def createPopupMenu(itemNames, itemFunctions):
"""Creates a new popup menu, which can then be shown over a
component on a mouse event. To use this function, first create a
Python sequence whose entries are strings, and another sequence
whose entries are function objects. The strings will be the items
that are displayed in your popup menu, and when an item is clicked,
its corresponding function will be run. Passing in a function of
None will cause a separator line to appear in the popup menu, and
the corresponding string will not be displayed. Your functions must
accept an event object as an argument. See also: Functions. It is
best to have the menu object created only once via an application
specific library function. Then, call the show(event) function on
both the mousePressed and mouseReleased events on your component.
The reason for this is that different operating systems (Windows,
Linux, MacOS) differ in when they like to show the popup menu. The
show(event) function detects when the right time is to show itself,
either on mouse press or release. See the examples for more.
Args:
itemNames (list[str]): A list of names to create popup menu
items with.
itemFunctions (list[object]): A list of functions to match up
with the names.
Returns:
JPopupMenu: The javax.swing.JPopupMenu that was created.
"""
print(itemNames, itemFunctions)
return JPopupMenu()
def handleMouseEvent(self, event):
if event.isPopupTrigger():
loadMenu = JMenuItem("Load .proto")
loadMenu.addActionListener(self.tab.listener)
popup = JPopupMenu()
popup.add(loadMenu)
if self.tab.descriptors:
deserializeAsMenu = JMenu("Deserialize As...")
popup.addSeparator()
popup.add(deserializeAsMenu)
for pb2, descriptors in self.tab.descriptors.iteritems():
subMenu = JMenu(pb2)
deserializeAsMenu.add(subMenu)
for name, descriptor in descriptors.iteritems():
protoMenu = JMenuItem(name)
protoMenu.addActionListener(
DeserializeProtoActionListener(self.tab, descriptor))
subMenu.add(protoMenu)
popup.show(event.getComponent(), event.getX(), event.getY())
return
def createFormItemAddPopup(self):
popup = JPopupMenu()
for factory in getFactories():
if factory.getID() != "unknown":
entry = JMenuItem(factory.getName())
entry.addActionListener(FormItemAddListener(self, factory))
popup.add(entry)
return popup
def show(self, component, onChange):
self.__onChange = onChange
menu = JPopupMenu()
jcalendar = JCalendar()
jcalendar.addDateListener(self)
menu.add(jcalendar)
menu.show(component, 0,
component.getY() + int(component.getSize().getHeight()))
def initializeGUI(self):
# table panel of scope entries
self._url_table = Table(self)
table_popup = JPopupMenu();
remove_item_menu = JMenuItem(self._remove_description, actionPerformed=self.removeFromScope)
table_popup.add(remove_item_menu)
self._url_table.setComponentPopupMenu(table_popup)
self._url_table.addMouseListener(TableMouseListener(self._url_table))
scrollPane = JScrollPane(self._url_table)
# setting panel
## locate checkboxes
### for constants, see: https://portswigger.net/burp/extender/api/constant-values.html#burp.IBurpExtenderCallbacks.TOOL_PROXY
self._checkboxes = {
2: JCheckBox('Target'),
4: JCheckBox('Proxy'),
8: JCheckBox('Spider'),
16: JCheckBox('Scanner'),
32: JCheckBox('Intruder'),
64: JCheckBox('Repeater'),
128: JCheckBox('Sequencer'),
1024: JCheckBox('Extender')
}
checkboxes_components = {0: dict(zip(range(1,len(self._checkboxes) + 1), self._checkboxes.values()))}
self._label_value_regex_now_1 = JLabel("(1) Regex for the value to store: ")
self._label_value_regex_now_2 = JLabel("")
self._label_value_regex = JLabel("(1) New regex:")
self._form_value_regex = JTextField("", 64)
self._button_value_regex = JButton('Update', actionPerformed=self.updateTokenSourceRegex)
self._label_header_now_1 = JLabel("(2) Header for sending the value: ")
self._label_header_now_2 = JLabel("")
