示例#1
0
        static void RunSelfTest()
        {
            ServiceLocator.Default.Register(Config);
            var selfTestExe = PathHelper.GetExecutingPath("PhpVH.SelfTest.exe");

            if (!File.Exists(selfTestExe))
            {
                ScannerCli.DisplayCriticalMessageAndExit("Could not find self test EXE {0}.", selfTestExe);
            }

            AppDomain.CurrentDomain.ExecuteAssembly(selfTestExe);
            //ServiceLocator.Default.Resolve<List<TestResult>>
        }
示例#2
0
        public void CheckVersion()
        {
            try
            {
                WriteProbe();

                var resp = RequestProbe();

                var isVersion = false;

                if (resp != null)
                {
                    isVersion = Regex.IsMatch(resp, @"^[0-9.]+$");
                }

                if (isVersion)
                {
                    Cli.WriteLine("PHP version ~Cyan~{0}~R~ detected", resp);

                    if (_knownVersions.Contains(resp))
                    {
                        Cli.WriteLine("~Green~Known PHP version~R~");
                    }
                    else
                    {
                        Cli.WriteLine("~Yellow~Unknown PHP version; PhpVH may not work properly on untested versions~R~");
                    }
                }
                else if (resp == null)
                {
                    if (ThrowOnFail)
                    {
                        throw new InvalidOperationException("No response from server");
                    }
                    else
                    {
                        ScannerCli.DisplayCriticalMessageAndExit("~Red~No response from server; exiting~R~");
                    }
                }
                else
                {
                    var maxRespLen = 60;

                    if (resp.Length > maxRespLen)
                    {
                        resp = resp.Remove(maxRespLen);
                    }

                    if (ThrowOnFail)
                    {
                        throw new InvalidOperationException(string.Format("PHP version check failed~R~\r\nProbe response: {0}", resp));
                    }

                    ScannerCli.DisplayCriticalMessageAndExit(
                        "~Red~PHP version check failed~R~\r\nProbe response: {0}\r\nThis error generally occurs when the webroot is not properly configured.",
                        maxRespLen);
                }
            }
            finally
            {
                DeleteProbe();
            }
        }
        public static ScanConfig Create(string[] args)
        {
            var config = new ScanConfig();

            int argIndex = 0;

            for (int i = 0; i < args.Length; i++)
            {
                if (args[i] == "-s")
                {
                    config.Server = args[i + 1];
                    i++;

                    foreach (var a in config.ScanPlugins)
                    {
                        a.Server = config.Server;
                    }
                }
                else if (args[i] == "-static")
                {
                    config.StaticOnly = true;
                }
                else if (args[i] == "-t")
                {
                    int timeout = 0;
                    if (args.Length == i + 1 ||
                        !int.TryParse(args[i + 1], out timeout))
                    {
                        ScannerCli.DisplayCriticalMessageAndExit("Error parsing timeout");
                    }
                    i++;
                    config.Timeout = timeout;
                }
                else if (args[i] == "-p")
                {
                    int port;
                    if (!int.TryParse(args[i + 1], out port))
                    {
                        ScannerCli.DisplayCriticalMessageAndExit("Error parsing port");
                    }
                    i++;
                    config.Port = port;
                }
                else if (args[i] == "-l")
                {
                    config.LauncherUsed = true;
                }
                else if (args[i] == "-n")
                {
                    config.Unhook = false;
                }
                else if (args[i] == "-v")
                {
                    config.RunViewer = true;
                }
                else if (args[i] == "-d")
                {
                    config.DiscoveryReport = true;
                }
                else if (args[i] == "-c")
                {
                    config.CodeCoverageReport = 1;
                }
                else if (args[i] == "-c2")
                {
                    config.CodeCoverageReport = 2;
                }
                else if (args[i] == "-dump")
                {
                    config.DumpMessages = true;
                }
                else if (args[i] == "-b")
                {
                    config.BeepOnAlert = true;
                }
                else if (args[i] == "-log")
                {
                    config.LogConsole = true;
                }
                else if (args[i] == "-test")
                {
                    config.TestMode = true;
                }
                else if (args[i] == "-r")
                {
                    config.Repair = true;
                }
                //else if (args[i] == "-h")
                //    config.HookSuperglobals = true;
                else if (args[i] == "-l")
                {
                    // Nothing
                }
                else if (args[i] == "-m")
                {
                    var modes = args[i + 1];

                    i++;

                    foreach (var c in modes)
                    {
                        ScanPluginBase scan = null;

