internal void AbsorbInjectionString(string InjectionString) { string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries); if(InjectionStringsArray.Length != 5) { throw new Exception("Invalid Injection String"); } this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Replace("Url:","")); this.QueryInjections = GetParametersFromInjectionString(InjectionStringsArray[1].Replace("Query:", "")); if (this.BodyFormat.Name.Length == 0) { this.BodyInjections = GetParametersFromInjectionString(InjectionStringsArray[2].Replace("Body:", "")); } else { this.AbsorbFormatBodyParametersFromInjectionString(InjectionStringsArray[2].Replace("Body:", "")); } this.CookieInjections = GetParametersFromInjectionString(InjectionStringsArray[3].Replace("Cookie:", "")); this.HeadersInjections = GetParametersFromInjectionString(InjectionStringsArray[4].Replace("Headers:", "")); }
void AbsorbFormatBodyParametersFromInjectionString(string InjectionString) { InjectionParameters InjectionParameters = new InjectionParameters(); string[] Parameters = InjectionString.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); this.BodyXmlInjectionParameters = new Parameters(); this.BodyXmlInjections.Clear(); int i = 0; foreach (string Parameter in Parameters) { string[] ParameterParts = Parameter.Split(new string[] { ":" }, StringSplitOptions.RemoveEmptyEntries); if (ParameterParts.Length != 2) throw new Exception("Invalid Injection String"); string[] SecondParameterParts = ParameterParts[1].Split(new string[] { "-" }, StringSplitOptions.RemoveEmptyEntries); if (SecondParameterParts.Length < 1 || SecondParameterParts.Length > 2) throw new Exception("Invalid Injection String"); try { string Value = ""; if (SecondParameterParts.Length == 2) Value = SecondParameterParts[0]; string InjectionState = ""; if (SecondParameterParts.Length == 2) InjectionState = SecondParameterParts[1]; else InjectionState = SecondParameterParts[0]; this.BodyXmlInjectionParameters.Add(Encoding.UTF8.GetString(Convert.FromBase64String(ParameterParts[0])), Encoding.UTF8.GetString(Convert.FromBase64String(Value))); if (InjectionState.Equals("1")) this.BodyXmlInjections.Add(i); } catch { throw new Exception("Invalid Injection String"); } i++; } }
void ResetInjectionParameters() { this.URLInjections = new List<int>(); this.QueryInjections = new InjectionParameters(); this.BodyInjections = new InjectionParameters(); this.BodyXmlInjections = new List<int>(); this.CookieInjections = new InjectionParameters(); this.HeadersInjections = new InjectionParameters(); }
static InjectionParameters GetParametersFromInjectionString(string InjectionString) { InjectionParameters InjectionParameters = new InjectionParameters(); string[] Parameters = InjectionString.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); foreach(string Parameter in Parameters) { string[] ParameterParts = Parameter.Split(new string[]{"="}, StringSplitOptions.RemoveEmptyEntries); if (ParameterParts.Length != 2) throw new Exception("Invalid Injection String"); string[] SubParameterPositions = ParameterParts[1].Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries); foreach (string SubParameterPosition in SubParameterPositions) { try { InjectionParameters.Add(ParameterParts[0], Int32.Parse(SubParameterPosition)); } catch { throw new Exception("Invalid Injection String"); } } } return InjectionParameters; }
static string GetStringFromInjectionParameters(InjectionParameters InjectionParameters) { StringBuilder IS = new StringBuilder(); foreach (string Name in InjectionParameters.GetAll()) { IS.Append(Name); IS.Append("="); foreach (int i in InjectionParameters.GetAll(Name)) { IS.Append(i.ToString()); IS.Append(","); } IS.Append(";"); } return IS.ToString(); }
public void InjectBody(string StartMarker, string EndMarker) { if (StartMarker.Length == 0) { throw new Exception("Start Marker cannot be empty"); } if (EndMarker.Length == 0) { throw new Exception("End Marker cannot be empty"); } if (StartMarker.Equals(EndMarker)) { throw new Exception("Start Marker and End Marker cannot be the same"); } this.CustomInjectionPointStartMarker = StartMarker; this.CustomInjectionPointEndMarker = EndMarker; this.BodyFormat = new FormatPlugin(); this.BodyXmlInjectionParameters = new Parameters(); this.BodyXmlInjections = new List<int>(); this.BodyInjections = new InjectionParameters(); }