self._label_header = JLabel("(2) New header key: ")
self._form_header = JTextField("", 64)
self._button_header = JButton('Update', actionPerformed=self.updateHeaderName)
self._label_add_url = JLabel("Add this URL: ")
self._form_add_url = JTextField("", 64)
self._button_add_url = JButton('Add', actionPerformed=self.addURLDirectly)
## logate regex settings
ui_components_for_settings_pane = {
0: { 0: JLabel("Local Settings:") },
1: { 0: self._label_value_regex_now_1, 1: self._label_value_regex_now_2 },
2: { 0: self._label_value_regex, 1: self._form_value_regex, 2: self._button_value_regex},
3: { 0: self._label_header_now_1, 1: self._label_header_now_2 },
4: { 0: self._label_header, 1: self._form_header, 2: self._button_header},
5: { 0: {'item': JSeparator(JSeparator.HORIZONTAL), 'width': 3, }},
6: { 0: JLabel("General Settings:") },
7: { 0: self._label_add_url, 1: self._form_add_url, 2: self._button_add_url},
8: { 0: JLabel("Use this extender in:"), 1: {'item': self.compose_ui(checkboxes_components), 'width': 3} }
}
# build a split panel & set UI component
self._splitpane = JSplitPane(JSplitPane.VERTICAL_SPLIT)
self._splitpane.setResizeWeight(0.85)
self._splitpane.setLeftComponent(scrollPane)
self._splitpane.setRightComponent(self.compose_ui(ui_components_for_settings_pane))
self._callbacks.customizeUiComponent(self._splitpane)
def __private_init__(self,
text="Property Editor",
columns=None,
data=None,
empty=None,
add_actions=True,
actions=None):
if not actions: actions = []
if not columns: columns = []
if data == None: data = []
if not empty: empty = []
self._text = text
self.this = JFrame(text)
self._table = JTable()
self._dtm = DefaultTableModel(0, 0)
self._dtm.setColumnIdentifiers(columns)
self._table.setModel(self._dtm)
self._data = data
for d in data:
self._dtm.addRow(d)
self._pane = JScrollPane(self._table)
self.this.add(self._pane)
self._empty = empty
self.this.addWindowListener(self)
self._dtm.addTableModelListener(lambda _: self._update_model())
self.this.setLocation(PropertyEditor.NEW_WINDOW_OFFSET,
PropertyEditor.NEW_WINDOW_OFFSET)
if add_actions:
self._popup = JPopupMenu()
self._pane.setComponentPopupMenu(self._popup)
inherits_popup_menu(self._pane)
self._actions = actions
self._actions.append(
ExecutorAction('Remove Selected Rows',
action=lambda e: self._remove_row()))
self._actions.append(
ExecutorAction('Add New Row',
action=lambda e: self._add_row()))
for action in self._actions:
self._popup.add(action.menuitem)
self.this.setForeground(Color.black)
self.this.setBackground(Color.lightGray)
self.this.pack()
self.this.setVisible(True)
self.this.setDefaultCloseOperation(JFrame.DO_NOTHING_ON_CLOSE)
return self
def PUmenu(self):
#-----------------------------------------------------------------------
# Name: MenuItem()
# Role: Return a JMenuItem with the given text, with actionPerformed set
#-----------------------------------------------------------------------
def MenuItem(text):
return JMenuItem(text, actionPerformed=self.actionPerformed)
popup = JPopupMenu()
popup.add(MenuItem('Spam'))
popup.add(MenuItem('Eggs'))
popup.add(MenuItem('Bacon'))
return popup
def main(*args):
menu = JPopupMenu()
ep = ToolsLocator.getExtensionPointManager().get("View_TocActions")
layer = gvsig.currentLayer()
tocItem = TocItemLeaf(None, layer.getName(), layer.getShapeType())
for x in ep.iterator():
action = x.create()
print "action", action
continue
if action.isVisible(tocItem, (layer, )):
print action
menu.add(MenuItem(action, layer, tocItem))
else:
print "*** else:", action
def createPopupMenu(itemNames, itemFunctions):
"""Creates a new popup menu, which can then be shown over a
component on a mouse event.
Args:
itemNames (list[str]): A list of names to create popup menu
items with.
itemFunctions (list[object]): A list of functions to match up
with the names.
Returns:
JPopupMenu: The javax.swing.JPopupMenu that was created.
