Package org.owasp.webscarab.model

Examples of org.owasp.webscarab.model.NamedValue

123
124
125
126
127
128
129
130
131
132
133
        if (null != values) {
            for (int i = 0; i < values.length; i++) {
                String name = values[i].getName();
                String value = Encoding.urlDecode(values[i].getValue());
                if (name.startsWith("openid.")) {
                    NamedValue parameter = new NamedValue(name, value);
                    parameters.add(parameter);
                }
            }
        }
        return parameters;
View Full Code Here
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
        List parameters = this.wsfedModel.getParameters(id);
        this.parametersTableModel.setParameters(parameters);
        Iterator parameterIter = parameters.iterator();
        while (parameterIter.hasNext()) {
            NamedValue parameter = (NamedValue) parameterIter.next();
            if ("wreq".equals(parameter.getName())) {
                this.xmlPanel.setBytes("text/xml", parameter.getValue().getBytes());
                break;
            }
            if ("wresult".equals(parameter.getName())) {
                this.xmlPanel.setBytes("text/xml", parameter.getValue().getBytes());
                try {
                    byte[] assertion = this.wsfedModel.findSAMLAssertion(parameter.getValue().getBytes());
                    if (null != assertion) {
                        this.assertionPanel.setBytes("text/xml", assertion);
                        List samlAttributes = this.wsfedModel.getSAMLAttributes(assertion);
                        this.samlAttributesTableModel.setAttributes(samlAttributes);
                    }
View Full Code Here
862
863
864
865
866
867
868
    private void addHeaderButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_addHeaderButtonActionPerformed
        int row = headerTable.getSelectedRow();
        if (row == -1) {
            row = headerTable.getRowCount();
        }
        _model.addFuzzHeader(row, new NamedValue("Header", "Value"));
    }//GEN-LAST:event_addHeaderButtonActionPerformed
View Full Code Here
77
78
79
80
81
82
83
84
85
        _modified = false;
        return (NamedValue[]) _headers.toArray(NO_HEADERS);
    }
   
    public void insertRow(int row) {
        _headers.add(row, new NamedValue("Header", "value"));
        _modified = true;
        _htm.fireTableRowsInserted(row, row);
    }
View Full Code Here
193
194
195
196
197
198
199
200
201
            return _headers.size();
        }
       
        public Object getValueAt(int row, int column) {
            if (row > _headers.size()-1) return "ERROR";
            NamedValue nv = (NamedValue) _headers.get(row);
            if (column == 0) return nv.getName();
            return nv.getValue();
        }
View Full Code Here
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
            return nv.getValue();
        }
       
        public void setValueAt(Object aValue, int row, int col) {
            if (_editable && aValue instanceof String) {
                NamedValue nv = (NamedValue) _headers.get(row);
                if (col == 0) {
                    _headers.set(row, new NamedValue((String)aValue, nv.getValue()));
                } else {
                    _headers.set(row, new NamedValue(nv.getName(), (String) aValue));
                }
                _modified = true;
                fireTableCellUpdated(row, col);
            }
        }
View Full Code Here
120
121
122
123
124
125
126
127
128
129
                StringBuffer buff = new StringBuffer();
                buff.append(cookies[0].getName()).append("=").append(cookies[0].getValue());
                for (int i=1; i<cookies.length; i++) {
                    buff.append("; ").append(cookies[i].getName()).append("=").append(cookies[i].getValue());
                }
                _request.setHeader(new NamedValue("Cookie", buff.toString()));
                if (_ui != null) _ui.requestChanged(_request);
            }
        }
    }
View Full Code Here
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
            if (0 == attributeValueNodeList.getLength()) {
                continue;
            }
            Element attributeValueElement = (Element) attributeValueNodeList.item(0);
            String attributeValue = attributeValueElement.getChildNodes().item(0).getNodeValue();
            NamedValue attribute = new NamedValue(attributeName, attributeValue);
            samlAttributes.add(attribute);
        }

