C# Module Interface Reference

This section describes interfaces that a C# attack module should implement.

Interface ICSAoduleFactory

A C# attack module should implement a class named CSAoduleFactory (it will be loaded by AppSpider by name) which should be derived from the following interface:

public interface ICSAoduleFactory

{

bool CreateModule(Guid moduleGuid, out``ICSAodule module);

}

MethodDescription
CreateModuleThis function is invoked to create an instance of the Attack Module.
Parameters:
  • moduleGuid - GUID of the module. This parameter is used by the class factory to decide which module to instantiates if the DLL implements multiple Attack Modules.
  • module [out, retval] - output parameter initialized with the module reference
Return value:
  • True - if operation was successful
  • False - if operation failed

Interface ICSAodule

Every Attack Module should implement the following interface:

public interface ICSAodule

{

void Load(uint moduleRunnerId);

void InitForScan();

void UninitForScan();

void InitForAttackConfig();

void UninitForAttackConfig();

void InitForCrawlResult();

void UninitForCrawlResult();

void InitForAttackPoint();

void UninitForAttackPoint();

bool AttackPointIsRelevant();

uint CalculateNumberOfAttacks();

bool RunAttack(uint attackIndex);

void RunPassiveAnalysis();

}

MethodDescription
LoadThis function is invoked immediately after a module is created by ICSAoduleFactory::CreateModule. The purpose of this function in to bind a C# Attack Module object to a ModuleRunner object.
Parameters:
  • moduleRunnerId - identifier of the module runner that was created by AppSpider for this instance of the module. The module should connect to the module runner object by creating a ModuleRunner COM class and passing moduleRunnerId to that class.
InitForScanNot invoked, reserved for future versions
UninitForScanNot invoked, reserved for future versions
InitForAttackConfigNot invoked, reserved for future versions
UninitForAttackConfigNot invoked, reserved for future versions
InitForCrawlResultNot invoked, reserved for future versions
UninitForCrawlResultNot invoked, reserved for future versions
InitForAttackPointNot invoked, reserved for future versions
UninitForAttackPointNot invoked, reserved for future versions
AttackPointIsRelevantNot invoked, reserved for future versions
CalculateNumberOfAttacksCalculates number of attacks for a given Attack Point and Attack Configuration. If the module is not interested in a given Attack Point it should return zero.
RunAttackThis function is invoked to run an active attack.
Parameters:
  • 'attackIndex' is a zero-based index based on the number returned by function CalculateNumberOfAttack. If CalculateNumberOfAttacks returns 3, RunAttack will be invoked three times with attack indices 0, 1 and 2.
Return value:
  • true: AppSpider should re-run the attack
  • false: there is no need to re-run the attack
RunPassiveAnalysisThis function is invoked to run passive analysis on the response.