def show_errors(self, label):
"""Display error messages."""
top_label = JLabel(label, JLabel.CENTER)
top_label.putClientProperty("html.disable", None)
frame = JFrame(self.ext_name)
frame.setSize(550, 300)
frame.setLayout(GridLayout(1, 1))
frame.add(top_label)
frame.setLocationRelativeTo(None)
frame.setVisible(True)
def create_add_tab(self):
self.add_tab = JButton("+", actionPerformed=self.add_clicked)
self.add_tab.font = Font('Monospaced', Font.PLAIN, 18)
self.add_tab.contentAreaFilled = False
self.add_tab.border = None
self.emptyTab = JPanel(BorderLayout())
emptyScriptLabel = JLabel(ScriptTabbedPane.EMPTY_SCRIPT_TEXT,
SwingConstants.CENTER)
emptyScriptLabel.putClientProperty("html.disable", None)
self.emptyTab.add(emptyScriptLabel, BorderLayout.CENTER)
self.addTab(None, self.emptyTab)
self.setTabComponentAt(0, self.add_tab)
def build_gui(self):
"""Construct GUI elements."""
panel = JPanel(BorderLayout(3, 3))
panel.setBorder(EmptyBorder(160, 160, 160, 160))
self.aws_access_key_inpt = JTextField(10)
self.aws_secret_key_inpt = JTextField(10)
self.aws_session_token_inpt = JTextField(10)
self.gs_access_key_inpt = JTextField(10)
self.gs_secret_key_inpt = JTextField(10)
self.wordlist_path_inpt = JTextField(10)
self.checkbox_inpt = JCheckBox('Enabled')
save_btn = JButton('Save', actionPerformed=self.save_config)
labels = JPanel(GridLayout(0, 1))
inputs = JPanel(GridLayout(0, 1))
panel.add(labels, BorderLayout.WEST)
panel.add(inputs, BorderLayout.CENTER)
top_label = JLabel('<html><b>Settings</b><br><br></html>')
top_label.putClientProperty("html.disable", None)
top_label.setHorizontalAlignment(JLabel.CENTER)
panel.add(top_label, BorderLayout.NORTH)
labels.add(JLabel('AWS Access Key:'))
inputs.add(self.aws_access_key_inpt)
labels.add(JLabel('AWS Secret Key:'))
inputs.add(self.aws_secret_key_inpt)
labels.add(JLabel('AWS Session Key (optional):'))
inputs.add(self.aws_session_token_inpt)
labels.add(JLabel('GS Access Key:'))
inputs.add(self.gs_access_key_inpt)
labels.add(JLabel('GS Secret Key:'))
inputs.add(self.gs_secret_key_inpt)
labels.add(JLabel('Wordlist Filepath (optional):'))
inputs.add(self.wordlist_path_inpt)
labels.add(JLabel('Passive Mode:'))
inputs.add(self.checkbox_inpt)
panel.add(save_btn, BorderLayout.SOUTH)
return panel
def popup_translate(control, query, src, dst, message, selection, text,
context, invoker, from_clipboard):
editor = False
result, result_src = translate(query, src, dst)
cb.callbacks.printOutput(
'[%s] %s --> [%s] %s' % (result_src, query.decode(
'utf-8', 'strict'), dst, result.decode('utf-8', 'strict')))
if (context == invoker.CONTEXT_MESSAGE_EDITOR_REQUEST
or context == invoker.CONTEXT_MESSAGE_EDITOR_RESPONSE
) and from_clipboard == False:
editor = True
buttons = ['Replace Original', 'Copy to Clipboard', 'OK']
else:
buttons = ['Copy to Clipboard', 'OK']
label = JLabel(
'<html>%s to %s:<br><br><b>%s</b><br><br><img border=0 src="file:///%s/color-short.png"></html>'
%
(result_src, dst, result.decode('utf-8', 'strict'), get_script_dir()))
label.putClientProperty("html.disable", None)
label.addMouseListener(mouseAdapter())
popup_result = JOptionPane.showOptionDialog(
control, label, '%s' % (BurpExtender.extension_name), 0,
JOptionPane.PLAIN_MESSAGE, None, buttons, None)
if (editor is True and popup_result == 1) or (editor is False
and popup_result == 0):
clipboard = Toolkit.getDefaultToolkit().getSystemClipboard()
clipboard.setContents(StringSelection(result), None)
elif (editor is True and popup_result == 0):
if context == invoker.CONTEXT_MESSAGE_EDITOR_REQUEST:
setter = message.setRequest
else:
setter = message.setResponse
setter(
cb.helpers.stringToBytes(text[:selection[0]] + result +
text[selection[1]:]))
class BurpExtender(IBurpExtender, IExtensionStateListener, ITab, IHttpListener):
def __init__(self):
self.allEndpoints = []
self.currentEndpoint = 0
self.aws_access_key_id = ''
self.aws_secret_accesskey = ''
self.enabled_regions = {}
def registerExtenderCallbacks(self, callbacks):
self.callbacks = callbacks
self.helpers = callbacks.helpers
self.isEnabled = False
callbacks.registerHttpListener(self)
callbacks.registerExtensionStateListener(self)
callbacks.setExtensionName(EXT_NAME)
callbacks.addSuiteTab(self)
def getTargetProtocol(self):
if self.https_button.isSelected() == True:
return 'https'
else:
return 'http'
def getRegions(self):
self.enabled_regions = {}
for region in AVAIL_REGIONS:
cur_region = region.replace('-','_')
cur_region = cur_region+'_status'
region_status = getattr(self,cur_region)
if region_status.isSelected():
#dict to contain the running regions and API gateway IDs
self.enabled_regions.update({region:''})
return
#AWS functions
#Uses boto3 to test the AWS keys and make sure they are valid NOT IMPLEMENTED
def testKeys(self):
return
#Uses boto3 to spin up an API Gateway
def startAPIGateway(self):
self.getRegions()
for region in self.enabled_regions.keys():
self.awsclient = boto3.client('apigateway',
aws_access_key_id=self.access_key.text,
aws_secret_access_key=self.secret_key.text,
region_name=region
)
self.create_api_response = self.awsclient.create_rest_api(
name=API_NAME,
endpointConfiguration={
'types': [
'REGIONAL',
]
}
)
get_resource_response = self.awsclient.get_resources(
restApiId=self.create_api_response['id']
)
self.restAPIId = self.create_api_response['id']
self.enabled_regions[region] = self.restAPIId
create_resource_response = self.awsclient.create_resource(
restApiId=self.create_api_response['id'],
parentId=get_resource_response['items'][0]['id'],
pathPart='{proxy+}'
)
self.awsclient.put_method(
restApiId=self.create_api_response['id'],
resourceId=get_resource_response['items'][0]['id'],
httpMethod='ANY',
authorizationType='NONE',
requestParameters={
'method.request.path.proxy':True,
'method.request.header.X-My-X-Forwarded-For':True
}
)
self.awsclient.put_integration(
restApiId=self.create_api_response['id'],
resourceId=get_resource_response['items'][0]['id'],
type='HTTP_PROXY',
httpMethod='ANY',
integrationHttpMethod='ANY',
uri=self.getTargetProtocol()+'://'+self.target_host.text + '/',
connectionType='INTERNET',
requestParameters={
'integration.request.path.proxy':'method.request.path.proxy',
'integration.request.header.X-Forwarded-For': 'method.request.header.X-My-X-Forwarded-For'
}
)
self.awsclient.put_method(
restApiId=self.create_api_response['id'],
resourceId=create_resource_response['id'],
httpMethod='ANY',
authorizationType='NONE',
requestParameters={
'method.request.path.proxy':True,
'method.request.header.X-My-X-Forwarded-For':True
}
)
self.awsclient.put_integration(
restApiId=self.create_api_response['id'],
resourceId=create_resource_response['id'],
type= 'HTTP_PROXY',
httpMethod= 'ANY',
integrationHttpMethod='ANY',
uri= self.getTargetProtocol()+'://'+self.target_host.text+'/{proxy}',
connectionType= 'INTERNET',
requestParameters={
'integration.request.path.proxy':'method.request.path.proxy',
'integration.request.header.X-Forwarded-For': 'method.request.header.X-My-X-Forwarded-For'
}
)
self.deploy_response = self.awsclient.create_deployment(
restApiId=self.restAPIId,
stageName=STAGE_NAME
)
self.allEndpoints.append(self.restAPIId+'.execute-api.'+region+'.amazonaws.com')
self.usage_response = self.awsclient.create_usage_plan(
name='burpusage',
description=self.restAPIId,
apiStages=[
{
'apiId': self.restAPIId,
'stage': STAGE_NAME
}
]
)
#Print out some info to burp console
print 'Following regions and API IDs started:'
print self.enabled_regions
print 'List of endpoints being used:'
print self.allEndpoints
return
#Uses boto3 to delete the API Gateway
def deleteAPIGateway(self):
if self.enabled_regions:
for region in self.enabled_regions.keys():
self.awsclient = boto3.client('apigateway',
aws_access_key_id=self.access_key.text,
aws_secret_access_key=self.secret_key.text,
region_name=region
)
response = self.awsclient.delete_rest_api(
restApiId=self.enabled_regions[region]
)
print response
self.enabled_regions = {}
self.allEndpoints = []
return
#Called on "save" button click to save the settings
def saveKeys(self, event):
aws_access_key_id=self.access_key.text
aws_secret_access_key=self.secret_key.text
self.callbacks.saveExtensionSetting("aws_access_key_id", aws_access_key_id)
self.callbacks.saveExtensionSetting("aws_secret_access_key", aws_secret_access_key)
return
#Called on "Enable" button click to spin up the API Gateway
def enableGateway(self, event):
self.startAPIGateway()
self.status_indicator.text = ENABLED
self.isEnabled = True
self.enable_button.setEnabled(False)
self.secret_key.setEnabled(False)
self.access_key.setEnabled(False)
self.target_host.setEnabled(False)
self.disable_button.setEnabled(True)
return
#Called on "Disable" button click to delete API Gateway
def disableGateway(self, event):
self.deleteAPIGateway()
self.status_indicator.text = DISABLED
self.isEnabled = False
self.enable_button.setEnabled(True)
self.secret_key.setEnabled(True)
self.access_key.setEnabled(True)
self.target_host.setEnabled(True)
self.disable_button.setEnabled(False)
return
def getCurrEndpoint():
return
#Traffic redirecting
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
# only process requests
if not messageIsRequest or not self.isEnabled:
return
# get the HTTP service for the request
httpService = messageInfo.getHttpService()
#Modify the request host, host header, and path to point to the new API endpoint
#Should always use HTTPS because API Gateway only uses HTTPS
if ':' in self.target_host.text: #hacky fix for https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension/issues/14
host_no_port = self.target_host.text.split(':')[0]
else:
host_no_port = self.target_host.text
if (host_no_port == httpService.getHost()):
#Cycle through all the endpoints each request until then end of the list is reached
if self.currentEndpoint < len(self.allEndpoints)-1:
self.currentEndpoint += 1
#Reset to 0 when end it reached
else:
self.currentEndpoint = 0
messageInfo.setHttpService(
self.helpers.buildHttpService(
self.allEndpoints[self.currentEndpoint],
443, True
)
)
requestInfo = self.helpers.analyzeRequest(messageInfo)
new_headers = requestInfo.headers
#Update the path to point to the API Gateway path
req_head = new_headers[0]
#hacky fix for https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension/issues/14
if 'http://' in req_head or 'https://' in req_head:
cur_path = re.findall('https?:\/\/.*?\/(.*) ',req_head)[0]
new_headers[0] = re.sub(' (.*?) '," /"+STAGE_NAME+"/"+cur_path+" ",req_head)
else:
new_headers[0] = re.sub(' \/'," /"+STAGE_NAME+"/",req_head)
#Replace the Host header with the Gateway host
for header in new_headers:
if header.startswith('Host: '):
host_header_index = new_headers.index(header)
