public static List <Request> FromScanLog()
{
List <Request> Requests = new List <Request>();
List <Session> Sessions = Session.FromScanLog();
foreach (Session Sess in Sessions)
{
if (Sess.Request != null)
{
Requests.Add(Sess.Request);
}
}
return(Requests);
}
internal void Analyze(List <string> Payloads, List <int> LogIds, List <int> RoundtripTimes, string ScannedSection)
{
if (Payloads.Count == 0 || LogIds.Count == 0 || Payloads.Count != LogIds.Count)
{
return;
}
CompileKeywordsRegex();
this.BaseLinePayload = Payloads[0];
this.BaseLineRoundtripTime = RoundtripTimes[0];
try
{
this.BaseLineSession = Session.FromScanLog(LogIds[0]);
this.BaseLineLogId = this.BaseLineSession.LogId;
}
catch (Exception Exp)
{
IronException.Report("Unable to Load from Scan Log", Exp);
}
this.Payloads.Clear();
this.Logs.Clear();
for (int i = 1; i < Payloads.Count; i++)
{
this.Payloads.Add(Payloads[i]);
this.RoundtripTimes.Add(RoundtripTimes[i]);
try
{
this.Logs.Add(Session.FromScanLog(LogIds[i]));
}
catch (Exception Exp)
{
IronException.Report("Unable to Load from Scan Log", Exp);
}
AnalyzePayloadBehaviour(i - 1);
}
this.ResultsXml = BehaviourAnalysisResult.ToXml(this.Results);
DoOverallComparitiveAnalysis();
}
static Session GetLog(RequestSource Source, int ID)
{
Session IrSe = null;
switch (Source)
{
case RequestSource.Proxy:
IrSe = Session.FromProxyLog(ID);
break;
case RequestSource.Scan:
IrSe = Session.FromScanLog(ID);
break;
case RequestSource.Shell:
IrSe = Session.FromShellLog(ID);
break;
case RequestSource.Test:
IrSe = Session.FromTestLog(ID);
break;
case RequestSource.Probe:
IrSe = Session.FromProbeLog(ID);
break;
case RequestSource.Trigger:
Trigger SelectedTrigger = PluginResult.CurrentPluginResult.Triggers.GetTrigger(ID - 1);
if (SelectedTrigger.Request != null)
{
if (SelectedTrigger.Response == null)
{
IrSe = new Session(SelectedTrigger.Request);
}
else
{
IrSe = new Session(SelectedTrigger.Request, SelectedTrigger.Response);
}
}
break;
case RequestSource.TestGroup:
if (ManualTesting.RedGroupSessions.ContainsKey(ID))
{
return(ManualTesting.RedGroupSessions[ID].GetClone());
}
if (ManualTesting.BlueGroupSessions.ContainsKey(ID))
{
return(ManualTesting.BlueGroupSessions[ID].GetClone());
}
if (ManualTesting.GreenGroupSessions.ContainsKey(ID))
{
return(ManualTesting.GreenGroupSessions[ID].GetClone());
}
if (ManualTesting.GrayGroupSessions.ContainsKey(ID))
{
return(ManualTesting.GrayGroupSessions[ID].GetClone());
}
if (ManualTesting.BrownGroupSessions.ContainsKey(ID))
{
return(ManualTesting.BrownGroupSessions[ID].GetClone());
}
break;
case RequestSource.SelectedLogEntry:
return(IronLog.CurrentSession.GetClone());
case RequestSource.CurrentProxyInterception:
return(IronProxy.CurrentSession.GetClone());
}
return(IrSe);
}
public static Request FromScanLog(int ID)
{
Session IrSe = Session.FromScanLog(ID);
return(IrSe.Request);
}
void ShowSelectedLog(object SelectedLogInfoObject)
{
int LogId = (int)SelectedLogInfoObject;
bool EnableBtn = false;
string ScriptCode = "";
try
{
Session Session = Session.FromScanLog(LogId);
if (BaselineSession == null && BaselineLogId > 0)
{
BaselineSession = Session.FromScanLog(BaselineLogId);
}
StringBuilder SB = new StringBuilder("<i<br>>To access the selected Request in the IronWASP Scripting shell for fuzzing or testing use the following code:<i<br>>");
SB.Append(string.Format("<i<br>><i<hh>>Python:<i</hh>><i<br>>req = <i<cg>>Request<i</cg>>.<i<cb>>FromScanLog<i</cb>>({0})", LogId));
SB.Append(string.Format("<i<br>><i<br>><i<hh>>Ruby:<i</hh>><i<br>>req = <i<cg>>Request<i</cg>>.<i<cb>>from_scan_log<i</cb>>({0})", LogId));
ScriptCode = SB.ToString();
