Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

New API_ChromeDriver.cs and API_Chrome_Hijack.cs

New Tool Util - Chrome Browser with REPL.h2
Some refactoring on API_Win32_Handle_Hijack
Added some logging to the 3 Hijacked browsers PoC
  • Loading branch information...
commit 46647ba355c2653709f243e0d46b275b16d17bf4 1 parent a9901bc
Dinis Cruz DinisCruz authored
25 3rdParty/Chrome/API_ChromeDriver.cs
View
@@ -0,0 +1,25 @@
+using System;
+using System.Linq;
+using System.Collections.Generic;
+
+using OpenQA.Selenium.Chrome;
+using OpenQA.Selenium.IE;
+using OpenQA.Selenium;
+//Installer:Selenium_Installer.cs!Selenium\net40\WebDriver.dll
+//O2File:SeleniumWebDrivers_Setup.cs
+namespace O2.XRules.Database.APIs
+{
+ public class API_ChromeDriver
+ {
+
+ }
+
+ public static class API_ChromeDriver_ExtensionMethods
+ {
+ public static ChromeDriver open(this ChromeDriver chromeDriver, string url)
+ {
+ chromeDriver.Navigate().GoToUrl(url);
+ return chromeDriver;
+ }
+ }
+}
117 3rdParty/Chrome/API_Chrome_Hijack.cs
View
@@ -0,0 +1,117 @@
+// This file is part of the OWASP O2 Platform (http://www.owasp.org/index.php/OWASP_O2_Platform) and is released under the Apache 2.0 License (http://www.apache.org/licenses/LICENSE-2.0)
+using System;
+using System.Collections.Generic;
+using System.Windows.Forms;
+using System.Text;
+using System.Reflection;
+using System.Management;
+using System.Diagnostics;
+using O2.Kernel.ExtensionMethods;
+using O2.DotNetWrappers.DotNet;
+using O2.DotNetWrappers.ExtensionMethods;
+using OpenQA.Selenium;
+using OpenQA.Selenium.Chrome;
+//O2Ref:Selenium\net40\WebDriver.dll
+//Installer:Selenium_Installer.cs!Selenium\net40\WebDriver.dll
+
+//O2Ref:System.Management.dll
+
+namespace O2.XRules.Database.APIs
+{
+ public class API_Chrome_Hijack
+ {
+ public ChromeDriver ChromeDriver { get; set; }
+ public ChromeOptions ChromeOptions { get; set; }
+ public ChromeDriverService ChromeDriverService { get; set; }
+ public Process ChromeDriverProcess { get; set; }
+ public Process ChromeProcess { get; set; }
+ public string ChromeDriver_Exe { get; set; }
+ public string WebDriver_Folder { get; set; }
+ public string ChromeDriverDownloadLink { get; set; }
+
+ public API_Chrome_Hijack()
+ {
+ ChromeDriverDownloadLink = @"http://chromedriver.googlecode.com/files/chromedriver_win_26.0.1383.0.zip";
+ WebDriver_Folder = @"Selenium\net40\WebDriver.dll".assembly().location().parentFolder();
+ ChromeDriver_Exe = WebDriver_Folder.pathCombine("chromedriver.exe");
+ ChromeOptions = new ChromeOptions();
+ ChromeDriverService = ChromeDriverService.CreateDefaultService();
+ }
+
+ public API_Chrome_Hijack ensureChromeDriverExists()
+ {
+ if (ChromeDriver_Exe.fileExists().isFalse())
+ {
+ var downloadedZipFile = ChromeDriverDownloadLink.download();
+ downloadedZipFile.unzip_File(WebDriver_Folder);
+ }
+ return this;
+ }
+
+ public API_Chrome_Hijack open_ChromeDriver()
+ {
+ ChromeDriver = new ChromeDriver(ChromeDriverService, ChromeOptions);
+
+ //resolve driverServiceProcess
+ var fieldInfo = (FieldInfo)typeof(DriverService).field("driverServiceProcess");
