestinationLog.Response.GetClone();
                    LoginCheckResponseWhenLoggedOut = LoggedOutCheckResponeCandidates[LoggedOutCheckResponeCandidates.Count - 1].DestinationLog.Response.GetClone();
                }
            }
            if (LoginCheckRequest == null || LoginCheckResponseWhenLoggedIn == null || LoginCheckResponseWhenLoggedOut == null)
            {
                Request TestLoginCheckReq = LoginAsso.DestinationLog.Request.GetClone();
                TestLoginCheckReq.BodyString   = "";
                TestLoginCheckReq.Method       = "GET";
                TestLoginCheckReq.CookieString = "";
                if (TestLoginCheckReq.Url.Contains(Tools.UrlEncode(Username)) && TestLoginCheckReq.Url.Contains(Tools.UrlEncode(Password)))
                {
                    TestLoginCheckReq.Query.RemoveAll();
                }
                List <Response> LoggedInReses = new List <Response>();
                TestLoginCheckReq.SetSource("LoginCheck");
                TestLoginCheckReq.SetCookie(ValidCredsAssociations.Cookies);
                Response LoggedInResCandidate = TestLoginCheckReq.Send();

                TestLoginCheckReq.CookieString = "";
                TestLoginCheckReq.SetCookie(InValidCredsAssociations.Cookies);
                Response LoggedOutResCandidate = TestLoginCheckReq.Send();

                if (CanBeLoggedInLoggedOutResCandidate(LoggedInResCandidate, LoggedOutResCandidate))
                {
                    LoginCheckRequest = TestLoginCheckReq.GetClone();
                    LoginCheckResponseWhenLoggedIn  = LoggedInResCandidate.GetClone();
                    LoginCheckResponseWhenLoggedOut = LoggedOutResCandidate.GetClone();
                }
            }
            if (LoginCheckRequest == null || LoginCheckResponseWhenLoggedIn == null || LoginCheckResponseWhenLoggedOut == null)
            {
                throw new Exception("Unable to find a suitable logged in status check response");
            }
        }
示例#7
0
        public static Recording FromXml(string Xml)
        {
            XmlDocument Xdoc = new XmlDocument();

            Xdoc.XmlResolver = null;
            Xdoc.LoadXml(Xml);

            string         Name             = "";
            string         Uname            = "";
            string         Passwd           = "";
            string         CsrfPara         = "";
            List <Session> Sessions         = new List <Session>();
            Request        LoginChkReq      = null;
            Response       ResWhenLoggedIn  = null;
            Response       ResWhenLoggedOut = null;

            try
            {
                Name = Xdoc.SelectNodes("/xml/name")[0].InnerText;
            }
            catch { throw new Exception("Invalid Recording, name field is missing!"); }
            try
            {
                Uname = Tools.Base64Decode(Xdoc.SelectNodes("/xml/username")[0].InnerText);
            }
            catch { throw new Exception("Invalid Recording, username field is missing!"); }
            try
            {
                Passwd = Tools.Base64Decode(Xdoc.SelectNodes("/xml/password")[0].InnerText);
            }
            catch { throw new Exception("Invalid Recording, password field is missing!"); }
            try
            {
                CsrfPara = Tools.Base64Decode(Xdoc.SelectNodes("/xml/csrf_token")[0].InnerText);
            }
            catch { throw new Exception("Invalid Recording, CSRF token field is missing!"); }

            try
            {
                foreach (XmlNode SessionNode in Xdoc.SelectNodes("/xml/sessions/session"))
                {
                    int      LogId = Int32.Parse(SessionNode.SelectNodes("log_id")[0].InnerText.Trim());
                    Request  Req   = Request.FromBinaryString(SessionNode.SelectNodes("request")[0].InnerText.Trim());
                    Response Res   = Response.FromBinaryString(SessionNode.SelectNodes("response")[0].InnerText.Trim());
                    Session  Sess  = new Session(LogId, Req, Res);
                    Sessions.Add(Sess);
                }
            }catch { throw new Exception("Invalid recording, logs are corrupted."); }

            try
            {
                LoginChkReq = Request.FromBinaryString(Xdoc.SelectNodes("/xml/login_check_request")[0].InnerText);
            }
            catch { throw new Exception("Invalid recording, Login Check Request is missing."); }
            try
            {
                ResWhenLoggedIn = Response.FromBinaryString(Xdoc.SelectNodes("/xml/response_when_logged_in")[0].InnerText);
            }
            catch { throw new Exception("Invalid recording, Reference Response for logged in sessions is missing."); }
            try
            {
                ResWhenLoggedOut = Response.FromBinaryString(Xdoc.SelectNodes("/xml/response_when_logged_out")[0].InnerText);
            }
            catch { throw new Exception("Invalid recording, Reference Response for logged out sessions is missing."); }

            Analysis.LogAnalyzer     Analyzer = new Analysis.LogAnalyzer();
            Analysis.LogAssociations Assos    = Analyzer.AnalyzeSessionsFromSameUa(Sessions);
            Recording FromDb = new Recording(Assos, Uname, Passwd, CsrfPara);

            FromDb.SetName(Name);
            FromDb.LoginCheckRequest = LoginChkReq;
            FromDb.LoginCheckResponseWhenLoggedIn  = ResWhenLoggedIn;
            FromDb.LoginCheckResponseWhenLoggedOut = ResWhenLoggedOut;
            Analysis.LogAssociation LoginAsso = FromDb.LoginAssociations.GetLastAssociationWithParameterValues(new List <string>()
            {
                FromDb.Username, FromDb.Password
            });
            if (LoginAsso == null)
            {
                throw new Exception("Invalid recording, unable to find login request in the login recording");
            }
            FromDb.LoginRequestAsso = LoginAsso;
            return(FromDb);
        }