private void Begin_Click(object sender, EventArgs e) { if (Regex.IsMatch(requestInput.Text, "&&val&&", RegexOptions.IgnoreCase) || MessageBox.Show("Your request doesn't have a &&val&& replaced value in it. If you click yes you will send " + testValues.Items.Count + " of the same request to the server. Do you want to do that?", "No Replacement Value Found", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) == System.Windows.Forms.DialogResult.Yes) { //move this up here so we can use it later. ReqResPair newVal = new ReqResPair("", ""); List<ReqResPair> values = new List<ReqResPair>(); foreach (ReqResPair item in testValues.Items) { values.Add(item); } foreach (ReqResPair val in values) { newVal = new ReqResPair(val.Name, val.AttackString); //remove it so we can re-add it later testValues.Items.Remove(val); newVal.Host = hostName.Text; newVal.Proxy = proxyValue.Text; string attackStr = val.AttackString; if (URLEncodeAttack.Checked) attackStr = HttpUtility.UrlEncode(attackStr); newVal.Request = Regex.Replace(requestInput.Text, "&&val&&", attackStr, RegexOptions.IgnoreCase); newVal.Response = SendRequest(newVal.Host, newVal.Request, newVal.Proxy); newVal.Name = "Completed: " + newVal.AttackString; testValues.Items.Add(newVal); } tabControl2.SelectTab(1); fuzzedRequest.Text = newVal.Request; browser.DocumentText = newVal.Response; responseOutput.Text = newVal.Response; } }
private void saveReq_Click(object sender, EventArgs e) { ReqName rn = new ReqName(); if (rn.ShowDialog() == System.Windows.Forms.DialogResult.OK) { ReqResPair newRRP = new ReqResPair(rn.name, ""); if (rn.saveRequest) newRRP.Request = requestInput.Text; if (rn.saveResponse) newRRP.Response = responseOutput.Text; if (rn.saveURI) newRRP.Host = hostName.Text; if (rn.saveProxy) newRRP.Proxy = proxyValue.Text; testValues.Items.Insert(0, newRRP); } }
private ReqResPair ParseTestCase(string testCase) { ReqResPair item = new ReqResPair("", ""); string[] pieces = testCase.Split('|'); if (pieces.Length == 6) { item = new ReqResPair(Base64Decode(pieces[0]), Base64Decode(pieces[1])); item.Host = Base64Decode(pieces[2]); item.Proxy = Base64Decode(pieces[3]); item.Request = Base64Decode(pieces[4]); item.Response = Base64Decode(pieces[5]); } return item; }
private void manuallyAddTestCaseToolStripMenuItem_Click(object sender, EventArgs e) { AddTestCase atc = new AddTestCase(); if (atc.ShowDialog() == System.Windows.Forms.DialogResult.OK) { ReqResPair rrp = new ReqResPair(atc.Name, atc.Value); testValues.Items.Add(rrp); } }
private string GenerateTestCaseString(ReqResPair rrp) { string testCase = Base64Encode(rrp.Name) + "|" + Base64Encode(rrp.AttackString) + "|" + Base64Encode(rrp.Host) + "|" + Base64Encode(rrp.Proxy) + "|" + Base64Encode(rrp.Request) + "|" + Base64Encode(rrp.Response); return testCase; }
private ReqResPair CloneRRP(ReqResPair rrp) { ReqResPair newVal = new ReqResPair(rrp.Name, rrp.AttackString); //remove it so we can re-add it later testValues.Items.Remove(rrp); newVal.Host = rrp.Host; newVal.Proxy = rrp.Proxy; newVal.AttackString = rrp.AttackString; newVal.Request = rrp.Request; newVal.Response = rrp.Response; return newVal; }