+ ChromeDriverProcess = (Process)fieldInfo.GetValue(ChromeDriverService);
+
+ ChromeDriverProcess.waitFor_MainWindowHandle();
+ ChromeProcess = ChromeDriverProcess.getProcessWithParentHandle();
+
+ return this;
+ }
+
+ /*public IntPtr startChromeDriver()
+ {
+ "[setup_Chrome] start".info();
+ //var selenium = new API_Selenium();
+ //ChromeDriver = selenium.setTarget_Chrome();
+ //ChromeDriver chromeDriverProcess = "ChromeDriver".process_WithName();
+ //chromeHandle= getProcessWithParentHandle(chromeDriverProcess.Id).MainWindowHandle;
+ return chromeHandle;
+ }*/
+
+ /*Func<IntPtr, IWebDriver> setup_Chrome =
+ (targetHandle)=>{
+ "[setup_Chrome] start".info();
+ var selenium = new API_Selenium();
+ selenium.setTarget_Chrome();
+ chromeDriverProcess = "ChromeDriver".process_WithName();
+ chromeHandle= getProcessWithParentHandle(chromeDriverProcess.Id).MainWindowHandle;
+ chromeHandle.setParent(targetHandle);
+ WinAPI.ShowWindow(chromeHandle, WinAPI.ShowWindowCommands.ShowMaximized);
+ "[setup_Chrome] done".info();
+ return selenium.WebDriver;
+ };*/
+
+ }
+
+ public static class API_Chrome_Test_ExtensionMethods
+ {
+ public static Process getProcessWithParentHandle(this Process process)
+ {
+ if(process.isNotNull())
+ {
+ var selectQuery = "Select ProcessId from Win32_Process Where ParentProcessId = {0}".format(process.Id);;
+ foreach(var proc in new ManagementObjectSearcher(selectQuery).Get())
+ {
+ var procId = (int)(UInt32)proc["ProcessId"];
+ var foundProcess = procId.process_WithId();
+ "foundProcess: {0}".debug(foundProcess);
+ return foundProcess;
+ };
+ "Failed to find process with id: {0} name: {0}".error(process.Id, process.ProcessName);
+ }
+ return null;
+ }
+
+
+ public static API_Chrome_Hijack createTestGui(this API_Chrome_Hijack chromeHijack)
+ {
+ var winFormsUI = "Util - O2 REPL Editor using winFormUI .. ".winFormsUI(800,600);
+ return chromeHijack;
+ }
+ }
+}
+
30 3rdParty/Chrome/Util - Chrome Browser with REPL.h2
View
@@ -0,0 +1,30 @@
+//var topPanel = panel.clear().add_Panel();
+var topPanel = "Util - Chrome with REPL".popupWindow(2000,600);
+
+var replPanel = topPanel.add_GroupBox("C# Repl").add_Panel();
+var chromePanel = topPanel.insert_Right(replPanel.width() /3 , "Chrome");
+var chromeDriver = chromePanel.parent().insert_Below("Chrome WebDriver");
+
+var firstScript =
+@"chromeDriver.open(""http://www.google.com"");
+var field = chromeDriver.FindElement(By.Name(""q""));
+field.SendKeys(""O2 Platform"");
+return ""done"";
+
+//using OpenQA.Selenium;
+//O2Ref:WebDriver.dll
+//O2File:API_ChromeDriver.cs";
+
+var chromeHijack = new API_Chrome_Hijack()
+ .open_ChromeDriver();
+
+chromeHijack.ChromeDriver.script_Me(replPanel).set_Code(firstScript);
+var hijacked_Chrome = chromePanel.add_Handle_HijackGui(false)
+ .hijackProcessMainWindow(chromeHijack.ChromeProcess);
+var hijacked_ChromeDriver = chromeDriver.add_Handle_HijackGui(false)
+ .hijackProcessMainWindow(chromeHijack.ChromeDriverProcess);
+
+//O2File:API_Chrome_Hijack.cs
+//O2File:API_Win32_Handle_Hijack.cs
+
+//O2Ref:WebDriver.dll
2  3rdParty/Selenium/API_Selenium.cs
View