"""
print(itemNames, itemFunctions)
return JPopupMenu()
def createToCContextMenu(mapContext, selectedLayer):
# TOC.java
menu = JPopupMenu()
ep = ToolsLocator.getExtensionPointManager().get("View_TocActions")
from org.gvsig.app.project.documents.view.toc.actions import ZoomAlTemaTocMenuEntry
#from org.gvsig.app.project.documents.view.ViewManager import ContextMenuActionAdapterToExtensionBuilder
#ep.append("ZoomAlTema", "", ZoomAlTemaTocMenuEntry())
tocItem = TocItemLeaf(None, selectedLayer.getName(),selectedLayer.getShapeType())
nodeValue = DefaultMutableTreeNode(tocItem)
#menu = FPopupMenu(mapContext, nodeValue)
#return menu
activesLayers = mapContext.getLayers().getActives()
actions = []
for epx in ep.iterator():
action = epx.create()
actions.append([action,action.getGroupOrder(), action.getGroup(), action.getOrder()])
sortedActions = sorted(actions, key = lambda x: (x[1], x[2],x[3]))
group = None
z = ZoomAlTemaTocMenuEntry()
z.setMapContext(mapContext)
zitem = LayerMenuItem(z, selectedLayer,tocItem, mapContext)
menu.add(zitem)
menu.addSeparator()
for actionList in sortedActions:
action = actionList[0]
if action.isVisible(tocItem, activesLayers): #(layer,)):
if group == None:
pass
elif group != action.getGroup():
menu.addSeparator()
group = action.getGroup()
if isinstance(action, AbstractTocContextMenuAction):
action.setMapContext(mapContext)
if action.isEnabled(tocItem, activesLayers):
newItem = LayerMenuItem(action, selectedLayer, tocItem, mapContext)
menu.add(newItem)
else:
newItem = LayerMenuItem(action, selectedLayer, tocItem, mapContext)
newItem.setEnabled(False)
menu.add(newItem)
return menu
def set_context_menu(self, component, scanner_issue):
self.context_menu = JPopupMenu()
repeater = JMenuItem("Send to Repeater")
repeater.addActionListener(PopupListener(scanner_issue, self.callbacks))
intruder = JMenuItem("Send to Intruder")
intruder.addActionListener(PopupListener(scanner_issue, self.callbacks))
hunt = JMenuItem("Send to HUNT")
self.context_menu.add(repeater)
self.context_menu.add(intruder)
context_menu_listener = ContextMenuListener(component, self.context_menu)
component.addMouseListener(context_menu_listener)
def initTabs(self):
#
## init autorize tabs
#
self.logTable = Table(self)
self._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
self._splitpane.setResizeWeight(1)
self.scrollPane = JScrollPane(self.logTable)
self._splitpane.setLeftComponent(self.scrollPane)
self.scrollPane.getVerticalScrollBar().addAdjustmentListener(
autoScrollListener(self))
copyURLitem = JMenuItem("Copy URL")
copyURLitem.addActionListener(copySelectedURL(self))
self.menu = JPopupMenu("Popup")
self.menu.add(copyURLitem)
self.tabs = JTabbedPane()
self._requestViewer = self._callbacks.createMessageEditor(self, False)
self._responseViewer = self._callbacks.createMessageEditor(self, False)
self._originalrequestViewer = self._callbacks.createMessageEditor(
self, False)
self._originalresponseViewer = self._callbacks.createMessageEditor(
self, False)
self.tabs.addTab("Modified Request",
self._requestViewer.getComponent())
self.tabs.addTab("Modified Response",
self._responseViewer.getComponent())
self.tabs.addTab("Original Request",
self._originalrequestViewer.getComponent())
self.tabs.addTab("Original Response",
self._originalresponseViewer.getComponent())
self.tabs.addTab("Configuration", self.pnl)
self.tabs.setSelectedIndex(4)
self._splitpane.setRightComponent(self.tabs)
def __init__(self,
actions=[],
restore=None,
proxy=None,
http_mutator=None,
texteditor_factory=None,
requests=None,
stub_responses=None):
self._requests = requests if requests is not None else {}
self._stub_responses = stub_responses if stub_responses is not None else {}
self._actions = actions
self._load_headers = []
self._run_config = [['Proxy', proxy], ['Authorization Key', None],
['Load Placeholders', True],
['Generate HTML DOC', True],
['Generate Schema DOC', False],
['Generate Stub Queries', True],
['Accept Invalid SSL Certificate', True],
['Generate Cycles Report', False],
['Cycles Report Timeout', 60],
['Generate TSV', False]]
self._init_config = json.loads(json.dumps(self._run_config))
self._default_config = {}
for k, v in self._run_config:
self._default_config[k] = v
self._old_config_hash = None
self._actions.insert(0, BrowserAction())
self._actions.insert(
0, ExecutorAction("Configure", lambda _: self._setup()))
self._actions.insert(0, ExecutorAction("Load", self._loadurl))
self._http_mutator = http_mutator
self.this = JPanel()
self.this.setLayout(BorderLayout())
self._omnibar = Omnibar(hint=DEFAULT_LOAD_URL,
label="Load",
action=self._loadurl)
self.this.add(BorderLayout.PAGE_START, self._omnibar.this)
self._fileview = FileView(
dir=os.getcwd(),
filetree_label="Queries, Mutations and Subscriptions",
texteditor_factory=texteditor_factory)
self.this.add(BorderLayout.CENTER, self._fileview.this)
self._fileview.addTreeListener(self._tree_listener)
self._fileview.addPayloadListener(self._payload_listener)
self._popup = JPopupMenu()
self.this.setComponentPopupMenu(self._popup)
inherits_popup_menu(self.this)
for action in self._actions:
self._popup.add(action.menuitem)
self._state = {'runs': []}
try:
if restore:
cfg = json.loads(restore)
if 'runs' in cfg:
for target, key, proxy, headers, load_placeholer, generate_html, generate_schema, generate_queries, generate_cycles, cycles_timeout, generate_tsv, accept_invalid_certificate, flag in cfg[
'runs']:
self._run(target=target,
key=key,
proxy=proxy,
headers=headers,
load_placeholer=load_placeholer,
generate_html=generate_html,
generate_schema=generate_schema,
generate_queries=generate_queries,
generate_cycles=generate_cycles,
cycles_timeout=cycles_timeout,
generate_tsv=generate_tsv,
accept_invalid_certificate=
accept_invalid_certificate,
flag=flag)
self._run_config = cfg['config']
except Exception as ex:
print(
"Cannot Load old configuration: starting with a clean state: %s"
% ex)
sys.stdout.flush()
self._state['config'] = self._run_config
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("Burp Scope Monitor Experimental")
self.GLOBAL_HANDLER_ANALYZED = False
self.GLOBAL_HANDLER = False
self.STATUS = False
self.AUTOSAVE_REQUESTS = 10
self.AUTOSAVE_TIMEOUT = 600 # 10 minutes should be fine
self.CONFIG_INSCOPE = True
self.BAD_EXTENSIONS_DEFAULT = [
'.gif', '.png', '.js', '.woff', '.woff2', '.jpeg', '.jpg', '.css',
'.ico', '.m3u8', '.ts', '.svg'
]
self.BAD_MIMES_DEFAULT = [
'gif', 'script', 'jpeg', 'jpg', 'png', 'video', 'mp2t'
]
self.BAD_EXTENSIONS = self.BAD_EXTENSIONS_DEFAULT
self.BAD_MIMES = self.BAD_MIMES_DEFAULT
# create the log and a lock on which to synchronize when adding log entries
self._currentlyDisplayedItem = None
self.SELECTED_MODEL_ROW = 0
self.SELECTED_VIEW_ROW = 0
self._log = ArrayList()
self._fullLog = ArrayList()
self._lock = Lock()
self._lockFile = Lock()
# main split pane
self._parentPane = JTabbedPane()
self._splitpane = JSplitPane(JSplitPane.VERTICAL_SPLIT)
##### config pane
self._config = JTabbedPane()
config = JPanel()
iexport = JPanel()
#config.setLayout(BorderLayout())
config.setLayout(None)
iexport.setLayout(None)
# config radio button
X_BASE = 40
Y_OFFSET = 5
Y_OPTION = 200
Y_OPTION_SPACING = 20
Y_CHECKMARK_SPACING = 20
self.showAllButton = JRadioButton(SHOW_ALL_BUTTON_LABEL, True)
self.showNewButton = JRadioButton(SHOW_NEW_BUTTON_LABEL, False)
self.showTestedButton = JRadioButton(SHOW_TEST_BUTTON_LABEL, False)
self.showAllButton.setBounds(40, 60 + Y_OFFSET, 400, 30)
self.showNewButton.setBounds(40, 80 + Y_OFFSET, 400, 30)
self.showTestedButton.setBounds(40, 100 + Y_OFFSET, 400, 30)
#self.showNewButton = JRadioButton(SHOW_NEW_BUTTON_LABEL, False)
#self.showTestedButton = JRadioButton(SHOW_TEST_BUTTON_LABEL, False)
self.showAllButton.addActionListener(self.handleRadioConfig)
self.showNewButton.addActionListener(self.handleRadioConfig)
self.showTestedButton.addActionListener(self.handleRadioConfig)
self.clearButton = JButton("Clear")
self.clearButton.addActionListener(self.handleClearButton)
self.clearButton.setBounds(40, 20, 100, 30)
self.startButton = JButton(MONITOR_ON_LABEL)
self.startButton.addActionListener(self.handleStartButton)
self.startButton.setBounds(150, 20, 200, 30)
self.badExtensionsLabel = JLabel("Ignore extensions:")
self.badExtensionsLabel.setBounds(X_BASE, 150, 200, 30)
self.badExtensionsText = JTextArea("")
self.loadBadExtensions()
self.badExtensionsText.setBounds(X_BASE, 175, 310, 30)
self.badExtensionsButton = JButton("Save")
