private void SaveTvf(object param)
{
string path = (string)param;
_trafficViewerFile.EnableDefrag = true;
_trafficViewerFile.Save(path);
}
private void StopClick(object sender, EventArgs e)
{
_abort = true;
_fuzzOn = false;
button1.ForeColor = Color.White;
lock (_lock)
{
_payloads.Clear();
}
timer1.Stop();
button2.Text = "Saving...";
button2.Enabled = false;
_outputFile.SetState(AccessorState.Idle);
string filePath = _fileSelector.Text;
if (!String.IsNullOrWhiteSpace(filePath))
{
_outputFile.Save(filePath);
}
button1.Enabled = true;
button2.Enabled = true;
button2.Text = "Stop and Save";
_fileSelector.Enabled = true;
}
public void SaveAndOpen()
{
TrafficViewerFile tvf = MakeDummyTrafficFile();
TempFile temp = new TempFile(".tvf");
tvf.Save(temp.Path);
tvf.Close(false);
//verfiy that we can open
tvf.Open(temp.Path);
//run all validations
ValidateASEFile(tvf);
tvf.Close(false);
}
public void SaveAndOpen()
{
string expectedRequest = "GET / HTTP/1.1";
string expectedResponse = "HTTP/1.1 200 OK";
TrafficViewerFile file = new TrafficViewerFile();
int reqId = file.AddRequestResponse(expectedRequest, expectedResponse);
file.GetRequestInfo(reqId).IsHttps = true;
Assert.AreEqual(1, file.RequestCount);
TempFile temp = new TempFile(".tvf");
file.Save(temp.Path);
//verify that the file can be saved
Assert.IsTrue(File.Exists(temp.Path), "Cannot save the file");
file.Close(false);
//make a new file and verify we can open
TrafficViewerFile file2 = new TrafficViewerFile();
file2.Open(temp.Path);
//verify actual file was open
Assert.AreEqual(1, file2.RequestCount, "Incorrect request count after opening saved file");
//verify request data is correct
int requestId = -1;
TVRequestInfo info = file2.GetNext(ref requestId);
Assert.IsNotNull(info, "Cannot obtain request info");
//veryfy transport info
Assert.IsTrue(info.IsHttps);
//verify request data
string loadedRequest = Encoding.UTF8.GetString(file2.LoadRequestData(info.Id));
Assert.AreEqual(expectedRequest, loadedRequest);
string loadedResponse = Encoding.UTF8.GetString(file2.LoadResponseData(info.Id));
Assert.AreEqual(expectedResponse, loadedResponse);
file2.Close(false);
}
public void Clear()
{
TrafficViewerFile tvf = MakeDummyTrafficFile();
TempFile temp = new TempFile(".tvf");
tvf.Save(temp.Path);
Assert.AreNotSame(0, tvf.RequestCount);
tvf.Clear(false);
Assert.AreEqual(0, tvf.RequestCount);
int i = -1;
Assert.IsNull(tvf.GetNext(ref i));
tvf.Close(false);
}
private void StartClick(object sender, EventArgs e)
{
if (_fuzzOn)
{
return;
}
_options.MatchPattern = _textPattern.Text;
_options.ReversePattern = _reversePattern.Checked;
GenerateRequestsToFuzz();
ErrorBox error = new ErrorBox();
if (!String.IsNullOrWhiteSpace(_fileSelector.Text))
{
_outputFile = new TrafficViewerFile();
_outputFile.Save(_fileSelector.Text);
if (!File.Exists(_fileSelector.Text))
{
error.Show("Invalid result file location");
return;
}
_options.OutputFile = _fileSelector.Text;
}
else
{
_outputFile = TrafficViewer.Instance.TrafficViewerFile;
_outputFile.SetState(AccessorState.Tailing);
}
if (!int.TryParse(_textNumThreads.Text, out _numThreads))
{
error.Show("Invalid number of threads specified");
return;
}
_options.NumberOfThreads = _numThreads;
_options.Save();
GenerateAndRunPayloads();
}
public void TestEncryptedRequest()
{
TrafficViewerFile file = new TrafficViewerFile();
string request1 = "GET /unencrypted HTTP/1.1";
string request2 = "GET /encrypted\r\n\r\nsecret=123456789 HTTP/1.1";
string response1 = "HTTP 200 OK\r\n\r\nUnencrypted Response";
string response2 = "HTTP 200 OK\r\n\r\nEncrypted Response (secret 1234567789)";
file.AddRequestResponse(request1, response1);
file.AddRequestResponse(request2, response2);
var reqInfo = file.GetRequestInfo(1);
Assert.IsFalse(reqInfo.IsEncrypted, "Default should be unencrypted");
reqInfo.IsEncrypted = true;
//resave the request
file.SaveRequestResponse(1, request2, response2);
TempFile tempFile = new TempFile();
file.EnableDefrag = true; //defrag the raw file
file.Save(tempFile.Path);
file = new TrafficViewerFile();
file.Open(tempFile.Path);
Assert.IsFalse(file.GetRequestInfo(0).IsEncrypted, "First request should not be encrypted");
Assert.IsTrue(file.GetRequestInfo(1).IsEncrypted, "Second request should be encrypted");
string testRequest = Constants.DefaultEncoding.GetString(file.LoadRequestData(1));
Assert.AreEqual(request2, testRequest);
string testResponse = Constants.DefaultEncoding.GetString(file.LoadResponseData(1));
Assert.AreEqual(response2, testResponse);
file.Close(false);
File.Delete(tempFile.Path);
}
static void Main(string[] args)
{
TrafficViewerFile file = new TrafficViewerFile();
file.Profile.SetExclusions((IEnumerable <string>) new string[2]
{
"\\.(js|axd|zip|Z|tar|t?gz|sit|cab|pdf|ps|doc|ppt|xls|rtf|dot|mp(p|t|d|e|a|3|4|ga)|m4p|mdb|csv|pp(s|a)|xl(w|a)|dbf|slk|prn|dif|avi|mpe?g|mov(ie)?|qt|moov|rmi?|as(f|x)|m1v|wm(v|f|a)|wav|ra|au|aiff|midi?|m3u|gif|jpe?g|bmp|png|tif?f|ico|pcx|css|xml|dll)\\b",
ConvertorProperties.ExcludedDomainsFromRecordingPattern
});
try
{
// Create an instance of StreamReader to read from a file.
