private void GetResponseHeaders() { try { HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(txtURL.Text); myRequest.Method = "GET"; HttpWebResponse myResponse = (HttpWebResponse)myRequest.GetResponse(); WebHeaderCollection myHeaders = myResponse.Headers; txtReport.Text = "Adres: " + txtURL.Text; txtReport.AppendText(Environment.NewLine); txtReport.AppendText(Environment.NewLine); txtReport.AppendText("Title Information:"); txtReport.AppendText(Environment.NewLine); __HTTTPAttack_ a = new __HTTTPAttack_(txtURL.Text); a.LoadFromSettings(false); a.SendRequest(); txtReport.AppendText(a.ReturnResponseHeaders()); this.DocumentText = a.DocumentText; this.addAttack(a); progressBar1.Value += 100; } catch { this.SetNotfictaion("URL incorrect or unreachable"); } }
private void btnProceed_Click(object sender, EventArgs e) { string inj = ""; __HTTTPAttack_ h = new __HTTTPAttack_(); if (checkBoxGet.Checked) { h.ParameterizeGET(textBox1.Text); foreach (StrBool s in this.Get_Pars) { if (s.statue_) { h.AddGetparameter(s.string_, s.string_ + inj); } } h.GET_XSSER(); MessageBox.Show(h.GetXsserSummary()); if (h.Succeeded) { this.setNotification("Succeeeded"); } } else { // post } }
public FrmAttacks(List <__HTTTPAttack_> AttaksListp, string id = "", int im = -1) { int selind = -1; InitializeComponent(); __Attacks_List.Clear(); foreach (__HTTTPAttack_ h in AttaksListp) { __Attacks_List.Add(__HTTTPAttack_.Copy(h)); } /// setting up grid SetUpGrid(); SetGridSize(); dataGridView1.Rows.Clear(); FillGrid(this.__Attacks_List); int AskedIndex = GetIndexOfAttack(id); if (id == "") { selind = im; } if (__Attacks_List.Count > 0) { __Selected_Attack = __HTTTPAttack_.Copy(__Attacks_List[0]); LoadDetailsOfCurrentAttack(); } SelectThisIndex(-1); txbxSearchReQuest_TextChanged(null, null); txbxSearchResponse_TextChanged(null, null); }
internal void AddNewRecord(__HTTTPAttack_ h) { this.__Attacks_List.Add(__HTTTPAttack_.Copy(h)); if (this.GridHasSetUp == false) { this.SetUpGrid(); } dataGridView1.Rows.Add(dataGridView1.Rows.Count + 1, h._Url, h.statueCode, h._Method, h.infected, h.Id, h.owner); }
private void _____ATTACK___(AttackDetails _Atk_details, ref Label L_statue, ref Label L_code, ref LinkLabel L_source, ref Label hint, string attacker = "") { Notify(_Atk_details.Target + " Attacking "); L_statue.Text = L_code.Text = "..."; __HTTTPAttack_ at = new __HTTTPAttack_(); at.Payload = _Atk_details.Payload; at._Url = _Atk_details.URL; at.SetTargetHeader(_Atk_details.Target); at.Attack_Current_Header(); at.owner = _Atk_details.Owner; if (at.Succeeded) { if (at.IsCurrentHeaderVulnerable()) { L_statue.Text = "Vulnerable " + Payloads.Percent(at.Payload); } else { L_statue.Text = "Not Vulnerable"; } } else { L_statue.Text = "Error "; } L_code.Text = at.statueCode; AddAttackToList(at); L_code.Visible = true; switch (attacker.ToLower().Trim()) { case "cus": __CustomAttack = __HTTTPAttack_.Copy(at); break; case "xf": case "x-forwarded-for": __XfrwrdAttack = __HTTTPAttack_.Copy(at); break; case "c*k": case "cookie": __CookieAttack = __HTTTPAttack_.Copy(at); break; case "ua": case "useragent": case "user-agent": __UserAgentAttack = __HTTTPAttack_.Copy(at); break; case "ref": case "referer": __RefererAttack = __HTTTPAttack_.Copy(at); break; case "mul": case "multi": __MultidAttack = __HTTTPAttack_.Copy(at); break; } hint.Text = at.Message; hint.Visible = true; this.Notify(at.Summary(), 3000); }
bool loadOriginalDocument() { __HTTTPAttack_ h = new __HTTTPAttack_(textBox1.Text); h.LoadFromSettings(false); h.SendRequest(); this.rtxbx_document.Text = this.Original_document.Document = h.DocumentText; ScriptAnalysiz a = AnalyzlDocument(rtxbx_document.Text); return(h.Succeeded); }
private void dataGridView1_SelectionChanged(object sender, EventArgs e) { try { if (dataGridView1.CurrentCell.RowIndex < 0) { return; } __Selected_Attack = __HTTTPAttack_.Copy(__Attacks_List[dataGridView1.CurrentCell.RowIndex]); LoadDetailsOfCurrentAttack(); } catch { } }
