Created
June 28, 2012 21:37
-
-
Save brandonprry/3014090 to your computer and use it in GitHub Desktop.
wapiti_to_dsxs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Xml; | |
| using System.Collections.Generic; | |
| using System.Diagnostics; | |
| namespace wapiti_to_dsxs | |
| { | |
| class MainClass | |
| { | |
| public class WapitiBug | |
| { | |
| public WapitiBug() | |
| {} | |
| public WapitiBug(string type, XmlNode bug) | |
| { | |
| this.Type = type; | |
| foreach (XmlNode node in bug.ChildNodes) | |
| { | |
| if (node.Name == "timestamp") | |
| this.Timestamp = DateTime.Parse (node.InnerText); | |
| else if (node.Name == "url") | |
| this.URL = node.InnerText; | |
| else if (node.Name == "peer") { | |
| foreach (XmlNode peerInfo in node.ChildNodes) { | |
| if (peerInfo.Name == "addr") | |
| this.Host = peerInfo.InnerText; | |
| else if (peerInfo.Name == "port") | |
| this.Port = int.Parse (peerInfo.InnerText); | |
| } | |
| } else if (node.Name == "parameter") | |
| this.Parameter = node.InnerText; | |
| else if (node.Name == "info") | |
| this.Info = node.InnerText; | |
| } | |
| } | |
| public int Level { get; set; } | |
| public DateTime Timestamp { get; set; } | |
| public string URL { get; set; } | |
| public string Host { get; set; } | |
| public int Port { get; set; } | |
| public string Parameter { get; set; } | |
| public string Info { get; set; } | |
| public string Type { get; set; } | |
| } | |
| public static void Main (string[] args) | |
| { | |
| string dsxsPath = "/home/bperry/tools/dsxs/dsxs.py"; | |
| string wapitiReport = "/tmp/wapiti_55fdd419-800a-4ba1-b591-5f2d6001a72f.xml"; | |
| string xml = System.IO.File.ReadAllText(wapitiReport); | |
| XmlDocument doc = new XmlDocument(); | |
| doc.LoadXml(xml); | |
| var nodes = doc.SelectNodes("/report/bugTypeList/bugType"); | |
| List<WapitiBug> bugs = new List<WapitiBug>(); | |
| foreach (XmlNode node in nodes) | |
| { | |
| string bugType = node.Attributes["name"].Value; | |
| XmlNodeList bugElements = node.SelectNodes("bugList/bug"); | |
| foreach (XmlNode bug in bugElements) | |
| bugs.Add(new WapitiBug(bugType, bug)); | |
| } | |
| foreach (WapitiBug bug in bugs) | |
| { | |
| if (bug.Type != "Cross Site Scripting") | |
| continue; | |
| ProcessStartInfo si = new ProcessStartInfo(); | |
| si.RedirectStandardOutput = true; | |
| si.UseShellExecute = false; | |
| Process proc = new Process(); | |
| proc.StartInfo = si; | |
| proc.EnableRaisingEvents = false; | |
| proc.StartInfo.FileName = dsxsPath; | |
| string url = bug.URL.Replace("%3Cscript%3Ealert%28%22tv25fmf889%22%29%3C%2Fscript%3E", "abcd"); | |
| string command = string.Empty; | |
| command = "-u \"" + url + "\" --random-agent"; | |
| if (bug.URL.Contains(bug.Parameter)) | |
| { | |
| //the XSS is in a GET request | |
| proc.StartInfo.Arguments = command; | |
| Console.WriteLine ("Performing GET XSS test on URL: " + url); | |
| } | |
| else | |
| { | |
| //the XSS is in a POST request | |
| string data = bug.Parameter.Replace("%3Cscript%3Ealert%28%22tv25fmf889%22%29%3C%2Fscript%3E", "abcd"); | |
| command = command + " --data=\"" + data + "\""; | |
| proc.StartInfo.Arguments = command; | |
| Console.WriteLine ("Performing POST XSS test on URL: " + url); | |
| } | |
| proc.Start(); | |
| string output = proc.StandardOutput.ReadToEnd(); | |
| Console.WriteLine(output); | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment