Ejemplo n.º 1
0
class win(JFrame):
    def __init__(self, title="Consumo Electrico"):
        JFrame(title)
        self.setLayout(None)
        self.setBounds(10, 10, 300, 180)
        self.show()
        self.build()

    def build(self):
        self.label = JLabel("Cup")
        self.label.setBounds(120, 10, 45, 15)
        self.label2 = JLabel("KWh")
        self.label2.setBounds(20, 10, 45, 15)
        self.label3 = JLabel()
        self.label3.setBounds(120, 30, 55, 15)
        self.textfield = JTextField()
        self.textfield.setBounds(15, 30, 75, 20)
        self.textfield.addActionListener(lambda x: self.label3.setText(
            str(calculate(self.textfield.getText()))))
        button = JButton("Calcular")
        button.setBounds(10, 55, 290, 35)
        button.addActionListener(lambda x: self.label3.setText(
            str(calculate(self.textfield.getText()))))

        for var in [
                self.label, self.label2, self.label3, self.textfield, button
        ]:
            self.add(var)
Ejemplo n.º 2
0
    def getUiComponent(self):
        panel = JPanel(BorderLayout())
        panel.setLocation(100, 100)
        panel.setLayout(None)

        lbl1 = JLabel("Insert URL")
        lbl1.setBounds(60, 20, 100, 40)
        txt1 = JTextField(100)
        txt1.setBounds(140, 20, 600, 40)

        def btn1Click(event):

            import requests
            from bs4 import BeautifulSoup

            url = requests.get("http://" + str(txt1.text))
            #	a=requests.get(str(txt1.text))
            req = url.text
            links = []
            soup = BeautifulSoup(url.text, 'html.parser')
            for link in soup.find_all('a'):
                links.append(link.get('href'))

            links = ((str(links).replace("[",
                                         "")).replace("]",
                                                      "")).replace("u'", "'")

            txt2.text = links  #set info por table2
            txt2.editable = False
            txt2.wrapStyleWord = True
            txt2.lineWrap = True
            text2.aligmentx = Component.LEFT_ALIGMENT
            txt2.size(300, 1)

            return

        btn = JButton("Click", actionPerformed=btn1Click)
        btn.setBounds(400, 80, 60, 30)
        panel.add(lbl1, BorderLayout.CENTER)
        panel.add(txt1, BorderLayout.CENTER)
        panel.add(btn, BorderLayout.CENTER)

        lbl2 = JLabel("Output URLs")
        lbl2.setBounds(60, 80, 150, 40)

        txt2 = JTextArea()
        txt2.setBounds(140, 120, 600, 600)
        txt2.setBackground(Color.WHITE)
        # set table color, if you want

        panel.add(lbl2, BorderLayout.CENTER)
        panel.add(txt2, BorderLayout.CENTER)

        return panel
Ejemplo n.º 3
0
def showLoginIdPassword(data):    
    global frame
    
    frame = JFrame("Show Id  Password ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500,350)
    frame.setLocation(200,200)
    frame.setLayout(None)
    frame.setVisible(True)
    
    panel = JPanel()
    panel.setSize(500,350)
    panel.setLocation(0,0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)
    
    heading = JLabel("LoginId AND Password")
    heading.setBounds(200,30,150,40)
    
    lbLoginId = JLabel("LoginId")
    lbPassword = JLabel("password")
    
    tfLoginId = JTextField(data[0].encode('ascii'))
    tfPassword = JTextField(data[1].encode('ascii'))
    
    tfLoginId.setEditable(False)
    tfPassword.setEditable(False)
    
    lbLoginId.setBounds(50,100,150,30)
    lbPassword.setBounds(50,150,150,30)
    
    tfLoginId.setBounds(220,100,150,30)
    tfPassword.setBounds(220,150,150,30)
    
    btnOk = JButton("Ok",actionPerformed=clickOk)
    
    btnOk.setBounds(250,220,100,30)
    
    panel.add(heading)
    panel.add(lbLoginId)
    panel.add(lbPassword)
    panel.add(tfLoginId)
    panel.add(tfPassword)
    panel.add(btnOk)
    frame.add(panel)
Ejemplo n.º 4
0
    def gui(self):

        # Hilfsfunktion für event
        # erstellt ein Rezeptobjekt anhand einer URL
        # schließt die GUI
        def create(event):
            url = field.getText()
            self.recipe = Recipe(url)
            frame.dispose()
            print("created recipe for " + self.recipe.get_title())
            # der Dialog wartet, bis "continue" gesendet wird
            self.send("continue")

        # Frame erstellen
        frame = JFrame(
            'URL eingeben',
            defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
            size=(480, 200),
        )
        frame.setLayout(None)

        # Text im Frame
        fieldlabel = JLabel()
        fieldlabel.setText(
            "<html><font size=+1>Geben Sie die Internetadresse des Rezepts ein</font></html>"
        )
        fieldlabel.setBounds(20, 20, 500, 40)
        frame.add(fieldlabel)

        # Textfeld im Frame
        field = JTextField()
        field.setText("https://www.chefkoch.de/rezepte/...")
        field.setBounds(20, 60, 411, 40)
        frame.add(field)

        # Button im Frame
        # ruft Hilfsfunktion create auf
        button = JButton("Los!", actionPerformed=create)
        button.setBounds(155, 100, 150, 30)
        frame.add(button)

        #Frame anzeigen
        frame.setVisible(True)
def getCourseName(check):    
    global frame
    global tfStudentCourseChoice
    global value

    value = check
    
    frame = JFrame("Course Name ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500,250)
    frame.setLocation(200,200)
    frame.setLayout(None)
    frame.setVisible(True)
    
    panel = JPanel()
    panel.setSize(500,250)
    panel.setLocation(0,0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)
    
    heading = JLabel("Get Course Name")
    heading.setBounds(200,30,150,40)
    
    lbStudentCourseChoice = JLabel("Student course name")
    tfStudentCourseChoice = JTextField()
    
    lbStudentCourseChoice.setBounds(50,70,150,30)
    tfStudentCourseChoice.setBounds(220,70,150,30)
    
    btnEnter = JButton("Enter",actionPerformed=clickStudentCourseChoice)
    btnCancel = JButton("Cancel",actionPerformed=clickBtnCancel)
    
    btnEnter.setBounds(350,150,100,30)
    btnCancel.setBounds(50,150,100,30)
    
    panel.add(heading)
    panel.add(lbStudentCourseChoice)
    panel.add(tfStudentCourseChoice)
    panel.add(btnEnter)
    panel.add(btnCancel)
    frame.add(panel)
Ejemplo n.º 6
0
 def build(self):
     #labels
     cl = JLabel("Celcius")
     cl.setBounds(10, 10, 60, 20)
     fl = JLabel("Farenheit")
     fl.setBounds(120, 10, 60, 20)
     kl = JLabel("Kelvin")
     kl.setBounds(230, 10, 60, 20)
     #celcius textfield
     c = JTextField()
     c.setBounds(10, 40, 60, 20)
     c.addActionListener(lambda x: log(x))
     #farenheit textfield
     f = JTextField()
     f.setBounds(120, 40, 60, 20)
     f.addActionListener(lambda x: log(x))
     #kelvin textfield
     k = JTextField()
     k.setBounds(230, 40, 60, 20)
     k.addActionListener(lambda x: log(x))
     #buttons
     cv = JButton("Convert")
     cv.addActionListener(lambda x: self.convert(x))
     cv.setBounds(10, 70, 300 - 10, 30)
     clean = JButton("Clean")
     clean.addActionListener(lambda x: self.clean())
     clean.setBounds(10, 110, 300 - 10, 30)
     #add vars to frame
     list(map(lambda x: self.add(x), [cl, kl, fl, c, f, k, cv, clean]))
     self.k = k
     self.c = c
     self.f = f
     self.textfields = {self.c, self.f, self.k}
Ejemplo n.º 7
0
def install(helper):
  	print('install called'); 
	
	frame = JFrame("Please Input Values")
	frame.setLocation(100,100)
	frame.setSize(500,400)
	frame.setLayout(None)

	lbl1 = JLabel("Input1: ")
	lbl1.setBounds(60,20,60,20)
	txt1 = JTextField(100)
	txt1.setBounds(130,20,200,20)
	lbl2 = JLabel("Input2: ")
	lbl2.setBounds(60,50,100,20)
	txt2 = JTextField(100)
	txt2.setBounds(130,50,200,20)
	lbl3 = JLabel("Input3: ")
	lbl3.setBounds(60,80,140,20)
	txt3 = JTextField(100)
	txt3.setBounds(130,80,200,20)
	lbl4 = JLabel("Input4: ")
	lbl4.setBounds(60,110,180,20)
	txt4 = JTextField(100)
	txt4.setBounds(130,110,200,20)
	
	def getValues(event):
		print "clicked"
		ScriptVars.setGlobalVar("Input1",str(txt1.getText()))
		print(ScriptVars.getGlobalVar("Input1"))
		ScriptVars.setGlobalVar("Input2",str(txt2.getText()))
		print(ScriptVars.getGlobalVar("Input2"))
		ScriptVars.setGlobalVar("Input3",str(txt3.getText()))
		print(ScriptVars.getGlobalVar("Input3"))
		ScriptVars.setGlobalVar("Input4",str(txt4.getText()))
		print(ScriptVars.getGlobalVar("Input4"))		
		
	btn = JButton("Submit", actionPerformed = getValues)
	btn.setBounds(160,150,100,20)
		
	frame.add(lbl1)
	frame.add(txt1)
	frame.add(lbl2)
	frame.add(txt2)
	frame.add(btn)
	frame.add(lbl3)
	frame.add(txt3)
	frame.add(lbl4)
	frame.add(txt4)
	frame.setVisible(True)
def changePasswordForm(check):
    global frame
    global tfOldPassword
    global tfNewPassword
    global tfConfirmPassword
    global value

    value = check

    frame = JFrame("Change Password")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500, 350)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(500, 350)
    panel.setLocation(0, 0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)

    heading = JLabel("Change Password")
    heading.setBounds(200, 30, 150, 40)

    lbOldPassword = JLabel("Old Password")
    lbNewPassword = JLabel("New Password")
    lbConfirmPassword = JLabel("Confirm Password")

    tfOldPassword = JTextField()
    tfNewPassword = JTextField()
    tfConfirmPassword = JTextField()

    lbOldPassword.setBounds(50, 100, 150, 30)
    lbNewPassword.setBounds(50, 150, 150, 30)
    lbConfirmPassword.setBounds(50, 200, 150, 30)

    tfOldPassword.setBounds(220, 100, 150, 30)
    tfNewPassword.setBounds(220, 150, 150, 30)
    tfConfirmPassword.setBounds(220, 200, 150, 30)

    btnSave = JButton("Save", actionPerformed=clickSave)
    btnCancel = JButton("Cancel", actionPerformed=clickCancel)

    btnSave.setBounds(350, 280, 100, 30)
    btnCancel.setBounds(50, 280, 100, 30)

    panel.add(heading)
    panel.add(lbOldPassword)
    panel.add(lbNewPassword)
    panel.add(lbConfirmPassword)
    panel.add(tfOldPassword)
    panel.add(tfNewPassword)
    panel.add(tfConfirmPassword)
    panel.add(btnSave)
    panel.add(btnCancel)

    frame.add(panel)
Ejemplo n.º 9
0
def install(helper):
    print('install called')

    frame = JFrame("Please Input Values")
    frame.setLocation(100, 100)
    frame.setSize(500, 400)
    frame.setLayout(None)

    lbl1 = JLabel("Input1: ")
    lbl1.setBounds(60, 20, 60, 20)
    txt1 = JTextField(100)
    txt1.setBounds(130, 20, 200, 20)
    lbl2 = JLabel("Input2: ")
    lbl2.setBounds(60, 50, 100, 20)
    txt2 = JTextField(100)
    txt2.setBounds(130, 50, 200, 20)
    lbl3 = JLabel("Input3: ")
    lbl3.setBounds(60, 80, 140, 20)
    txt3 = JTextField(100)
    txt3.setBounds(130, 80, 200, 20)
    lbl4 = JLabel("Input4: ")
    lbl4.setBounds(60, 110, 180, 20)
    txt4 = JTextField(100)
    txt4.setBounds(130, 110, 200, 20)

    def getValues(event):
        print "clicked"
        ScriptVars.setGlobalVar("Input1", str(txt1.getText()))
        print(ScriptVars.getGlobalVar("Input1"))
        ScriptVars.setGlobalVar("Input2", str(txt2.getText()))
        print(ScriptVars.getGlobalVar("Input2"))
        ScriptVars.setGlobalVar("Input3", str(txt3.getText()))
        print(ScriptVars.getGlobalVar("Input3"))
        ScriptVars.setGlobalVar("Input4", str(txt4.getText()))
        print(ScriptVars.getGlobalVar("Input4"))

    btn = JButton("Submit", actionPerformed=getValues)
    btn.setBounds(160, 150, 100, 20)

    frame.add(lbl1)
    frame.add(txt1)
    frame.add(lbl2)
    frame.add(txt2)
    frame.add(btn)
    frame.add(lbl3)
    frame.add(txt3)
    frame.add(lbl4)
    frame.add(txt4)
    frame.setVisible(True)
Ejemplo n.º 10
0
def addCourse():
    global tfCourseName
    global tfCourseId
    global tfCourseFee
    global frame
    global btnEnter

    frame = JFrame("Add Course ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(450, 450)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(450, 450)
    panel.setLocation(0, 0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)

    heading = JLabel("ADD COURSE")
    heading.setBounds(200, 30, 150, 40)

    lbCourseName = JLabel("Course Name ")
    lbCourseId = JLabel("Course Id")
    lbCourseFee = JLabel(" Course Fee")

    tfCourseName = JTextField()
    tfCourseId = JTextField()
    tfCourseFee = JTextField()

    lbCourseName.setBounds(70, 120, 130, 30)
    lbCourseId.setBounds(70, 170, 130, 30)
    lbCourseFee.setBounds(70, 220, 130, 30)

    tfCourseName.setBounds(220, 120, 150, 30)
    tfCourseId.setBounds(220, 170, 150, 30)
    tfCourseFee.setBounds(220, 220, 150, 30)

    btnEnter = JButton("Enter", actionPerformed=clickAddCourseFee)
    btnEnter.setBounds(300, 300, 100, 40)

    btnCancel = JButton("Cancel", actionPerformed=clickCancel)
    btnCancel.setBounds(70, 300, 100, 40)

    panel.add(heading)
    panel.add(lbCourseName)
    panel.add(lbCourseId)
    panel.add(lbCourseFee)
    panel.add(tfCourseFee)
    panel.add(tfCourseName)
    panel.add(tfCourseId)
    panel.add(tfCourseFee)
    panel.add(btnEnter)
    panel.add(btnCancel)

    frame.add(panel)
Ejemplo n.º 11
0
 def addDetails(self):
     jf0 = JFrame()
     jf0.setTitle("Add Issue");
     jf0.setLayout(None);
     
     txtEnterIssue = JTextField();
     txtEnterIssue.setName("Enter Issue Name");
     txtEnterIssue.setToolTipText("Enter Issue Name Here");
     txtEnterIssue.setBounds(182, 58, 473, 40);
     jf0.add(txtEnterIssue);
     txtEnterIssue.setColumns(10);
     
     btnNewButton = JButton("Add");
     btnNewButton.setBounds(322, 178, 139, 41);
     jf0.add(btnNewButton);
     
     comboBox = JComboBox();
     comboBox.setMaximumRowCount(20);
     comboBox.setEditable(True);
     comboBox.setToolTipText("Objective Name");
     comboBox.setBounds(182, 125, 473, 40);
     jf0.add(comboBox);
     
     lblNewLabel = JLabel("Issue Name Here");
     lblNewLabel.setFont(Font("Tahoma", Font.PLAIN, 16));
     lblNewLabel.setBounds(25, 58, 130, 40);
     jf0.add(lblNewLabel);
     
     lblNewLabel_1 = JLabel("Objective Name");
     lblNewLabel_1.setFont(Font("Tahoma", Font.PLAIN, 16));
     lblNewLabel_1.setBounds(25, 125, 130, 40);
     jf0.add(lblNewLabel_1);
     jf0.setVisible(True)
     jf0.setBounds(400, 300, 700, 300)
     jf0.EXIT_ON_CLOSE
     
     txtEnterIssue.addKeyListener(self)
class BurpExtender(IBurpExtender, ITab, IScannerCheck, IExtensionStateListener,
                   IHttpRequestResponse):
    def registerExtenderCallbacks(self, callbacks):
        self._callbacks = callbacks
        self._helpers = callbacks.getHelpers()

        callbacks.setExtensionName("burp-unauth-checker")

        #callbacks.issueAlert("burp-unauth-checker Passive Scanner enabled")

        stdout = PrintWriter(callbacks.getStdout(), True)
        stderr = PrintWriter(callbacks.getStderr(), True)
        self._callbacks.registerScannerCheck(self)
        self._callbacks.registerExtensionStateListener(self)

        self.authParamsList = self.getAuthParamConfig()

        self.initUI()
        self._callbacks.addSuiteTab(self)

        print("burp-unauth-checker loaded.")
        print("Author:LSA")
        print("https://github.com/theLSA/burp-unauth-checker")

        self.outputTxtArea.setText("")

        self.excludeAuthParamsList = self.getExcludeAuthParams()

        print 'authParamsList: ' + str(self.authParamsList) + '\n'

        if self.excludeAuthParamsList != None:
            self.authParamsList = list(
                set(self.authParamsList).difference(
                    set(self.excludeAuthParamsList)))

            print 'excludeAuthParamsList: ' + str(
                self.excludeAuthParamsList) + '\n'
            print "finalAuthParamsList: " + ",".join(
                self.authParamsList) + "\n"

    def extensionUnloaded(self):
        print "burp-unauth-checker Unloaded."
        return

    def doPassiveScan(self, baseRequestResponse):

        islaunchBurpUnauthChecker = int(
            self.launchBurpUnauthCheckerCheckBox.isSelected())

        if (not islaunchBurpUnauthChecker) or (
                self.isFilterSuffix(baseRequestResponse)) or (
                    self.isFilterStatusCode(baseRequestResponse)):
            return

        scan_issues = []

        newRequestResponse = self.sendUnauthenticatedRequest(
            baseRequestResponse)

        #print str(self._helpers.analyzeRequest(baseRequestResponse).getUrl()) + '\n'

        issue = self.compareResponses(newRequestResponse, baseRequestResponse)

        scan_issues.append(issue)
        return scan_issues

    def consolidateDuplicateIssues(self, isb, isa):
        return -1

    def sendUnauthenticatedRequest(self, requestResponse):

        newRequest = self.stripAuthenticationCharacteristics(requestResponse)
        return self._callbacks.makeHttpRequest(
            requestResponse.getHttpService(), newRequest)

    def stripAuthenticationCharacteristics(self, requestResponse):

        self.excludeAuthParamsList = self.getExcludeAuthParams()

        print 'authParamsList: ' + str(self.authParamsList) + '\n'

        if self.excludeAuthParamsList != None:
            self.authParamsList = list(
                set(self.authParamsList).difference(
                    set(self.excludeAuthParamsList)))

            #print 'authParamsList: ' + str(self.authParamsList) + '\n'
            print 'excludeAuthParamsList: ' + str(
                self.excludeAuthParamsList) + '\n'
            print "finalAuthParamsList: " + ",".join(
                self.authParamsList) + "\n"

        reqHeaders = self._helpers.analyzeRequest(requestResponse).getHeaders()
        reqBodyOffset = self._helpers.analyzeRequest(
            requestResponse).getBodyOffset()

        reqBodyByte = requestResponse.getRequest().tostring()[reqBodyOffset:]

        newHeaders = []

        newAuthHeaderVal = self.replaceHeaderValWithTextField.getText()

        for header in reqHeaders:
            headerName = header.split(':')[0]
            #    if headerName.lower() not in self.authParamsList:
            #        newHeaders.append(header)
            #return self._helpers.buildHttpMessage(newHeaders, None)
            if headerName.lower() in self.authParamsList:
                header = headerName + ": " + newAuthHeaderVal
                newHeaders.append(header)
            else:
                newHeaders.append(header)

        #newRemoveAuthHeaderRequest = self._helpers.buildHttpMessage(newHeaders, None)

        newRemoveAuthHeaderRequest = self._helpers.buildHttpMessage(
            newHeaders, reqBodyByte)

        if self.removeGetPostAuthParamsCheckBox.isSelected():
            newRemoveGetPostAuthParamsRequest = self.removeGetPostAuthParams(
                requestResponse, newRemoveAuthHeaderRequest,
                self.authParamsList)

            if newRemoveGetPostAuthParamsRequest:
                #print newRemoveGetPostAuthParamsRequest
                return newRemoveGetPostAuthParamsRequest
            else:
                return self._helpers.buildHttpMessage(newHeaders, reqBodyByte)

        else:
            return self._helpers.buildHttpMessage(newHeaders, reqBodyByte)

    def compareResponses(self, newRequestResponse, oldRequestResponse):
        """Compare new rsp and old rsp body contents"""
        result = None
        nResponse = newRequestResponse.getResponse()
        if nResponse is None:
            return result
        nResponseInfo = self._helpers.analyzeResponse(nResponse)
        # Only considering non-cached HTTP responses
        if nResponseInfo.getStatusCode() == 304:
            return result
        nBodyOffset = nResponseInfo.getBodyOffset()
        nBody = nResponse.tostring()[nBodyOffset:]
        oResponse = oldRequestResponse.getResponse()
        oResponseInfo = self._helpers.analyzeResponse(oResponse)
        oBodyOffset = oResponseInfo.getBodyOffset()
        oBody = oResponse.tostring()[oBodyOffset:]

        #print 'oBody:' + str(oBody) + '\n'

        #print 'nBody:' + str(nBody) + '\n'

        #self.outputTxtArea.append("[url]%s\n" % self._helpers.analyzeRequest(oldRequestResponse).getUrl())

        isShowRspContent = int(self.showRspContentCheckBox.isSelected())
        isShowPostBody = int(self.showPostBodyCheckBox.isSelected())

        if (str(nBody).split() == str(oBody).split()):

            self.outputTxtArea.append(
                "[%s][URL]%s\n" %
                (self._helpers.analyzeRequest(oldRequestResponse).getMethod(),
                 self._helpers.analyzeRequest(oldRequestResponse).getUrl()))

            if isShowPostBody:
                oldReqBodyOffset = self._helpers.analyzeRequest(
                    oldRequestResponse).getBodyOffset()
                oldReqBodyString = oldRequestResponse.getRequest().tostring(
                )[oldReqBodyOffset:]
                self.outputTxtArea.append("%s\n" % oldReqBodyString)

            if isShowRspContent:
                self.outputTxtArea.append("[rspContent]%s\n" % str(nBody))

            self.outputTxtArea.append(
                "\n------------------------------------------------------------------------\n"
            )

            issuename = "unauth-endpoint"
            issuelevel = "Medium"
            issuedetail = "Unauthorization endpoint."
            issuebackground = "The endpoint is unauthorizated."
            issueremediation = "Senstive endpoint must have authorization."
            issueconfidence = "Firm"
            result = ScanIssue(
                oldRequestResponse.getHttpService(),
                self._helpers.analyzeRequest(oldRequestResponse).getUrl(),
                issuename, issuelevel, issuedetail, issuebackground,
                issueremediation, issueconfidence,
                [oldRequestResponse, newRequestResponse])
            print result
            return result
        else:
            print "body difference!\n"

    def initUI(self):
        self.tab = swing.JPanel()

        # UI for Output
        self.outputLabel = swing.JLabel("unauth api result:")
        self.outputLabel.setFont(Font("Tahoma", Font.BOLD, 14))
        self.outputLabel.setForeground(Color(255, 102, 52))
        self.logPane = swing.JScrollPane()
        self.outputTxtArea = swing.JTextArea()
        self.outputTxtArea.setFont(Font("Consolas", Font.PLAIN, 12))
        self.outputTxtArea.setLineWrap(True)
        self.logPane.setViewportView(self.outputTxtArea)
        self.clearBtn = swing.JButton("Clear", actionPerformed=self.clearRst)
        self.exportBtn = swing.JButton("Export",
                                       actionPerformed=self.exportRst)
        self.parentFrm = swing.JFileChooser()

        self.showRspContentCheckBox = JCheckBox("show rspContent")
        self.showPostBodyCheckBox = JCheckBox("show post body")

        self.launchBurpUnauthCheckerCheckBox = JCheckBox(
            "launchBurpUnauthChecker")

        #self.includeAuthParamsLabel = swing.JLabel("includeAuthParams:")
        self.excludeAuthParamsLabel = swing.JLabel("excludeAuthParams:")

        self.filterSuffixLabel = swing.JLabel("filterSuffix:")

        self.removeAuthParamListText = self.authParamsList

        #print self.removeAuthParamListText

        self.removeAuthParamListTextField = JTextField(",".join(
            self.removeAuthParamListText))

        self.excludeAuthParamsTextField = JTextField()

        self.filterSuffixTextField = JTextField(filterSuffixList)

        self.onlyIncludeStatusCodeTextField = JTextField("200")

        self.onlyIncludeStatusCodeLabel = JLabel("onlyIncludeStatusCode:")

        self.saveAuthParamsListButton = swing.JButton(
            "save", actionPerformed=self.addAndSaveAuthParam)

        self.alertSaveSuccess = JOptionPane()

        self.removeGetPostAuthParamsCheckBox = JCheckBox(
            "replace GET/POST Auth Params with ")

        self.replaceGetPostAuthParamsWithTextField = JTextField("unauthp")

        self.replaceHeaderValWithLabel = JLabel("replace header value with ")

        self.replaceHeaderValWithTextField = JTextField("unauthh")

        self.tab.setLayout(None)

        self.tab.add(self.launchBurpUnauthCheckerCheckBox)
        self.tab.add(self.showRspContentCheckBox)
        self.tab.add(self.showPostBodyCheckBox)
        self.tab.add(self.outputLabel)
        self.tab.add(self.logPane)

        self.tab.add(self.clearBtn)
        self.tab.add(self.exportBtn)

        self.tab.add(self.removeAuthParamListTextField)

        #self.tab.add(self.includeAuthParamsLabel)
        self.tab.add(self.excludeAuthParamsLabel)
        self.tab.add(self.filterSuffixLabel)
        self.tab.add(self.excludeAuthParamsTextField)
        self.tab.add(self.filterSuffixTextField)

        self.tab.add(self.onlyIncludeStatusCodeTextField)
        self.tab.add(self.onlyIncludeStatusCodeLabel)

        self.tab.add(self.saveAuthParamsListButton)

        self.tab.add(self.alertSaveSuccess)

        self.tab.add(self.removeGetPostAuthParamsCheckBox)

        self.tab.add(self.replaceGetPostAuthParamsWithTextField)

        self.tab.add(self.replaceHeaderValWithTextField)

        self.tab.add(self.replaceHeaderValWithLabel)

        self.launchBurpUnauthCheckerCheckBox.setBounds(20, 10, 200, 20)
        self.showRspContentCheckBox.setBounds(20, 40, 150, 30)
        self.showPostBodyCheckBox.setBounds(20, 75, 150, 30)
        self.outputLabel.setBounds(400, 200, 150, 50)
        self.logPane.setBounds(20, 250, 900, 400)

        self.clearBtn.setBounds(20, 650, 100, 30)
        self.exportBtn.setBounds(820, 650, 100, 30)

        self.removeAuthParamListTextField.setBounds(20, 140, 400, 30)

        #self.includeAuthParamsLabel.setBounds(20,100,100,20)
        self.excludeAuthParamsLabel.setBounds(580, 100, 150, 20)
        self.excludeAuthParamsTextField.setBounds(580, 120, 400, 30)
        self.filterSuffixLabel.setBounds(200, 40, 100, 20)
        self.filterSuffixTextField.setBounds(200, 60, 500, 30)

        self.onlyIncludeStatusCodeTextField.setBounds(750, 170, 120, 30)
        self.onlyIncludeStatusCodeLabel.setBounds(600, 170, 190, 20)

        self.saveAuthParamsListButton.setBounds(20, 180, 80, 30)

        self.removeGetPostAuthParamsCheckBox.setBounds(120, 170, 280, 20)

        self.replaceGetPostAuthParamsWithTextField.setBounds(380, 170, 70, 30)

        self.replaceHeaderValWithLabel.setBounds(20, 100, 180, 20)

        self.replaceHeaderValWithTextField.setBounds(190, 100, 70, 30)

    def getTabCaption(self):
        return "burp-unauth-checker"

    def getUiComponent(self):
        return self.tab

    def clearRst(self, event):
        self.outputTxtArea.setText("")

    def exportRst(self, event):
        chooseFile = JFileChooser()
        ret = chooseFile.showDialog(self.logPane, "Choose file")
        filename = chooseFile.getSelectedFile().getCanonicalPath()
        print "\n" + "Export to : " + filename
        open(filename, 'w', 0).write(self.outputTxtArea.text)

    def getAuthParamConfig(self):
        authFieldList = []
        with open(authParamCfgFile, "r") as fauth:

            #authFieldList = fauth.readlines()

            for authParamLine in fauth.readlines():
                authFieldList.append(authParamLine.strip())

        #print authFieldList

        return authFieldList

    def getFilterSuffixList(self):
        filterSuffixList = []

        filterSuffixList = self.filterSuffixTextField.getText().split(",")

        print filterSuffixList

        return filterSuffixList

    def getExcludeAuthParams(self):
        excludeAuthParamsList = []
        excludeAuthParamsList = self.excludeAuthParamsTextField.getText(
        ).split(",")
        #print excludeAuthParamsList
        return excludeAuthParamsList

    def checkStatusCode(self):
        filterStatusCodeList = []
        filterStatusCodeList = self.onlyIncludeStatusCodeTextField.getText(
        ).split(",")
        print "Only check thoes status code: " + ",".join(filterStatusCodeList)
        return filterStatusCodeList

    def isFilterSuffix(self, requestResponse):
        reqUrl = str(self._helpers.analyzeRequest(requestResponse).getUrl())

        print reqUrl + '\n'

        try:
            reqUrlSuffix = os.path.basename(reqUrl).split(".")[-1].split(
                "?")[0].lower()

        except:
            reqUrlSuffix = "causeExceptionSuffix"

        if reqUrlSuffix == "":
            reqUrlSuffix = "spaceSuffix"

        print reqUrlSuffix

        if (reqUrlSuffix in self.getFilterSuffixList()) and (
                reqUrlSuffix != "causeExceptionSuffix") and (reqUrlSuffix !=
                                                             "spaceSuffix"):

            print 'filterSuffix: ' + reqUrlSuffix

            print 'filterUrl: ' + reqUrl

            return True

    def isFilterStatusCode(self, requestResponse):
        baseResponse = requestResponse.getResponse()
        baseResponseInfo = self._helpers.analyzeResponse(baseResponse)

        if str(baseResponseInfo.getStatusCode()) not in self.checkStatusCode():

            print baseResponseInfo.getStatusCode()
            return True

    def addAndSaveAuthParam(self, event):
        oldAuthParamsList = []
        oldAuthParamsList = self.authParamsList

        newAuthParamsList = []
        newAuthParamsList = self.removeAuthParamListTextField.getText().split(
            ",")

        addAuthParamsList = list(
            set(newAuthParamsList).difference(set(oldAuthParamsList)))
        print addAuthParamsList

        with open(authParamCfgFile, 'a') as f1:
            for newAuthParam in addAuthParamsList:
                f1.write('\n' + newAuthParam)

        self.authParamsList = self.getAuthParamConfig()

        self.alertSaveSuccess.showMessageDialog(self.tab, "save success!")

    def removeGetPostAuthParams(self, requestResponse,
                                newRemoveAuthHeaderRequest, authParamsListNew):
        paramList = self._helpers.analyzeRequest(
            requestResponse).getParameters()
        authParamsList = authParamsListNew

        newAuthParamValue = self.replaceGetPostAuthParamsWithTextField.getText(
        )

        #print paramList

        #return paramList

        newRemoveGetPostAuthParamsRequest = newRemoveAuthHeaderRequest

        haveRemoveGetPostAuthParams = False

        #isJsonReq = False

        for para in paramList:
            paramType = para.getType()

            if (paramType == 0) or (paramType == 1):
                paramKey = para.getName()
                paramValue = para.getValue()

                print paramKey + ":" + paramValue

                if paramKey.lower() in authParamsList:
                    newAuthParam = self._helpers.buildParameter(
                        paramKey, newAuthParamValue, paramType)
                    newRemoveGetPostAuthParamsRequest = self._helpers.updateParameter(
                        newRemoveGetPostAuthParamsRequest, newAuthParam)
                    haveRemoveGetPostAuthParams = True

            if paramType == 6:

                paramKey = para.getName()
                paramValue = para.getValue()

                print paramKey + ":" + paramValue

                reqJsonBodyOffset = self._helpers.analyzeRequest(
                    requestResponse).getBodyOffset()
                reqJsonBodyString = requestResponse.getRequest().tostring(
                )[reqJsonBodyOffset:]

                print reqJsonBodyString

                reqJsonBodyStringDict = json.loads(reqJsonBodyString)

                #reqJsonBodyStringDict = ast.literal_eval(reqJsonBodyString)

                for authParamName in authParamsList:
                    if authParamName in reqJsonBodyStringDict.keys():
                        reqJsonBodyStringDict[
                            authParamName] = newAuthParamValue
                '''        

                ks = reqJsonBodyStringDict.keys()
                for k in ks:
                    val = reqJsonBodyStringDict.pop(k)
                    if isinstance(val, unicode):
                        val = val.encode('utf8')
                    #elif isinstance(val, dict):
                    #    val = encode_dict(val, codec)
                    if isinstance(k, unicode):
                        k = k.encode('utf8')
                    reqJsonBodyStringDict[k] = val

                #for key in reqJsonBodyStringDict:
                #    key = key.encode('utf8')
                #    reqJsonBodyStringDict[key] = reqJsonBodyStringDict[key].encode('utf8')
                
                '''

                newReqJsonBodyString = json.dumps(reqJsonBodyStringDict,
                                                  separators=(',', ':'))

                jsonReqHeaders = self._helpers.analyzeRequest(
                    newRemoveAuthHeaderRequest).getHeaders()

                haveRemoveGetPostAuthParams = True

                #isJsonReq = True

                #newRemoveGetPostAuthParamsRequest = self._helpers.buildHttpMessage(jsonReqHeaders, str(reqJsonBodyStringDict).replace("': ","':").replace(", '", ",'").replace(", {", ",{"))
                newRemoveGetPostAuthParamsRequest = self._helpers.buildHttpMessage(
                    jsonReqHeaders, newReqJsonBodyString)

        if haveRemoveGetPostAuthParams:
            #requestResponse.setRequest(new_Request)

            return newRemoveGetPostAuthParamsRequest
        else:
            print 'do not haveRemoveGetPostAuthParams\n'
            return False
Ejemplo n.º 13
0
class BurpExtender(IBurpExtender, ITab, IMessageEditorController, AbstractTableModel, IContextMenuFactory):

    def registerExtenderCallbacks(self, callbacks):
        # keep a reference to our callbacks object
        self._callbacks = callbacks
        # obtain an extension helpers object
        self._helpers = callbacks.getHelpers()
        
        # set our extension name
        callbacks.setExtensionName("PT Vulnerabilities Manager")
        
        self.config = SafeConfigParser()
        self.createSection('projects')
        self.createSection('general')
        self.config.read('config.ini')
        self.chooser = JFileChooser()
        # create the log and a lock on which to synchronize when adding log entries
        self._log = ArrayList()
        self._lock = Lock()
        
        self.logTable = Table(self)
        self.logTable.getColumnModel().getColumn(0).setMaxWidth(35)
        self.logTable.getColumnModel().getColumn(1).setMinWidth(100)

        self._requestViewer = self._callbacks.createMessageEditor(self, False)
        self._responseViewer = self._callbacks.createMessageEditor(self, False)

        self.initVulnerabilityTab()
        self.initProjSettingsTab()
        self.initTabs()
        self.initCallbacks()

        if self.projPath.getText() != None:
            self.loadVulnerabilities(self.projPath.getText())

        print "Thank you for installing PT Vulnerabilities Manager v1.0 extension"
        print "by Barak Tawily\n\n\n"
        print "Disclaimer:\nThis extension might create folders and files in your hardisk which might be declared as sensitive information, make sure you are creating projects under encrypted partition"
        return

    def initVulnerabilityTab(self):
        #
        ##  init vulnerability tab
        #

        nameLabel = JLabel("Vulnerability Name:")
        nameLabel.setBounds(10, 10, 140, 30)

        self.addButton = JButton("Add",actionPerformed=self.addVuln)
        self.addButton.setBounds(10, 500, 100, 30) 

        rmVulnButton = JButton("Remove",actionPerformed=self.rmVuln)
        rmVulnButton.setBounds(465, 500, 100, 30)

        mitigationLabel = JLabel("Mitigation:")
        mitigationLabel.setBounds(10, 290, 150, 30)
        
        addSSBtn = JButton("Add SS",actionPerformed=self.addSS)
        addSSBtn.setBounds(750, 40, 110, 30) 

        deleteSSBtn = JButton("Remove SS",actionPerformed=self.removeSS)
        deleteSSBtn.setBounds(750, 75, 110, 30) 

        piclistLabel = JLabel("Images list:")
        piclistLabel.setBounds(580, 10, 140, 30)

        self.screenshotsList = DefaultListModel()
        self.ssList = JList(self.screenshotsList)
        self.ssList.setBounds(580, 40, 150, 250)
        self.ssList.addListSelectionListener(ssChangedHandler(self))
        self.ssList.setBorder(BorderFactory.createLineBorder(Color.GRAY))

        previewPicLabel = JLabel("Selected image preview: (click to open in image viewer)")
        previewPicLabel.setBounds(580, 290, 500, 30)


        copyImgMenu = JMenuItem("Copy")
        copyImgMenu.addActionListener(copyImg(self))

        self.imgMenu = JPopupMenu("Popup")
        self.imgMenu.add(copyImgMenu)

        self.firstPic = JLabel()
        self.firstPic.setBorder(BorderFactory.createLineBorder(Color.GRAY))
        self.firstPic.setBounds(580, 320, 550, 400)
        self.firstPic.addMouseListener(imageClicked(self))

        self.vulnName = JTextField("")
        self.vulnName.getDocument().addDocumentListener(vulnTextChanged(self))
        self.vulnName.setBounds(140, 10, 422, 30)

        sevirities = ["Unclassified", "Critical","High","Medium","Low"]
        self.threatLevel = JComboBox(sevirities);
        self.threatLevel.setBounds(140, 45, 140, 30)

        colors = ["Color:", "Green", "Red"]
        self.colorCombo = JComboBox(colors);
        self.colorCombo.setBounds(465, 45, 100, 30)
        self.colorCombo

        severityLabel = JLabel("Threat Level:")
        severityLabel.setBounds(10, 45, 100, 30)

        descriptionLabel = JLabel("Description:")
        descriptionLabel.setBounds(10, 80, 100, 30)

        self.descriptionString = JTextArea("", 5, 30)
        self.descriptionString.setWrapStyleWord(True);
        self.descriptionString.setLineWrap(True)
        self.descriptionString.setBounds(10, 110, 555, 175)
        descriptionStringScroll = JScrollPane(self.descriptionString)
        descriptionStringScroll.setBounds(10, 110, 555, 175)
        descriptionStringScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)


        self.mitigationStr = JTextArea("", 5, 30)
        self.mitigationStr.setWrapStyleWord(True);
        self.mitigationStr.setLineWrap(True)
        self.mitigationStr.setBounds(10, 320, 555, 175)

        mitigationStrScroll = JScrollPane(self.mitigationStr)
        mitigationStrScroll.setBounds(10, 320, 555, 175)
        mitigationStrScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)

        self.pnl = JPanel()
        self.pnl.setBounds(0, 0, 1000, 1000);
        self.pnl.setLayout(None);
        self.pnl.add(addSSBtn)
        self.pnl.add(piclistLabel)
        self.pnl.add(nameLabel)
        self.pnl.add(deleteSSBtn)
        self.pnl.add(rmVulnButton)
        self.pnl.add(severityLabel)
        self.pnl.add(mitigationLabel)
        self.pnl.add(descriptionLabel)
        self.pnl.add(previewPicLabel)
        self.pnl.add(mitigationStrScroll)
        self.pnl.add(descriptionStringScroll)
        self.pnl.add(self.ssList)
        self.pnl.add(self.firstPic)
        self.pnl.add(self.addButton)
        self.pnl.add(self.vulnName)
        self.pnl.add(self.threatLevel)
        self.pnl.add(self.colorCombo)
        
    def initProjSettingsTab(self):
        # init project settings 
        
        projNameLabel = JLabel("Name:")
        projNameLabel.setBounds(10, 50, 140, 30)

        self.projName = JTextField("")
        self.projName.setBounds(140, 50, 320, 30)
        self.projName.getDocument().addDocumentListener(projTextChanged(self))

        detailsLabel = JLabel("Details:")
        detailsLabel.setBounds(10, 120, 140, 30)

        reportLabel = JLabel("Generate Report:")
        reportLabel.setBounds(10, 375, 140, 30)

        types = ["DOCX","HTML","XLSX"]
        self.reportType = JComboBox(types)
        self.reportType.setBounds(10, 400, 140, 30)

        generateReportButton = JButton("Generate", actionPerformed=self.generateReport)
        generateReportButton.setBounds(160, 400, 90, 30)


        self.projDetails = JTextArea("", 5, 30)
        self.projDetails.setWrapStyleWord(True);
        self.projDetails.setLineWrap(True)

        projDetailsScroll = JScrollPane(self.projDetails)
        projDetailsScroll.setBounds(10, 150, 450, 175)
        projDetailsScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)

        projPathLabel = JLabel("Path:")
        projPathLabel.setBounds(10, 90, 140, 30)

        self.projPath = JTextField("")
        self.projPath.setBounds(140, 90, 320, 30)

        chooseProjPathButton = JButton("Browse...",actionPerformed=self.chooseProjPath)
        chooseProjPathButton.setBounds(470, 90, 100, 30)
        
        importProjButton = JButton("Import",actionPerformed=self.importProj)
        importProjButton.setBounds(470, 10, 100, 30)

        exportProjButton = JButton("Export",actionPerformed=self.exportProj)
        exportProjButton.setBounds(575, 10, 100, 30)

        openProjButton = JButton("Open Directory",actionPerformed=self.openProj)
        openProjButton.setBounds(680, 10, 130, 30)

        currentProjectLabel = JLabel("Current:")
        currentProjectLabel.setBounds(10, 10, 140, 30)

        projects = self.config.options('projects')
        self.currentProject = JComboBox(projects)
        self.currentProject.addActionListener(projectChangeHandler(self))
        self.currentProject.setBounds(140, 10, 140, 30)

        self.autoSave = JCheckBox("Auto Save Mode")
        self.autoSave.setEnabled(False)  # implement this feature
        self.autoSave.setBounds(300, 10, 140, 30)
        self.autoSave.setToolTipText("Will save any changed value while focus is out")

        addProjButton = JButton("Add / Update",actionPerformed=self.addProj)
        addProjButton.setBounds(10, 330, 150, 30)

        removeProjButton = JButton("Remove Current",actionPerformed=self.rmProj)
        removeProjButton.setBounds(315, 330, 146, 30)

        generalOptions = self.config.options('general')
        if 'default project' in generalOptions:
            defaultProj = self.config.get('general','default project')
            self.currentProject.getModel().setSelectedItem(defaultProj)
            self.projPath.setText(self.config.get('projects',self.currentProject.getSelectedItem()))

        self.clearProjTab = True
        self.projectSettings = JPanel()
        self.projectSettings.setBounds(0, 0, 1000, 1000)
        self.projectSettings.setLayout(None)
        self.projectSettings.add(reportLabel)
        self.projectSettings.add(detailsLabel)
        self.projectSettings.add(projPathLabel)
        self.projectSettings.add(addProjButton)
        self.projectSettings.add(openProjButton)
        self.projectSettings.add(projNameLabel)
        self.projectSettings.add(projDetailsScroll)
        self.projectSettings.add(importProjButton)
        self.projectSettings.add(exportProjButton)
        self.projectSettings.add(removeProjButton)
        self.projectSettings.add(generateReportButton)
        self.projectSettings.add(chooseProjPathButton)
        self.projectSettings.add(currentProjectLabel)
        self.projectSettings.add(self.projPath)
        self.projectSettings.add(self.autoSave)
        self.projectSettings.add(self.projName)
        self.projectSettings.add(self.reportType)
        self.projectSettings.add(self.currentProject)

    def initTabs(self):
        #
        ##  init autorize tabs
        #
        
        self._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
        self.scrollPane = JScrollPane(self.logTable)
        self._splitpane.setLeftComponent(self.scrollPane)
        colorsMenu = JMenu("Paint")
        redMenu = JMenuItem("Red")
        noneMenu = JMenuItem("None")
        greenMenu = JMenuItem("Green")
        redMenu.addActionListener(paintChange(self, "Red"))
        noneMenu.addActionListener(paintChange(self, None))
        greenMenu.addActionListener(paintChange(self, "Green"))
        colorsMenu.add(redMenu)
        colorsMenu.add(noneMenu)
        colorsMenu.add(greenMenu)
        
        
        self.menu = JPopupMenu("Popup")
        self.menu.add(colorsMenu)

        self.tabs = JTabbedPane()
        
        self.tabs.addTab("Request", self._requestViewer.getComponent())
        self.tabs.addTab("Response", self._responseViewer.getComponent())

        self.tabs.addTab("Vulnerability", self.pnl)

        self.tabs.addTab("Project Settings", self.projectSettings)
        
        self.tabs.setSelectedIndex(2)
        self._splitpane.setRightComponent(self.tabs)

    def initCallbacks(self):
        #
        ##  init callbacks
        #

        # customize our UI components
        self._callbacks.customizeUiComponent(self._splitpane)
        self._callbacks.customizeUiComponent(self.logTable)
        self._callbacks.customizeUiComponent(self.scrollPane)
        self._callbacks.customizeUiComponent(self.tabs)
        self._callbacks.registerContextMenuFactory(self)
        # add the custom tab to Burp's UI
        self._callbacks.addSuiteTab(self)


    def loadVulnerabilities(self, projPath):
        self.clearList(None)
        selected = False
        for root, dirs, files in os.walk(projPath): # make it go only for dirs
            for dirName in dirs:
                xmlPath = projPath+"/"+dirName+"/vulnerability.xml"
                # xmlPath = xmlPath.replace("/","//")
                document = self.getXMLDoc(xmlPath)
                nodeList = document.getDocumentElement().getChildNodes()
                vulnName = nodeList.item(0).getTextContent()
                severity = nodeList.item(1).getTextContent()
                description = nodeList.item(2).getTextContent()
                mitigation = nodeList.item(3).getTextContent()
                color = nodeList.item(4).getTextContent()
                test = vulnerability(vulnName,severity,description,mitigation,color)
                self._lock.acquire()
                row = self._log.size()
                self._log.add(test)
                self.fireTableRowsInserted(row, row)
                self._lock.release()
                if vulnName == self.vulnName.getText():
                    self.logTable.setRowSelectionInterval(row,row)
                    selected = True
        if selected == False and self._log.size() > 0:
            self.logTable.setRowSelectionInterval(0, 0)
            self.loadVulnerability(self._log.get(0))
        
    def createSection(self, sectioName):
        self.config.read('config.ini')
        if not (sectioName in self.config.sections()):
            self.config.add_section(sectioName)
            cfgfile = open("config.ini",'w')
            self.config.write(cfgfile)
            cfgfile.close()

    def saveCfg(self):
        f = open('config.ini', 'w')
        self.config.write(f)
        f.close()

    def getXMLDoc(self, xmlPath):
        try:
            document = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(xmlPath)
            return document
        except:
            self._extender.popup("XML file not found")
            return

    def saveXMLDoc(self, doc, xmlPath):
        transformerFactory = TransformerFactory.newInstance()
        transformer = transformerFactory.newTransformer()
        source = DOMSource(doc)
        result = StreamResult(File(xmlPath))
        transformer.transform(source, result)

    def generateReport(self,event):
        if self.reportType.getSelectedItem() == "HTML":
            path = self.reportToHTML()
        if self.reportType.getSelectedItem() == "XLSX":
            path = self.reportToXLS()
        if self.reportType.getSelectedItem() == "DOCX":
            path = self.generateReportFromDocxTemplate('template.docx',"newfile.docx", 'word/document.xml')
        n = JOptionPane.showConfirmDialog(None, "Report generated successfuly:\n%s\nWould you like to open it?" % (path), "PT Manager", JOptionPane.YES_NO_OPTION)
        if n == JOptionPane.YES_OPTION:
            os.system('"' + path + '"') # Bug! stucking burp until the file get closed

    def exportProj(self,event):
        self.chooser.setDialogTitle("Save project")
        Ffilter = FileNameExtensionFilter("Zip files", ["zip"])
        self.chooser.setFileFilter(Ffilter)
        returnVal = self.chooser.showSaveDialog(None)
        if returnVal == JFileChooser.APPROVE_OPTION:
            dst = str(self.chooser.getSelectedFile())
            shutil.make_archive(dst,"zip",self.getCurrentProjPath())
            self.popup("Project export successfuly")

    def importProj(self,event):
        self.chooser.setDialogTitle("Select project zip to directory")
        Ffilter = FileNameExtensionFilter("Zip files", ["zip"])
        self.chooser.setFileFilter(Ffilter)
        returnVal = self.chooser.showOpenDialog(None)
        if returnVal == JFileChooser.APPROVE_OPTION:
            zipPath = str(self.chooser.getSelectedFile())
            self.chooser.setDialogTitle("Select project directory")
            self.chooser.setFileSelectionMode(JFileChooser.DIRECTORIES_ONLY)
            returnVal = self.chooser.showOpenDialog(None)
            if returnVal == JFileChooser.APPROVE_OPTION:
                projPath = str(self.chooser.getSelectedFile()) + "/PTManager"
                with zipfile.ZipFile(zipPath, "r") as z:
                    z.extractall(projPath)

                xmlPath = projPath + "/project.xml"
                document = self.getXMLDoc(xmlPath)
                nodeList = document.getDocumentElement().getChildNodes()
                projName = nodeList.item(0).getTextContent()
                nodeList.item(1).setTextContent(projPath)
                self.saveXMLDoc(document, xmlPath)
                self.config.set('projects', projName, projPath)
                self.saveCfg()
                self.reloadProjects()
                self.currentProject.getModel().setSelectedItem(projName)
                self.clearVulnerabilityTab() 

    def reportToXLS(self):
        if not xlsxwriterImported:
            self.popup("xlsxwriter library is not imported")
            return
        workbook = xlsxwriter.Workbook(self.getCurrentProjPath() + '/PT Manager Report.xlsx')
        worksheet = workbook.add_worksheet()
        bold = workbook.add_format({'bold': True})
        worksheet.write(0, 0, "Vulnerability Name", bold)
        worksheet.write(0, 1, "Threat Level", bold)
        worksheet.write(0, 2, "Description", bold)
        worksheet.write(0, 3, "Mitigation", bold)
        row = 1
        for i in range(0,self._log.size()):
            worksheet.write(row, 0, self._log.get(i).getName())
            worksheet.write(row, 1, self._log.get(i).getSeverity())
            worksheet.write(row, 2, self._log.get(i).getDescription())
            worksheet.write(row, 3, self._log.get(i).getMitigation())
            row = row + 1
            # add requests and images as well
        workbook.close()
        return self.getCurrentProjPath() + '/PT Manager Report.xlsx'
        
    def reportToHTML(self):
        htmlContent = """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="he" dir="ltr">
    <head>
        <title>PT Manager Report</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <style>
        body {
        background-repeat: no-repeat;
        background-attachment: fixed;
        font-family: Arial,Tahoma,sens-serif;
        font-size: 13px;
        margin: auto;
        }

        #warpcenter {
            width: 900px;
            margin: 0px auto;
        }

        table {
            border: 2px dashed #000000;
        }

        td {
            border-top: 2px dashed #000000;
            padding: 10px;
        }

        img {
                border: 0px;
        }
</style>
<script language="javascript">
    function divHideShow(divToHideOrShow) 
    {
        var div = document.getElementById(divToHideOrShow);

        if (div.style.display == "block") 
        {
            div.style.display = "none";
        }
        else 
        {
            div.style.display = "block";
        }

        
    }         
</script>
    </head>

    <body>
        <div id="warpcenter">

<h1> PT Manager Report </h1>
<h2> Project: %s</h1>
    """ % (self.projName.getText())

        for i in range(0,self._log.size()):
            name = self._log.get(i).getName()
            request = "None"
            response = "None"
            path = self.getVulnReqResPath("request",name)
            if os.path.exists(path):
                request = self.newlineToBR(self.getFileContent(path))
                
            path = self.getVulnReqResPath("response",name)
            if os.path.exists(path):
                response = self.newlineToBR(self.getFileContent(path))
            images = ""
            for fileName in os.listdir(self.projPath.getText()+"/"+self.clearStr(name)):
                if fileName.endswith(".jpg"):
                    images += "%s<br><img src=\"%s\"><br><br>" % (fileName, self.projPath.getText()+"/"+self.clearStr(name) + "/" + fileName)
            description = self.newlineToBR(self._log.get(i).getDescription())
            mitigation = self.newlineToBR(self._log.get(i).getMitigation())
            htmlContent +=  self.convertVulntoTable(i,name,self._log.get(i).getSeverity(), description,mitigation, request, response, images)
        htmlContent += "</div></body></html>"
        f = open(self.getCurrentProjPath() + '/PT Manager Report.html', 'w')
        f.writelines(htmlContent)
        f.close()
        return self.getCurrentProjPath() + '/PT Manager Report.html'

    def newlineToBR(self,string):
        return "<br />".join(string.split("\n"))

    def getFileContent(self,path):
        f = open(path, "rb")
        content = f.read()
        f.close()
        return content

    def convertVulntoTable(self, number, name, severity, description, mitigation, request = "None", response = "None", images = "None"):
        return """<div style="width: 100%%;height: 30px;text-align: center;background-color:#E0E0E0;font-size: 17px;font-weight: bold;color: #000;padding-top: 10px;">%s <a href="javascript:divHideShow('Table_%s');" style="color:#191970">(OPEN / CLOSE)</a></div>
        <div id="Table_%s" style="display: none;">
            <table width="100%%" cellspacing="0" cellpadding="0" style="margin: 0px auto;text-align: left;border-top: 0px;">
                <tr>
                    <td>
                        <div style="font-size: 16px;font-weight: bold;">
                        <span style="color:#000000">Threat Level: </span> 
                        <span style="color:#8b8989">%s</span>
                                            </td>
                                        </tr>
                                        <tr>
                                            <td>
                        <div style="font-size: 16px;font-weight: bold;">
                        <span style="color:#000000">Description</span> 
                        <a href="javascript:divHideShow('Table_%s_Command_03');" style="color:#191970">OPEN / CLOSE >>></a>
                        </div>

                        <div id="Table_%s_Command_03" style="display: none;margin-top: 25px;">
                        %s
                        </div>
                                            </td>
                                        </tr>
                                        <tr>
                                            <td>
                        <div style="font-size: 16px;font-weight: bold;">
                        <span style="color:#000000">Mitigration</span> 
                        <a href="javascript:divHideShow('Table_%s_Command_04');" style="color:#191970">OPEN / CLOSE >>></a>
                        </div>

                        <div id="Table_%s_Command_04" style="display: none;margin-top: 25px;">
                        %s
                        <b>
                                            </td>
                                        </tr>

                                        <tr>
                                            <td>
                        <div style="font-size: 16px;font-weight: bold;">
                        <span style="color:#000000">Request</span> 
                        <a href="javascript:divHideShow('Table_%s_Command_05');" style="color:#191970">OPEN / CLOSE >>></a>
                        </div>

                        <div id="Table_%s_Command_05" style="display: none;margin-top: 25px;">
                        %s
                        <b>
                                            </td>
                                        </tr>


                                                        <tr>
                                            <td>
                        <div style="font-size: 16px;font-weight: bold;">
                        <span style="color:#000000">Response</span> 
                        <a href="javascript:divHideShow('Table_%s_Command_06');" style="color:#191970">OPEN / CLOSE >>></a>
                        </div>

                        <div id="Table_%s_Command_06" style="display: none;margin-top: 25px;">
                        %s
                        <b>
                                            </td>
                                        </tr>

                                                        <tr>
                                            <td>
                        <div style="font-size: 16px;font-weight: bold;">
                        <span style="color:#000000">Images</span> 
                        <a href="javascript:divHideShow('Table_%s_Command_07');" style="color:#191970">OPEN / CLOSE >>></a>
                        </div>

                        <div id="Table_%s_Command_07" style="display: none;margin-top: 25px;">
                        %s
                        <b>
                    </td>
                </tr>
            </table>
        </div><br><br>""" % (name,number,number,severity,number,number,description,number,number,mitigation,number,number,request,number,number,response,number,number,images)

    def clearVulnerabilityTab(self, rmVuln=True):
        if rmVuln:
            self.vulnName.setText("")
        self.descriptionString.setText("")
        self.mitigationStr.setText("")
        self.colorCombo.setSelectedIndex(0)
        self.threatLevel.setSelectedIndex(0)
        self.screenshotsList.clear()
        self.addButton.setText("Add")
        self.firstPic.setIcon(None)

    def saveRequestResponse(self, type, requestResponse, vulnName):
        path = self.getVulnReqResPath(type,vulnName)
        f = open(path, 'wb')
        f.write(requestResponse)
        f.close()

    def openProj(self, event):
        os.system('explorer ' + self.projPath.getText())

    def getVulnReqResPath(self, requestOrResponse, vulnName):
        return self.getCurrentProjPath() + "/" + self.clearStr(vulnName) + "/"+requestOrResponse+"_" + self.clearStr(vulnName)

    def htmlEscape(self,data):
        return data.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;')

    def generateReportFromDocxTemplate(self, zipname, newZipName, filename):      
        newZipName = self.getCurrentProjPath() + "/" + newZipName
        with zipfile.ZipFile(zipname, 'r') as zin:
            with zipfile.ZipFile(newZipName, 'w') as zout:
                zout.comment = zin.comment
                for item in zin.infolist():
                    if item.filename != filename:
                        zout.writestr(item, zin.read(item.filename))
                    else:
                        xml_content = zin.read(item.filename)
                        result = re.findall("(.*)<w:body>(?:.*)<\/w:body>(.*)",xml_content)[0]
                        newXML = result[0]
                        templateBody = re.findall("<w:body>(.*)<\/w:body>", xml_content)[0]
                        newBody = ""

                        for i in range(0,self._log.size()):
                            tmp = templateBody
                            tmp = tmp.replace("$vulnerability", self.htmlEscape(self._log.get(i).getName()))
                            tmp = tmp.replace("$severity", self.htmlEscape(self._log.get(i).getSeverity()))
                            tmp = tmp.replace("$description", self.htmlEscape(self._log.get(i).getDescription()))
                            tmp = tmp.replace("$mitigation", self.htmlEscape(self._log.get(i).getMitigation()))
                            newBody = newBody + tmp
                         