SB = new StringBuilder(@"{\rtf1{\colortbl ;\red0\green77\blue187;\red247\green150\blue70;\red255\green0\blue0;\red0\green200\blue50;\red255\green255\blue255;}");
SB.Append(Tools.RtfSafe(ScriptCode));
ScriptCode = SB.ToString();
ScriptCode = ScriptCode.Replace(" . ", ".").Replace(" (", "(").Replace("Request ", "Request").Replace(" From", "From").Replace(" from", "from").Replace("Log ", "Log").Replace("log ", "log");
string RequestStr = "";
string ResponseStr = "";
string BaselineRequestStr = "";
string BaselineResponseStr = "";
if (Session.Request != null)
{
RequestStr = Session.Request.ToString();
RequestView.SetRequest(Session.Request);
EnableBtn = true;
if (Session.Response != null)
{
ResponseStr = Session.Response.ToString();
ResponseView.SetResponse(Session.Response, Session.Request);
}
}
if (BaselineSession != null)
{
if (BaselineSession.Request != null)
{
BaselineRequestStr = BaselineSession.Request.ToString();
if (BaselineSession.Response != null)
{
BaselineResponseStr = BaselineSession.Response.ToString();
}
}
}
string[] RequestSidebySideResults = DiffWindow.DoSideBySideDiff(BaselineRequestStr, RequestStr);
string[] ResponseSidebySideResults = DiffWindow.DoSideBySideDiff(BaselineResponseStr, ResponseStr);
string RequestSinglePageResults = DiffWindow.DoSinglePageDiff(BaselineRequestStr, RequestStr);
string ResponseSinglePageResults = DiffWindow.DoSinglePageDiff(BaselineResponseStr, ResponseStr);
RequestDRV.ShowDiffResults(RequestSinglePageResults, RequestSidebySideResults[0], RequestSidebySideResults[1]);
ResponseDRV.ShowDiffResults(ResponseSinglePageResults, ResponseSidebySideResults[0], ResponseSidebySideResults[1]);
}
catch (ThreadAbortException) { }
catch (Exception Exp) { IronException.Report("Error loading Selected Log info in Scan Trace Viewer", Exp); }
finally
{
EndLogLoad(EnableBtn, ScriptCode);
}
}
internal static Session GetLog(string Source, int ID)
{
Session IrSe = null;
switch (Source)
{
case RequestSource.Proxy:
IrSe = Session.FromProxyLog(ID);
break;
case RequestSource.Scan:
IrSe = Session.FromScanLog(ID);
break;
case RequestSource.Shell:
IrSe = Session.FromShellLog(ID);
break;
case RequestSource.Test:
IrSe = Session.FromTestLog(ID);
break;
case RequestSource.Probe:
IrSe = Session.FromProbeLog(ID);
break;
case RequestSource.Trigger:
if (ID == 0)
{
IrSe = new Session(Finding.CurrentPluginResult.BaseRequest, Finding.CurrentPluginResult.BaseResponse);
}
else
{
Trigger SelectedTrigger = Finding.CurrentPluginResult.Triggers.GetTrigger(ID - 1);
if (SelectedTrigger.Request != null)
{
if (SelectedTrigger.Response == null)
{
IrSe = new Session(SelectedTrigger.Request);
}
else
{
IrSe = new Session(SelectedTrigger.Request, SelectedTrigger.Response);
}
}
}
break;
case RequestSource.TestGroup:
//if (ManualTesting.RedGroupSessions.ContainsKey(ID)) return ManualTesting.RedGroupSessions[ID].GetClone();
//if (ManualTesting.BlueGroupSessions.ContainsKey(ID)) return ManualTesting.BlueGroupSessions[ID].GetClone();
//if (ManualTesting.GreenGroupSessions.ContainsKey(ID)) return ManualTesting.GreenGroupSessions[ID].GetClone();
//if (ManualTesting.GrayGroupSessions.ContainsKey(ID)) return ManualTesting.GrayGroupSessions[ID].GetClone();
//if (ManualTesting.BrownGroupSessions.ContainsKey(ID)) return ManualTesting.BrownGroupSessions[ID].GetClone();
foreach (string Group in ManualTesting.GroupSessions.Keys)
{
if (ManualTesting.GroupSessions[Group].ContainsKey(ID))
{
return(ManualTesting.GroupSessions[Group][ID].GetClone());
}
}
break;
case RequestSource.SelectedLogEntry:
return(IronLog.CurrentSession.GetClone());
case RequestSource.CurrentProxyInterception:
return(IronProxy.CurrentSession.GetClone());
default:
IrSe = Session.FromLog(ID, Source);
break;
}
return(IrSe);
}