self.badExtensionsButton.addActionListener(
self.handleBadExtensionsButton)
self.badExtensionsButton.setBounds(355, 175, 70, 30)
self.badExtensionsDefaultButton = JButton("Load Defaults")
self.badExtensionsDefaultButton.addActionListener(
self.handleBadExtensionsDefaultButton)
self.badExtensionsDefaultButton.setBounds(430, 175, 120, 30)
self.badMimesLabel = JLabel("Ignore mime types:")
self.badMimesLabel.setBounds(X_BASE, 220, 200, 30)
self.badMimesText = JTextArea("")
self.loadBadMimes()
self.badMimesText.setBounds(X_BASE, 245, 310, 30)
self.badMimesButton = JButton("Save")
self.badMimesButton.addActionListener(self.handleBadMimesButton)
self.badMimesButton.setBounds(355, 245, 70, 30)
self.badMimesDefaultButton = JButton("Load Defaults")
self.badMimesDefaultButton.addActionListener(
self.handleBadMimesDefaultButton)
self.badMimesDefaultButton.setBounds(430, 245, 120, 30)
self.otherLabel = JLabel("Other:")
self.otherLabel.setBounds(40, 300, 120, 30)
self.otherLabel2 = JLabel("Other:")
self.otherLabel2.setBounds(X_BASE, Y_OPTION, 120, 30)
self.autoSaveOption = JCheckBox("Auto save periodically")
self.autoSaveOption.setSelected(True)
self.autoSaveOption.addActionListener(self.handleAutoSaveOption)
self.autoSaveOption.setBounds(X_BASE, Y_OPTION + Y_CHECKMARK_SPACING,
420, 30)
self.repeaterOptionButton = JCheckBox(
"Repeater request automatically marks as analyzed")
self.repeaterOptionButton.setSelected(True)
self.repeaterOptionButton.addActionListener(
self.handleRepeaterOptionButton)
self.repeaterOptionButton.setBounds(50, 330, 420, 30)
self.scopeOptionButton = JCheckBox("Follow Burp Target In Scope rules")
self.scopeOptionButton.setSelected(True)
self.scopeOptionButton.addActionListener(self.handleScopeOptionButton)
self.scopeOptionButton.setBounds(50, 350, 420, 30)
self.startOptionButton = JCheckBox("Autostart Scope Monitor")
self.startOptionButton.setSelected(True)
self.startOptionButton.addActionListener(self.handleStartOption)
self.startOptionButton.setBounds(50, 350 + Y_OPTION_SPACING, 420, 30)
self.markTestedRequestsProxy = JCheckBox(
"Color request in Proxy tab if analyzed")
self.markTestedRequestsProxy.setSelected(True)
self.markTestedRequestsProxy.addActionListener(
self.handleTestedRequestsProxy)
self.markTestedRequestsProxy.setBounds(50, 350 + Y_OPTION_SPACING * 2,
420, 30)
self.markNotTestedRequestsProxy = JCheckBox(
"Color request in Proxy tab if NOT analyzed")
self.markNotTestedRequestsProxy.setSelected(True)
self.markNotTestedRequestsProxy.addActionListener(
self.handleNotTestedRequestsProxy)
self.markNotTestedRequestsProxy.setBounds(50,
350 + Y_OPTION_SPACING * 3,
420, 30)
self.saveButton = JButton("Save now")
self.saveButton.addActionListener(self.handleSaveButton)
self.saveButton.setBounds(X_BASE + 320, 95, 90, 30)
self.loadButton = JButton("Load now")
self.loadButton.addActionListener(self.handleLoadButton)
self.loadButton.setBounds(X_BASE + 420, 95, 90, 30)
self.selectPath = JButton("Select path")
self.selectPath.addActionListener(self.selectExportFile)
self.selectPath.setBounds(X_BASE + 530, 60, 120, 30)
self.selectPathText = JTextArea("")
self.selectPathText.setBounds(X_BASE, 60, 510, 30)
self.selectPathLabel = JLabel("State file:")
self.selectPathLabel.setBounds(X_BASE, 30, 200, 30)
bGroup = ButtonGroup()
bGroup.add(self.showAllButton)
bGroup.add(self.showNewButton)
bGroup.add(self.showTestedButton)
config.add(self.clearButton)
config.add(self.startButton)
config.add(self.startOptionButton)
config.add(self.showAllButton)
config.add(self.showNewButton)
config.add(self.showTestedButton)
config.add(self.badExtensionsButton)
config.add(self.badExtensionsText)
config.add(self.badExtensionsLabel)
config.add(self.badMimesButton)
config.add(self.badMimesText)
config.add(self.badMimesLabel)
config.add(self.badExtensionsDefaultButton)
config.add(self.badMimesDefaultButton)
config.add(self.otherLabel)
config.add(self.repeaterOptionButton)
config.add(self.scopeOptionButton)
config.add(self.markTestedRequestsProxy)
config.add(self.markNotTestedRequestsProxy)
iexport.add(self.saveButton)
iexport.add(self.loadButton)
iexport.add(self.selectPath)
iexport.add(self.selectPathText)
iexport.add(self.selectPathLabel)