                        newXML = newXML + newBody
                        newXML = newXML + result[1]

        with zipfile.ZipFile(newZipName, mode='a', compression=zipfile.ZIP_DEFLATED) as zf:
            zf.writestr(filename, newXML)
        return newZipName


    def chooseProjPath(self, event):
        self.chooser.setDialogTitle("Select target directory")
        self.chooser.setFileSelectionMode(JFileChooser.DIRECTORIES_ONLY)
        returnVal = self.chooser.showOpenDialog(None)
        if returnVal == JFileChooser.APPROVE_OPTION:
            projPath = str(self.chooser.getSelectedFile()) + "/PTManager"
            os.makedirs(projPath)
            self.projPath.setText(projPath)

    def reloadProjects(self):
        self.currentProject.setModel(DefaultComboBoxModel(self.config.options('projects')))

    def rmProj(self, event):
        if self.popUpAreYouSure() == JOptionPane.YES_OPTION:
            self._requestViewer.setMessage("None", False)
            self._responseViewer.setMessage("None", False)
            shutil.rmtree(self.projPath.getText())
            self.config.remove_option('projects',self.currentProject.getSelectedItem())
            self.reloadProjects()
            self.currentProject.setSelectedIndex(0)
            self.loadVulnerabilities(self.projPath.getText())

    def popup(self,msg):
        JOptionPane.showMessageDialog(None,msg)

    def addProj(self, event):
        projPath = self.projPath.getText()
        if projPath == None or projPath == "":
            self.popup("Please select path")
            return
        self.config.set('projects', self.projName.getText(), projPath)
        self.saveCfg()
        xml = ET.Element('project')
        name = ET.SubElement(xml, "name")
        path = ET.SubElement(xml, "path")
        details = ET.SubElement(xml, "details")
        autoSaveMode = ET.SubElement(xml, "autoSaveMode")

        name.text = self.projName.getText()
        path.text = projPath
        details.text = self.projDetails.getText()
        autoSaveMode.text = str(self.autoSave.isSelected())
        tree = ET.ElementTree(xml)
        try:
            tree.write(self.getCurrentProjPath()+'/project.xml')
        except:
            self.popup("Invalid path")
            return

        self.reloadProjects()
        self.clearVulnerabilityTab()
        self.clearList(None)
        self.currentProject.getModel().setSelectedItem(self.projName.getText())

    def resize(self, image, width, height):
        bi = BufferedImage(width, height, BufferedImage.TRANSLUCENT)
        g2d = bi.createGraphics()
        g2d.addRenderingHints(RenderingHints(RenderingHints.KEY_RENDERING, RenderingHints.VALUE_RENDER_QUALITY))
        g2d.drawImage(image, 0, 0, width, height, None)
        g2d.dispose()
        return bi;

    def clearStr(self, var):
        return var.replace(" " , "_").replace("\\" , "").replace("/" , "").replace(":" , "").replace("*" , "").replace("?" , "").replace("\"" , "").replace("<" , "").replace(">" , "").replace("|" , "").replace("(" , "").replace(")" , "")

    def popUpAreYouSure(self):
        dialogResult = JOptionPane.showConfirmDialog(None,"Are you sure?","Warning",JOptionPane.YES_NO_OPTION)
        if dialogResult == 0:
            return 0
        return 1

    def removeSS(self,event):
        if self.popUpAreYouSure() == JOptionPane.YES_OPTION:
            os.remove(self.getCurrentVulnPath() + "/" + self.ssList.getSelectedValue())
            self.ssList.getModel().remove(self.ssList.getSelectedIndex())
            self.firstPic.setIcon(ImageIcon(None))
            # check if there is images and select the first one
            # bug in linux

    def addSS(self,event):
        clipboard = Toolkit.getDefaultToolkit().getSystemClipboard()
        try:
            image = clipboard.getData(DataFlavor.imageFlavor)
        except:
            self.popup("Clipboard not contains image")
            return
        vulnPath = self.projPath.getText() + "/" + self.clearStr(self.vulnName.getText())
        if not os.path.exists(vulnPath):
            os.makedirs(vulnPath)
        name = self.clearStr(self.vulnName.getText()) + str(random.randint(1, 99999))+".jpg"
        fileName = self.projPath.getText()+"/"+ self.clearStr(self.vulnName.getText()) + "/" + name
        file = File(fileName)
        bufferedImage = BufferedImage(image.getWidth(None), image.getHeight(None), BufferedImage.TYPE_INT_RGB);
        g = bufferedImage.createGraphics();
        g.drawImage(image, 0, 0, bufferedImage.getWidth(), bufferedImage.getHeight(), Color.WHITE, None);
        ImageIO.write(bufferedImage, "jpg", file)
        self.addVuln(self)
        self.ssList.setSelectedValue(name,True)

    def rmVuln(self, event):
        if self.popUpAreYouSure() == JOptionPane.YES_OPTION:
            self._requestViewer.setMessage("None", False)
            self._responseViewer.setMessage("None", False)
            shutil.rmtree(self.getCurrentVulnPath())
            self.clearVulnerabilityTab()
            self.loadVulnerabilities(self.getCurrentProjPath())

    def addVuln(self, event):
        if self.colorCombo.getSelectedItem() == "Color:":
            colorTxt = None
        else:
            colorTxt = self.colorCombo.getSelectedItem()
        self._lock.acquire()
        row = self._log.size()
        vulnObject = vulnerability(self.vulnName.getText(),self.threatLevel.getSelectedItem(),self.descriptionString.getText(),self.mitigationStr.getText() ,colorTxt)
        self._log.add(vulnObject) 
        self.fireTableRowsInserted(row, row)
        self._lock.release()

        vulnPath = self.projPath.getText() + "/" + self.clearStr(self.vulnName.getText())
        if not os.path.exists(vulnPath):
            os.makedirs(vulnPath)

        xml = ET.Element('vulnerability')
        name = ET.SubElement(xml, "name")
        severity = ET.SubElement(xml, "severity")
        description = ET.SubElement(xml, "description")
        mitigation = ET.SubElement(xml, "mitigation")
        color = ET.SubElement(xml, "color")
        name.text = self.vulnName.getText()
        severity.text = self.threatLevel.getSelectedItem()
        description.text = self.descriptionString.getText()
        mitigation.text = self.mitigationStr.getText()
        color.text = colorTxt
        tree = ET.ElementTree(xml)
        tree.write(vulnPath+'/vulnerability.xml')

        self.loadVulnerabilities(self.getCurrentProjPath())
        self.loadVulnerability(vulnObject)

    def vulnNameChanged(self):
            if os.path.exists(self.getCurrentVulnPath()) and self.vulnName.getText() != "":
                self.addButton.setText("Update")
            elif self.addButton.getText() != "Add":
                options = ["Create a new vulnerability", "Change current vulnerability name"]
                n = JOptionPane.showOptionDialog(None,
                    "Would you like to?",
                    "Vulnerability Name",
                    JOptionPane.YES_NO_CANCEL_OPTION,
                    JOptionPane.QUESTION_MESSAGE,
                    None,
                    options,
                    options[0]);

                if n == 0:
                    self.clearVulnerabilityTab(False)
                    self.addButton.setText("Add")
                else:
                    newName = JOptionPane.showInputDialog(
                    None,
                    "Enter new name:",
                    "Vulnerability Name",
                    JOptionPane.PLAIN_MESSAGE,
                    None,
                    None,
                    self.vulnName.getText())
                    row = self.logTable.getSelectedRow()
                    old = self.logTable.getValueAt(row,1)                   
                    self.changeVulnName(newName,old)
                
    def changeVulnName(self,new,old):
        newpath = self.getCurrentProjPath() + "/" + new
        oldpath = self.getCurrentProjPath() + "/" + old
        os.rename(oldpath,newpath)
        self.changeCurrentVuln(new,0, newpath + "/vulnerability.xml")

    def getCurrentVulnPath(self):
        return self.projPath.getText() + "/" + self.clearStr(self.vulnName.getText())

    def getCurrentProjPath(self):
        return self.projPath.getText()

    def loadSS(self, imgPath):
        image = ImageIO.read(File(imgPath))
        if image.getWidth() <= 550 and image.getHeight() <= 400:
            self.firstPic.setIcon(ImageIcon(image))
            self.firstPic.setSize(image.getWidth(),image.getHeight())
        else:
            self.firstPic.setIcon(ImageIcon(self.resize(image,550, 400)))
            self.firstPic.setSize(550,400)

    def clearProjectTab(self):
        self.projPath.setText("")
        self.projDetails.setText("")

    def clearList(self, event):
        self._lock.acquire()
        self._log = ArrayList()
        row = self._log.size()
        self.fireTableRowsInserted(row, row)
        self._lock.release()

    #
    # implement IContextMenuFactory
    #
    def createMenuItems(self, invocation):
        responses = invocation.getSelectedMessages();
        if responses > 0:
            ret = LinkedList()
            requestMenuItem = JMenuItem("Send to PT Manager");
            requestMenuItem.addActionListener(handleMenuItems(self,responses[0], "request"))
            ret.add(requestMenuItem);
            return(ret);
        return null;
    #
    # implement ITab
    #
    def getTabCaption(self):
        return "PT Manager"
    
    def getUiComponent(self):
        return self._splitpane

        #
    # extend AbstractTableModel
    #
    
    def getRowCount(self):
        try:
            return self._log.size()
        except:
            return 0

    def getColumnCount(self):
        return 3

    def getColumnName(self, columnIndex):
        if columnIndex == 0:
            return "#"
        if columnIndex == 1:
            return "Vulnerability Name"
        if columnIndex == 2:
            return "Threat Level"
        return ""

    def getValueAt(self, rowIndex, columnIndex):
        vulnObject = self._log.get(rowIndex)
        if columnIndex == 0:
            return rowIndex+1
        if columnIndex == 1:
            return vulnObject.getName()
        if columnIndex == 2:
            return vulnObject.getSeverity()
        if columnIndex == 3:
            return vulnObject.getMitigation()
        if columnIndex == 4:
            return vulnObject.getColor()

        return ""

    def changeCurrentVuln(self,value,fieldNumber, xmlPath = "def"):
        if xmlPath == "def":
            xmlPath = self.getCurrentVulnPath() + "/vulnerability.xml"
        document = self.getXMLDoc(xmlPath)
        nodeList = document.getDocumentElement().getChildNodes()
        nodeList.item(fieldNumber).setTextContent(value)
        self.saveXMLDoc(document, xmlPath)
        self.loadVulnerabilities(self.getCurrentProjPath())

    def loadVulnerability(self, vulnObject):
        self.addButton.setText("Update")
        self.vulnName.setText(vulnObject.getName())
        self.threatLevel.setSelectedItem(vulnObject.getSeverity())
        self.descriptionString.setText(vulnObject.getDescription())
        self.mitigationStr.setText(vulnObject.getMitigation())

        if vulnObject.getColor() == "" or vulnObject.getColor() == None:
            self.colorCombo.setSelectedItem("Color:")
        else:
            self.colorCombo.setSelectedItem(vulnObject.getColor())
        self.screenshotsList.clear()

        for fileName in os.listdir(self.projPath.getText()+"/"+self.clearStr(vulnObject.getName())):
            if fileName.endswith(".jpg"):
                self.screenshotsList.addElement(fileName)
                imgPath = self.projPath.getText()+"/"+self.clearStr(vulnObject.getName())+'/'+fileName
                # imgPath = imgPath.replace("/","//")
                self.loadSS(imgPath)

        if (self.screenshotsList.getSize() == 0):
            self.firstPic.setIcon(None)
        else:
            self.ssList.setSelectedIndex(0)

        path = self.getVulnReqResPath("request",vulnObject.getName())
        if os.path.exists(path):
            f = self.getFileContent(path)
            self._requestViewer.setMessage(f, False)
        else:
            self._requestViewer.setMessage("None", False)
        
        path = self.getVulnReqResPath("response",vulnObject.getName())
        if os.path.exists(path):
            f = self.getFileContent(path)
            self._responseViewer.setMessage(f, False)
        else:
            self._responseViewer.setMessage("None", False)
Ejemplo n.º 14
0
def updateTeacherForm(data):

    global heading
    global tfTeacherName
    global tfTeacherPhone
    global taTeacherAddress
    global tfTeacherEmail
    global tfTeacherCourse
    global tfTeacherPayment
    global frame
    global btnEnter

    frame = JFrame(" Teacher ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500, 600)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(500, 600)
    panel.setLocation(0, 0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)

    heading = JLabel(" TEACHER PROFILE")
    heading.setBounds(200, 30, 150, 40)

    lbTeacherName = JLabel("Teacher Name ")
    lbTeacherPhone = JLabel("Phone")
    lbTeacherEmail = JLabel("Email")
    lbTeacherAddress = JLabel("Address")
    lbTeacherCourse = JLabel("Teacher Course ")
    lbTeacherPayment = JLabel("Teacher Payment")

    teacherName = data[0].encode('ascii')
    teacherPhone = data[1].encode('ascii')
    teacherEmail = data[2].encode('ascii')
    teacherAddress = data[3].encode('ascii')
    teacherCourse = data[4].encode('ascii')
    teacherPayment = data[5]

    tfTeacherName = JTextField(teacherName)
    tfTeacherPhone = JTextField(teacherPhone)
    taTeacherAddress = JTextArea(teacherAddress)
    tfTeacherEmail = JTextField(teacherEmail)
    tfTeacherCourse = JTextField(teacherCourse)
    tfTeacherPayment = JTextField(str(teacherPayment))

    tfTeacherCourse.setEditable(False)
    tfTeacherPayment.setEditable(False)
    tfTeacherName.setEditable(False)

    lbTeacherName.setBounds(70, 100, 130, 30)
    lbTeacherPhone.setBounds(70, 150, 130, 30)
    lbTeacherEmail.setBounds(70, 200, 130, 30)
    lbTeacherAddress.setBounds(70, 250, 130, 30)
    lbTeacherCourse.setBounds(70, 350, 130, 30)
    lbTeacherPayment.setBounds(70, 400, 130, 30)

    tfTeacherName.setBounds(220, 100, 130, 30)
    tfTeacherPhone.setBounds(220, 150, 130, 30)
    tfTeacherEmail.setBounds(220, 200, 130, 30)
    taTeacherAddress.setBounds(220, 250, 130, 80)
    tfTeacherCourse.setBounds(220, 350, 130, 30)
    tfTeacherPayment.setBounds(220, 400, 130, 30)

    btnEnter = JButton("Update", actionPerformed=clickUpdateTeacher)
    btnEnter.setBounds(350, 450, 100, 40)

    btnCancel = JButton("Cancel", actionPerformed=clickCancel)
    btnCancel.setBounds(100, 450, 100, 40)

    panel.add(heading)
    panel.add(lbTeacherName)
    panel.add(lbTeacherPhone)
    panel.add(lbTeacherEmail)
    panel.add(lbTeacherAddress)
    panel.add(lbTeacherCourse)
    panel.add(lbTeacherPayment)
    panel.add(tfTeacherName)
    panel.add(tfTeacherPhone)
    panel.add(tfTeacherEmail)
    panel.add(taTeacherAddress)
    panel.add(tfTeacherCourse)
    panel.add(tfTeacherPayment)
    panel.add(btnEnter)
    panel.add(btnCancel)

    frame.add(panel)
Ejemplo n.º 15
0


def update_progress(event):
   # Invoked when task's progress property changes.
   if event.propertyName == "progress":
        progressBar.value = event.newValue


# Browse original image
lbl1 = JLabel("Path to original image")
lbl1.setBounds(40,20,200,20)
f2_btn_original = JButton("Browse", actionPerformed = f2_clic_browse1)
f2_btn_original.setBounds(170,20,100,20)
f2_txt1 = JTextField(10)
f2_txt1.setBounds(280, 20, 120,20)


# Browse label image
lbl2 = JLabel("Path to label image")
lbl2.setBounds(40,50,200,20)
f2_btn_label = JButton("Browse", actionPerformed = f2_clic_browse2)
f2_btn_label.setBounds(170,50,100,20)
f2_txt2 = JTextField(10)
f2_txt2.setBounds(280, 50, 120,20)

# Button Previous
f2_btn_prev = JButton("Previous", actionPerformed = f2_clic_prev)
f2_btn_prev.setBounds(40,120,100,20)

# Button Next
Ejemplo n.º 16
0
class BurpExtender(IBurpExtender, IScannerListener, IContextMenuFactory,
                   ActionListener, ITab, IHttpService, IScanIssue,
                   IBurpExtenderCallbacks):
    def __init__(self):
        self.msgrel = False
        self.project = False
        self.projectId = None
        print("[+] Carregando GAT CORE Extension...")

    def registerExtenderCallbacks(self, callbacks):
        """
        registrar classes
        """
        self._callbacks = callbacks
        self._helpers = self._callbacks.getHelpers()
        self._callbacks.setExtensionName("GAT CORE Integration")

        self.gui_elements = self.build_gui()
        callbacks.customizeUiComponent(self.gui_elements)
        callbacks.addSuiteTab(self)

        self._callbacks.registerContextMenuFactory(self)
        self._callbacks.registerScannerListener(self)

        save_setting = self._callbacks.saveExtensionSetting
        save_setting('project_id', None)

        self.reload_config()
        print("[+] GAT CORE Extension carregado!")

    def newScanIssue(self, issue):
        print("[+] Issue encontrada (%s)" % issue.getIssueName())
        return

    def actionTarget(self, event):
        print("*" * 80)

        self.fileId = []
        requestResponses = self.invocation.getSelectedMessages()
        chosts, ihosts = self.countHostIssues(requestResponses)

        if self.project <= 1:
            panelinput = JPanel()
            panelinput.add(JLabel("Projeto ID: "))
            projectq = JTextField(20)
            panelinput.add(projectq)

            result = JOptionPane.showOptionDialog(
                None, panelinput, "Qual projeto enviar Issues?",
                JOptionPane.DEFAULT_OPTION, JOptionPane.QUESTION_MESSAGE, None,
                ["OK", "Sem projeto"], "OK")

            if result == -1:
                print("[-] Cancelado envio!")
                return

            if result == JOptionPane.OK_OPTION:
                self.project_id.setText(projectq.getText())
                self.projectId = str(projectq.getText())
                if not re.match('([0-9a-f]{24})', self.projectId):
                    self.projectId = None
                    mess = "Projeto Id formato inválido".decode("utf8")
                    JOptionPane.showMessageDialog(None, mess, "Error",
                                                  JOptionPane.ERROR_MESSAGE)

                    return

                mess = "Sessão atual".decode("utf8")
                ever = JOptionPane.showOptionDialog(
                    None, "Solicitar Id de Projeto novamente?", mess,
                    JOptionPane.DEFAULT_OPTION, JOptionPane.QUESTION_MESSAGE,
                    None, ["Nunca", "Sim"], "Sim")

                # let user select parameters for new session
                if ever == JOptionPane.OK_OPTION:
                    self.project = 2
                else:
                    self.project = 1

        for reqResp in requestResponses:
            url = reqResp.getHttpService()
            requestIssues = self._callbacks.getScanIssues(str(url))
            listIssues = []

            if requestIssues:
                if len(requestIssues) > 0:
                    for i in requestIssues:
                        scanissue = i
                        if scanissue.getIssueName() not in ['']:
                            sep = "<br><hr><br>"
                            issue = {}
                            issue['Tool_Type'] = "BURP"
                            IssueType = scanissue.getIssueType()
                            IssueName = scanissue.getIssueName()
                            IssueCrit = scanissue.getSeverity()
                            IssueConf = scanissue.getConfidence()
                            protocol = scanissue.getHttpService().getProtocol()
                            host = scanissue.getHttpService().getHost()
                            IssuePath = i.getUrl().getPath()
                            IssueDesc = scanissue.getIssueDetail()
                            IssueDescBk = scanissue.getIssueBackground()
                            IssueRecom = scanissue.getRemediationDetail()
                            IssueRecomBk = scanissue.getRemediationBackground()

                            if IssueType:
                                issue['IssueType'] = scanissue.getIssueType()
                            else:
                                issue['IssueType'] = 0000

                            if IssueName:
                                issue['DetailsFinding_Title'] = IssueName
                                issue['Recomenation_Title'] = IssueName
                            else:
                                issue['DetailsFinding_Title'] = "No Issue name"
                                issue['Recomenation_Title'] = "No Issue name"

                            if "False positive" in IssueCrit:
                                sTag = "False positive"
                                IssueCrit = ""
                            elif "Information" in IssueCrit:
                                IssueCrit = "Informative"
                                sTag = ""
                            else:
                                sTag = ""

                            if IssueCrit:
                                issue['Severity'] = IssueCrit
                            else:
                                issue['Severity'] = "Informative"

                            issue['Web_Application_URI'] = "{}://{}".format(
                                protocol, host)

                            if IssuePath:
                                issue['Web_Application_Path'] = IssuePath
                            else:
                                issue['Web_Application_Path'] = "/"

                            if IssueConf:
                                issue['fTag'] = IssueConf
                            else:
                                issue['fTag'] = " "

                            issue['sTag'] = sTag

                            if IssueDescBk is not None:
                                issue['Description'] = IssueDescBk.replace(
                                    "\n", "")
                            else:
                                issue['Description'] = ""

                            if IssueDesc is not None:
                                issue['Description'] += "{}{}".format(
                                    sep, IssueDesc.replace("\n", ""))

                            if IssueRecomBk is not None:
                                issue['Recommendation'] = IssueRecomBk.replace(
                                    "\n", "")
                            else:
                                issue['Recommendation'] = IssueName

                            if IssueRecom is not None:
                                issue['Recommendation'] += "{}{}".format(
                                    sep, IssueRecom.replace("\n", ""))

                            listIssues.append(issue)

                    self.generateReportGat(listIssues)

        # iniciar threads
        print("[+] Thread(s) Iniciada(s)...")
        if self.project:
            print("[+] Enviando Issues para o Project Id: {}".format(
                self.projectId))
        print("[+] Enviando {} host(s), total de {} Issue(s),\n".format(
            chosts, ihosts))
        self.launchThread(self.sendIssues)

    def actionScanner(self):
        pass

    def createMenuItems(self, invocation):
        self.invocation = invocation
        context = invocation.getInvocationContext()
        if context in [invocation.CONTEXT_TARGET_SITE_MAP_TREE]:
            sendToGAT = JMenuItem("Enviar Issues para GAT CORE")

            # sendToGAT.setForeground(Color.ORANGE)
            FONT = sendToGAT.getFont()
            sendToGAT.setFont(
                Font(FONT.getFontName(), Font.BOLD, FONT.getSize()))

            sendToGAT.addActionListener(self.actionTarget)

            menuItems = ArrayList()
            menuItems.add(sendToGAT)
            return menuItems

        else:
            # TODO: add support for other tools
            pass

    def build_gui(self):
        """Construct GUI elements."""