private void _____ATTACK___(AttackDetails _Atk_details, ref Label L_statue, ref Label L_code, ref LinkLabel L_source, ref Label hint, string attacker = "") { Notify(_Atk_details.Target + " Attacking ", Color.Yellow); L_statue.Text = L_code.Text = "..."; __HTTTPAttack_ at = new __HTTTPAttack_(); at.Payload = _Atk_details.Payload; at._Url = _Atk_details.URL; at.SetTargetHeader(_Atk_details.Target); at.Attack_Current_Header(); if (at.IsCurrentHeaderVulnerable()) { L_statue.Text = "Vulnerable"; } else { L_statue.Text = "Not Vulnerable"; } L_code.Text = at.statueCode; _AtacksList_.Add(L_source.Name + _AtacksList_.Count.ToString(), at); switch (attacker.ToLower().Trim()) { case "cus": __CustomAttack = __HTTTPAttack_.Copy(at); break; case "xf": case "x-forwarded-for": __XfrwrdAttack = __HTTTPAttack_.Copy(at); break; case "c*k": case "cookie": __CookieAttack = __HTTTPAttack_.Copy(at); break; case "ua": case "useragent": case "user-agent": __UserAgentAttack = __HTTTPAttack_.Copy(at); break; case "ref": case "referer": __RefererAttack = __HTTTPAttack_.Copy(at); break; case "mul": case "multi": __MultidAttack = __HTTTPAttack_.Copy(at); break; } hint.Text = at.Message; hint.Visible = true; }
private void LoadRequest(__HTTTPAttack_ a) { this.atk = __HTTTPAttack_.Copy(a); RtxbxRequest.Text = atk.GetMethod() + atk._Url.GetPage() + " /HTTP/1.1" + Environment.NewLine; RtxbxRequest.Text += "User-Agent:" + atk._UserAgentString + Environment.NewLine; if (a._Url.Trim() != "") { RtxbxRequest.Text += "Host:" + atk._Url.GetHost() + Environment.NewLine; } foreach (KeyValuePair <string, string> h in atk.Request_Headers) { if (h.Key.ToLower().Trim() != "user-agent") { RtxbxRequest.Text += (h.Key + ": " + h.Value + Environment.NewLine); } } }
private void SendRequest() { __HTTTPAttack_ a = new __HTTTPAttack_(); a.SetFromHoleRequest(RtxbxRequest.Lines); a._Url = this.HostAndPort.GetUrl(); a.TimeOut = HostAndPort.TimeOut; a.SendRequest(); Thread.Sleep(100); if (a.Succeeded) { rtxbx_response.Text = a.ReturnHoleResponse(); this.DocumentText = a.DocumentText; a.owner = "Repeater"; ((FormMain)this.Owner).AddNewAttack(a); } this.SetNotification(a.Message); }
public void LoadRepeaterTab(__HTTTPAttack_ h, bool navigate = false) { if (IsOpenedBefore(TabPageType.repeater, h.Id)) { flashTabpage(h.Id); int broth = BrotherIndex(TabPageType.repeater); return; } TabPage tp = new TabPage(); tp.Text = "Repeater"; tp.ToolTipText = TabPageType.repeater.ToString(); tp.Name = h.Id; Panel cont = new Panel(); cont.Dock = DockStyle.Fill; tabControl1.TabPages.Add(tp); int selind = tabControl1.TabCount - 1; //FrmRepeater_Object FrmRepeater FrmRepeater_Object = new FrmRepeater(h); FrmRepeater_Object.Owner = this; this.IsMdiContainer = true; FrmRepeater_Object.TopLevel = false; this.tabControl1.TabPages[selind].Controls.Clear(); this.tabControl1.TabPages[selind].Controls.Add(cont); this.tabControl1.TabPages[selind].Controls[0].Controls.Add(FrmRepeater_Object); FrmRepeater_Object.FormBorderStyle = System.Windows.Forms.FormBorderStyle.None; FrmRepeater_Object.Dock = DockStyle.Fill; FrmRepeater_Object.Show(); if (navigate) { tabControl1.SelectedIndex = selind; } }
internal void AddNewAttack(__HTTTPAttack_ at) { _Atacks_List_.Add(__HTTTPAttack_.Copy(at)); requestsToolStripMenuItem.Enabled = _Atacks_List_.Count > 0; this.__Attacks_Frm_Obj.AddNewRecord(at); }