iexport.add(self.otherLabel2)
iexport.add(self.autoSaveOption)
self._config.addTab("General", config)
self._config.addTab("Import/Export", iexport)
##### end config pane
self._parentPane.addTab("Monitor", self._splitpane)
self._parentPane.addTab("Config", self._config)
# table of log entries
self.logTable = Table(self)
#self.logTable.setDefaultRenderer(self.logTable.getColumnClass(0), ColoredTableCellRenderer(self))
self.logTable.setAutoCreateRowSorter(True)
self.logTable.setRowSelectionAllowed(True)
renderer = ColoredTableCellRenderer(self)
#column = TableColumn(0, 190, renderer, None)
print 'Initiating... '
# this could be improved by fetching initial dimensions
self.logTable.getColumn("URL").setPreferredWidth(720) # noscope
self.logTable.getColumn("URL").setResizable(True)
self.logTable.getColumn("Checked").setCellRenderer(renderer)
self.logTable.getColumn("Checked").setPreferredWidth(80)
self.logTable.getColumn("Checked").setMaxWidth(80)
self.logTable.getColumn("Method").setPreferredWidth(120)
#self.logTable.getColumn("Method").setMaxWidth(120)
self.logTable.getColumn("Method").setResizable(True)
self.logTable.getColumn("Time").setPreferredWidth(120) # noscope
self.logTable.getColumn("Time").setResizable(True)
scrollPane = JScrollPane(self.logTable)
self._splitpane.setLeftComponent(scrollPane)
# tabs with request/response viewers
tabs = JTabbedPane()
self._requestViewer = callbacks.createMessageEditor(self, False)
self._responseViewer = callbacks.createMessageEditor(self, False)
tabs.addTab("Request", self._requestViewer.getComponent())
tabs.addTab("Response", self._responseViewer.getComponent())
self._splitpane.setRightComponent(tabs)
## Row sorter shit
#self._tableRowSorterAutoProxyAutoAction = CustomTableRowSorter(self.logTable.getModel())
#self.logTable.setRowSorter(self._tableRowSorterAutoProxyAutoAction)
markAnalyzedButton = JMenuItem("Mark Requests as Analyzed")
markAnalyzedButton.addActionListener(markRequestsHandler(self, True))
markNotAnalyzedButton = JMenuItem("Mark Requests as NOT Analyzed")
markNotAnalyzedButton.addActionListener(
markRequestsHandler(self, False))
sendRequestMenu = JMenuItem("Send Request to Repeater")
sendRequestMenu.addActionListener(sendRequestRepeater(self))
deleteRequestMenu = JMenuItem("Delete request")
deleteRequestMenu.addActionListener(deleteRequestHandler(self))
self.menu = JPopupMenu("Popup")
self.menu.add(markAnalyzedButton)
self.menu.add(markNotAnalyzedButton)
self.menu.add(sendRequestMenu)
self.menu.add(deleteRequestMenu)
# customize our UI components
callbacks.customizeUiComponent(self._parentPane)
callbacks.customizeUiComponent(self._splitpane)
callbacks.customizeUiComponent(self._config)
callbacks.customizeUiComponent(config)
callbacks.customizeUiComponent(self.logTable)
callbacks.customizeUiComponent(scrollPane)
callbacks.customizeUiComponent(tabs)
callbacks.registerContextMenuFactory(self)
callbacks.registerExtensionStateListener(self)
callbacks.registerScannerCheck(passiveScanner(self))
# add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
# register ourselves as an HTTP listener
callbacks.registerHttpListener(self)
self.loadConfigs()
print "Loaded!"
print "Experimental import state.. "
self.importState("")
self.SC = sched.scheduler(time.time, time.sleep)
self.SCC = self.SC.enter(10, 1, self.autoSave, (self.SC, ))
self.SC.run()
return
def registerExtenderCallbacks(self, callbacks):
print "Loading..."
self._callbacks = callbacks
self._callbacks.setExtensionName('Burp SPA Explorer')
# self._callbacks.registerScannerCheck(self)
# self._callbacks.registerExtensionStateListener(self)
self._helpers = callbacks.getHelpers()
self.crawlingEvent = Event()
self.crawlerThread = None
# main split pane
self._splitpane = JSplitPane(JSplitPane.VERTICAL_SPLIT)
self._splitpane.setBorder(EmptyBorder(20, 20, 20, 20))
# sub split pane (top)
self._topPanel = JPanel(BorderLayout(10, 10))
self._topPanel.setBorder(EmptyBorder(0, 0, 10, 0))
# Setup Panel : [Target: ] [______________________] [START BUTTON]
self.setupPanel = JPanel(FlowLayout(FlowLayout.LEADING, 10, 10))
self.setupPanel.add(JLabel("Target:", SwingConstants.LEFT),
BorderLayout.LINE_START)
self.hostField = JTextField('', 50)
self.setupPanel.add(self.hostField)