@@ -9,7 +9,7 @@
using OpenQA.Selenium.Chrome;
using OpenQA.Selenium.IE;
using OpenQA.Selenium;
-//Installer:Selenium_Installer.cs!Selenium\Selenium\Clojure.Main.exe
+//Installer:Selenium_Installer.cs!Selenium\net40\WebDriver.dll
//O2File:SeleniumWebDrivers_Setup.cs
namespace O2.XRules.Database.APIs
84 3rdParty/Selenium/PoC - Selenium - Gui with 3 Hijacked Browser Windows.h2
View
@@ -1,8 +1,7 @@
-//var selectQuery = new SelectQuery("Win32_Process");
-
IntPtr firefoxHandle = default(IntPtr);
IntPtr chromeHandle = default(IntPtr);
IntPtr ieHandle = default(IntPtr);
+
Process firefoxProcess = null;
Process chromeDriverProcess = null;
Process ieDriverProcess = null;
@@ -23,34 +22,40 @@ Func<int, Process> getProcessWithParentHandle =
Func<IntPtr, IWebDriver> setup_Firefox =
(targetHandle)=> {
+ "[setup_Firefox] start".info();
var selenium = new API_Selenium();
selenium.setTarget_Firefox();
firefoxProcess = "firefox".process_WithName();
firefoxHandle = firefoxProcess.MainWindowHandle;
firefoxHandle.setParent(targetHandle);
WinAPI.ShowWindow(firefoxHandle, WinAPI.ShowWindowCommands.ShowMaximized);
+ "[setup_Firefox] done".info();
return selenium.WebDriver;
};
Func<IntPtr, IWebDriver> setup_Chrome =
(targetHandle)=>{
+ "[setup_Chrome] start".info();
var selenium = new API_Selenium();
selenium.setTarget_Chrome();
chromeDriverProcess = "ChromeDriver".process_WithName();
chromeHandle= getProcessWithParentHandle(chromeDriverProcess.Id).MainWindowHandle;
chromeHandle.setParent(targetHandle);
WinAPI.ShowWindow(chromeHandle, WinAPI.ShowWindowCommands.ShowMaximized);
- return selenium.WebDriver;
+ "[setup_Chrome] done".info();
+ return selenium.WebDriver;
};
Func<IntPtr, IWebDriver> setup_IE =
(targetHandle)=>{
+ "[setup_IE] start".info();
var selenium = new API_Selenium();
selenium.setTarget_IE();
ieDriverProcess = "IEDriverServer".process_WithName();
ieHandle= getProcessWithParentHandle(ieDriverProcess.Id).MainWindowHandle;
ieHandle.setParent(targetHandle);
WinAPI.ShowWindow(ieHandle, WinAPI.ShowWindowCommands.ShowMaximized);
+ "[setup_IE] end".info();
return selenium.WebDriver;
};
@@ -109,8 +114,6 @@ return ""done"";
//O2Ref:Selenium\net40\WebDriver.dll
";
-
-
var ieDriver = setup_IE(iePanel.handle());
var firefoxDriver = setup_Firefox(fireFoxPanel.handle());
var chromeDriver = setup_Chrome(chromePanel.handle());
@@ -122,75 +125,14 @@ script.add_InvocationParameter("ie", ieDriver);
return "done";
-/*
-
-var driverProcessName = "Firefox";
-var ieDriver = driverProcessName.process_WithName();
-if (ieDriver.isNull())
- return "ieDriver was null";
-
-
-
-var panelHandle = targetPanel.Handle;
-
-fireFoxHandle = ieDriver.MainWindowHandle;
-"panelHandle: {0} : {1}".info(panelHandle, panelHandle.get_Parent());
-"firefoxHandle: {0} : {1}".info(fireFoxHandle, fireFoxHandle.get_Parent());
-fireFoxHandle.setParent(panelHandle);
-fireFoxHandle.window_Redraw();
-fireFoxHandle.window_Redraw();
-WinAPI.ShowWindow(fireFoxHandle, WinAPI.ShowWindowCommands.ShowMaximized);
-return "firefox";
-*/
-/*
-var selectQuery = "Select ProcessId from Win32_Process Where ParentProcessId = {0}".format(ieDriver.Id);;
