private ScannerResult CheckCRLF(ScannerRequest request, StringBuilder sb, StringBuilder linkBuilder = null)
{
ScannerResult result = CRLF.Check(request);
if (result.Success)
{
sb.Append("\tCRLF Attack Found! " + request.URL + "! Email sent." + result.Results.First());
SendEmail("\tCRLF Attack Found ", request.URL + " appears to have known attack files: " + Environment.NewLine + result.Results.First());
if (linkBuilder != null)
{
linkBuilder.Append(String.Join(Environment.NewLine, result.Results.ToArray()) + Environment.NewLine);
}
}
else
{
sb.Append("\tNo CRLF found." + Environment.NewLine);
}
return(result);
}
internal static FastString HtmlString(string text, TextRenderType textRenderType, CRLF crlf, bool excel2007)
{
FastString Result = new FastString(text.Length);
int len = text.Length;
for (int i = 0; i < len; i++)
{
if (crlf != CRLF.xml && crlf != CRLF.odt && text[i] == ' ' && (text.Length == 1 ||
(i < (len - 1) && text[i + 1] == ' ') ||
(i > 0 && text[i - 1] == ' ') ||
i == len - 1))
{
Result.Append(" ");
}
else if (i < text.Length - 1 && text[i] == '\r' && text[i + 1] == '\n')
{
if (crlf == CRLF.xml)
{
Result.Append(" ");
}
else if (crlf == CRLF.odt)
{
Result.Append("<text:line-break />");
}
else
{
Result.Append("<br />");
}
i++;
}
else if (text[i] == '\\')
{
Result.Append("\");
}
else if (text[i] == '~' && !excel2007)
{
Result.Append("˜");
}
else if (text[i] == '€' && !excel2007)
{
Result.Append("€");
}
else if (text[i] == '‹' && !excel2007)
{
Result.Append("‹");
}
else if (text[i] == '›' && !excel2007)
{
Result.Append("›");
}
else if (text[i] == 'ˆ' && !excel2007)
{
Result.Append("ˆ");
}
else if (text[i] == '&' && textRenderType == TextRenderType.Default)
{
Result.Append("&");
}
else if (text[i] == '"' && textRenderType == TextRenderType.Default)
{
Result.Append(""");
}
else if (text[i] == '<' && textRenderType == TextRenderType.Default)
{
Result.Append("<");
}
else if (text[i] == '>' && textRenderType == TextRenderType.Default)
{
Result.Append(">");
}
else if (text[i] == '\t' && excel2007)
{
continue;
}
else
{
Result.Append(text[i]);
}
}
return(Result);
}
internal static FastString HtmlString(string text, TextRenderType textRenderType, CRLF crlf, bool excel2007)
{
FastString Result = new FastString(text.Length);
int len = text.Length;
for (int i = 0; i < len; i++)
{
if (crlf != CRLF.xml && crlf != CRLF.odt && text[i] == ' ' && (text.Length == 1 ||
(i < (len - 1) && text[i + 1] == ' ') ||
(i > 0 && text[i - 1] == ' ') ||
i == len - 1))
{
Result.Append(" ");
}
else if (text[i] == '<' && textRenderType == TextRenderType.HtmlTags && crlf == CRLF.odt)
{
i += text.IndexOf('>', i) - i;
}
else if (i < text.Length - 1 && text[i] == '\r' && text[i + 1] == '\n')
{
if (crlf == CRLF.xml)
{
Result.Append(" ");
}
else if (crlf == CRLF.odt)
{
Result.Append("<text:line-break />");
}
else
{
Result.Append("<p style=\"margin-top:0px;margin-bottom:0px;\">");
}
i++;
}
else if (text[i] == '\t' && crlf == CRLF.odt)
{
Result.Append("<text:tab/>");
}
else if (text[i] == ' ' && crlf == CRLF.odt)
{
int spaces = 1;
while (i < text.Length - 1)
{
if (text[i + 1] == ' ')
{
i++;
spaces++;
}
else
{
break;
}
}
Result.Append("<text:s text:c=\"" + spaces + "\"/>");
}
else if (text[i] == '\\')
{
Result.Append("\");
}
else if (text[i] == '~' && !excel2007)
{
Result.Append("˜");
}
else if (text[i] == '€' && !excel2007)
{
Result.Append("€");
}
else if (text[i] == '‹' && !excel2007)
{
Result.Append("‹");
}
else if (text[i] == '›' && !excel2007)
{
Result.Append("›");
}
else if (text[i] == 'ˆ' && !excel2007)
{
Result.Append("ˆ");
}
else if (text[i] == '&' && textRenderType == TextRenderType.Default)
{
Result.Append("&");
}
else if (text[i] == '"' && textRenderType == TextRenderType.Default)
{
Result.Append(""");
}
else if (text[i] == '<' && textRenderType == TextRenderType.Default)
{
Result.Append("<");
}