        Mpanel = JPanel()
        # Mpanel.setLayout(GridLayout(0, 3))
        Mpanel.setLayout(BoxLayout(Mpanel, BoxLayout.X_AXIS))

        panel = JPanel()
        panel.setLayout(None)

        Mpanel.add(Box.createVerticalGlue())
        Mpanel.add(panel)
        Mpanel.add(Box.createVerticalGlue())

        img = os.path.abspath("gat_logo_sticky.png")

        logo = JLabel(ImageIcon(img))
        logo.setBounds(150, 40, 165, 49)

        save_btn = JButton('Salvar', actionPerformed=self.save_config)
        save_btn.setBounds(100, 240, 75, 30)
        save_btn.setPreferredSize(Dimension(75, 30))

        limpar_btn = JButton('Limpar ID Projeto',
                             actionPerformed=self.clsProjectId)
        limpar_btn.setBounds(250, 240, 150, 30)
        limpar_btn.setPreferredSize(Dimension(150, 30))

        label_h = JLabel('API Url:')
        label_h.setHorizontalAlignment(SwingConstants.RIGHT)
        label_h.setBounds(0, 120, 95, 30)
        label_h.setPreferredSize(Dimension(100, 30))

        self.host_api = JTextField(50)
        self.host_api.setBounds(100, 120, 300, 30)
        self.host_api.setPreferredSize(Dimension(250, 30))

        label_a = JLabel('API Token:')
        label_a.setHorizontalAlignment(SwingConstants.RIGHT)
        label_a.setBounds(0, 160, 95, 30)
        label_a.setPreferredSize(Dimension(100, 30))

        self.api_token = JTextField(50)
        self.api_token.setBounds(100, 160, 300, 30)
        self.api_token.setPreferredSize(Dimension(250, 30))

        label_p = JLabel('Project ID:')
        label_p.setHorizontalAlignment(SwingConstants.RIGHT)
        label_p.setBounds(0, 200, 95, 30)
        label_p.setPreferredSize(Dimension(100, 30))

        self.project_id = JTextField(50)
        self.project_id.setForeground(Color.orange)
        self.project_id.setBackground(Color.gray)
        self.project_id.setBounds(100, 200, 300, 30)
        self.project_id.setPreferredSize(Dimension(250, 30))
        self.project_id.editable = False

        panel.add(logo)
        panel.add(label_h)
        panel.add(self.host_api)
        panel.add(label_a)
        panel.add(self.api_token)
        panel.add(label_p)
        panel.add(self.project_id)
        panel.add(limpar_btn)
        panel.add(save_btn)

        return Mpanel

    def save_config(self, _):
        """Save settings."""
        url = self.host_api.getText()
        token = self.api_token.getText()

        if re.match('https?://', url):
            url = re.sub('https?://', '', url)

        if url[-1:] == "/":
            url = url[:-1]

        if re.match('^(?i)Bearer ', token):
            token = re.sub('^(?i)Bearer ', '', token)

        if not re.match(
                '([a-f\d]{8})-([a-f\d]{4})-([a-f\d]{4})-([a-f\d]{4})-([a-f\d]{12})',
                token):
            JOptionPane.showMessageDialog(None, "Formato de TOKEN invalido!",
                                          "Error", JOptionPane.ERROR_MESSAGE)
            return

        save_setting = self._callbacks.saveExtensionSetting
        save_setting('host_api', url)
        save_setting('api_token', token)
        self.msgrel = True
        self.reload_config()
        return

    def reload_config(self):
        """Reload settings."""
        load_setting = self._callbacks.loadExtensionSetting
        host_api_url = load_setting('host_api') or ''
        host_api_token = load_setting('api_token') or ''
        # project_id = ''

        self.host_api.setText(host_api_url)
        self.api_token.setText(host_api_token)
        # self.project_id.setText(project_id)

        if self.msgrel:
            if self.host_api and self.api_token:
                JOptionPane.showMessageDialog(
                    None, "API token, API url dados salvo\n ", "Informativo",
                    JOptionPane.INFORMATION_MESSAGE)

                print("[+] API token, API url dados salvo")
                print("[+] Recarregue: GAT CORE Extension")
                return

        try:
            vapi = self.checkAuth()

            if vapi.status_code == 200:
                data = json.loads(vapi.text)
                print("[ ] Conectado: {}, {}".format(data['name'],
                                                     data['email']))
                # if self.msgrel:
                JOptionPane.showMessageDialog(
                    None, "Conectado: {}, {}".format(data['name'],
                                                     data['email']),
                    "Informativo", JOptionPane.INFORMATION_MESSAGE)

            else:
                raise Exception("Status_Code({})".format(vapi.status_code))

        except Exception as e:
            print("[-] GAT CORE Settings, erro ao conectar na API.")
            print("[-] Exception: {}".format(e))

        return

    def getTabCaption(self):
        """Return the text to be displayed on the tab"""
        return "GAT CORE Settings"

    def getUiComponent(self):
        """Passes the UI to burp"""
        return self.gui_elements

    def generateReportGat(self, rows):
        quote = '"'
        Id = uuid.uuid4().hex
        self.fileId.append(Id)
        path = os.getcwd()
        folder = "\\exports\\"
        file_name = "{}{}{}.csv".format(path, folder, Id)

        with open(file_name, mode='w') as csv_file:
            fields = [
                'Tool_Type', 'IssueType', 'DetailsFinding_Title', 'Severity',
                'Web_Application_URI', 'Web_Application_Path', 'fTag', 'sTag',
                'Description', 'Recomenation_Title', 'Recommendation'
            ]
            writer = csv.DictWriter(csv_file,
                                    fieldnames=fields,
                                    quotechar=quote,
                                    quoting=csv.QUOTE_NONNUMERIC,
                                    lineterminator='\n')
            writer.writeheader()
            writer.writerows(rows)
        csv_file.close()

        return Id

    def sendIssues(self):
        for Id in self.fileId:
            print("[+] Processando ID: {}".format(Id))
            path = os.getcwd()
            folder = "\\exports\\"
            file_name = "{}{}{}.csv".format(path, folder, Id)
            self.launchThread(self.requestAPI, arguments=file_name)

    def launchThread(self, targetFunction, arguments=None, retur=False):
        """Launches a thread against a specified target function"""
        if arguments:

            t = Thread(name='args', target=targetFunction, args=(arguments, ))
        else:
            t = Thread(name='no-args', target=targetFunction)

        t.setDaemon(True)
        t.start()

        if retur:
            r = t.join()
            return r

    def countHostIssues(self, requestResponses):
        count = 0
        icount = 0
        for reqResp in requestResponses:
            url = reqResp.getHttpService()
            requestIssues = self._callbacks.getScanIssues(str(url))
            if requestIssues:
                if len(requestIssues) > 0:
                    count += 1
                    for issue in requestIssues:
                        icount += 1

        return count, icount

    def requestAPI(self, filename):
        load_setting = self._callbacks.loadExtensionSetting
        api_uri = load_setting('host_api') or ''
        api_token = load_setting('api_token') or ''
        projectid = self.projectId

        name_csv = os.path.basename(filename)
        if projectid:
            resource = "/app/vulnerability/upload/api/Burp/{}".format(
                projectid)

        else:
            resource = "/app/vulnerability/upload/api/Burp"

        # print(resource)
        protocol = "http" if api_uri == "localhost" else "https"
        gatPoint = "{}://{}{}".format(protocol, api_uri, resource)

        try:
            dataList = []
            api_url = URL(gatPoint)
            boundary = name_csv.replace(".csv", "")

            headers = ArrayList()
            headers.add('POST %s HTTP/1.1' % resource)
            headers.add('Host: %s' % api_uri)
            headers.add('Authorization: Bearer %s' % api_token)
            headers.add('Accept: application/json')
            headers.add(
                'Content-type: multipart/form-data; boundary={}'.format(
                    boundary))

            dataList.append('--' + boundary)
            dataList.append(
                'Content-Disposition: form-data; name=file; filename={}'.
                format(name_csv))

            dataList.append('Content-Type: text/csv')
            dataList.append('')
            with open(filename) as f:
                dataList.append(f.read())

            dataList.append('--' + boundary + '--')
            dataList.append('')
            body = '\r\n'.join(dataList)

            newBody = self._helpers.bytesToString(body)

            newRequest = self._helpers.buildHttpMessage(headers, newBody)

            requestInfo = self._helpers.analyzeRequest(newRequest)
            headers = requestInfo.getHeaders()

            response = self._callbacks.makeHttpRequest(api_url.getHost(), 443,
                                                       True, newRequest)

            response_info = self._helpers.analyzeResponse(response)

            response_value = self._helpers.bytesToString(
                response)[response_info.getBodyOffset():].encode("utf-8")

        except Exception as e:
            print("[-] Falha arquivo/envio de Issues ID:{} - Error: {}".format(
                name_csv, e))

        if response_info.getStatusCode() == 200:
            self.removeCSV(filename)
            print("[+] Success ID: {}".format(name_csv.replace(".csv", "")))

        else:
            print("[-] Falhou o envio do ID: {} - code :{}".format(
                name_csv.replace(".csv", ""), response_info.getStatusCode()))

            if response_value:
                print("Error: {}".format(response_value))

            JOptionPane.showMessageDialog(None, "Falhou o envio das Issues",
                                          "Error", JOptionPane.ERROR_MESSAGE)
            self.removeCSV(filename)

    def checkAuth(self):
        """
        Validar api + token GAT
        """
        load_setting = self._callbacks.loadExtensionSetting
        api_uri = load_setting('host_api') or ''
        api_token = load_setting('api_token') or ''

        resource = "/api/v1/me"

        protocol = "http" if api_uri == "localhost" else "https"
        gatPoint = "{}://{}{}".format(protocol, api_uri, resource)

        api_url = URL(gatPoint)

        headers = ArrayList()
        headers.add('GET %s HTTP/1.1' % resource)
        headers.add('Host: %s' % api_uri)
        headers.add('Authorization: Bearer %s' % api_token)
        headers.add('Content-Type: application/json')

        newRequest = self._helpers.buildHttpMessage(headers, None)

        requestInfo = self._helpers.analyzeRequest(newRequest)
        headers = requestInfo.getHeaders()

        response = self._callbacks.makeHttpRequest(api_url.getHost(), 443,
                                                   True, newRequest)

        response_info = self._helpers.analyzeResponse(response)
        response_value = self._helpers.bytesToString(
            response)[response_info.getBodyOffset():].encode("utf-8")

        response = {}
        response['status_code'] = response_info.getStatusCode()
        response['text'] = response_value
        r = DotDict(response)
        return r

    def removeCSV(self, path):
        """ param <path> could either be relative or absolute. """
        if os.path.isfile(path) or os.path.islink(path):
            os.remove(path)
        else:
            raise ValueError("file {} is not a file".format(path))

    def clsProjectId(self, _):
        self.project_id.setText(None)
        self.project = False
        self.projectId = None
        JOptionPane.showMessageDialog(
            None, "Redefinido envio de Issues sem Projeto.", "Informativo",
            JOptionPane.INFORMATION_MESSAGE)
Ejemplo n.º 17
0
def instReg():
    global frame
    global tfName
    global tfPhone
    global taAddress
    global tfAdminLoginId
    global tfAdminPassword
    
    frame = JFrame("Registration Form ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500,550)
    frame.setLocation(200,200)
    frame.setLayout(None)
    frame.setVisible(True)
    
    panel = JPanel()
    panel.setSize(500,550)
    panel.setLocation(0,0)
    panel.setLayout(None)
    panel.setBackground(Color.LIGHT_GRAY)
    
    heading = JLabel("Institute Registration Form ")
    heading.setBounds(200,30,150,30)
    
    lbName = JLabel("Name")
    lbPhone =JLabel("Phone no ")
    lbAddress = JLabel("Address")
    lbAdminLoginId = JLabel("Admin login  ")
    lbAdminPassword =JLabel("Admin Password")

    font =  Font("Courier",Font.PLAIN,16)		
    
    tfName = JTextField()
    tfPhone = JTextField()
    taAddress =JTextArea()
    tfAdminLoginId = JTextField()
    tfAdminPassword = JTextField()
    
    lbName.setBounds(70,100,150,40)
    lbPhone.setBounds(70,150,150,40)
    lbAddress.setBounds(70,200,150,40)
    lbAdminLoginId.setBounds(70,310,150,40)
    lbAdminPassword.setBounds(70,360,150,40)
    
    tfName = JTextField()
    tfPhone = JTextField()
    taAddress = JTextArea()
    tfAdminLoginId = JTextField()
    tfAdminPassword = JTextField()
    
    tfName.setBounds(250,100,200,40)
    tfPhone.setBounds(250,150,200,40)
    taAddress.setBounds(250,200,200,100)
    tfAdminLoginId.setBounds(250,310,200,40)
    tfAdminPassword.setBounds(250,360,200,40)
    
    tfName.setFont(font)
    tfPhone.setFont(font)
    taAddress.setFont(font)
    tfAdminLoginId.setFont(font)
    tfAdminPassword.setFont(font) 
    
    sp = JScrollPane(taAddress)
    c = frame.getContentPane()
    
    btnSave = JButton("Save",actionPerformed=clickAdminReg)
    btnSave.setBounds(350,420,80,30)
    
    
    
    #panel.add(lbName)
    #panel.add(lbPhone)
    #panel.add(lbAddress)
    #panel.add(lbAdminLoginId)
    #panel.add(lbAdminPassword)
    #panel.add(tfName)
    #panel.add(tfPhone)
    #panel.add(c)
    #panel.add(tfAdminLoginId)
    #panel.add(tfAdminPassword)
    #panel.add(btnSave)
    #panel.add(btnLogin)
    
    c.add(lbName)
    c.add(lbPhone)
    c.add(lbAddress)
    c.add(lbAdminLoginId)
    c.add(lbAdminPassword)
    c.add(tfName)
    c.add(tfPhone)
    c.add(taAddress)
    c.add(tfAdminLoginId)
    c.add(tfAdminPassword)
    c.add(btnSave)
    
    frame.add(c)
Ejemplo n.º 18
0
def addStudent(courseName, courseFee, v):

    global tfStudentName
    global tfStudentPhone
    global tfStudentEmail
    global taStudentAddress
    global tfCourseName
    global tfCourseFee
    global cbStudentAssignTeacher
    global frame

    frame = JFrame("Add Student ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500, 600)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(500, 600)
    panel.setLocation(0, 0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)

    heading = JLabel("ADD STUDENT")
    heading.setBounds(200, 30, 150, 40)

    lbCourseName = JLabel(" Course name")
    lbCourseFee = JLabel(" Course Fee")
    lbStudentName = JLabel("Student name ")
    lbStudentPhone = JLabel("Phone")
    lbStudentEmail = JLabel("Email Id")
    lbStudentAddress = JLabel("Address")
    lbStudentAssignTeacher = JLabel("Student Assign teacher  ")

    tfCourseName = JTextField(courseName)
    tfCourseFee = JTextField(str(courseFee))
    tfStudentName = JTextField()
    tfStudentPhone = JTextField()
    tfStudentEmail = JTextField()
    taStudentAddress = JTextArea()
    cbStudentAssignTeacher = JComboBox(v)

    tfCourseName.setEditable(False)
    tfCourseFee.setEditable(False)

    lbCourseName.setBounds(70, 100, 130, 30)
    lbCourseFee.setBounds(70, 150, 130, 30)
    lbStudentName.setBounds(70, 200, 130, 30)
    lbStudentPhone.setBounds(70, 250, 130, 30)
    lbStudentEmail.setBounds(70, 300, 130, 30)
    lbStudentAddress.setBounds(70, 350, 130, 80)
    lbStudentAssignTeacher.setBounds(70, 450, 130, 30)

    tfCourseName.setBounds(220, 100, 130, 30)
    tfCourseFee.setBounds(220, 150, 130, 30)
    tfStudentName.setBounds(220, 200, 130, 30)
    tfStudentPhone.setBounds(220, 250, 130, 30)
    tfStudentEmail.setBounds(220, 300, 130, 30)
    taStudentAddress.setBounds(220, 350, 130, 80)
    cbStudentAssignTeacher.setBounds(220, 450, 130, 30)

    btnEnter = JButton("ADD", actionPerformed=clickAddStudent)
    btnEnter.setBounds(350, 510, 100, 40)

    btnCancel = JButton("Cancel", actionPerformed=clickbtnCancelForm)
    btnCancel.setBounds(50, 510, 100, 40)

    panel.add(heading)
    panel.add(lbCourseName)
    panel.add(lbCourseFee)
    panel.add(lbStudentName)
    panel.add(lbStudentPhone)
    panel.add(lbStudentEmail)
    panel.add(lbStudentAddress)
    panel.add(lbStudentAssignTeacher)
    panel.add(tfCourseName)
    panel.add(tfCourseFee)
    panel.add(tfStudentName)
    panel.add(tfStudentPhone)
    panel.add(tfStudentEmail)
    panel.add(taStudentAddress)
    panel.add(cbStudentAssignTeacher)
    panel.add(btnEnter)
    panel.add(btnCancel)

    frame.add(panel)
Ejemplo n.º 19
0
def updateStudent(stObj):
    global studentId
    global tfStudentName
    global tfStudentPhone
    global tfStudentEmail
    global taStudentAddress
    global tfCourseName
    global cbStudentAssignTeacher
    global frame
    
    frame = JFrame("Update student ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500,500)
    frame.setLocation(200,200)
    frame.setLayout(None)
    frame.setVisible(True)
    
    panel = JPanel()
    panel.setSize(500,500)
    panel.setLocation(0,0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)
    
    studentId = getattr(stObj,'studentId')
    studentName= getattr(stObj,'studentName')
    studentPhone = getattr(stObj,'studentPhone')
    studentEmail = getattr(stObj,'studentEmail')
    studentAddress = getattr(stObj,'studentAddress')
    studentCourse = getattr(stObj,'courseName')
    
    teachersName =  srv.showStudentChoiceCourse(studentCourse)
    v = Vector()
    for d in teachersName: 
            v.add(d[0].encode('ascii')) 
    
    
    heading = JLabel("Update  TEACHER")
    heading.setBounds(200,30,150,40)

    lbStudentName = JLabel("Student name ")
    lbStudentPhone = JLabel("Phone")
    lbStudentEmail = JLabel("Email Id")
    lbStudentAddress = JLabel("Address")
    lbStudentAssignTeacher = JLabel("Student Assign teacher  ")
    
    tfStudentName = JTextField(studentName)
    tfStudentPhone = JTextField(studentPhone)
    tfStudentEmail = JTextField(studentEmail)
    taStudentAddress = JTextArea(studentAddress)
    cbStudentAssignTeacher = JComboBox(v)
    
    
    lbStudentName.setBounds(70,100,130,30)
    lbStudentPhone.setBounds(70,150,130,30)
    lbStudentEmail.setBounds(70,200,130,30)
    lbStudentAddress.setBounds(70,250,130,30)
    lbStudentAssignTeacher.setBounds(70,350,130,30)
    
    tfStudentName.setBounds(220,100,130,30)
    tfStudentPhone.setBounds(220,150,130,30)
    tfStudentEmail.setBounds(220,200,130,30)
    taStudentAddress.setBounds(220,250,130,80)
    cbStudentAssignTeacher.setBounds(220,350,130,30)
    
    
    btnEnter = JButton("Update",actionPerformed=clickUpdateStudent)
    btnEnter.setBounds(350,420,100,40)
    
    btnCancel = JButton("Cancel",actionPerformed=clickbtnCancel)
    btnCancel.setBounds(50,420,100,40)
    
