Examples of org.parosproxy.paros.network.HttpMessage

org.parosproxy.paros.network.HttpMessage
Representation of a HTTP message request (header and body) and response (header and body) pair.

    /* (non-Javadoc)
     * @see com.proofsecure.paros.core.scanner.Plugin#scan()
     */
    public void scan() {


        HttpMessage msg = getBaseMsg();
        String txtBody = msg.getResponseBody().toString();
        String txtForm = null;
        String txtInputs = null;
        Matcher matcherForm = patternForm.matcher(txtBody);
        Matcher matcherAutocomplete = null;
        Matcher matcherInput = null;

View Full Code Here

     Test existence of obsolete file with the suffix.
     @param suffix suffix to run scan with.
     @param  replaceSuffix true = replace the suffix for checking.  false = append the suffix.
     */
    private void testSuffix(String suffix, boolean replaceSuffix) throws IOException {
        HttpMessage msg = getNewMsg();
        URI uri = msg.getRequestHeader().getURI();
        String   path   = uri.getPath();
        
        if (path == null || path.equals("")) {
            return;
        }
        
        if (replaceSuffix) {
            int pos = path.lastIndexOf(".");
            if (pos > -1) {
                path = path.substring(0, pos);
            }
        }
        
        path = path + suffix;
        
        uri.setPath(path);
        msg.getRequestHeader().setURI(uri);
        
        sendAndReceive(msg);
        
        if (!isFileExist(msg)) {
            return;

View Full Code Here

    String resBodyAND = null;
    
    int pos = 0;
    long defaultTimeUsed = 0;


    HttpMessage msg = getNewMsg();
    
    // always try normal query first
    sendAndReceive(msg);
    defaultTimeUsed = msg.getTimeElapsedMillis();
    if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
      return;
    }


    mResBodyNormal = msg.getResponseBody().toString();
    
    if (getKb().getBoolean(msg.getRequestHeader().getURI(), "sql/and")) {
            if (getKb().getString("sql/mssql/username") != null) {
                checkDBUserName(msg, param, value);
            }


            if (getKb().getString("sql/mssql/tablename") != null) {

View Full Code Here

        listenerList.add(listener);     
    }
    
    public void addSeed(URI uri) {
        
        HttpMessage msg;
        try {
            msg = new HttpMessage(uri);
            addSeed(msg);
        } catch (HttpMalformedHeaderException e) {
            e.printStackTrace();
        }

View Full Code Here

    // move to host part
    if (node.getHistoryReference() == null) {
        return;
    }
    
    HttpMessage baseMsg = (HttpMessage) node.getHistoryReference().getHttpMessage();
    URI baseUri = (URI) baseMsg.getRequestHeader().getURI().clone();


    baseUri.setQuery(null);
        //System.out.println("analysing: " + baseUri.toString());


    
    // already exist one.  no need to test
    if (mapVisited.get(baseUri.toString()) != null) {
      return;
    }


    String path = getRandomPathSuffix(node, baseUri);
    HttpMessage msg = baseMsg.cloneRequest();
    
    URI uri = (URI) baseUri.clone();
    uri.setPath(path);
    msg.getRequestHeader().setURI(uri);
        //System.out.println("analysing 2: " + uri);
        
    sendAndReceive(msg);


    // standard RFC response, no further check is needed
    
    
    if (msg.getResponseHeader().getStatusCode() == HttpStatusCode.NOT_FOUND) {
      addAnalysedHost(baseUri, msg, SampleResponse.ERROR_PAGE_RFC);
      return;
    }


    if (HttpStatusCode.isRedirection(msg.getResponseHeader().getStatusCode())) {
      addAnalysedHost(baseUri, msg, SampleResponse.ERROR_PAGE_REDIRECT);
      return;
    }
    
    if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
      addAnalysedHost(baseUri, msg, SampleResponse.ERROR_PAGE_NON_RFC);
      return;
    }
  