void ProcessClient(object state) { client = (TcpClient)state; var buffer = new byte[1024]; var clientData = new StringBuilder(); var isRequestCompleted = false; using (var stream = client.GetStream()) { // Loop to receive all the data sent by the client. int bytesRead = 0; do { // read the data try { bytesRead = stream.Read(buffer, 0, buffer.Length); if (bytesRead > 0) { // Translate data bytes to an ASCII string and append clientData.Append( Encoding.ASCII.GetString(buffer, 0, bytesRead)); } } catch (IOException ioe) { // read timed out, all data has been retrieved Console.WriteLine("Read timed out: {0}", ioe.ToString()); bytesRead = 0; } isRequestCompleted = buffer.Contains((byte)10); }while (bytesRead == buffer.Length || !isRequestCompleted); frm_obj.Notify("Client says: " + clientData.ToString()); string st = /*"HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\n" +*/ clientData.ToString(); long id = Extender.CurrentStamp(); // Send back a response. //var request = Encoding.ASCII.GetBytes(st); //stream.Write(request, 0, request.Length); frm_obj.AddRequest(st, id); while (true) { if (frm_obj.IsBusyNow()) { Thread.Sleep(1000); } RequestStatue r = frm_obj.GetStatue(id); if (r == RequestStatue.Pass || r == RequestStatue.InterceptResponse) { st = frm_obj.GetRequest(); __HTTTPAttack_ h = new __HTTTPAttack_(); h.SetFromHoleRequest(st.Split(new char[] { '\n' }), true); frm_obj.SaveAttack(h); string resp = h.DocumentText; if (r == RequestStatue.Pass) { frm_obj.setCurrentInterceptedResponse(resp); while (true) { if (frm_obj.proceed_Response_Interception()) { break; } resp = frm_obj.Return_Intercepted_response(); Thread.Sleep(2000); } } var request = Encoding.ASCII.GetBytes(resp); stream.Write(request, 0, request.Length); frm_obj.Proceed(); return; } else if (r == RequestStatue.Wait) { Thread.Sleep(1000); } else { string resp = "<body><div id=\"container\"><div class=\"title\"><h2>Web_Gunners Professional</h2></div><h3>Error</h3><p>Request was dropped by user.</p><p> </p></div></body>"; var request = Encoding.ASCII.GetBytes(resp); stream.Write(request, 0, request.Length); frm_obj.Proceed(); // frm_obj.WriteLine("Rejected"); return; } } // File.WriteAllText(Application.StartupPath + "\\prox", st); } }
internal void SaveAttack(__HTTTPAttack_ h) { }
public void CallRepeater(__HTTTPAttack_ atk) { Forms.Tools.FrmRepeater FormRepeater = new Forms.Tools.FrmRepeater(atk); FormRepeater.Show(); }
private void AddAttackToList(__HTTTPAttack_ at) { ((FormMain)this.Owner).AddNewAttack(at); }
private void button1_Click(object sender, EventArgs e) { AttackDetails _Atk_details = new AttackDetails(); _Atk_details.LoadFromSettings(); _Atk_details.Owner = "Reflector"; _Atk_details.Payload = GetPayload(); Notify(""); Thread.Sleep(100); // allow user to customize Attack if (checkBox_Adv.Checked) { FrmAttackPrefix a = new FrmAttackPrefix(_Atk_details); if (a.ShowDialog() == DialogResult.OK) { _Atk_details = a.Curent_atack_Dtals; } else { return; } } _Atk_details.URL = TxbxUrl.Text; if (Rb_Multi.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.string_); } __HTTTPAttack_ at = new __HTTTPAttack_(); at.Payload = _Atk_details.Payload; at._Url = _Atk_details.URL; at.SetTargetedHeaders(this.multi_headers); at.owner = _Atk_details.Owner; lbl_all_statue.Text = at.Attack_All_Headers()?("Vulnerable" + Payloads.Percent(at.Payload)):"Not vulnerable"; if (at.HasError) { lbl_all_statue.Text = "Error " + at.Message; } lbl_all_code.Text = at.statueCode; lbl_hint_all.Text = at.Message; lbl_hint_all.Visible = true; AddAttackToList(at); __MultidAttack = __HTTTPAttack_.Copy(at); this.Notify(at.Summary(), 3000); } else if (RB_X_Forwarded_For.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.ip); } _Atk_details.Target = "X-Forwarded-For"; _____ATTACK___(_Atk_details, ref lbl_XforwardedFor_statue, ref lbl_Xforwarded_Code, ref _lnklbl_XForwardedFor_Details, ref lbl_hint_xf, "xf"); // // } else if (RB_Referer.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.url); } _Atk_details.Target = "Referer"; _____ATTACK___(_Atk_details, ref lbl_Referer_Statue, ref lbl_Referer_code, ref _lnklbl_Referer_Details, ref lbl_hint_referer, "ref"); // // } else if (RBCookie.