    panel.add(heading)
    panel.add(lbStudentName)
    panel.add(lbStudentPhone)
    panel.add(lbStudentEmail)
    panel.add(lbStudentAddress)
    panel.add(lbStudentAssignTeacher)
    panel.add(tfStudentName)
    panel.add(tfStudentPhone)
    panel.add(tfStudentEmail)
    panel.add(taStudentAddress)
    panel.add(cbStudentAssignTeacher)
    panel.add(btnEnter)
    panel.add(btnCancel)
    
    frame.add(panel)
def addTeacher():

    global heading
    global tfTeacherName
    global tfTeacherPhone
    global taTeacherAddress
    global tfTeacherEmail
    global tfTeacherCourse
    global tfTeacherPayment
    global frame
    global btnEnter

    frame = JFrame("Add Teacher ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500, 600)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(500, 600)
    panel.setLocation(0, 0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)

    heading = JLabel("ADD TEACHER")
    heading.setBounds(200, 30, 150, 40)

    lbTeacherName = JLabel("Teacher Name ")
    lbTeacherPhone = JLabel("Phone")
    lbTeacherEmail = JLabel("Email")
    lbTeacherAddress = JLabel("Address")
    lbTeacherCourse = JLabel("Teacher Course ")
    lbTeacherPayment = JLabel("Teacher Payment")

    tfTeacherName = JTextField()
    tfTeacherPhone = JTextField()
    taTeacherAddress = JTextArea()
    tfTeacherEmail = JTextField()
    tfTeacherCourse = JTextField()
    tfTeacherPayment = JTextField()

    lbTeacherName.setBounds(70, 100, 130, 30)
    lbTeacherPhone.setBounds(70, 150, 130, 30)
    lbTeacherEmail.setBounds(70, 200, 130, 30)
    lbTeacherAddress.setBounds(70, 250, 130, 30)
    lbTeacherCourse.setBounds(70, 350, 130, 30)
    lbTeacherPayment.setBounds(70, 400, 130, 30)

    tfTeacherName.setBounds(220, 100, 130, 30)
    tfTeacherPhone.setBounds(220, 150, 130, 30)
    tfTeacherEmail.setBounds(220, 200, 130, 30)
    taTeacherAddress.setBounds(220, 250, 130, 80)
    tfTeacherCourse.setBounds(220, 350, 130, 30)
    tfTeacherPayment.setBounds(220, 400, 130, 30)

    btnEnter = JButton("ADD", actionPerformed=clickAddTeacher)
    btnEnter.setBounds(350, 450, 100, 40)

    panel.add(heading)
    panel.add(lbTeacherName)
    panel.add(lbTeacherPhone)
    panel.add(lbTeacherEmail)
    panel.add(lbTeacherAddress)
    panel.add(lbTeacherCourse)
    panel.add(lbTeacherPayment)
    panel.add(tfTeacherName)
    panel.add(tfTeacherPhone)
    panel.add(tfTeacherEmail)
    panel.add(taTeacherAddress)
    panel.add(tfTeacherCourse)
    panel.add(tfTeacherPayment)
    panel.add(btnEnter)

    frame.add(panel)
class BurpExtender(IBurpExtender, IScannerListener, ITab):
    def registerExtenderCallbacks(self, callbacks):
        self._callbacks = callbacks
        self.helpers = callbacks.helpers
        callbacks.setExtensionName("Orchy-Webhook")
        self.frame = JPanel()
        self.frame.setSize(1024, 786)
        self.frame.setLayout(None)
        self.plugin_path = os.getcwd()
        self.db_file_path = os.path.join(os.getcwd(), 'burp_db.json')
        self.cwe_dict = json.load(open(self.db_file_path, 'r'))
        self.results = {}
        self.severity_dict = {
            'Low': 1,
            'Medium': 2,
            'High': 3,
            'Information': 0,
            'Info': 0,
        }
        self.urls = []
        self.confidence_dict = {'Certain': 3, 'Firm': 2, 'Tentative': 1}

        callbacks.registerScannerListener(self)

        button1 = JButton(ImageIcon(
            ((ImageIcon(self.plugin_path +
                        "/refresh.jpg")).getImage()).getScaledInstance(
                            13, 13, SCALE_SMOOTH)),
                          actionPerformed=self.refresh)
        button1.setBounds(30, 50, 22, 22)
        lbl0 = JLabel("Orchestron Webhook:")
        lbl0.setFont(Font("", Font.BOLD, 12))
        lbl0.setForeground(Color(0xFF7F50))
        lbl0.setBounds(60, 20, 200, 20)
        lbl1 = JLabel('Host')
        lbl1.setBounds(60, 50, 100, 20)
        self.txt1 = JComboBox()
        self.txt1.setBounds(200, 50, 220, 24)
        lbl2 = JLabel("Webhook Url")
        lbl2.setBounds(60, 80, 100, 20)
        self.txt2 = JTextField('', 300)
        self.txt2.setBounds(200, 80, 220, 24)
        lbl3 = JLabel("Authorization Token")
        lbl3.setBounds(60, 110, 200, 20)
        self.txt3 = JTextField('', 60)
        self.txt3.setBounds(200, 110, 220, 24)
        lbl4 = JLabel("Engagement-ID")
        lbl4.setBounds(60, 140, 200, 20)
        self.txt4 = JTextField('', 40)
        self.txt4.setBounds(200, 140, 220, 24)
        button2 = JButton('Push Results', actionPerformed=self.push)
        button2.setBounds(200, 170, 120, 24)
        self.message = JLabel('')
        self.message.setBounds(330, 170, 180, 24)
        self.frame.add(button1)
        self.frame.add(lbl0)
        self.frame.add(lbl1)
        self.frame.add(self.txt1)
        self.frame.add(lbl2)
        self.frame.add(self.txt2)
        self.frame.add(lbl3)
        self.frame.add(self.txt3)
        self.frame.add(lbl4)
        self.frame.add(self.txt4)
        self.frame.add(button2)
        self.frame.add(self.message)

        callbacks.customizeUiComponent(self.frame)
        callbacks.addSuiteTab(self)

    def refresh(self, event):
        self.txt1.removeAllItems()
        for host in self.results.keys():
            self.txt1.addItem(host)
        self.message.text = ''

    def newScanIssue(self, issue):
        callbacks = self._callbacks
        # print "New Issue Identified:"+issue.getUrl().toString()
        if callbacks.isInScope(issue.getUrl()) == 1:
            self.tmp = issue.getUrl()
            self.scheme = self.tmp.protocol
            self.port = self.tmp.port
            self.fqdn = self.tmp.host
            if self.port == -1:
                if self.scheme == 'https':
                    self.port = 443
                elif self.scheme == 'http':
                    self.port = 80
                else:
                    self.scheme = 'http'
                    self.port = 80
            self.host = str(self.scheme + '://' + self.fqdn + ':' +
                            str(self.port))

            if not self.results:
                self.results[self.host] = {'scan_dict': {}}

            for host in self.results.keys():
                if host == self.host:
                    if str(issue.getIssueType()) in self.cwe_dict.keys():
                        name = self.cwe_dict.get(str(issue.getIssueType()),
                                                 '')[1]
                        cwe_id = self.cwe_dict.get(str(issue.getIssueType()),
                                                   '')[0]
                    else:
                        name = 'Burp IssueType - {0}'.format(
                            str(issue.getIssueType()))
                        cwe_id = 0

                    if name in self.results[host]['scan_dict'].keys():
                        old_evidance = self.results[host]['scan_dict'][
                            name].get('evidences')
                        for httpmessage in issue.getHttpMessages():
                            request = (httpmessage.getRequest().tostring()
                                       if httpmessage.getRequest() else None)
                            request = b64encode(request.encode('utf-8'))
                            response = (httpmessage.getResponse().tostring()
                                        if httpmessage.getResponse() else None)
                            response = b64encode(response.encode('utf-8'))
                            info_dict = {
                                'url': issue.getUrl().toString(),
                                'name': issue.getIssueName(),
                                'request': request,
                                'response': response
                            }
                            old_evidance.append(info_dict)
                    else:
                        severity = self.severity_dict.get(
                            issue.getSeverity(), '')
                        confidence = self.confidence_dict.get(
                            issue.getConfidence(), '')
                        evidences = []
                        for httpmessage in issue.getHttpMessages():
                            request = (httpmessage.getRequest().tostring()
                                       if httpmessage.getRequest() else None)
                            request = b64encode(request.encode('utf-8'))
                            response = (httpmessage.getResponse().tostring()
                                        if httpmessage.getResponse() else None)
                            response = b64encode(response.encode('utf-8'))
                            info_dict = {
                                'url': issue.getUrl().toString(),
                                'name': issue.getIssueName(),
                                'request': request,
                                'response': response
                            }
                            evidences.append(info_dict)
                        self.results[host]['scan_dict'][name] = {
                            'description': issue.getIssueDetail(),
                            'remediation': '',
                            'severity': severity,
                            'cwe': cwe_id,
                            'evidences': evidences
                        }

                else:
                    self.results[self.host] = {'scan_dict': {}}
                    if str(issue.getIssueType()) in self.cwe_dict.keys():
                        name = self.cwe_dict.get(str(issue.getIssueType()),
                                                 '')[1]
                        cwe_id = self.cwe_dict.get(str(issue.getIssueType()),
                                                   '')[0]
                    else:
                        name = 'Burp IssueType - {0}'.format(
                            str(issue.getIssueType()))
                        cwe_id = 0

                    severity = self.severity_dict.get(issue.getSeverity(), '')
                    confidence = self.confidence_dict.get(
                        issue.getConfidence(), '')
                    evidences = []
                    for httpmessage in issue.getHttpMessages():
                        request = (httpmessage.getRequest().tostring()
                                   if httpmessage.getRequest() else None)
                        request = b64encode(request.encode('utf-8'))
                        response = (httpmessage.getResponse().tostring()
                                    if httpmessage.getResponse() else None)
                        response = b64encode(response.encode('utf-8'))
                        info_dict = {
                            'url': issue.getUrl().toString(),
                            'name': issue.getIssueName(),
                            'request': request,
                            'response': response
                        }
                        evidences.append(info_dict)
                    self.results[host]['scan_dict'][name] = {
                        'description': issue.getIssueDetail(),
                        'remediation': '',
                        'severity': severity,
                        'cwe': cwe_id,
                        'evidences': evidences
                    }

    def push(self, event):
        if self.txt1.getSelectedItem():
            vulns = {}
            vulns['tool'] = 'Burp'
            vulns['vulnerabilities'] = []
            for k, v in self.results[
                    self.txt1.getSelectedItem()]['scan_dict'].items():
                vulnerability = {
                    'name': str(k),
                    'description': v.get('description', ''),
                    'remediation': '',
                    'severity': v.get('severity', None),
                    'cwe': v.get('cwe', 0),
                    'evidences': v.get('evidences', None)
                }
                vulns['vulnerabilities'].append(vulnerability)

            if self.txt2.text and self.txt3.text:
                webhook_url = self.txt2.text
                auth_token = self.txt3.text
                engagement_id = ''
                if self.txt4.text:
                    engagement_id = self.txt4.text
                req_headers = {
                    'Authorization': 'Token ' + auth_token,
                    'X-Engagement-ID': engagement_id
                }
                req = requests.post(webhook_url,
                                    headers=req_headers,
                                    json={'vuls': vulns})
                if req.status_code == 200:
                    self.message.text = "Result pushed successfully"
                    with open('./orchy_log.txt', 'a') as orchy_log:
                        orchy_log.write(req.content + '\n')
                        orchy_log.close()
                else:
                    with open('./orchy_log.txt', 'a') as orchy_log:
                        orchy_log.write(req.content + '\n')
                        orchy_log.close()
                    self.message.text = "Failed"

    def getTabCaption(self):
        return 'Orchy-Webhook'

    def getUiComponent(self):
        return self.frame
Ejemplo n.º 22
0
btn8.setBounds(101, 101, 100, 100)
btn9 = JButton("9", actionPerformed=clickBtn9)
btn9.setBounds(201, 101, 100, 100)
btnDivide = JButton("/", actionPerformed=clickBtnDivide)
btnDivide.setBounds(301, 101, 100, 80)
btnMultiply = JButton("*", actionPerformed=clickBtnMultiply)
btnMultiply.setBounds(301, 181, 100, 80)
btnSubtract = JButton("-", actionPerformed=clickBtnSubtract)
btnSubtract.setBounds(301, 261, 100, 80)
btnPlus = JButton("+", actionPerformed=clickBtnPlus)
btnPlus.setBounds(301, 341, 100, 80)
btnEqual = JButton("=", actionPerformed=clickBtnEqual)
btnEqual.setBounds(301, 421, 100, 80)

tf = JTextField("")
tf.setBounds(0, 0, 400, 100)
tf.setHorizontalAlignment(JTextField.RIGHT)
font = Font("Courier", Font.BOLD, 30)
tf.setFont(font)

frame.add(btnDot)
frame.add(btnDel)
frame.add(btn0)
frame.add(btnEqual)
frame.add(btn1)
frame.add(btn2)
frame.add(btn3)
frame.add(btn4)
frame.add(btn5)
frame.add(btn6)
frame.add(btn7)
class BurpExtender(IBurpExtender, ITab, IHttpListener):
    def registerExtenderCallbacks(self, callbacks):
        self._callbacks = callbacks
        self._helpers = callbacks.getHelpers()
        callbacks.setExtensionName("burp-sensitive-param-extractor")
        self._stdout = PrintWriter(callbacks.getStdout(), True)
        callbacks.registerHttpListener(self)
        #callbacks.registerMessageEditorTabFactory(self)
        print 'burp-sensitive-param-extractor loaded.\nAuthor:LSA\nhttps://github.com/theLSA/burp-sensitive-param-extractor'

        self.sensitiveParamR = getParamRegular()

        self._callbacks.customizeUiComponent(self.getUiComponent())
        self._callbacks.addSuiteTab(self)
        #self.endColors = []
        self.requestParamDict = {}
        self.resultSensitiveParamsDict = {}

    def getTabCaption(self):
        return 'BSPE'

    def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):

        if messageIsRequest and toolFlag == 4:
            self.requestParamDict['urlParams'] = []
            self.requestParamDict['BodyParams'] = []
            self.requestParamDict['cookieParams'] = []
            self.requestParamDict['jsonParams'] = []

            cookieParamFlag = 0

            service = messageInfo.getHttpService()
            request = messageInfo.getRequest()
            analyzeReq = self._helpers.analyzeRequest(service, request)
            reqUrl = self._helpers.analyzeRequest(messageInfo).getUrl()
            reqMethod = self._helpers.analyzeRequest(messageInfo).getMethod()

            reqParams = analyzeReq.getParameters()

            for param in reqParams:
                paramType = param.getType()

                if paramType == 0:
                    #self.outputTxtArea.append("\nurlParams-")

                    paramName = param.getName()
                    paramValue = param.getValue()
                    print 'urlParams:'
                    print paramName + ':' + paramValue
                    #self.outputTxtArea.append("[%s]" % paramName)
                    self.requestParamDict['urlParams'].append(
                        paramName.strip())

                if paramType == 1:
                    #self.outputTxtArea.append("\nBodyParams-")

                    paramName = param.getName()
                    paramValue = param.getValue()
                    print 'BodyParams:'
                    print paramName + ':' + paramValue
                    #self.outputTxtArea.append("[%s]\n" % paramName)
                    self.requestParamDict['BodyParams'].append(
                        paramName.strip())

                if paramType == 2:
                    #self.outputTxtArea.append("\ncookieParams-")

                    paramName = param.getName()
                    paramValue = param.getValue()
                    print 'CookieParams:'
                    print paramName + ':' + paramValue
                    #self.outputTxtArea.append("[%s]\n" % paramName)
                    self.requestParamDict['cookieParams'].append(
                        paramName.strip())
                    cookieParamFlag = 1

                if paramType == 6:
                    #self.outputTxtArea.append("\njsonParams-")

                    paramName = param.getName()
                    paramValue = param.getValue()
                    print 'JsonParams:'
                    print paramName + ':' + paramValue
                    #self.outputTxtArea.append("[%s]\n" % paramName)
                    self.requestParamDict['jsonParams'].append(
                        paramName.strip())

            self.resultSensitiveParamsDict = self.findSensitiveParam(
                self.requestParamDict)
            #print self.resultSensitiveParamsDict

            for rspdKey in self.resultSensitiveParamsDict.keys():
                if self.resultSensitiveParamsDict[rspdKey] != []:
                    print "[%s][%s]" % (reqMethod, reqUrl)
                    self.outputTxtArea.append(
                        "\n------------------------------------------------------\n"
                    )
                    self.outputTxtArea.append("[%s][%s]\n" %
                                              (reqMethod, reqUrl))
                    break

            for rspdKey in self.resultSensitiveParamsDict.keys():
                if self.resultSensitiveParamsDict[rspdKey] != []:
                    self.outputTxtArea.append(
                        "\n" + rspdKey + "--" +
                        str(self.resultSensitiveParamsDict[rspdKey]))

            self.write2file()

            #pass

        else:
            return

    def findSensitiveParam(self, requestParamDict):
        #sensitiveParamR = getParamRegular()
        resultSensitiveParamsDict = {}
        resultSensitiveParamsDict['urlParams'] = []

        resultSensitiveParamsDict['BodyParams'] = []

        resultSensitiveParamsDict['cookieParams'] = []

        resultSensitiveParamsDict['jsonParams'] = []

        #print requestParamDict

        for spr in self.sensitiveParamR:
            for key in requestParamDict.keys():
                for reqParam in requestParamDict[key]:
                    if len(spr) == 1:
                        if spr == reqParam.lower():
                            resultSensitiveParamsDict[key].append(reqParam)
                    else:
                        if spr in reqParam.lower():
                            print spr + ' in ' + reqParam
                            resultSensitiveParamsDict[key].append(reqParam)
        #print resultSensitiveParamsDict
        for key in resultSensitiveParamsDict.keys():
            resultSensitiveParamsDict[key] = {}.fromkeys(
                resultSensitiveParamsDict[key]).keys()
            #resultSensitiveParamsDict[key] = sorted(resultSensitiveParamsDict[key],key=resultSensitiveParamsDict[key].index)
        #print resultSensitiveParamsDict
        return resultSensitiveParamsDict

    def write2file(self):
        sensitiveParamsList = getSensitiveParamsFromFile()
        newSensitiveParamsList = []
        #print self.resultSensitiveParamsDict
        for rspdKey in self.resultSensitiveParamsDict.keys():
            if (self.resultSensitiveParamsDict[rspdKey] != []) and (set(
                    self.resultSensitiveParamsDict[rspdKey]).issubset(
                        set(sensitiveParamsList)) == False):
                newSensitiveParamsList.extend([
                    newSensitiveParam for newSensitiveParam in
                    self.resultSensitiveParamsDict[rspdKey]
                    if newSensitiveParam not in sensitiveParamsList
                ])
        #print str(newSensitiveParamsList)

        if newSensitiveParamsList != []:
            newSensitiveParamsList = {}.fromkeys(newSensitiveParamsList).keys()

            with open('sensitive-params.txt', 'a') as sps:
                for nsp in newSensitiveParamsList:
                    #print 'writeNewParams:'+nsp
                    sps.write('\n' + nsp)

    def addAndSaveNewParamRegular(self, event):
        NewParamRegular = self.addAndSaveNewParamRegularTextField.getText()
        if NewParamRegular not in self.sensitiveParamR:
            self.sensitiveParamR.append(NewParamRegular)
            with open(paramRegularFile, 'a') as prf:
                prf.write('\n' + NewParamRegular)
            self.alertSaveSuccess.showMessageDialog(self.spePanel,
                                                    "Add and save success!")
        else:
            self.alertSaveSuccess.showMessageDialog(self.tab,
                                                    "paramRegular existed.")

        self.sensitiveParamsRegularListPanel.setListData(self.sensitiveParamR)
        self.sensitiveParamsRegularListPanel.revalidate()

        #self.sensitiveParamR = getParamRegular()

    def delParamRegular(self, event):
        #delParamRegularsIndex = self.sensitiveParamsRegularListPanel.selectedIndex
        #if delParamRegularsIndex >= 0:
        #    print delParamRegularsIndex
        #    print self.sensitiveParamR[delParamRegularsIndex]
        for sprlp in self.sensitiveParamsRegularListPanel.getSelectedValuesList(
        ):
            #print sprlp
            self.sensitiveParamR.remove(sprlp)