-
-
-
-foreach(var proc in new ManagementObjectSearcher(selectQuery).Get())
-{
- var procId = (int)(UInt32)proc["ProcessId"];
- "process id:{0}".info(procId);
- var process = procId.process_WithId();
- var ieHandle = process.MainWindowHandle;
- var ieParentHandle = ieHandle.get_Parent();
-
-
- "panelHandle: {0} : {1}".info(panelHandle, panelHandle.get_Parent());
-
- "ieHandle: {0} : {1}".info(ieHandle, ieHandle.get_Parent());
-
-
- ieHandle.setParent(panelHandle);
- ieHandle.window_Redraw();
- panelHandle.window_Redraw();
-
- WinAPI.ShowWindow(ieHandle, WinAPI.ShowWindowCommands.ShowMaximized);
-}
-*/
+//using OpenQA.Selenium
//using System.Management
-//O2Ref:System.Management.dll
-
-//"IEDriverServer".process_WithName().details();
-return "done";
-
-//var topPanel = "{name}".popupWindow(700,400);
-//var selenium = new API_Selenium();
-//selenium.setTarget_Chrome();
-//selenium.setTarget_IE();
-//selenium.setTarget_Firefox();
-
-
-
-//driver.Navigate().GoToUrl("http://localhost:3187");
-//driver.details();
-//return driver;
-
//using System.Diagnostics
-
+
//O2File:API_WinAPI.cs
//O2File:API_WinAPI_ExtensionMethods.cs
-//using OpenQA.Selenium
-//O2File:API_Selenium.cs
+//O2File:API_Selenium.cs
//O2File:SeleniumWebDrivers_Setup.cs
+
+//O2Ref:System.Management.dll
//O2Ref:Selenium\net40\WebDriver.dll
6 3rdParty/Selenium/SeleniumWebDrivers_Setup.cs
View
@@ -21,9 +21,9 @@ public class SeleniumWebDrivers_Setup
static SeleniumWebDrivers_Setup()
{
- ChromeDriverDownloadLink = @"http://chromedriver.googlecode.com/files/chromedriver_win_23.0.1240.0.zip";
- IEDriverDownloadLinkx32 = @"http://selenium.googlecode.com/files/IEDriverServer_Win32_2.28.0.zip";
- IEDriverDownloadLinkx64 = @"https://selenium.googlecode.com/files/IEDriverServer_x64_2.28.0.zip";
+ ChromeDriverDownloadLink = @"http://chromedriver.googlecode.com/files/chromedriver_win_26.0.1383.0.zip";
+ IEDriverDownloadLinkx32 = @"http://selenium.googlecode.com/files/IEDriverServer_Win32_2.33.0.zip";
+ IEDriverDownloadLinkx64 = @"https://selenium.googlecode.com/files/IEDriverServer_x64_2.33.0.zip";
// we need to think a bit more on where we put this temp folder
// will create folder in the root of the O2 Temp (which is inside the user's temp folder)
DriversFolder = @"..\_TM_UnitTests".tempDir(false);
6 3rdParty/Selenium/Selenium_Installer.cs
View
@@ -21,8 +21,8 @@ public class Selenium_Installer : Tool_API
public Selenium_Installer()
{
config("Selenium",
- "http://selenium.googlecode.com/files/selenium-dotnet-2.28.0.zip".uri(),
- @"Selenium\Clojure.Main.exe");
+ "http://selenium.googlecode.com/files/selenium-dotnet-2.33.0.zip".uri(),
+ @"Selenium\WebDriver.dll");
installFromZip_Web();
}
@@ -31,7 +31,7 @@ public Selenium_Installer()
public Process start()
{
if (isInstalled())
- return this.Executable.startProcess();
+ return this.Executable.parentFolder().startProcess();
return null;
}
}
98 APIs/Windows/Windows_Messages/API_Win32_Handle_Hijack.cs
View
@@ -38,46 +38,53 @@ public class Win32_Handle_Hijack : Control
public Panel TopPanel { get; set; }
public ToolStripTextBox TargetHandle { get; set; }