self.toggleButton = JButton('Start crawling',
actionPerformed=self.toggleCrawl)
self.setupPanel.add(self.toggleButton)
self._topPanel.add(self.setupPanel, BorderLayout.PAGE_START)
# Options Panel : [Buttons] [ RegEx ]
self.optionsPanel = JPanel()
self.optionsPanel.setLayout(
BoxLayout(self.optionsPanel, BoxLayout.LINE_AXIS))
# Button options panel : [Add][Edit][Up][Down][Remove]
self.buttonOptionsPanel = JPanel()
self.buttonOptionsPanel.setLayout(
BoxLayout(self.buttonOptionsPanel, BoxLayout.PAGE_AXIS))
self.addRegexButton = JButton('Add', actionPerformed=self.addRegex)
self.buttonOptionsPanel.add(self.addRegexButton)
self.editRegexButton = JButton('Edit', actionPerformed=self.editRegex)
self.buttonOptionsPanel.add(self.editRegexButton)
self.moveRegexUpButton = JButton('Move up',
actionPerformed=self.moveRegexUp)
self.buttonOptionsPanel.add(self.moveRegexUpButton)
self.moveRegexDownButton = JButton('Move down',
actionPerformed=self.moveRegexDown)
self.buttonOptionsPanel.add(self.moveRegexDownButton)
self.removeRegexButton = JButton('Remove',
actionPerformed=self.removeRegex)
self.buttonOptionsPanel.add(self.removeRegexButton)
self.buttonOptionsPanel.add(Box.createVerticalGlue())
self.optionsPanel.add(self.buttonOptionsPanel)
self.optionsPanel.add(Box.createHorizontalStrut(20))
self.regexTableModel = RegexTableModel([x for x in regex])
self.regexTable = Table(self.regexTableModel)
self.regexScrollPane = JScrollPane(self.regexTable)
self.optionsPanel.add(self.regexScrollPane)
self._topPanel.add(self.optionsPanel, BorderLayout.CENTER)
self._splitpane.setTopComponent(self._topPanel)
# Bottom Panel
self._bottomPanel = JPanel(BorderLayout(10, 10))
#self._bottomPanel.setLayout(BoxLayout(self._bottomPanel,BoxLayout.PAGE_AXIS))
# Status bar
self.crawlStatusPanel = JPanel(FlowLayout(FlowLayout.LEADING, 10, 10))
self.crawlStatusPanel.add(JLabel("Status: ", SwingConstants.LEFT))
self.crawlStatusLabel = JLabel("Ready to crawl", SwingConstants.LEFT)
self.crawlStatusPanel.add(self.crawlStatusLabel)
# Result Table
self.resultTableModel = Result([])
self.resultTable = Table(self.resultTableModel)
self.resultTable.setAutoCreateRowSorter(True)
self.resultScrollPane = JScrollPane(self.resultTable)
# Result Table popup menu
def selectWhenRightClickEvent(event):
def select(e):
rowAtPoint = self.resultTable.rowAtPoint(
SwingUtilities.convertPoint(self.resultTablePopupMenu,
Point(0, 0), self.resultTable))
if rowAtPoint > -1:
self.resultTable.setRowSelectionInterval(
rowAtPoint, rowAtPoint)
SwingUtilities.invokeLater(CrawlerRunnable(select, (event, )))
self.resultTablePopupMenu = JPopupMenu(
popupMenuWillBecomeVisible=selectWhenRightClickEvent)
self.resultTablePopupMenu.add(
JMenuItem("Send to scanner", actionPerformed=self.sendToScanner))
self.resultTablePopupMenu.add(
JMenuItem("Send to repeater", actionPerformed=self.sendToRepeater))
self.resultTablePopupMenu.add(
JMenuItem("Send to intruder", actionPerformed=self.sendToIntruder))
self.resultTablePopupMenu.add(
JMenuItem("Send to spider", actionPerformed=self.sendToSpider))
self.resultTable.setComponentPopupMenu(self.resultTablePopupMenu)
self._bottomPanel.add(self.resultScrollPane, BorderLayout.CENTER)
self._bottomPanel.add(self.crawlStatusPanel, BorderLayout.SOUTH)
self._splitpane.setBottomComponent(self._bottomPanel)
self._splitpane.setDividerLocation(300 +
self._splitpane.getInsets().left)
callbacks.customizeUiComponent(self._splitpane)
callbacks.addSuiteTab(self)
explorerMenu = ExplorerMenu(self)
callbacks.registerContextMenuFactory(explorerMenu)
print "SPA Explorer custom menu loaded"
#print "Loading chrome driver"
#a = Test(os.path.dirname(os.path.realpath('selenium-client.jar')) + '/chromedriver.exe')
#print "Chrome driver started"
print "Burp SPA Explorer loaded"
def __init__(self, name, iconName, tooltip, shortcut, height, app):
ToggleDialog.__init__(self, name, iconName, tooltip, shortcut, height)
self.app = app
tools = app.tools
#Main panel of the dialog
mainPnl = JPanel(BorderLayout())
mainPnl.setBorder(BorderFactory.createEmptyBorder(0, 1, 1, 1))
### First tab: errors selection and download ###########################
#ComboBox with tools names
self.toolsComboModel = DefaultComboBoxModel()
