-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathProgram.cs
More file actions
108 lines (96 loc) · 4.77 KB
/
Program.cs
File metadata and controls
108 lines (96 loc) · 4.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
using Microsoft.Extensions.Configuration;
using SQLInjectionSimulator.Modules;
namespace SQLInjectionSimulator
{
/// <summary>
/// SQL Injection Cybersecurity Simulator - Educational Console Application
///
/// ⚠️ FOR EDUCATIONAL USE ONLY - DO NOT USE AGAINST REAL SYSTEMS
/// </summary>
class Program
{
static async Task Main(string[] args)
{
try
{
Console.WriteLine("🛡️ SQL Injection Cybersecurity Simulator");
Console.WriteLine("==========================================");
Console.WriteLine("⚠️ FOR EDUCATIONAL PURPOSES ONLY");
Console.WriteLine();
// Simple connection string for LocalDB
string connectionString = "Server=(localdb)\\MSSQLLocalDB;Database=SQLInjectionSimulator;Trusted_Connection=true;MultipleActiveResultSets=true;TrustServerCertificate=true";
// Initialize basic components
var userManager = new UserManagerSimple(connectionString);
var tester = new InjectionTester(connectionString);
Console.WriteLine("🚀 Initializing application...");
Console.WriteLine("✅ Application ready!");
Console.WriteLine();
ShowMainMenu();
var choice = Console.ReadLine()?.Trim();
switch (choice?.ToUpper())
{
case "1":
Console.WriteLine("Setting up test users...");
await userManager.CreateTestUsersAsync();
break;
case "2":
Console.WriteLine("Listing users...");
var users = await userManager.GetAllUsersAsync();
foreach (var user in users)
{
Console.WriteLine($"- {user.Username} (Active: {user.IsActive})");
}
break;
case "3":
Console.WriteLine("Testing secure authentication...");
var result = await userManager.AuthenticateUserSecureAsync("admin", "SecureAdmin123!");
Console.WriteLine($"Authentication result: {result.success} - {result.message}");
break;
case "4":
Console.WriteLine("\nDemo: SQL Injection vs Secure Parameterization");
Console.Write("Enter a username to test: ");
var input = Console.ReadLine() ?? string.Empty;
var compare = await tester.CompareQueryResultsAsync(input);
Console.WriteLine("\nVulnerable query result:");
Console.WriteLine($"- Query: {compare.Vulnerable?.Query}");
Console.WriteLine($"- Rows: {compare.Vulnerable?.Rows?.ToString() ?? "null"}");
if (!string.IsNullOrWhiteSpace(compare.Vulnerable?.Error))
Console.WriteLine($"- Error: {compare.Vulnerable?.Error}");
Console.WriteLine("\nSecure query result:");
Console.WriteLine($"- Query: {compare.Secure?.Query}");
Console.WriteLine($"- Rows: {compare.Secure?.Rows?.ToString() ?? "null"}");
if (!string.IsNullOrWhiteSpace(compare.Secure?.Error))
Console.WriteLine($"- Error: {compare.Secure?.Error}");
Console.WriteLine("\nExplanation:");
Console.WriteLine(compare.Explanation);
break;
case "5":
// Exit
break;
default:
Console.WriteLine("Invalid choice. Exiting...");
break;
}
Console.WriteLine("\nPress any key to exit...");
Console.ReadKey();
}
catch (Exception ex)
{
Console.WriteLine($"❌ Error: {ex.Message}");
Console.WriteLine("Please ensure SQL Server LocalDB is installed and accessible.");
Console.WriteLine("\nPress any key to exit...");
Console.ReadKey();
}
}
private static void ShowMainMenu()
{
Console.WriteLine("📋 Choose an option:");
Console.WriteLine("1. Setup test users");
Console.WriteLine("2. List users");
Console.WriteLine("3. Test authentication");
Console.WriteLine("4. Demo injection");
Console.WriteLine("5. Exit");
Console.Write("Enter choice: ");
}
}
}