public ToolStripTextBox ParentHandle { get; set; }
- public Panel HijackedWindow { get; set; }
+ public Panel HijackedWindow { get; set; }
+ public String GroupBoxText { get; set; }
public CheckBox AutoResize ;//{ get; set; }
+
public IntPtr HijackedHandle { get; set; }
public IntPtr HijackedParent { get; set; }
+ public Process HijackedProcess { get; set; }
public WinAPI.RECT HijackedHandleRECT;
//public PictureBox PictureBox ;//{ get; set; }
//public Label ClassName ;//{ get; set; }
-
+
public Win32_Handle_Hijack()
{
+ GroupBoxText = "(click here to hide tool bar)";
this.width(400);
this.height(400);
- buildGui();
+ buildGui();
}
- public void setTarget(IntPtr handle)
+ public Win32_Handle_Hijack setTarget(IntPtr handle)
{
TargetHandle.set_Text(handle.str());
+ return this;
//ClassName.set_Text(handle.className());
//PictureBox.show(handle.window_ScreenShot());
}
- public void updateParentValue()
+ public Win32_Handle_Hijack updateParentValue()
{
var target = TargetHandle.get_Text().toInt().intPtr();
var targetParent = target.parent().str();
ParentHandle.set_Text(targetParent);
+ return this;
}
- public void setTargetValueToItsParent()
+ public Win32_Handle_Hijack setTargetValueToItsParent()
{
if(ParentHandle.get_Text().isInt())
if (ParentHandle.get_Text().toInt() > 0)
TargetHandle.set_Text(ParentHandle.get_Text());
+ return this;
}
- public void restore()
+ public Win32_Handle_Hijack restore()
{
if (HijackedHandle != IntPtr.Zero)
{
@@ -90,11 +97,12 @@ public void restore()
}
HijackedParent.window_Redraw();
HijackedHandle.window_Redraw();
- HijackedHandle = IntPtr.Zero;
+ HijackedHandle = IntPtr.Zero;
}
+ return this;
}
- public void hijack()
+ public Win32_Handle_Hijack hijack()
{
restore();
var handle = TargetHandle.get_Text().toInt().intPtr();
@@ -107,8 +115,9 @@ public void hijack()
handle.setParent(newParent);
adjustHandleSizeToTargetWindow();
+ return this;
}
- public void screenShot()
+ public Win32_Handle_Hijack screenShot()
{
restore();
try
@@ -121,6 +130,7 @@ public void screenShot()
{
ex.log();
}
+ return this;
}
public void adjustHandleSizeToTargetWindow()
@@ -128,11 +138,11 @@ public void adjustHandleSizeToTargetWindow()
if (AutoResize.@checked())
HijackedHandle.window_Move(0,0, HijackedWindow.width(), HijackedWindow.height());
}
- public Process startProcessAndHijackMainWindow(string processToStart, string processParams)
+ public Win32_Handle_Hijack startProcessAndHijackMainWindow(string processToStart, string processParams)
{
return hijackProcessMainWindow(processToStart.startProcess(processParams));
}
- public Process hijackProcessMainWindow(Process process)
+ public Win32_Handle_Hijack hijackProcessMainWindow(Process process)
{
var mainHandle = process.waitFor_MainWindowHandle().MainWindowHandle;
O2Thread.mtaThread(
@@ -140,8 +150,9 @@ public Process hijackProcessMainWindow(Process process)
setTarget(mainHandle);
hijack();
adjustHandleSizeToTargetWindow();
+ HijackedProcess = process;
});
- return process;
+ return this;
}
public Win32_Handle_Hijack buildGui()
@@ -163,7 +174,7 @@ public Win32_Handle_Hijack buildGui()
