190 lines
5.3 KiB
C#
190 lines
5.3 KiB
C#
using System.Net.Http.Headers;
|
|
using System.Security.Cryptography;
|
|
using System.Text;
|
|
using Newtonsoft.Json;
|
|
|
|
Console.WriteLine("EasyLogon Testing tools");
|
|
Console.WriteLine("Mobile app emulator for Web application");
|
|
|
|
while (true)
|
|
{
|
|
string? connectionId, encryptionKey, target = "http://localhost:4000";
|
|
Mode mode = 0;
|
|
|
|
while (true)
|
|
{
|
|
Console.WriteLine("Enter connection ID");
|
|
connectionId = Console.ReadLine();
|
|
|
|
if (string.IsNullOrWhiteSpace(connectionId))
|
|
Console.WriteLine("\nError: Connection ID is required\n");
|
|
else
|
|
break;
|
|
}
|
|
|
|
while (true)
|
|
{
|
|
Console.WriteLine("Enter encryption key");
|
|
encryptionKey = Console.ReadLine();
|
|
|
|
if (string.IsNullOrWhiteSpace(encryptionKey))
|
|
Console.WriteLine("\nError: Encryption key is required\n");
|
|
else
|
|
break;
|
|
}
|
|
|
|
while (true)
|
|
{
|
|
Console.WriteLine($"Enter website URL. Press return to keep default ({target})");
|
|
string? input = Console.ReadLine();
|
|
|
|
if (string.IsNullOrWhiteSpace(input))
|
|
break;
|
|
|
|
if (!Uri.IsWellFormedUriString(input, UriKind.Absolute))
|
|
Console.WriteLine("\nError: Input is not a well formed URI string\n");
|
|
else
|
|
{
|
|
target = input;
|
|
break;
|
|
}
|
|
}
|
|
|
|
while (true)
|
|
{
|
|
Console.WriteLine($"Select transmission mode. Press return to keep default");
|
|
Console.WriteLine("0 - Default");
|
|
Console.WriteLine("1 - Malformed model (Password is missing)");
|
|
Console.WriteLine("2 - Malformed data (encrypted data is malformed)");
|
|
|
|
string? input = Console.ReadLine();
|
|
|
|
if (string.IsNullOrWhiteSpace(input))
|
|
break;
|
|
|
|
if (!int.TryParse(input, out int result))
|
|
Console.WriteLine("\nError: Input is not a valid integer\n");
|
|
else
|
|
{
|
|
mode = (Mode)Math.Clamp(result, 0, 2);
|
|
break;
|
|
}
|
|
}
|
|
|
|
Uri uri = new(new Uri(target), $"/api/send?id={connectionId}");
|
|
|
|
HttpRequestMessage request = new(HttpMethod.Post, uri);
|
|
string? data = EncryptData(encryptionKey, mode);
|
|
|
|
if (string.IsNullOrWhiteSpace(data))
|
|
continue;
|
|
|
|
request.Content = new StringContent($"\"{data}\"", Encoding.UTF8, "application/json");
|
|
|
|
if (target.Contains("azurewebsites.net"))
|
|
try
|
|
{
|
|
Console.WriteLine("\nObtaining authentication token for the request (Test environment endpoint detected)");
|
|
using HttpClient client = new HttpClient();
|
|
|
|
HttpRequestMessage authRequest = new HttpRequestMessage(HttpMethod.Post, $"https://login.microsoftonline.com/e3382dae-1e6b-4b42-a26d-8cc6c96ee3ba/oauth2/token");
|
|
authRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>
|
|
{
|
|
{ "grant_type", "client_credentials" },
|
|
{ "client_id", "12dcdd03-f006-412b-b8e0-7beeb1510094" },
|
|
{ "client_secret", "9Yy7Q~pkW8Q-9q.40o0FQcop-Zl1FRQtSgrya" },
|
|
{ "resource", "api://53894705-c0d7-481a-b308-5d39185fe11c" }
|
|
});
|
|
|
|
HttpResponseMessage response = await client.SendAsync(authRequest);
|
|
|
|
string content = await response.Content.ReadAsStringAsync();
|
|
|
|
if (!response.IsSuccessStatusCode)
|
|
throw new HttpRequestException($"Something went wrong (response from server: {response.StatusCode}\n{content})");
|
|
|
|
Dictionary<string, string>? json = JsonConvert.DeserializeObject<Dictionary<string, string>>(content);
|
|
|
|
if (string.IsNullOrWhiteSpace(json?["access_token"]))
|
|
throw new HttpRequestException($"No access token were received (response from server: {response.StatusCode}\n{content})");
|
|
|
|
request.Headers.Authorization = new("Bearer", json?["access_token"]);
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
Console.WriteLine("Exception has been thrown");
|
|
Console.WriteLine($"{e.GetType()}: {e.Message}");
|
|
goto Exit;
|
|
}
|
|
|
|
Console.Write("Sending data to target... ");
|
|
|
|
try
|
|
{
|
|
using HttpClient client = new();
|
|
HttpResponseMessage response = client.Send(request);
|
|
Console.Write("Done.\n");
|
|
|
|
Console.WriteLine("\nRequest details:");
|
|
Console.WriteLine($"Target URL: {request.RequestUri?.AbsoluteUri}");
|
|
Console.WriteLine($"Data: ({request.Content.Headers.ContentType?.ToString()}) \"{data}\"");
|
|
|
|
Console.WriteLine("\nResponse details:");
|
|
Console.WriteLine($"Status: {(int)response.StatusCode} {response.StatusCode}");
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
Console.WriteLine("Exception has been thrown");
|
|
Console.WriteLine($"{e.GetType()}: {e.Message}");
|
|
}
|
|
|
|
Exit:
|
|
Console.WriteLine("\nPress any key to continue...");
|
|
Console.ReadKey();
|
|
Console.Clear();
|
|
}
|
|
|
|
string? EncryptData(string encryptionKey, Mode mode)
|
|
{
|
|
// Represents CredentialModel data
|
|
// https://dev.azure.com/FoxDevStudio/EasyLogon/_wiki/wikis/Documentation/40/Webapp-API-endpoints?anchor=remarks
|
|
var mockData = new
|
|
{
|
|
Id = Guid.NewGuid().ToString(),
|
|
Name = "Mock data",
|
|
TargetResource = "ezlog.app",
|
|
Login = "xfox",
|
|
Password = mode == Mode.MalformedModel ? null : "Qwerty123",
|
|
UseCount = 3
|
|
};
|
|
|
|
string rawData = JsonConvert.SerializeObject(mockData);
|
|
byte[] dataBytes = Encoding.UTF8.GetBytes(rawData);
|
|
byte[] keyBytes = Convert.FromBase64String(encryptionKey);
|
|
|
|
using Aes aes = Aes.Create();
|
|
|
|
aes.Key = keyBytes;
|
|
aes.Padding = PaddingMode.PKCS7;
|
|
aes.Mode = CipherMode.ECB;
|
|
|
|
try
|
|
{
|
|
using ICryptoTransform encryptor = aes.CreateEncryptor();
|
|
byte[] encryptedBytes = encryptor.TransformFinalBlock(dataBytes, 0, dataBytes.Length);
|
|
string data = Convert.ToBase64String(encryptedBytes);
|
|
return mode == Mode.MalformedData ? string.Concat(data.Reverse()) : data;
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
Console.WriteLine($"Error during encryption: {e.GetType()}: {e.Message}");
|
|
return null;
|
|
}
|
|
}
|
|
|
|
enum Mode
|
|
{
|
|
Default = 0,
|
|
MalformedModel = 1,
|
|
MalformedData = 2
|
|
} |