                        switch (c.ToString().ToLower()[0])
                        {
                        case 'c':
                            scan = new CommandScanPlugin(config.Server);
                            break;

                        case 'l':
                            try
                            {
                                scan = new LocalFileInclusionScanPlugin(config.Server);
                            }
                            catch (UnauthorizedAccessException)
                            {
                                ScannerCli.DisplayCriticalMessageAndExit("Error writing LFI test file. Ensure that " +
                                                                         "PHP Vulnerability Hunter has administrative privileges.");
                            }
                            break;

                        case 'f':
                            scan = new FileScanPlugin(config.Server);
                            break;

                        case 'p':
                            scan = new ArbitraryPhpScanPlugin(config.Server);
                            break;

                        case 's':
                            scan = new SqlScanPlugin(config.Server);
                            break;

                        case 'd':
                            scan = new DynamicScanPlugin(config.Server);
                            break;

                        case 'x':
                            scan = new XssScanPlugin(config.Server);
                            break;

                        case 'i':
                            scan = new FullPathDisclosureScanPlugin(config.Server);
                            break;

                        case 'r':
                            scan = new OpenRedirectScanPlugin(config.Server);
                            break;
                        }

                        if (scan == null)
                        {
                            ScannerCli.DisplayCriticalMessageAndExit("Invalid scan mode: " + c);
                        }

                        config.ScanPlugins.Add(scan);
                    }
                }
                else
                {
                    switch (argIndex)
                    {
                    case 0:
                        config.WebRoot = args[i];

                        if (!Directory.Exists(config.WebRoot))
                        {
                            ScannerCli.DisplayError(string.Format("Could not find directory {0}",
                                                                  config.WebRoot));

                            Environment.Exit(5);
                        }

                        break;

                    case 1:
                        if (args[i] == "*")
                        {
                            var dir = new DirectoryInfo(config.WebRoot);
                            config.ApplicationPaths = dir.GetDirectories()
                                                      .Select(x => x.Name)
                                                      .ToArray();
                        }
                        else
                        {
                            config.ApplicationPaths = args[i].Split(',');
                        }
                        break;
                    }

                    argIndex++;
                }
            }

            if (argIndex != 2)
            {
                ScannerCli.DisplayCriticalMessageAndExit("Invalid argument count");
            }

            // Validate user input

            if (!Directory.Exists(config.WebRoot))
            {
                ScannerCli.DisplayCriticalMessageAndExit("Web root {0} not found.", config.WebRoot);
            }

            if (config.ScanPlugins.Count == 0 && !config.Repair)
            {
                LocalFileInclusionScanPlugin lfi = null;

                try
                {
                    lfi = new LocalFileInclusionScanPlugin(config.Server);
                }
                catch (UnauthorizedAccessException)
                {
                    ScannerCli.DisplayCriticalMessageAndExit("Error writing LFI test file. Ensure that " +
                                                             "PHP Vulnerability Hunter has administrative privileges.");
                }

                config._ScanPlugins = new List <ScanPluginBase>()
                {
                    new CommandScanPlugin(config.Server),
                    new FileScanPlugin(config.Server),
                    lfi,
                    new ArbitraryPhpScanPlugin(config.Server),
                    new DynamicScanPlugin(config.Server),
                    new SqlScanPlugin(config.Server),
                    new XssScanPlugin(config.Server),
                    new OpenRedirectScanPlugin(config.Server),
                    new FullPathDisclosureScanPlugin(config.Server),
                };
            }

            return(config);
        }