Usage - mandiant/route-sixty-sink GitHub Wiki

Global Options

  • -o --output_directory Provide path of location to write to. Default: ./Output.
  • -l --level Number of recursive method calls to recurse when sinkfinding.
  • -s --search-string Custom search string that should be queried as a sink. Can be a regex if -r is passed.
  • -r --is-regex Flag specifying whether the search string is a regex.
  • -v --verbosity Options - V,VV,E,W,D. Default - VVEW.
  • -n --no_console Stand alone switch. No argument required.
  • -o --output_format Options - csv,log,none Default - csv,log.
  • -f --sink-file JSON file containing sinks to search for.

Command Options

❗ SinkFinder will be invoked as a module to all identified routes when using aspnetcore or aspnetpages. To view the help menu of a command, type your command followed by --help

Syntax

(dotnet run -- |./RouteSixtySink.exe) <command> <options>

ASP.NET Core Options

aspnetcore

Given a .NET web application built using the ASP.NET Core MVC framework, Route Sixty-Sink will identify controller classes and identify when API routes lead to defined sinks.

  • -i --input [Required] Input DLL or directory of DLLs to parse. Route Sixty-Sink will identify controllers to parse API routes and then recursively search for sinks.
  • -d --dependencies [Required] DLL or directory of DLLs with which to use as the MVC application's dependencies.
  • --routerunner (Default: false) Invokes RouteRunner to attempt limited validation of identified routes by sending HTTP(s) requests to identified routes.
  • --do-delete (Default: false) Determine if RouteRunner should process requests with the DELETE HTTP verb.
  • --no-conventional (Default: false) Determine if RouteFinder should use the experimental conventional routing parser.
  • -e --endpoint Service endpoint for RouteRunner to target.
  • --failcodes Fail codes for RouteRunner to identify invalid routes.

ASP.NET Pages Usage

aspnetpages

Given .NET web application built using the classic ASP pages, Route Sixty-Sink will identify classes used and recursive search for sinks.

  • -i --input [Required] Input ASPX, ASHX, or ASCX page or directory of pages to parse. Route Sixty-Sink will identify the classes used in these pages and recursively search for sinks.
  • -d --dependencies [Required] DLL or directory of DLLs with which to use as the input pages' dependencies.

SinkFinder Usage

sinkfinder

Runs SinkFinder without route finding capability

  • -i --input [Required] Input DLL or directory of DLLs to query for sinks.
  • -d --dependencies [Required] DLL or directory of DLLs with which to use as the input DLLs' dependencies.

ClassDiscovery Usage

discovery

Runs discovery on provided DLLs

  • -i --input [Required] DLL or directory of DLLs with which to discover classes.
  • -m --methods Discover methods, as well as classes.
  • -p --public Set to find only publicly-accessible methods.
⚠️ **GitHub.com Fallback** ⚠️