        NodeList attribute2NodeList = document.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "Attribute");
        for (int idx = 0; idx < attribute2NodeList.getLength(); idx++) {
            Element attributeElement = (Element) attribute2NodeList.item(idx);
            String attributeName = attributeElement.getAttribute("Name");
            NodeList attributeValueNodeList = attributeElement.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AttributeValue");
            if (0 == attributeValueNodeList.getLength()) {
                continue;
            }
            Element attributeValueElement = (Element) attributeValueNodeList.item(0);
            String attributeValue = attributeValueElement.getChildNodes().item(0).getNodeValue();
            NamedValue attribute = new NamedValue(attributeName, attributeValue);
            samlAttributes.add(attribute);
        }

        return samlAttributes;
    }
View Full Code Here
69
70
71
72
73
74
75
76
77
78
79
        if (responseContent != null)
            responseBody = new String(responseContent).toUpperCase();
        NamedValue[] headers = response.getHeaders();
        NamedValue[] ucHeaders = new NamedValue[headers.length];
        for (int i=0; i<headers.length; i++) {
            ucHeaders[i] = new NamedValue(headers[i].getName().toUpperCase(), headers[i].getValue().toUpperCase());
        }
       
        String queryString = request.getURL().getQuery();
        if (queryString != null && queryString.length() > 0) {
            NamedValue[] params = NamedValue.splitNamedValues(queryString, "&", "=");
View Full Code Here
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
        boolean samlResponseMessage = false;
        for (int idx = 0; idx < namedValues.length; idx++) {
            if ("RelayState".equals(namedValues[idx].getName())) {
                if (this.samlProxyConfig.doInjectRelayState()) {
                    String newRelayState = getInjectedRelayState();
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newRelayState);
                }
            }

            if (false == "SAMLResponse".equals(namedValues[idx].getName())) {
                continue;
            }
            samlResponseMessage = true;

            try {
                if (this.samlProxyConfig.doReplay()) {
                    String newSamlResponse = replaySamlResponse();
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                }

                if (this.samlProxyConfig.doInjectAttribute()) {
                    String newSamlResponse = injectAttribute(namedValues[idx].getValue());
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                }
                if (this.samlProxyConfig.doInjectSubject()) {
                    String newSamlResponse = injectSubject(namedValues[idx].getValue());
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                }
                if (this.samlProxyConfig.doInjectPublicDoctype()) {
                    String newSamlResponse = injectPublicDoctype(namedValues[idx].getValue());
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                }
               
                if (this.samlProxyConfig.doSignSamlMessage()) {
                    String newSamlResponse = signSamlMessage(namedValues[idx].getValue());
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                } else if (this.samlProxyConfig.doRemoveSignature()) {
                    String newSamlResponse = removeSamlResponseSignature(namedValues[idx].getValue());
                    namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                } else {
                    if (this.samlProxyConfig.doCorruptSignature()) {
                        String newSamlResponse = corruptSamlResponseSignature(namedValues[idx].getValue());
                        namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                    }
                    if (this.samlProxyConfig.doInjectRemoteReference()) {
                        String newSamlResponse = injectRemoteReference(namedValues[idx].getValue());
                        namedValues[idx] = new NamedValue(namedValues[idx].getName(), newSamlResponse);
                    }
                }
            } catch (Exception ex) {
                this._logger.log(Level.WARNING, "could not corrupt the SAML Response signature: {0}", ex.getMessage());
                continue;
            }
        }
        if (false == samlResponseMessage) {
            return;
        }

        StringBuffer newBody = new StringBuffer();
        for (int idx = 0; idx < namedValues.length; idx++) {
            NamedValue namedValue = namedValues[idx];
            if (0 != newBody.length()) {
                newBody.append("&");
            }
            newBody.append(namedValue.getName());
            newBody.append("=");
            newBody.append(namedValue.getValue());
        }
        request.setContent(newBody.toString().getBytes());
    }
View Full Code Here
TOP

Related Classes of org.owasp.webscarab.model.NamedValue

  • org.owasp.webscarab.plugin.fuzz.swing.FuzzerPanel
  • org.owasp.webscarab.plugin.fuzz.swing.FuzzerPanel$HeaderTableModel
  • org.owasp.webscarab.plugin.identity.CookieTokenParser
  • org.owasp.webscarab.plugin.identity.swing.IdentityPanel$AddIdentityAction
  • org.owasp.webscarab.plugin.identity.swing.SelectTokenDialog
  • org.owasp.webscarab.plugin.identity.swing.SelectTokenDialog$TokenTableModel
  • org.owasp.webscarab.plugin.manualrequest.ManualRequest
  • org.owasp.webscarab.plugin.openid.OpenIdHTTPClient
  • org.owasp.webscarab.plugin.openid.OpenIdModel
  • org.owasp.webscarab.plugin.openid.swing.ParametersTableModel
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.