    HttpMessage msg2 = baseMsg.cloneRequest();
    URI uri2 = msg2.getRequestHeader().getURI();
    String path2 = getRandomPathSuffix(node, uri2);
    uri2 = (URI) baseUri.clone();
    uri2.setPath(path2);
    msg2.getRequestHeader().setURI(uri2);
    sendAndReceive(msg2);


    // remove HTML HEAD as this may contain expiry time which dynamic changes    
    String resBody1 = msg.getResponseBody().toString().replaceAll(p_REMOVE_HEADER, "");
    String resBody2 = msg2.getResponseBody().toString().replaceAll(p_REMOVE_HEADER, "");


    // check if page is static.  If so, remember this static page
    if (resBody1.equals(resBody2)) {
        msg.getResponseBody().setBody(resBody1);
      addAnalysedHost(baseUri, msg, SampleResponse.ERROR_PAGE_STATIC);

View Full Code Here


    String resultSuffix = "";
    String suffix = null;
    SiteNode child = null;
        HistoryReference ref = null;
    HttpMessage msg = null;
    try {


      for (int i=0; i<staticSuffixList.length; i++) {
        suffix = staticSuffixList[i];
        for (int j=0; j<node.getChildCount(); j++) {
          child = (SiteNode) node.getChildAt(j);
                    ref = child.getHistoryReference();
          try {
              msg = ref.getHttpMessage();
                        if (msg.getRequestHeader().getURI().getPath().endsWith(suffix)) {
                  return suffix;
              }
          } catch (Exception e) {
          }
        }

View Full Code Here

    String resBodyANDErr = null;
    String resBodyOR = null;


    long defaultTimeUsed = 0;


    HttpMessage msg = getNewMsg();
    
    // always try normal query first
    sendAndReceive(msg);
    defaultTimeUsed = msg.getTimeElapsedMillis();
    if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
      return;
    }


    mResBodyNormal = msg.getResponseBody().toString();
    
    // 2nd try an always error SQL query


    newQuery = setParameter(msg, param, value+SQL_CHECK_ERR);
    sendAndReceive(msg);
    mResBodyError  = msg.getResponseBody().toString();
    if (checkANDResult(msg, newQuery)) {
      return;
    }




    // blind sql injections
        
        for (int i=0; i<SQL_AND.length;i++) {
            bingoQuery = setParameter(msg, param, value+SQL_AND[i]);
            sendAndReceive(msg);
            
            displayURI = msg.getRequestHeader().getURI().toString();
            
            if (checkANDResult(msg, bingoQuery)) {
                return;
            }
            
            if (msg.getResponseHeader().getStatusCode() == HttpStatusCode.OK) {
                
                resBodyAND = stripOff(msg.getResponseBody().toString(), SQL_AND[i]);
                
                if (resBodyAND.compareTo(mResBodyNormal) == 0) {
                    
                    newQuery = setParameter(msg, param, value + SQL_AND_ERR[i]);
                    sendAndReceive(msg);
                    resBodyANDErr = stripOff(msg.getResponseBody().toString(), SQL_AND_ERR[i]);
                    
                    // build a always false AND query.  Result should be different to prove the SQL works.
                    if (resBodyANDErr.compareTo(mResBodyNormal) != 0) {
                        getKb().add(msg.getRequestHeader().getURI(), "sql/and", new Boolean(true));
                        bingo(Alert.RISK_HIGH, Alert.WARNING, displayURI, bingoQuery, "", msg);
                        return;
                    } else {
                        // OR check is used to figure out if there is any diffrence if a AND query return nothing
                        newQuery = setParameter(msg, param, value + SQL_OR[i]);
                        sendAndReceive(msg);
                        resBodyOR = stripOff(msg.getResponseBody().toString(), SQL_OR[i]);
                        
                        if (resBodyOR.compareTo(mResBodyNormal) != 0) {
                            getKb().add(msg.getRequestHeader().getURI(), "sql/or", new Boolean(true));
                            bingo(Alert.RISK_HIGH, Alert.WARNING, displayURI, newQuery, "", msg);
                            return;    
                        }
                    }
                }
                