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.cookie); } _Atk_details.Target = "cookie"; _____ATTACK___(_Atk_details, ref lbl_Cookie_statue, ref lbl_Cookie_code, ref _lnklbl_Cookie_Details, ref lbl_hint_cookie, "c*k"); // // } else if (rbUserAgent.Checked) // user agent { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.string_); } _Atk_details.Target = "User-Agent"; _____ATTACK___(_Atk_details, ref lbl_useragent_statue, ref lbl_useragent_code, ref _lnklbl_useragent_Details, ref lbl_hint_agent, "ua"); // // } else if (rbCust.Checked) // cutome header { _Atk_details.Target = rbCust.Text; if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GuessPayload(_Atk_details.Target); } _____ATTACK___(_Atk_details, ref lbl_cust_statue, ref lbl_cust_code, ref _lnklbl_custom_Details, ref lbl_hint_Cust, "cus"); // // } Thread.Sleep(1000); CheckAttacksDetails(); }
private void addAttack(__HTTTPAttack_ a) { ((FormMain)this.Owner).AddNewAttack(a); }
public FrmRepeater(__HTTTPAttack_ atk) { InitializeComponent(); LoadRequest(atk); lblHost.Text = atk.GetURI(); }
private void button1_Click(object sender, EventArgs e) { //MessageBox.Show("You havve downloaded the up to dated version :( it is under developing"); AttackDetails _Atk_details = new AttackDetails(); _Atk_details.LoadFromSettings(); // cookie ___user-agent ___auth foreach (Control cint in GPXResult.Controls) { if (cint is RadioButton) { if ((cint as RadioButton).Checked && Rb_Multi.Checked == false) { _Atk_details.Payload = Payloads.GuessPayload((cint as RadioButton).Text); } } } // editing attack details before launching if (checkBox_Adv.Checked) { FrmAttackPrefix a = new FrmAttackPrefix(_Atk_details); if (a.ShowDialog() == DialogResult.OK) { _Atk_details = a.Curent_atack_Dtals; } } _Atk_details.URL = TxbxUrl.Text; Thread.Sleep(100); if (Rb_Multi.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.string_); } __HTTTPAttack_ at = new __HTTTPAttack_(); at.Payload = _Atk_details.Payload; at._Url = _Atk_details.URL; at.SetTargetedHeaders(this.multi_headers); lbl_all_statue.Text = at.Attack_All_Headers()?("Vulnerable="):"Not vulnerable"; lbl_all_code.Text = at.statueCode; lbl_hint_all.Text = at.Message; lbl_hint_all.Visible = true; _AtacksList_.Add(lnklbl_all_Details.Name + this._AtacksList_.Count.ToString(), at); __MultidAttack = __HTTTPAttack_.Copy(at); } else if (RB_X_Forwarded_For.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.ip); } _Atk_details.Target = "X-Forwarded-For"; _____ATTACK___(_Atk_details, ref lbl_XforwardedFor_statue, ref lbl_Xforwarded_Code, ref lnklbl_XForwardedFor_Details, ref lbl_hint_xf, "xf"); // // } else if (RB_Referer.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.url); } _Atk_details.Target = "Referer"; _____ATTACK___(_Atk_details, ref lbl_Referer_Statue, ref lbl_Referer_code, ref lnklblReferer_Details, ref lbl_hint_referer, "ref"); // // } else if (RBCookie.Checked) { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.cookie); } _Atk_details.Target = "cookie"; _____ATTACK___(_Atk_details, ref lbl_Cookie_statue, ref lbl_Cookie_code, ref lnklblCookie_Details, ref lbl_hint_cookie, "c*k"); // // } else if (rbUserAgent.Checked) // user agent { if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GetPayload(Payload_.string_); } _Atk_details.Target = "User-Agent"; _____ATTACK___(_Atk_details, ref lbl_useragent_statue, ref lbl_useragent_code, ref lnklbluseragent_Details, ref lbl_hint_agent, "ua"); // // } else if (rbCust.Checked) // cutome header { _Atk_details.Target = rbCust.Text; if (_Atk_details.UseAdvInjection == false || _Atk_details.Payload == "") { _Atk_details.Payload = Payloads.GuessPayload(_Atk_details.Target); } _____ATTACK___(_Atk_details, ref lbl_cust_statue, ref lbl_cust_code, ref lnklbl_custom_Details, ref lbl_hint_Ref, "cus"); // // } Thread.Sleep(1000); Notify("Ready", notflbl.ForeColor); }