else if (text[i] == '>' && textRenderType == TextRenderType.Default)
{
Result.Append(">");
}
else if (text[i] == '\t' && excel2007)
{
continue;
}
else
{
Result.Append(text[i]);
}
}
return(Result);
}
internal static FastString HtmlString(string text, TextRenderType textRenderType, CRLF crlf, bool excel2007, string fontSize = "13px;")
{
FastString Result = new FastString(text.Length);
int len = text.Length;
int lineBreakCount = 0;
if (textRenderType == TextRenderType.HtmlTags)
{
string wingdings = "<font face=\"Wingdings\">";
string webdings = "<font face=\"Webdings\">";
int ind1 = 0, ind2 = 0;
if (text.Contains(wingdings))
{
ind1 = text.IndexOf(wingdings) + wingdings.Length;
ind2 = text.IndexOf('<', ind1);
text = text.Substring(0, ind1) +
WingdingsToUnicodeConverter.Convert(text.Substring(ind1, ind2 - ind1)) +
text.Substring(ind2, text.Length - ind2);
}
else if (text.Contains(webdings))
{
ind1 = text.IndexOf(webdings) + webdings.Length;
ind2 = text.IndexOf('<', ind1);
text = text.Substring(0, ind1) +
WingdingsToUnicodeConverter.Convert(text.Substring(ind1, ind2 - ind1)) +
text.Substring(ind2, text.Length - ind2);
}
}
for (int i = 0; i < len; i++)
{
if (crlf != CRLF.xml && crlf != CRLF.odt && text[i] == ' ' && (text.Length == 1 ||
(i < (len - 1) && text[i + 1] == ' ') ||
(i > 0 && text[i - 1] == ' ') ||
i == len - 1))
{
Result.Append(" ");
}
else if (text[i] == '<' && textRenderType == TextRenderType.HtmlTags && crlf == CRLF.odt)
{
i += text.IndexOf('>', i) - i;
}
else if (i < text.Length - 1 && text[i] == '\r' && text[i + 1] == '\n')
{
if (crlf == CRLF.xml)
{
Result.Append(" ");
}
else if (crlf == CRLF.odt)
{
Result.Append("<text:line-break />");
}
else
{
if (lineBreakCount == 0)
{
Result.Append("<p style=\"margin-top:0px;margin-bottom:0px;\"></p>");
}
else
{
Result.Append($"<p style=\"margin-top:0px;height:{fontSize}margin-bottom:0px\"></p>");
}
lineBreakCount++;
}
i++;
}
else
{
lineBreakCount = 0;
if (text[i] == '\t' && crlf == CRLF.odt)
{
Result.Append("<text:tab/>");
}
else if (text[i] == ' ' && crlf == CRLF.odt)
{
int spaces = 1;
while (i < text.Length - 1)
{
if (text[i + 1] == ' ')
{
i++;
spaces++;
}
else
{
break;
}
}
Result.Append("<text:s text:c=\"" + spaces + "\"/>");
}
else if (text[i] == '\\')
{
Result.Append("\");
}
else if (text[i] == '~' && !excel2007)
{
Result.Append("˜");
}
else if (text[i] == '€' && !excel2007)
{
Result.Append("€");
}
else if (text[i] == '‹' && !excel2007)
{
Result.Append("‹");
}
else if (text[i] == '›' && !excel2007)
{
Result.Append("›");
}
else if (text[i] == 'ˆ' && !excel2007)
{
Result.Append("ˆ");
}
else if (text[i] == '&' && textRenderType == TextRenderType.Default)
{
Result.Append("&");
}
else if (text[i] == '"' && textRenderType == TextRenderType.Default)
{
Result.Append(""");
}
else if (text[i] == '<' && textRenderType == TextRenderType.Default)
{
Result.Append("<");
}
else if (text[i] == '>' && textRenderType == TextRenderType.Default)
{
Result.Append(">");
}
else if (text[i] == '\t' && excel2007)
{
continue;
}
else
{
Result.Append(text[i]);
}
}
}
return(Result);
}
private CRLF decode_CRLF()
{
push("CRLF");
bool decoded = true;
int s0 = index;
var e0 = new List<Rule>();
Rule rule;
decoded = false;
if (!decoded)
{
{
var e1 = new List<Rule>();
int s1 = index;
decoded = true;
if (decoded)
{
bool f1 = true;
int c1 = 0;
for (int i1 = 0; i1 < 1 && f1; i1++)
{
rule = decode_CR();
if ((f1 = rule != null))
{
e1.Add(rule);
c1++;
}
}
decoded = c1 == 1;
}
if (decoded)
{
bool f1 = true;
int c1 = 0;
for (int i1 = 0; i1 < 1 && f1; i1++)
{
rule = decode_LF();
if ((f1 = rule != null))
{
e1.Add(rule);
c1++;
}
}
decoded = c1 == 1;
}
if (decoded)
e0.AddRange(e1);
else
index = s1;
}
}
rule = null;
if (decoded)
rule = new CRLF(text.Substring(s0, index - s0), e0);
else
index = s0;
pop("CRLF", decoded, index - s0);
return (CRLF)rule;
}
public CRLF(CRLF rule)
: base(rule.spelling, rule.rules)
{
}