public void InjectBody(int XmlInjectionPoint) { if (this.BodyFormat.Name.Length == 0) { throw new Exception("Format Plugin Not Selected"); } if (this.BodyXmlInjectionParameters.Count == 0) { DeserializeRequestBodyWithFormatPlugin(); //string Xml = BodyFormat.ToXmlFromRequest(this.OriginalRequest); //InjectionArrayXML = Xml; //XmlInjectionArray = FormatPlugin.XmlToArray(Xml); //XmlInjectionSignature = Tools.MD5("Name:" + BodyFormat.Name + "|Body" + this.OriginalRequest.BodyString); //for (int i = 0; i < XmlInjectionArray.GetLength(0); i++) //{ // this.BodyXmlInjectionParameters.Add(XmlInjectionArray[i, 0], XmlInjectionArray[i, 1]); //} } //if (this.BodyXmlInjectionParameters.Count == 0 || !XmlInjectionSignature.Equals(Tools.MD5("Name:" + BodyFormat.Name + "|Body" + this.OriginalRequest.BodyString))) if (BodyXmlInjectionParameters.Count == 0) throw new Exception("No parameters to Inject"); //if (!XmlInjectionSignature.Equals(Tools.MD5("Name:" + BodyFormat.Name + "|Body:" + this.OriginalRequest.BodyString))) //{ // string Xml = BodyFormat.ToXmlFromRequest(this.OriginalRequest); // XmlInjectionArray = FormatPlugin.XmlToArray(Xml); // for (int i = 0; i < XmlInjectionArray.GetLength(0); i++) // { // this.BodyXmlInjectionParameters.Add(XmlInjectionArray[i, 0], XmlInjectionArray[i, 1]); // } //} if (XmlInjectionPoint >= BodyXmlInjectionParameters.Count) throw new Exception("Injection point is outside the list of available values"); if (!this.BodyXmlInjections.Contains(XmlInjectionPoint)) this.BodyXmlInjections.Add(XmlInjectionPoint); this.CustomInjectionPointStartMarker = ""; this.CustomInjectionPointEndMarker = ""; this.BodyInjections = new InjectionParameters(); }
static string GetStringFromInjectionParameters(InjectionParameters InjectionParameters) { StringBuilder IS = new StringBuilder(); foreach (string Name in InjectionParameters.GetAll()) { //IS.Append(Name); IS.Append("="); - old format IS.Append(Tools.Base64Encode(Name)); IS.Append("-"); foreach (int i in InjectionParameters.GetAll(Name)) { IS.Append(i.ToString()); IS.Append(","); } IS.Append(";"); } return IS.ToString(); }
internal void AbsorbOldFormatInjectionString(string InjectionString) { string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries); if(InjectionStringsArray.Length != 5) { throw new Exception("Invalid Injection String"); } this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Substring(4));//Remove 'Url:' this.QueryInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[1].Substring(6));//Remove 'Query:' if (this.BodyFormat.Name.Length == 0) { this.BodyInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[2].Substring(5));//Remove 'Body:' } else { this.AbsorbFormatBodyParametersFromInjectionString(InjectionStringsArray[2].Substring(5));//Remove 'Body:' } this.CookieInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[3].Substring(7));//Remove 'Cookie:' this.HeadersInjections = GetParametersFromOldFormatInjectionString(InjectionStringsArray[4].Substring(8));//Remove 'Headers:' }
internal void AbsorbNewFormatInjectionString(string InjectionString) { string[] InjectionStringsArray = InjectionString.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries); if (InjectionStringsArray.Length != 6) { throw new Exception("Invalid Injection String"); } this.URLInjections = GetListFromInjectionString(InjectionStringsArray[0].Substring(4));//Remove 'Url|' this.QueryInjections = GetParametersFromInjectionString(InjectionStringsArray[1].Substring(6));//Remove 'Query|' string BodyInjectionStringPart = InjectionStringsArray[2].Substring(5); if (BodyInjectionStringPart.StartsWith("CustomMarker|"))//Remove 'Body|' { string[] CustomMarkers = GetCustomMarkersFromInjectionString(BodyInjectionStringPart.Substring(13));//Remove 'CustomMarker|' this.CustomInjectionPointStartMarker = CustomMarkers[0]; this.CustomInjectionPointEndMarker = CustomMarkers[1]; } else if (BodyInjectionStringPart.StartsWith("FormatPlugin|")) { this.AbsorbFormatBodyParametersFromInjectionString(BodyInjectionStringPart.Substring(13));//Remove 'FormatPlugin|' } else { this.BodyInjections = GetParametersFromInjectionString(BodyInjectionStringPart.Substring(7));//Remove 'Normal|' } this.CookieInjections = GetParametersFromInjectionString(InjectionStringsArray[3].Substring(7));//Remove 'Cookie|' this.HeadersInjections = GetParametersFromInjectionString(InjectionStringsArray[4].Substring(8));//Remove 'Headers|' this.ParameterNameInjections = GetParametersFromInjectionString(InjectionStringsArray[5].Substring(6));//Remove 'Names|' }