internal static HttpWebRequest GenerateRequest(string uri, string content, string method, string login, string password, bool allowAutoRedirect)
{
if (uri == null)
{
throw new ArgumentNullException("uri");
}
// Create a request using a URL that can receive a post.
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Headers.Add("Cookie", "hello");
// Set the Method property of the request to POST.
request.Method = method;
//
Manage_Gen mg = new Manage_Gen(uri, method);
/*
* Gen gen = new Gen();
* gen.httprequest = request;
* request= mg.behavoiur_mutation(gen).httprequest;
*
* // string userag = "aaa' or 1/*";
* //request.UserAgent = userag;
*
* string userreferer = "http://www.yaboukur.com";
* request.Referer = userreferer;
*
* // Set cookie container to maintain cookies
*
* request.CookieContainer = cookies;
* // request.CookieContainer.Add(new Uri(uri), new Cookie("id", "1234\r ' or 1=1"));
* request.AllowAutoRedirect = allowAutoRedirect;
* // If login is empty use defaul credentials
* if (string.IsNullOrEmpty(login))
* {
* request.Credentials = CredentialCache.DefaultNetworkCredentials;
* }
* else
* {
* request.Credentials = new NetworkCredential(login, password);
* }
* if (method == "POST")
* {
* // Convert POST data to a byte array.
* byte[] byteArray = Encoding.UTF8.GetBytes(content);
* // Set the ContentType property of the WebRequest.
* request.ContentType = "application/x-www-form-urlencoded";
* // Set the ContentLength property of the WebRequest.
* request.ContentLength = byteArray.Length;
* // Get the request stream.
* Stream dataStream = request.GetRequestStream();
* // Write the data to the request stream.
* dataStream.Write(byteArray, 0, byteArray.Length);
* // Close the Stream object.
* dataStream.Close();
* }
*/
return(request);
}
/// <summary>
/// mutate inpute child by the way of way_of_mutation!
/// </summary>
/// <param name="children"></param>
/// <param name="way_of_mutation">index of mutation type: 1=behavoiur chang, 2=syntax repair, 3=obfuscation</param>
/// <returns>return mutated gen</returns>
public void Mutation(Manage_Gen mg)
{
// Gen mutated_gen = new Gen();
Random r = new Random(Guid.NewGuid().GetHashCode());
int random;
int rand_for_choose_to_be_behavoiur_or_not = 0;
rand_for_choose_to_be_behavoiur_or_not = r.Next(0, 1);
int mutation_approach;
for (int i = 0; i < n; i++)
{
random = r.Next(1, 11); //1-10
//30% percent of gens will be mutated (maybe 40%)
if (random <= 3) //60% just for test
{
//choose random mutation approach
if (rand_for_choose_to_be_behavoiur_or_not == 1)
{
mutation_approach = 1;
}
else
{
mutation_approach = r.Next(1, 4);//either syntax or obfuscation
}
switch (mutation_approach)
{
case 1: //behavoiur
mg.gen_pool[i] = behavoiur_mutation(mg.gen_pool[i]);
break;
case 2: //syntax
mg.gen_pool[i] = syntax_repairing(mg.gen_pool[i]);
break;
case 3: //obfuscation
mg.gen_pool[i] = obfuscation(mg.gen_pool[i]);
break;
}
}
// else
// mutated_gen = mg.gen_pool[i];//return gen without any mutation
}
//return mutated_gen;
}//end mutation func
public int[,] generate_testcase_by_genetic(int round, string uri, string method)
{
Manage_Gen mg = new Manage_Gen(uri, method);
//**********************************
ServicePointManager.UseNagleAlgorithm = true;
ServicePointManager.Expect100Continue = true;
ServicePointManager.CheckCertificateRevocationList = true;
// ServicePointManager.DefaultConnectionLimit = ServicePointManager.DefaultPersistentConnectionLimit;
ServicePointManager.DefaultConnectionLimit = 6000;//300 gen per 200 round of genetics
//**********************************
Gen[] children = new Gen[2];
int[] parent_index = new int[] { -1, -1 };
HttpWebResponse response;
int sqli = 0;
int Nsqli = 0;
int notset = 0;
int[,] statistic = new int[3, round];
//*****************************************
for (int i = 0; i < round; i++)
{
// for(int c=0;c<mg.n;c++)
mg.Mutation(mg);//mutate 30% of gens.