new_headers[host_header_index] = 'Host: '+self.allEndpoints[self.currentEndpoint]
#Update the headers insert the existing body
body = messageInfo.request[requestInfo.getBodyOffset():len(messageInfo.request)]
messageInfo.request = self.helpers.buildHttpMessage(
new_headers,
body
)
#Tab name
def getTabCaption(self):
return EXT_NAME
#Handle extension unloading
def extensionUnloaded(self):
self.deleteAPIGateway()
return
#Layout the UI
def getUiComponent(self):
aws_access_key_id = self.callbacks.loadExtensionSetting("aws_access_key_id")
aws_secret_accesskey = self.callbacks.loadExtensionSetting("aws_secret_access_key")
if aws_access_key_id:
self.aws_access_key_id = aws_access_key_id
if aws_secret_accesskey:
self.aws_secret_accesskey = aws_secret_accesskey
self.panel = JPanel()
self.main = JPanel()
self.main.setLayout(BoxLayout(self.main, BoxLayout.Y_AXIS))
self.access_key_panel = JPanel()
self.main.add(self.access_key_panel)
self.access_key_panel.setLayout(BoxLayout(self.access_key_panel, BoxLayout.X_AXIS))
self.access_key_panel.add(JLabel('Access Key: '))
self.access_key = JTextField(self.aws_access_key_id,25)
self.access_key_panel.add(self.access_key)
self.secret_key_panel = JPanel()
self.main.add(self.secret_key_panel)
self.secret_key_panel.setLayout(BoxLayout(self.secret_key_panel, BoxLayout.X_AXIS))
self.secret_key_panel.add(JLabel('Secret Key: '))
self.secret_key = JPasswordField(self.aws_secret_accesskey,25)
self.secret_key_panel.add(self.secret_key)
self.target_host_panel = JPanel()
self.main.add(self.target_host_panel)
self.target_host_panel.setLayout(BoxLayout(self.target_host_panel, BoxLayout.X_AXIS))
self.target_host_panel.add(JLabel('Target host: '))
self.target_host = JTextField('example.com', 25)
self.target_host_panel.add(self.target_host)
self.buttons_panel = JPanel()
self.main.add(self.buttons_panel)
self.buttons_panel.setLayout(BoxLayout(self.buttons_panel, BoxLayout.X_AXIS))
self.save_button = JButton('Save Keys', actionPerformed = self.saveKeys)
self.buttons_panel.add(self.save_button)
self.enable_button = JButton('Enable', actionPerformed = self.enableGateway)
self.buttons_panel.add(self.enable_button)
self.disable_button = JButton('Disable', actionPerformed = self.disableGateway)
self.buttons_panel.add(self.disable_button)
self.disable_button.setEnabled(False)
self.protocol_panel = JPanel()
self.main.add(self.protocol_panel)
self.protocol_panel.setLayout(BoxLayout(self.protocol_panel, BoxLayout.Y_AXIS))
self.protocol_panel.add(JLabel("Target Protocol:"))
self.https_button = JRadioButton("HTTPS",True)
self.http_button = JRadioButton("HTTP",False)
self.protocol_panel.add(self.http_button)
self.protocol_panel.add(self.https_button)
buttongroup = ButtonGroup()
buttongroup.add(self.https_button)
buttongroup.add(self.http_button)
self.regions_title = JPanel()
self.main.add(self.regions_title)
self.regions_title.add(JLabel("Regions to launch API Gateways in:"))
self.regions_panel = JPanel()
self.main.add(self.regions_panel)
glayout = GridLayout(4,3)
self.regions_panel.setLayout(glayout)
for region in AVAIL_REGIONS:
cur_region = region.replace('-','_')
cur_region = cur_region+'_status'
setattr(self,cur_region,JCheckBox(region,True))
attr = getattr(self,cur_region)
self.regions_panel.add(attr)
self.status = JPanel()
self.main.add(self.status)
self.status.setLayout(BoxLayout(self.status, BoxLayout.X_AXIS))
self.status_indicator = JLabel(DISABLED,JLabel.CENTER)
self.status_indicator.putClientProperty("html.disable", None)
self.status.add(self.status_indicator)
self.panel.add(self.main)
return self.panel