            }
        }


    if (getKb().getBoolean(msg.getRequestHeader().getURI(), "sql/mssql")) {
        return;
    }
    
    // try BLIND SQL SELECT using timing 
    newQuery = setParameter(msg, param, value + SQL_DELAY_1);
    sendAndReceive(msg);
        
    if (checkTimeResult(msg, newQuery, defaultTimeUsed, msg.getTimeElapsedMillis())) {
      return;
    }


    newQuery = setParameter(msg, param, value + SQL_DELAY_2);
    sendAndReceive(msg);
        
    if (checkTimeResult(msg, newQuery, defaultTimeUsed, msg.getTimeElapsedMillis())) {
      return;
    }


    // try BLIND MSSQL INSERT using timing

View Full Code Here

     * @param node.  If node == null, run for server level plugin
     */
    private void scanSingleNode(Plugin plugin, SiteNode node) {
        Thread thread = null;
        Plugin test = null;
        HttpMessage msg = null;


        // do not poll for isStop here to allow every plugin to run but terminate immediately.
        //if (isStop()) return;


        try {
            if (node == null) {
                return;
            }
            msg = node.getHistoryReference().getHttpMessage();


            test = (Plugin) plugin.getClass().newInstance();
            test.setConfig(plugin.getConfig());
            test.init(msg, this);
            notifyHostProgress(plugin.getName() + ": " + msg.getRequestHeader().getURI().toString());


        } catch (Exception e ) {
            e.printStackTrace();
            return;
        }

View Full Code Here

    int pos = 0;
    long defaultTimeUsed = 0;
    long timeUsed = 0;
    long lastTime = 0;


    HttpMessage msg = getNewMsg();
    
    // always try normal query first
//    lastTime = System.currentTimeMillis();
//    sendAndReceive(msg);
//    defaultTimeUsed = System.currentTimeMillis() - lastTime;
//    if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
//      return;
//    }
//
//    mResBodyNormal = msg.getResponseBody().toString();
    
    // 2nd try an always error SQL query


    newQuery = setParameter(msg, param, value+SQL_CHECK_ERR);
    lastTime = System.currentTimeMillis();
    sendAndReceive(msg);
    defaultTimeUsed = System.currentTimeMillis() - lastTime;
    mResBodyError  = msg.getResponseBody().toString();
    
    if (checkResult(msg, newQuery)) {
        return;
    }

View Full Code Here

    String resBodyAND = null;
    
    int pos = 0;
    long defaultTimeUsed = 0;


    HttpMessage msg = getNewMsg();
    
    // always try normal query first
    sendAndReceive(msg);
    defaultTimeUsed = msg.getTimeElapsedMillis();
    if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
      return;
    }


    mResBodyNormal = msg.getResponseBody().toString();
    
    if (getKb().getBoolean(msg.getRequestHeader().getURI(), "sql/and")) {
            if (getKb().getString("sql/oracle/username") == null) {
                checkDBUserName(msg, param, value);
            }
            
            if (getKb().getString("sql/oracle/tablename") == null) {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.parosproxy.paros.network.HttpMessage

com.denimgroup.threadfix.plugin.zap.action.AttackThread

org.apache.commons.httpclient.URI

org.parosproxy.paros.core.proxy.ProxyThread

org.parosproxy.paros.core.scanner.AbstractAppParamPlugin

org.parosproxy.paros.core.scanner.AbstractDefaultFilePlugin

org.parosproxy.paros.core.scanner.Analyser

org.parosproxy.paros.core.scanner.HostProcess

org.parosproxy.paros.core.scanner.plugin.TestClientAutocomplete

org.parosproxy.paros.core.scanner.plugin.TestClientBrowserAutocomplete

org.parosproxy.paros.core.scanner.plugin.TestClientBrowserCache

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.