        #with open(paramRegularFile,'r') as prf1:
        #    lines = prf1.readlines()

        with open(paramRegularFile, 'w') as prf2:
            #print self.sensitiveParamsRegularListPanel.getSelectedValuesList()
            #for line in lines:
            #    if line.strip() in self.sensitiveParamsRegularListPanel.getSelectedValuesList():
            #        print 'remove:'+line
            #        lines.remove(line)
            #for spr1 in lines:
            #    #print spr1
            #    prf2.write(spr1)
            for spr2i, spr2 in enumerate(self.sensitiveParamR):
                print spr2i
                print spr2
                if spr2i == len(self.sensitiveParamR) - 1:
                    prf2.write(spr2)
                else:
                    prf2.write(spr2 + '\n')

        self.sensitiveParamsRegularListPanel.setListData(self.sensitiveParamR)
        self.sensitiveParamsRegularListPanel.revalidate()

        #self.sensitiveParamR = getParamRegular()

    def clearRst(self, event):
        self.outputTxtArea.setText("")

    def exportRst(self, event):
        chooseFile = JFileChooser()
        ret = chooseFile.showDialog(self.logPane, "Choose file")
        filename = chooseFile.getSelectedFile().getCanonicalPath()
        print "\n" + "Export to : " + filename
        open(filename, 'w', 0).write(self.outputTxtArea.text)

    def getUiComponent(self):
        self.spePanel = JPanel()
        self.spePanel.setBorder(None)
        self.spePanel.setLayout(None)

        self.logPane = JScrollPane()
        self.outputTxtArea = JTextArea()
        self.outputTxtArea.setFont(Font("Consolas", Font.PLAIN, 12))
        self.outputTxtArea.setLineWrap(True)
        self.logPane.setViewportView(self.outputTxtArea)
        self.spePanel.add(self.logPane)

        self.clearBtn = JButton("Clear", actionPerformed=self.clearRst)
        self.exportBtn = JButton("Export", actionPerformed=self.exportRst)
        self.parentFrm = JFileChooser()

        self.spePanel.add(self.clearBtn)
        self.spePanel.add(self.exportBtn)

        self.logPane.setBounds(20, 50, 800, 600)

        self.clearBtn.setBounds(20, 650, 100, 30)
        self.exportBtn.setBounds(600, 650, 100, 30)

        self.sensitiveParamsRegularListPanel = JList(self.sensitiveParamR)
        self.sensitiveParamsRegularListPanel.setVisibleRowCount(
            len(self.sensitiveParamR))

        #self.spePanel.add(self.sensitiveParamsRegularListPanel)

        #self.sensitiveParamsRegularListPanel.setBounds(850,50,150,600)

        self.sensitiveParamsRegularListScrollPanel = JScrollPane()
        self.sensitiveParamsRegularListScrollPanel.setViewportView(
            self.sensitiveParamsRegularListPanel)
        self.spePanel.add(self.sensitiveParamsRegularListScrollPanel)
        self.sensitiveParamsRegularListScrollPanel.setBounds(850, 50, 150, 600)

        self.addAndSaveNewParamRegularButton = JButton(
            'add&&save', actionPerformed=self.addAndSaveNewParamRegular)
        self.spePanel.add(self.addAndSaveNewParamRegularButton)
        self.addAndSaveNewParamRegularButton.setBounds(1000, 50, 150, 30)

        self.addAndSaveNewParamRegularTextField = JTextField('NewParamRegular')
        self.spePanel.add(self.addAndSaveNewParamRegularTextField)
        self.addAndSaveNewParamRegularTextField.setBounds(1150, 50, 100, 30)

        self.alertSaveSuccess = JOptionPane()
        self.spePanel.add(self.alertSaveSuccess)

        self.delParamRegularButton = JButton(
            "delete", actionPerformed=self.delParamRegular)
        self.spePanel.add(self.delParamRegularButton)
        self.delParamRegularButton.setBounds(1000, 90, 100, 30)

        return self.spePanel
Ejemplo n.º 24
0
def studentProfileForm(data):

    global heading
    global tfStudentName
    global tfStudentPhone
    global taStudentAddress
    global tfStudentEmail
    global tfCourseName
    global tfCourseFee
    global tfStudentAssignTeacher
    global frame
    global btnEnter

    frame = JFrame(" Student ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500, 620)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(500, 620)
    panel.setLocation(0, 0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)

    heading = JLabel(" STUDENT PROFILE")
    heading.setBounds(200, 30, 150, 40)

    lbStudentName = JLabel("Student Name ")
    lbStudentPhone = JLabel("Phone")
    lbStudentEmail = JLabel("Email")
    lbStudentAddress = JLabel("Address")
    lbCourseName = JLabel("Course Name ")
    lbCourseFee = JLabel("Course Fee")
    lbStudentAssignTeacher = JLabel("Teacher")

    studentName = data[0].encode('ascii')
    studentPhone = data[1].encode('ascii')
    studentEmail = data[2].encode('ascii')
    studentAddress = data[3].encode('ascii')
    courseName = data[4].encode('ascii')
    courseFee = data[5]
    studentAssignTeacher = data[6].encode('ascii')

    tfStudentName = JTextField(studentName)
    tfStudentPhone = JTextField(studentPhone)
    taStudentAddress = JTextArea(studentAddress)
    tfStudentEmail = JTextField(studentEmail)
    tfCourseName = JTextField(courseName)
    tfCourseFee = JTextField(str(courseFee))
    tfStudentAssignTeacher = JTextField(studentAssignTeacher)

    tfCourseName.setEditable(False)
    tfCourseFee.setEditable(False)
    tfStudentAssignTeacher.setEditable(False)
    tfStudentName.setEditable(False)

    lbStudentName.setBounds(70, 100, 130, 30)
    lbStudentPhone.setBounds(70, 150, 130, 30)
    lbStudentEmail.setBounds(70, 200, 130, 30)
    lbStudentAddress.setBounds(70, 250, 130, 30)
    lbCourseName.setBounds(70, 350, 130, 30)
    lbCourseFee.setBounds(70, 400, 130, 30)
    lbStudentAssignTeacher.setBounds(70, 450, 130, 30)

    tfStudentName.setBounds(220, 100, 130, 30)
    tfStudentPhone.setBounds(220, 150, 130, 30)
    tfStudentEmail.setBounds(220, 200, 130, 30)
    taStudentAddress.setBounds(220, 250, 130, 80)
    tfCourseName.setBounds(220, 350, 130, 30)
    tfCourseFee.setBounds(220, 400, 130, 30)
    tfStudentAssignTeacher.setBounds(220, 450, 130, 30)

    btnEnter = JButton("Update", actionPerformed=clickUpdateStudent)
    btnEnter.setBounds(350, 530, 100, 40)

    btnCancel = JButton("Cancel", actionPerformed=clickCancel)
    btnCancel.setBounds(100, 530, 100, 40)

    panel.add(heading)
    panel.add(lbStudentName)
    panel.add(lbStudentPhone)
    panel.add(lbStudentEmail)
    panel.add(lbStudentAddress)
    panel.add(lbCourseName)
    panel.add(lbCourseFee)
    panel.add(lbStudentAssignTeacher)
    panel.add(tfStudentName)
    panel.add(tfStudentPhone)
    panel.add(tfStudentEmail)
    panel.add(taStudentAddress)
    panel.add(tfCourseName)
    panel.add(tfCourseFee)
    panel.add(tfStudentAssignTeacher)
    panel.add(btnEnter)
    panel.add(btnCancel)

    frame.add(panel)
Ejemplo n.º 25
0
class GUI(ITab, ActionListener, KeyAdapter):
    def __init__(self):
       return
        
    def getTabCaption(self):
        return "BurpExtension"
    
    def getUiComponent(self):
        return self.UI()
        
    def UI(self):
        self.val=""
        self.tabbedPane = JTabbedPane(JTabbedPane.TOP)
        self.panel = JPanel()
        self.tabbedPane.addTab("App Details", None, self.panel, None) # Details of app currently under pentest would be pulled into here through API
        self.panel_1 =  JPanel()
        self.tabbedPane.addTab("Results", None, self.panel_1, None) # passed results would go inside this and connected to reporting system via API
        self.panel_2 =  JPanel()
        self.tabbedPane.addTab("Failed Cases", None, self.panel_2, None) #list of failed tests would go inside this
        self.textField = JTextField()
        self.textField.setBounds(12, 13, 207, 39)
        self.panel.add(self.textField)
        self.textField.setColumns(10)
        self.comboBox = JComboBox()
        self.comboBox.setEditable(True)
        self.comboBox.addItem("Default")
        self.comboBox.addItem("High")
        self.comboBox.addItem("Low")
        self.comboBox.setBounds(46, 65, 130, 28)
        self.comboBox.addActionListener(self)
        self.panel.add(self.comboBox) 
        self.btnNewButton = JButton("Submit")
        self.btnNewButton.setBounds(60, 125, 97, 25)
        self.panel.add(self.btnNewButton)
        editorPane = JEditorPane();
        editorPane.setBounds(12, 35, 1000, 800);
        self.panel_2.add(editorPane);
        self.panel_2.setLayout(BorderLayout())
        return self.tabbedPane
    
    def getAppRating(self):
        sys.stdout.write(str(self.val))      
        return str(self.val)
        
    def actionPerformed(self, e):
        if(e.getSource()==self.comboBox):
            self.val = self.comboBox.getSelectedItem()
        else:
            self.addDetails()
        
    def addDetails(self):
        jf0 = JFrame()
        jf0.setTitle("Add Issue");
        jf0.setLayout(None);
        
        txtEnterIssue = JTextField();
        txtEnterIssue.setName("Enter Issue Name");
        txtEnterIssue.setToolTipText("Enter Issue Name Here");
        txtEnterIssue.setBounds(182, 58, 473, 40);
        jf0.add(txtEnterIssue);
        txtEnterIssue.setColumns(10);
        
        btnNewButton = JButton("Add");
        btnNewButton.setBounds(322, 178, 139, 41);
        jf0.add(btnNewButton);
        
        comboBox = JComboBox();
        comboBox.setMaximumRowCount(20);
        comboBox.setEditable(True);
        comboBox.setToolTipText("Objective Name");
        comboBox.setBounds(182, 125, 473, 40);
        jf0.add(comboBox);
        
        lblNewLabel = JLabel("Issue Name Here");
        lblNewLabel.setFont(Font("Tahoma", Font.PLAIN, 16));
        lblNewLabel.setBounds(25, 58, 130, 40);
        jf0.add(lblNewLabel);
        
        lblNewLabel_1 = JLabel("Objective Name");
        lblNewLabel_1.setFont(Font("Tahoma", Font.PLAIN, 16));
        lblNewLabel_1.setBounds(25, 125, 130, 40);
        jf0.add(lblNewLabel_1);
        jf0.setVisible(True)
        jf0.setBounds(400, 300, 700, 300)
        jf0.EXIT_ON_CLOSE
        
        txtEnterIssue.addKeyListener(self)
    
    def keyPressed(self, e):
               
        self.search_string.__add__(self.search_string)
        self.jtf1.setText(self.search_string)
        sys.stdout.write(self.search_string)
Ejemplo n.º 26
0
    def output(self, value):
        eingabe = value.getString()
        if eingabe == "Lexikon":
            # Falls "Lexikon" an den Clienten übergeben wird, wird die GUI geöffnet,
            # in der man deutsche Wörter eingeben kann, die einem dann auf Englisch
            # vorgelesen werden.
            def change_text(event):
                text = feld.getText()
                x = suche(text)
                self.send(x)
                frame.visible = False

            frame = JFrame(
                'Woerterbuch',
                defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
                size=(380, 350),
            )
            frame.setLayout(None)
            frame.visible = True
            hintergrund = ImageIcon("Hintergrund.jpg")
            hintergrundlabel = JLabel(hintergrund)
            frame.setContentPane(hintergrundlabel)

            uebersetzerlabel = JLabel()
            uebersetzerlabel.setForeground(Color(025, 025, 112))
            uebersetzerlabel.setText(
                "<html><font size=+1>Welches Wort soll ich uebersetzen?</font></html>"
            )
            uebersetzerlabel.setBounds(10, 20, 500, 50)
            frame.add(uebersetzerlabel)

            feld = JTextField()
            feld.setText("")
            feld.setBounds(20, 80, 300, 25)
            frame.add(feld)

            button = JButton('Uebersetzen',
                             actionPerformed=change_text,
                             size=(10, 20))
            button.setBounds(20, 110, 300, 30)
            frame.add(button)

        if eingabe == "neue Lektion":
            # Falls dem Clienten "neue Lektion" übergeben wird, öffnet er er die
            # GUI für das Verwalten der Lektionen
            frame = JFrame('Lektion erstellen',
                           defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
                           size=(1000, 1000))
            frame.setLayout(None)

            def auflisten_in(ort):
                font = Font("Verdana", Font.BOLD, 15)
                liste_mit_Lektionen = []
                with open(pfad, "r") as f:
                    for line in f:
                        liste_mit_Lektionen.append(line.strip())
                liste_mit_Lektionen.sort()
                text = ""
                for lektion in liste_mit_Lektionen:
                    text += lektion
                    text += "\n"
                ort.setText(text)
                ort.setFont(font)
                frame.setLayout(None)
                uebersichtLabel = JLabel()

            def uebersetzen(event):
                frage = feld_frage.getText()
                x = suche(frage)
                feld_frage.setText(x)
                liste = []
                with open(pfad, "r") as lektionen:
                    for lektion in lektionen:
                        if "nachgeschlagen" in lektion:
                            liste.append(lektion)
                if liste:
                    name = liste[-1]
                    words = []
                    sql = "SELECT deutsch, englisch, symbol FROM " + name
                    zeile = stmt.executeQuery(sql)
                    while zeile.next():
                        d = zeile.getString("deutsch")
                        e = zeile.getString("englisch")
                        symb = zeile.getString("symbol")
                        words.append((d, e, symb))
                    if len(words) < 50:
                        sql = "INSERT INTO " + name + " (deutsch, englisch, symbol)  VALUES(?,?,?);"
                        pstmt = conn.prepareStatement(sql)
                        pstmt.setString(1, frage)
                        pstmt.setString(2, x)
                        pstmt.setString(3, "X")
                        pstmt.executeUpdate()
                    else:
                        namensteile = name.split("_")
                        nummer = int(namensteile[1].strip()) + 1
                        name = "nachgeschlagen_" + str(nummer)
                        test = ""
                        with open(pfad, "r") as f:
                            for line in f:
                                test += line
                        if not name in test:
                            with open(pfad, "a") as f:
                                f.write(name + "\n")
                        sql = "CREATE TABLE " + name + " (deutsch text, englisch text, symbol text);"
                        stmt.execute(sql)
                        sql = "INSERT INTO " + name + " (deutsch, englisch, symbol)  VALUES(?,?,?);"
                        pstmt = conn.prepareStatement(sql)
                        pstmt.setString(1, frage)
                        pstmt.setString(2, x)
                        pstmt.setString(3, "X")
                        pstmt.executeUpdate()
                else:
                    name = "nachgeschlagen_1"
                    test = ""
                    with open(pfad, "r") as f:
                        for line in f:
                            test += line
                    if not name in test:
                        with open(pfad, "a") as f:
                            f.write(name + "\n")
                    sql = "CREATE TABLE " + name + " (deutsch text, englisch text, symbol text);"
                    stmt.execute(sql)
                    sql = "INSERT INTO " + name + " (deutsch, englisch, symbol)  VALUES(?,?,?);"
                    pstmt = conn.prepareStatement(sql)
                    pstmt.setString(1, frage)
                    pstmt.setString(2, x)
                    pstmt.setString(3, "X")
                    pstmt.executeUpdate()
                auflisten_in(uebersicht)

            def delete(event):
                name = feld.getText()
                print name
                print self.geladen
                if name == self.geladen:
                    count = 0
                    while tabelle.getValueAt(count, 0) != None:
                        tabelle.setValueAt(None, count, 0)
                        tabelle.setValueAt(None, count, 1)
                        count += 1
                stmt.execute("DROP TABLE " + name + ";")
                lektionen = []
                with open(pfad, "r") as f:
                    for line in f:
                        lektion = line.strip()
                        if not name == lektion:
                            lektionen.append(lektion)
                with open(pfad, "w") as f:
                    for lektion in lektionen:
                        f.write(lektion + "\n")
                auflisten_in(uebersicht)

            def laden(event):
                name = feld.getText()
                self.geladen = name
                sql = "SELECT deutsch, englisch FROM " + name
                results = stmt.executeQuery(sql)
                count = 0
                while results.next():
                    d = results.getString("deutsch")
                    e = results.getString("englisch")
                    tabelle.setValueAt(d, count, 0)
                    tabelle.setValueAt(e, count, 1)
                    count += 1
                while tabelle.getValueAt(count, 0) != None:
                    tabelle.setValueAt(None, count, 0)
                    tabelle.setValueAt(None, count, 1)
                    count += 1

            def erstelle_Lektionstabelle(event):
                reihen = []
                for i in range(0, 50):
                    deutsch = tabelle.getValueAt(i, 0)
                    englisch = tabelle.getValueAt(i, 1)
                    if deutsch != None:
                        symbol = "X"
                        reihen.append([deutsch, englisch, symbol])
                    else:
                        break
                z = 0
                name = feld.getText()
                sql = "CREATE TABLE " + name + " (deutsch text, englisch text, symbol text);"
                try:
                    stmt.execute(sql)
                except SQLError:
                    stmt.execute("DROP TABLE " + name + ";")
                    stmt.execute(sql)
                for reihe in reihen:
                    print(reihe)
                    deutsch = reihe[0]
                    englisch = reihe[1]
                    symbol = reihe[2]
                    sql = "INSERT INTO " + name + " (deutsch, englisch, symbol)  VALUES(?,?,?);"
                    pstmt = conn.prepareStatement(sql)
                    pstmt.setString(1, deutsch)
                    pstmt.setString(2, englisch)
                    pstmt.setString(3, symbol)
                    pstmt.executeUpdate()
                test = ""
                with open(pfad, "r") as f:
                    for line in f:
                        test += line
                if not name in test:
                    with open(pfad, "a") as f:
                        f.write(name + "\n")
                self.send(name)
                frame.setVisible(False)