// The using statement also closes the StreamReader.
using (StreamReader sr = new StreamReader(args[0]))
{
String line;
// Read and display lines from the file until the end of
// the file is reached.
while ((line = sr.ReadLine()) != null)
{
Har har = JsonConvert.DeserializeObject <Har>(line);
int requestHeaderId = 0;
int counter = 0;
foreach (Entry tempEntry in har.log.entries)
{
if (HtdConvertorUtil.isRelevantRequest(tempEntry))
{
counter++;
requestHeaderId = file.AddRequestResponse(tempEntry.request.ToString(), tempEntry.response.ToString());
if (tempEntry.request.postData != null)
{
Console.WriteLine(tempEntry.request.postData.ToString());
}
file.GetRequestInfo(requestHeaderId).Description = "AppScan Proxy Request to Server";
if (tempEntry.request.isHttps)
{
file.GetRequestInfo(requestHeaderId).IsHttps = true;
}
}
}
Console.WriteLine(counter);
}
}
file.Save(args[1]);
file.Close(false);
Console.WriteLine("Recording has been done");
//Console.ReadLine();
}
catch (Exception e)
{
// Let the user know what went wrong.
Console.WriteLine("The file could not be read:");
Console.WriteLine(e.Message);
}
}
/// <summary>
/// Stops a manual explore proxy on the specified port and then save the resulting traffic file if specified
/// </summary>
/// <param name="port">The corresponding proxy port</param>
/// <param name="fileName">Optional - The file name to use. If not provided no file will get created.</param>
public void StopManualExploreProxy(int port, string fileName = null)
{
if (!_manualExploreProxies.ContainsKey(port))
{
_logWriter.Log(TraceLevel.Error, "Can't stop proxy on port {0}. Not found.", port);
throw new HttpProxyException(HttpStatusCode.NotFound, "Proxy not found on the specified port", ServiceCode.CommandProxyStopCannotFindPort);
}
bool saveFile = !String.IsNullOrWhiteSpace(fileName);
string absolutePath = null;
if (saveFile) //we need to save a file name after stopping, perform validations on the file name
{
if (fileName.IndexOfAny(Path.GetInvalidFileNameChars()) >= 0 || fileName.IndexOfAny(Path.GetInvalidPathChars()) >= 0)
{
//invalid file name
_logWriter.Log(TraceLevel.Error, "Invalid characters in file name: {0}", fileName);
throw new HttpProxyException(HttpStatusCode.BadRequest, "Invalid file name", ServiceCode.CommandProxyStopInvalidFileName);
}
//now generate full path and check it
string fullPath = Path.Combine(_filesDirectory, String.Format("{0}.{1}", fileName, _recordingType));
absolutePath = Path.GetFullPath(fullPath);
if (!fullPath.StartsWith(_filesDirectory))
{
//path traversal attempt
_logWriter.Log(TraceLevel.Error, "Directory traversal attempted with file name: {0}", fileName);
throw new HttpProxyException(HttpStatusCode.BadRequest, "Directory traversal", ServiceCode.ProxyInternalError);
}
//check if the file already exists
if (File.Exists(fullPath))
{
_logWriter.Log(TraceLevel.Error, "File {0} already exists.", fileName);
throw new HttpProxyException(HttpStatusCode.Forbidden, "File already exists", ServiceCode.CommandProxyStopFileExists);
}
}
ManualExploreProxy proxy = _manualExploreProxies[port];
try
{
proxy.Stop();
//remove the proxy from the list of existing proxies
_manualExploreProxies.Remove(port);
}
catch (Exception ex)
{
_logWriter.Log(TraceLevel.Error, "Internal error trying to stop a proxy: {0}", ex);
throw new HttpProxyException(HttpStatusCode.InternalServerError, "Internal error trying to stop a proxy", ServiceCode.ProxyInternalError);
}
if (!saveFile)
{
_logWriter.Log(TraceLevel.Verbose,
"No file name was specified. Discarding the data for proxy started on port {0}", port);
//we are done here
return;
}
//file path is fine
try
{
TrafficViewerFile htd = (TrafficViewerFile)proxy.TrafficDataStore;
if (_recordingType.Equals(Constants.HTD_STRING))
{
htd.Save(absolutePath);
}
else if (_recordingType.Equals(Constants.EXD_STRING))
{