for (int k = 0; k < mg.n; k++)
{
// Console.WriteLine(k);
try
{
response = mg.GetResponse(mg.gen_pool[k].httprequest);
//******************
if (response.Headers.Get("Sqli") == null)
{
notset++;
}
else if (response.Headers.Get("Sqli") == "SQLi!")
{
sqli++;
}
else if (response.Headers.Get("Sqli") == "No SQLi!")
{
Nsqli++;
}
//******************
mg.gen_pool[k].suitability = mg.update_suitability(k, response);
}
catch (Exception e)
{
Console.WriteLine("exception accured during update suitability: " + e.ToString());
}
}
//************************************
Console.WriteLine("number of sqli" + sqli);
Console.WriteLine("number of Not sqli" + Nsqli);
Console.WriteLine("number of allal badal" + notset);
statistic[0, i] = sqli;
statistic[1, i] = Nsqli;
statistic[2, i] = notset;
sqli = Nsqli = notset = 0;
//*************************************
//Console.WriteLine("finish getting response");
//sort gen-pool by their suitability
for (int j = 0; j < mg.n / 2; j++)
{
// Console.WriteLine(j + "choose parent");
parent_index = mg.Choose_Parent();
// Console.WriteLine("p1: "+parent_index[0] + " p2: "+ parent_index[1]);
if (parent_index[0] == -1 || parent_index[1] == -1)
{
//something wrongs happened
Console.WriteLine("choose parent be ga raft");
}
else
{
// Console.WriteLine("before merge parents");
children = mg.Merg_parents(mg.gen_pool[parent_index[0]], mg.gen_pool[parent_index[1]]);
}
// Console.WriteLine("merginf successfully");
mg.update_gens(children);
}
}//end genetic rounds
for (int k = 0; k < mg.n; k++)
{
mg.fill_empty_header(mg.gen_pool[k]);
}
Console.WriteLine("******************************************");
for (int i = 0; i < mg.n; i++)
{
if (mg.gen_pool[i] == null)
{
Console.WriteLine("gen " + i + " : is empty");
}
else
{
Console.WriteLine("gen " + i + " : is ");
if (mg.gen_pool[i].mutated_header[0])
{
Console.WriteLine("referer : " + mg.gen_pool[i].httprequest.Referer);
}
if (mg.gen_pool[i].mutated_header[1])
{
Console.WriteLine("Cookie : " + mg.gen_pool[i].httprequest.Headers["Cookie"]);
}
if (mg.gen_pool[i].mutated_header[2])
{
Console.WriteLine("user-aganet : " + mg.gen_pool[i].httprequest.UserAgent);
}
}
}
Console.WriteLine("*********");
/*
* for (int i=0;i<mg.n;i++)
* {
* if(mg.gen_pool[i]!= null)
* {
* if (mg.gen_pool[i].httprequest.Headers.Get("Sqli") == null)
* notset++;
* else if (mg.gen_pool[i].httprequest.Headers.Get("Sqli") == "SQLi!")
* sqli++;
* else if (mg.gen_pool[i].httprequest.Headers.Get("Sqli") == "No SQLi!")
* Nsqli++;
* }
* }
* Console.WriteLine("number of sqli" + sqli);
* Console.WriteLine("number of Not sqli" + Nsqli);
* Console.WriteLine("number of allal badal" + notset);
*/
for (int j = 0; j < round; j++)
{
Console.WriteLine("number of sqli" + statistic[0, j]);
Console.WriteLine("number of Not sqli" + statistic[1, j]);
Console.WriteLine("number of allal badal" + statistic[2, j]);
Console.WriteLine("*********");
}
return(statistic);
}//end function