.append_Label(ref ClassName).topAdd(2);
*/
- HijackedWindow = TopPanel.add_GroupBox("(click here to hide tool bar)").add_Panel();
+ HijackedWindow = TopPanel.add_GroupBox(GroupBoxText).add_Panel();
//TargetHandle.onTextChange((value)=> ParentHandle.set_Text(value.toInt().intPtr().parent().str()));
//TargetHandle.TextChanged+= (sender,e)=> updateParentValue();
@@ -177,39 +188,44 @@ public Win32_Handle_Hijack buildGui()
"On Closed".info();
restore();
});
+
var groupBox = HijackedWindow.parent();;
- var originalText = groupBox.get_Text();
- var splitcontainer = groupBox.splitContainer();
+ GroupBoxText = groupBox.get_Text();
- groupBox.DoubleClick+=(sender,e)=>
- {
- var collapsed = splitcontainer.Panel1Collapsed;
- if (collapsed)
- {
- splitcontainer.panel1Collapsed(false);
- groupBox.set_Text(originalText);
- }
- else
- {
- splitcontainer.panel1Collapsed(true);
- groupBox.set_Text(".");
- }
- };
+ groupBox.DoubleClick+=(sender,e)=> toolStrip_HideShow();
return this;
}
+ public Win32_Handle_Hijack toolStrip_HideShow()
+ {
+ var groupBox = HijackedWindow.parent();;
+ var splitcontainer = groupBox.splitContainer();
+
+ var collapsed = splitcontainer.Panel1Collapsed;
+ if (collapsed)
+ {
+ splitcontainer.panel1Collapsed(false);
+ groupBox.set_Text(GroupBoxText);
+ }
+ else
+ {
+ splitcontainer.panel1Collapsed(true);
+ groupBox.set_Text(".");
+ }
+ return this;
+ }
public void createToolStrip()
{
ToolStrip = TopPanel.insert_Above_ToolStrip();
WindowFinder = ToolStrip.insert_Left(30).add_WindowFinder();
- WindowFinder.Window_Changed = setTarget;
+ WindowFinder.Window_Changed = (intPtr)=>setTarget(intPtr);
- ToolStrip.add_Button("Hijack","btExecuteOnExternalEngine_Image".formImage(), hijack)
- .add_Button("Restore","edit_undo".formImage(),restore)
- .add_Button("Screenshot","camera_photo".formImage(),screenShot)
+ ToolStrip.add_Button("Hijack","btExecuteOnExternalEngine_Image".formImage(), ()=> hijack())
+ .add_Button("Restore","edit_undo".formImage(),()=> restore())
+ .add_Button("Screenshot","camera_photo".formImage(),()=> screenShot())
.toolStrip()
.add_CheckBox("Size", ref AutoResize);
@@ -254,11 +270,17 @@ public void addExamples()
}
public static class API_Win32_Handle_Hijack_ExtensionMethods
- {
-
+ {
public static Win32_Handle_Hijack add_Handle_HijackGui(this Control hostPanel)
- {
- return hostPanel.add_Control<Win32_Handle_Hijack>();;
+ {
+ return hostPanel.add_Handle_HijackGui(false);
+ }
+ public static Win32_Handle_Hijack add_Handle_HijackGui(this Control hostPanel, bool showToolStrip)
+ {
+ var handleHijack = hostPanel.add_Control<Win32_Handle_Hijack>();;
+ if (!showToolStrip)
+ handleHijack.toolStrip_HideShow();
+ return handleHijack;
}
}
}
2  APIs/Windows/Windows_Messages/Util - Win32 Window Handle Hijack (simple).h2
View
@@ -3,4 +3,4 @@ var topPanel = "Util - Win32 Window Handle Hijack (simple)".popupWindow();
var hijackGui = topPanel.add_Handle_HijackGui();
return hijackGui;
-//O2File:API_Win32_Handle_Hijack.cs
+//O2File:API_Win32_Handle_Hijack.cs
Please sign in to comment.
Something went wrong with that request. Please try again.