ManualExploreExporter exporter = new ManualExploreExporter();
Stream exportStream = new FileStream(absolutePath, FileMode.CreateNew);
exporter.Export(htd, exportStream);
exportStream.Close();
}
}
catch (Exception ex)
{
_logWriter.Log(TraceLevel.Error, "An exception occured saving traffic file: {0}", ex);
throw new HttpProxyException(HttpStatusCode.InternalServerError, "Cannot save file", ServiceCode.ProxyInternalError);
}
}
private HttpResponseInfo StopProxy(HttpRequestInfo requestInfo)
{
string report = "";
//get the port from the url
string portString = null;
requestInfo.QueryVariables.TryGetValue("port", out portString);
//optional secret to protect the recording session
string secret = null;
requestInfo.QueryVariables.TryGetValue("secret", out secret);
//optional flag indicating if similar requests should be skiped
string skipSimilar = null;
requestInfo.QueryVariables.TryGetValue("skipSimilar", out skipSimilar);
//the file to save to
string fileName = null;
requestInfo.QueryVariables.TryGetValue("fileName", out fileName);
//optional parameter to cancel the scan
string cancel = null;
requestInfo.QueryVariables.TryGetValue("cancel", out cancel);
if (fileName == null)
{
//assign a random file name
fileName = DateTime.Now.Ticks.ToString();
}
if (!Utils.IsMatch(fileName, "^[\\w._-]+$"))
{
return(GetResponse(400, "Bad Request", "Invalid file name."));
}
int port;
if (int.TryParse(portString, out port))
{
if (!CollectorProxyList.Instance.ProxyList.ContainsKey(port))
{
return(GetResponse(400, "Bad Request", "Port not found."));
}
else
{
IHttpProxy proxy = CollectorProxyList.Instance.ProxyList[port];
TrafficViewerFile trafficFile = (proxy as ManualExploreProxy).TrafficDataStore as TrafficViewerFile;
//check the secret if it exists
string configuredSecret = trafficFile.Profile.GetOption("secret") as String;
if (!String.IsNullOrWhiteSpace(configuredSecret) && !configuredSecret.Equals(secret))
{
return(GetResponse(401, "Unauthorized", "Invalid secret."));
}
string filePath = Path.Combine(TrafficCollectorSettings.Instance.DumpDir, fileName + ".htd");
if (proxy is DriveByAttackProxy)
{
DriveByAttackProxy dProx = proxy as DriveByAttackProxy;
int requestsLeft = dProx.RequestsLeft;
if (requestsLeft > 0 && (cancel == null || !cancel.Equals("true")))
{
return(GetResponse(206, "Partial Content", "Please wait... {0} request(s) left, {1} test job(s) in queue", requestsLeft, dProx.TestCount));
}
else
{
int id = -1;
TVRequestInfo info = null;
report = "\r\n\r\nVulnerability List\r\n";
report += "============================\r\n";
int count = 0;
while ((info = trafficFile.GetNext(ref id)) != null)
{
if (info.Description.Contains("Vulnerability"))
{
count++;
report += String.Format("Request {0} - {1} ({2})\r\n", info.RequestLine, info.Description, info.Validation);
}
}
report += String.Format("Total: {0}\r\n", count);
}
}
if (File.Exists(filePath)) //load the existing file and check the secret
{
TrafficViewerFile existingFile = new TrafficViewerFile();
existingFile.Open(filePath);
configuredSecret = existingFile.Profile.GetOption("secret") as String;
existingFile.Close(false);
if (String.IsNullOrWhiteSpace(configuredSecret) || String.IsNullOrWhiteSpace(secret) || !configuredSecret.Equals(secret))
{
return(GetResponse(401, "Unauthorized", "Cannot override existing file."));
}
}
proxy.Stop();
CollectorProxyList.Instance.ProxyList.Remove(port);
if (trafficFile.RequestCount > 0)
{
if (skipSimilar != null && skipSimilar.Equals("true", StringComparison.OrdinalIgnoreCase))
{
trafficFile = removeSimilar(trafficFile);
}
trafficFile.Save(filePath);
report += String.Format("Traffic file saved at '{0}'\r\n", filePath);
}
else
{
report += "Nothing recorded.";
}
}
}
else
{
return(GetResponse(400, "Bad Request", "Invalid 'port' parameter."));
}
return(GetResponse(200, "OK", "Proxy stopped. {0}", report));
}