            frame = JFrame('Vokabel Listen',
                           defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
                           size=(1000, 1000))
            frame.setLayout(None)
            label_enter = JLabel()
            label_enter.setText(
                "<html><font size=+0.5 color = 000000>Bitte vor dem Speichern<br>die Entertaste bedienen</font></html>"
            )
            label_enter.setBounds(20, 720, 250, 50)
            uebersichtLabel = JLabel()
            uebersichtLabel.setText(
                "<html><font size=+1 color=#191970>Bereits vorhandene Lektionen:</font></html>"
            )
            uebersichtLabel.setBounds(450, 230, 250, 50)
            uebersicht = JTextArea()
            uebersicht.editable = False
            uebersicht_scroll = JScrollPane(uebersicht)
            uebersicht_scroll.viewport.view = uebersicht
            uebersicht_scroll.setBounds(450, 300, 250, 380)
            auflisten_in(uebersicht)
            button = JButton('Lektion speichern/Lektion reseten',
                             actionPerformed=erstelle_Lektionstabelle,
                             size=(10, 20))
            button.setBounds(20, 700, 300, 30)
            button_laden = JButton('vorhandene Lektion laden',
                                   actionPerformed=laden,
                                   size=(10, 20))
            button_laden.setBounds(20, 110, 210, 30)
            button_delete = JButton("Lektion entfernen",
                                    actionPerformed=delete)
            button_delete.setBounds(20, 140, 210, 30)
            hintergrund = ImageIcon("Hintergrund.jpg")
            pnl = JPanel()
            hintergrundlabel = JLabel(hintergrund)
            frame.setContentPane(hintergrundlabel)
            lektionsnamensLabel = JLabel()
            lektionsnamensLabel.setForeground(Color(025, 025, 112))
            lektionsnamensLabel.setText(
                "<html><font size=+1>Hier bitte Namen der Lektion eingeben<br>(Nur ein Wort lang)</font></html>"
            )
            lektionsnamensLabel.setBounds(10, 20, 500, 50)
            frame.add(lektionsnamensLabel)
            feld = JTextField()
            feld.setText("")
            feld.setBounds(20, 80, 210, 25)
            frame.add(feld)
            column_names = [
                "<html><font size=+1 color=#191970><b>Deutsch</b></font></html>",
                "<html><font size=+1 color=#191970><b>Englisch</b></font></html>"
            ]
            table_model = DefaultTableModel(column_names, 50)
            tabelle = JTable(table_model)
            lektionsnamensLabel.setForeground(Color(025, 025, 112))
            scrollbar = JScrollPane(tabelle)
            scrollbar.viewport.view = tabelle
            scrollbar.setVerticalScrollBarPolicy(
                scrollbar.VERTICAL_SCROLLBAR_ALWAYS)
            scrollbar.setVisible(True)
            tabelle.setVisible(True)
            scrollbar.setBounds(20, 190, 300, 490)
            feld_frage = JTextField()
            feld_frage.setText("")
            feld_frage.setBounds(450, 30, 300, 50)
            uebersetzerlabel = JLabel()
            uebersetzerlabel.setForeground(Color(025, 025, 112))
            uebersetzerlabel.setText(
                "<html><font size=+1>Hier kannst Du ein deutsches Wort eintragen,<br>dass ich fuer Dich nachschlage</font></html>"
            )
            uebersetzerlabel.setBounds(450, 80, 500, 50)
            button_uebersetzen = JButton('Uebersetzen',
                                         actionPerformed=uebersetzen,
                                         size=(10, 20))
            button_uebersetzen.setBounds(450, 130, 300, 30)
            frame.add(button_uebersetzen)
            frame.add(uebersetzerlabel)
            frame.add(feld_frage)
            frame.add(feld)
            frame.add(scrollbar)
            frame.add(button)
            frame.add(button_laden)
            frame.setVisible(True)
            frame.add(uebersicht_scroll)
            frame.add(uebersichtLabel)
            frame.add(button_delete)
            frame.add(label_enter)
        elif eingabe == "alle Lektionen auflisten":
            # Hier erstellt der Client eine dynamische Grammatik
            # mit den vorhandenen Lektionen, die man sich abfragen lassen kann
            # und gibt diese wieder an DialogOS zurück.
            # Außerdem wird der Feedback Frame geöffnet.
            def auflisten_in2(ort):
                font = Font("Verdana", Font.BOLD, 15)
                liste_mit_Lektionen = []
                with open(pfad, "r") as f:
                    for line in f:
                        liste_mit_Lektionen.append(line.strip())
                        liste_mit_Lektionen.sort()
                text = ""
                for lektion in liste_mit_Lektionen:
                    text += lektion
                    text += "\n"
                ort.setText(text)
                ort.setFont(font)

            frame_feedback.setVisible(True)
            auflisten_in2(uebersicht2)
            grammatik = ""
            grammatik = "root $NamevonLektion;\n"
            grammatik += "$NamevonLektion = "
            with open(pfad, "r") as f:
                z = 0
                for line in f:
                    if z == 0:
                        if not "_" in line:
                            grammatik += line
                        else:
                            zeile = line.split("_")
                            grammatik += zeile[0] + " "
                            grammatik += zeile[1].strip()
                    else:
                        if not "_" in line:
                            grammatik += "|" + line
                        else:
                            zeile = line.split("_")
                            grammatik += "|" + zeile[0] + " "
                            grammatik += zeile[1].strip()
                    if line != "\n":
                        z += 1
            grammatik += ";"
            self.send(grammatik)
        elif "sende" in eingabe:
            # DialogOS sagt dem Clienten, welche Lektion der User abgefragt
            # werden möchte. Der Client ließt dann die entsprechende Lektion
            # aus der Datenbank aus und gibt eine Liste mit 2 Listen zurück.
            # In der ersten Liste befinden sich die deutschen Bedeutungen, der
            # noch nicht gewussten Wörter, in der 2. Liste die englsichen Bedeutungen.
            # Falls alle Wörter bereits gekonnt wurden, wird stattdessen eine entsprechende
            # Anmerkung an DialogOS geschickt und DialogOS informiert den User darüber.
            z = 0
            if "nachgeschlagen" in eingabe:
                bestandteile = eingabe.split()
                name = bestandteile[1] + "_" + bestandteile[2]
            else:
                name = eingabe.split()[1]
            sql = "SELECT deutsch, englisch, symbol FROM " + name
            vokabelliste = stmt.executeQuery(sql)
            deutsch = []
            englisch = []
            symbol = []
            while (vokabelliste.next()):
                deutsch.append(vokabelliste.getString("deutsch"))
                englisch.append(vokabelliste.getString("englisch"))
                symbol.append(vokabelliste.getString("symbol"))

            indices = range(0, len(deutsch))
            random.shuffle(indices)
            vokabeln = [[], []]
            for index in indices:
                d = deutsch[index]
                e = englisch[index]
                s = symbol[index]
                if s == "X":
                    vokabeln[0].append(d)
                    vokabeln[1].append(e)
            if vokabeln[0]:
                self.send(vokabeln)
            else:
                self.send([
                    "Du kannst diese Lektion schon komplett. Wenn Du sie wieder abgefragt werden willst, resete sie bitte unter Wokabeln verwalten."
                ])
        else:
            # Dieser Teil des Codes wird während der Abfrage ausgeführt.
            # Nach jeder neuen Vokabel wird dann in ein Feld im Feedback
            # Frame die deutsche, die englische Vokabel und ein Symbol angezeigt,
            # welches einen darüber informiert, ob man die Vokabel wusste, oder nicht.
            # (O für gewusst und X für nicht gewusst)
            nametext = eingabe.split(":")
            name = nametext[0]
            text = nametext[1]
            feld_feedback.setText(text)
            zeilen = text.split("\n")
            symb = zeilen[-2].split("\t")[-1]
            d = zeilen[-2].split("\t")[-3]
            print d
            sql = "UPDATE " + name + " SET symbol = ? WHERE deutsch = ?"
            pstmt = conn.prepareStatement(sql)
            pstmt.setString(1, symb)
            pstmt.setString(2, d)
            pstmt.executeUpdate()
Ejemplo n.º 27
0
class BurpExtender(IBurpExtender, IContextMenuFactory, ITab, IProxyListener):
    """
    BurpSuite插件类
    """
    def __init__(self):
        self.plugin_name = u'orz Plugin'
        self.panel = None
        self.callbacks = None
        self.DEBUG = True
        self.context = None
        self.helpers = None
        self.log_box_width = 1000
        self.log_box_height = 400
        self.tools = Tools()

        self.now_version = VERSION

    def registerExtenderCallbacks(self, callbacks):
        # 注册插件
        self.callbacks = callbacks
        self.helpers = callbacks.getHelpers()
        self.callbacks.setExtensionName(self.plugin_name)

        # 绘制标签页UI
        self.tab_ui()

        self.callbacks.customizeUiComponent(self.panel)
        self.callbacks.addSuiteTab(self)

        self.callbacks.registerProxyListener(self)
        self.callbacks.registerContextMenuFactory(self)
        print('Plugin load successfully!')
        self.tools.log('INFO', '插件加载成功 - 当前版本: {}'.format(VERSION))
        self.tools.log('INFO', '当前debug模式: {}'.format(self.DEBUG))

        # 窗口大小检查线程
        log_box_thread = threading.Thread(target=self.reset_log_box_size)
        log_box_thread.setDaemon(True)
        log_box_thread.start()

        return

    def createMenuItems(self, invocation):
        # 创建菜单右键菜单选项
        self.context = invocation
        menu_list = JMenu('orz Plugin')
        if self.context.getToolFlag() == 0x40:
            menu_list.add(
                JMenuItem(u'添加IP伪造请求头',
                          actionPerformed=self.update_client_src_ip))
            menu_list.add(
                JMenuItem(u'生成DNSLog Payload',
                          actionPerformed=self.dnslog_payload))

            # DEBUG 按钮
            menu_list.add(
                JMenuItem('orz - DEBUG', actionPerformed=self.debug_fun))
        return [menu_list]

    def tab_ui(self):
        self.panel = JPanel()
        self.panel.setLayout(None)

        self.ui_client_dnslog_label_1 = JLabel('-' * 10 +
                                               u' IP伪造请求头 & DNSLog 配置 ' +
                                               '-' * 155)
        self.ui_client_dnslog_label_1.setBounds(20, 10, 1000, 28)

        self.ui_client_ip_label_1 = JLabel(u'伪造IP: ')
        self.ui_client_ip_label_1.setBounds(20, 40, 70, 30)
        self.ui_client_ip = JTextField('127.0.0.1')
        self.ui_client_ip.setBounds(80, 40, 200, 28)

        self.ui_client_url_label_1 = JLabel(u'dnslog url: ')
        self.ui_client_url_label_1.setBounds(10, 80, 70, 30)
        self.ui_client_url = JTextField('http://examlpe.com')
        self.ui_client_url.setBounds(80, 80, 200, 28)

        self.ui_button_label = JLabel('-' * 210)
        self.ui_button_label.setBounds(20, 110, 1000, 28)

        #self.ui_web_test_button = JButton(u'登录测试', actionPerformed=self.login_test)
        #self.ui_web_test_button.setBounds(20, 140, 100, 28)

        self.ui_save_button = JButton(u'保存配置',
                                      actionPerformed=self.save_configuration)
        self.ui_save_button.setBounds(20, 140, 100, 28)

        self.ui_debug_button = JButton('Debug', actionPerformed=self.debug_fun)
        self.ui_debug_button.setBounds(135, 140, 100, 28)
        self.panel.add(self.ui_debug_button)

        self.ui_log_box = JTextArea('')
        self.ui_log_box.setLineWrap(True)
        self.ui_log_box.setEditable(False)
        self.ui_log_scroll_pane = JScrollPane(self.ui_log_box)
        self.ui_log_scroll_pane.setBounds(20, 190, self.log_box_width,
                                          self.log_box_height)

        self.panel.add(self.ui_client_dnslog_label_1)
        self.panel.add(self.ui_client_ip_label_1)
        self.panel.add(self.ui_client_ip)
        self.panel.add(self.ui_client_url_label_1)
        self.panel.add(self.ui_client_url)

        self.panel.add(self.ui_button_label)
        #self.panel.add(self.ui_web_test_button)
        self.panel.add(self.ui_save_button)

        self.panel.add(self.ui_log_scroll_pane)

        self.tools.panel = self.panel
        self.tools.log_box = self.ui_log_box
        self.tools.log_scroll_pane = self.ui_log_scroll_pane

    def getTabCaption(self):
        # 设置标签页名称
        return self.plugin_name

    def getUiComponent(self):
        # 设置标签页UI
        return self.panel

    def processProxyMessage(self, message_is_request, message):
        """
        处理Proxy请求
        url: http://biubiu.com:80/h/p?id=24&a=123
        request_methond: POST GET etc
        cookie: 顾名思义
        content_type: 如 application/json; charset=UTF-8
        request_header: 包含coolie的头
        request_body: 顾名思义
        host: 主机名
        port: 端口号
        protocol: 协议,如http、https
        url_parameters:url中的参数信息, 格式{'id':23,'a':123}
        """
        if message_is_request and self.DEBUG:
            request = message.getMessageInfo().getRequest()
            analyzedRequest = self.helpers.analyzeRequest(
                message.getMessageInfo().getHttpService(), request)

            request_headers = analyzedRequest.getHeaders()
            request_body = request[analyzedRequest.getBodyOffset():].tostring()
            url = str(analyzedRequest.getUrl())
            host = message.getMessageInfo().getHttpService().getHost()
            port = message.getMessageInfo().getHttpService().getPort()
            protocol = message.getMessageInfo().getHttpService().getProtocol()
            request_methond = str(analyzedRequest.getMethod())

            parameters = analyzedRequest.getParameters()
            url_parameters = {}
            for parameter in parameters:
                if parameter.getType() == 0:
                    url_parameters[str(parameter.getName())] = str(
                        parameter.getValue())

            cookie = ""
            content_type = ""
            request_header = {}
            for header in request_headers[2:]:
                header = str(header).strip()
                header_temp = header.split(':')
                request_header[header_temp[0].strip()] = ':'.join(
                    header_temp[1:]).strip()

                if header.startswith("Cookie:"):
                    cookie_temp = header.split(':')
                    cookie = ':'.join(cookie_temp[1:]).strip()
                    continue
                if header.startswith("Content-Type"):
                    content_type = ':'.join(header.split(':')[1:]).strip()

            # self.tools.log('content_type', content_type)
            # self.tools.log('request_methond', request_methond)
            # self.tools.log('url', url)
            #self.tools.log('request_header', request_header)
            # self.tools.log('cookie', cookie)
            self.tools.http_deal(url, request_methond, cookie, content_type,
                                 request_header, request_body)
            # 多线程
            # proxy_thread = threading.Thread(target=self.tools.http_deal, args=(
            #     url, request_methond, cookie, content_type, request_header, request_body))
            # proxy_thread.setDaemon(True)
            # proxy_thread.start()

            # 新增处理线程

    def login_test(self, event):

        # 生产环境Web方式获取Cookie测试
        return

    def save_configuration(self, event):

        self.tools.client_src_ip = str(self.ui_client_ip.getText()).strip()
        self.tools.dnslog_url = str(self.ui_client_url.getText()).strip()

        self.tools.log('INFO', '配置保存成功')

    def reset_log_box_size(self):
        while self.tools.runtime():
            time.sleep(1)
            new_width = int(self.panel.rootPane.getSize().width) - 40
            new_height = int(self.panel.rootPane.getSize().height) - 290
            if new_width != self.log_box_width or new_height != self.log_box_height:
                self.log_box_width = new_width
                self.log_box_height = new_height
                self.ui_log_scroll_pane.setBounds(20, 190, self.log_box_width,
                                                  self.log_box_height)
                self.panel.updateUI()

    def debug_fun(self, event):
        if self.DEBUG:
            self.DEBUG = False
            self.tools.log('INFO', 'set debug = False')
        else:
            self.DEBUG = True
            self.tools.log('INFO', 'set debug = True')

    def update_web_cookie(self):
        http_traffic = self.context.getSelectedMessages()[0]
        traffic_analyze = self.helpers.analyzeRequest(http_traffic)
        return

    def web_cookie_web_prod(self, event):
        self.update_web_cookie()

    def update_client_src_ip(self, event):
        add_header = [
            'X-Originating-IP', 'X-Forwarded-For', 'X-Remote-IP',
            'X-Remote-Addr', 'X-Client-IP', 'X-Real-IP', 'Proxy-Cllient-IP',
            'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR'
        ]
        http_traffic = self.context.getSelectedMessages()[0]
        traffic_analyze = self.helpers.analyzeRequest(http_traffic)
        new_headers = []
        tmp_add_header = map(str.lower, add_header)
        for header in traffic_analyze.getHeaders():
            tmp_header = header.split(':')[0].strip().lower()
            if tmp_header not in tmp_add_header:
                new_headers.append(header)
        new_headers += map(
            lambda x: '{}: {}'.format(x, self.tools.client_src_ip), add_header)
        new_request = self.helpers.buildHttpMessage(
            new_headers,
            http_traffic.getRequest()[traffic_analyze.getBodyOffset():])
        http_traffic.setRequest(new_request)

    def dnslog_payload(self, event):
        self.tools.msg_box('功能暂未实现,待更新')
Ejemplo n.º 28
0
def createStudentFeeForm(stFeeObj):
    
    global tfStudentId
    global tfStudentName
    global tfTotalAmount
    global tfPaidAmount
    global tfRemainingAmount 
    global frame
    
    frame = JFrame("Student Fee Form ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500,500)
    frame.setLocation(200,200)
    frame.setLayout(None)
    frame.setVisible(True)
    
    panel = JPanel()
    panel.setSize(500,500)
    panel.setLocation(0,0)
    panel.setLayout(None)
    panel.setVisible(True)
    panel.setBackground(Color.LIGHT_GRAY)
    
    heading = JLabel("STUDENT FEE")
    heading.setBounds(200,30,150,40)

    lbStudentId = JLabel(" Student id")
    lbStudentName = JLabel(" student name")
    lbTotalAmount = JLabel("Total Amount ")
    lbPaidAmount = JLabel("Paid Amount")
    lbRemainingAmount = JLabel("Remaining amount")
    
    studentId =getattr(stFeeObj,'studentId')
    studentName =getattr(stFeeObj,'studentName')
    totalAmount =getattr(stFeeObj,'totalAmount')
    paidAmount =getattr(stFeeObj,'paidAmount')
    remainingAmount =getattr(stFeeObj,'remainingAmount')
    
    
    tfStudentId = JTextField(str(studentId))
    tfStudentName = JTextField(str(studentName))
    tfTotalAmount = JTextField(str(totalAmount))
    tfPaidAmount = JTextField(str(paidAmount))
    tfRemainingAmount = JTextField(str(remainingAmount))
    
    tfStudentId.setEditable(False)
    tfStudentName.setEditable(False)
    tfTotalAmount.setEditable(False)
    tfRemainingAmount.setEditable(False)
    
    lbStudentId.setBounds(70,100,130,30)
    lbStudentName.setBounds(70,150,130,30)
    lbTotalAmount.setBounds(70,200,130,30)
    lbPaidAmount.setBounds(70,250,130,30)
    lbRemainingAmount.setBounds(70,300,130,30)
    
    tfStudentId.setBounds(220,100,130,30)
    tfStudentName.setBounds(220,150,130,30)
    tfTotalAmount.setBounds(220,200,130,30)
    tfPaidAmount.setBounds(220,250,130,30)
    tfRemainingAmount.setBounds(220,300,130,30)
    
    btnPay = JButton("Paid",actionPerformed=clickPay)
    btnPay.setBounds(350,410,100,40)
    
    btnCancel = JButton("Cancel",actionPerformed=clickbtnCancelForm)
    btnCancel.setBounds(50,410,100,40)
    
    panel.add(heading)
    panel.add(lbStudentId)
    panel.add(lbStudentName)
    panel.add(lbTotalAmount)
    panel.add(lbPaidAmount)
    panel.add(lbRemainingAmount)
    panel.add(tfStudentId)
    panel.add(tfStudentName)
    panel.add(tfTotalAmount)
    panel.add(tfPaidAmount)
    panel.add(tfRemainingAmount)
    panel.add(btnPay)
    panel.add(btnCancel)
    
    frame.add(panel)
def loginPage():
    global heading
    global rbAdmin
    global rbTeacher
    global rbStudent
    global frame
    global tfLoginId
    global tfPassword

    frame = JFrame("Login Form ")
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
    frame.setSize(500, 500)
    frame.setLocation(200, 200)
    frame.setLayout(None)
    frame.setVisible(True)

    panel = JPanel()
    panel.setSize(500, 500)
    panel.setLocation(0, 0)
    panel.setLayout(None)

    panel.setBackground(Color.BLUE)

    heading = JLabel("Admin Login")
    heading.setBounds(200, 50, 150, 30)

    rbAdmin = JRadioButton("Admin", actionPerformed=clickRadio)
    rbTeacher = JRadioButton("Teacher", actionPerformed=clickRadio)
    rbStudent = JRadioButton("Student", actionPerformed=clickRadio)

    rbAdmin.setBounds(100, 150, 100, 20)
    rbTeacher.setBounds(200, 150, 100, 20)
    rbStudent.setBounds(300, 150, 100, 20)

    btnGroup = ButtonGroup()
    btnGroup.add(rbAdmin)
    btnGroup.add(rbTeacher)
    btnGroup.add(rbStudent)

    lbLoginId = JLabel("LoginId")
    lbPassword = JLabel("Password")

    lbLoginId.setBounds(100, 230, 150, 30)
    lbPassword.setBounds(100, 300, 150, 30)

    tfLoginId = JTextField()
    tfPassword = JTextField()

    tfLoginId.setBounds(250, 230, 150, 30)
    tfPassword.setBounds(250, 300, 150, 30)

    btnLogin = JButton("Login", actionPerformed=clickLogin)
    btnLogin.setBounds(350, 350, 100, 30)

    btnReg = JButton("New Institute Registration", actionPerformed=clickReg)
    btnReg.setBounds(350, 400, 100, 30)

    panel.add(heading)
    panel.add(rbAdmin)
    panel.add(rbTeacher)
    panel.add(rbStudent)
    panel.add(lbLoginId)
    panel.add(lbPassword)
    panel.add(tfLoginId)
    panel.add(tfPassword)
    panel.add(btnLogin)
    panel.add(btnReg)

    panel.setVisible(True)

    frame.add(panel)