for tool in tools:
self.add_data_to_models(tool)
self.toolsCombo = JComboBox(self.toolsComboModel,
actionListener=ToolsComboListener(app))
renderer = ToolsComboRenderer(self.app)
renderer.setPreferredSize(Dimension(20, 20))
self.toolsCombo.setRenderer(renderer)
self.toolsCombo.setToolTipText(
app.strings.getString("Select_a_quality_assurance_tool"))
#ComboBox with categories names ("views"), of the selected tool
self.viewsCombo = JComboBox(actionListener=ViewsComboListener(app))
self.viewsCombo.setToolTipText(
app.strings.getString("Select_a_category_of_error"))
#Popup for checks table
self.checkPopup = JPopupMenu()
#add favourite check
self.menuItemAdd = JMenuItem(
self.app.strings.getString("Add_to_favourites"))
self.menuItemAdd.setIcon(
ImageIcon(
File.separator.join([
self.app.SCRIPTDIR, "tools", "data", "Favourites", "icons",
"tool_16.png"
])))
self.menuItemAdd.addActionListener(PopupActionListener(self.app))
self.checkPopup.add(self.menuItemAdd)
#remove favourite check
self.menuItemRemove = JMenuItem(
self.app.strings.getString("Remove_from_favourites"))
self.menuItemRemove.setIcon(
ImageIcon(
File.separator.join([
self.app.SCRIPTDIR, "tools", "data", "Favourites", "icons",
"black_tool_16.png"
])))
self.menuItemRemove.addActionListener(PopupActionListener(self.app))
self.checkPopup.add(self.menuItemRemove)
#Help link for selected check
self.menuItemHelp = JMenuItem(self.app.strings.getString("check_help"))
self.menuItemHelp.setIcon(
ImageIcon(
File.separator.join(
[self.app.SCRIPTDIR, "images", "icons", "info_16.png"])))
self.checkPopup.add(self.menuItemHelp)
self.menuItemHelp.addActionListener(PopupActionListener(self.app))
#Table with checks of selected tool and view
self.checksTable = JTable()
self.iconrenderer = IconRenderer()
self.iconrenderer.setHorizontalAlignment(JLabel.CENTER)
scrollPane = JScrollPane(self.checksTable)
self.checksTable.setFillsViewportHeight(True)
tableSelectionModel = self.checksTable.getSelectionModel()
tableSelectionModel.addListSelectionListener(ChecksTableListener(app))
self.checksTable.addMouseListener(
ChecksTableClickListener(app, self.checkPopup, self.checksTable))
#Favourite area status indicator
self.favAreaIndicator = JLabel()
self.update_favourite_zone_indicator()
self.favAreaIndicator.addMouseListener(FavAreaIndicatorListener(app))
#label with OSM id of the object currently edited and number of
#errors still to review
self.checksTextFld = JTextField("",
editable=0,
border=None,
background=None)
#checks buttons
btnsIconsDir = File.separator.join([app.SCRIPTDIR, "images", "icons"])
downloadIcon = ImageIcon(
File.separator.join([btnsIconsDir, "download.png"]))
self.downloadBtn = JButton(downloadIcon,
actionPerformed=app.on_downloadBtn_clicked,
enabled=0)
startIcon = ImageIcon(
File.separator.join([btnsIconsDir, "start_fixing.png"]))
self.startBtn = JButton(startIcon,
actionPerformed=app.on_startBtn_clicked,
enabled=0)
self.downloadBtn.setToolTipText(
app.strings.getString("Download_errors_in_this_area"))
self.startBtn.setToolTipText(
app.strings.getString("Start_fixing_the_selected_errors"))
#tab layout
panel1 = JPanel(BorderLayout(0, 1))
comboboxesPnl = JPanel(GridLayout(0, 2, 5, 0))
comboboxesPnl.add(self.toolsCombo)
comboboxesPnl.add(self.viewsCombo)
checksPnl = JPanel(BorderLayout(0, 1))
checksPnl.add(scrollPane, BorderLayout.CENTER)
self.statsPanel = JPanel(BorderLayout(4, 0))
self.statsPanel_def_color = self.statsPanel.getBackground()
self.statsPanel.add(self.checksTextFld, BorderLayout.CENTER)
self.statsPanel.add(self.favAreaIndicator, BorderLayout.LINE_START)
checksPnl.add(self.statsPanel, BorderLayout.PAGE_END)
checksButtonsPnl = JPanel(GridLayout(0, 2, 0, 0))
checksButtonsPnl.add(self.downloadBtn)
checksButtonsPnl.add(self.startBtn)
panel1.add(comboboxesPnl, BorderLayout.PAGE_START)
panel1.add(checksPnl, BorderLayout.CENTER)
panel1.add(checksButtonsPnl, BorderLayout.PAGE_END)
### Second tab: errors fixing ##########################################
#label with error stats
self.errorTextFld = JTextField("",
editable=0,
border=None,
background=None)
#label with current error description
self.errorDesc = JLabel("")
self.errorDesc.setAlignmentX(0.5)
#error buttons
errorInfoBtnIcon = ImageProvider.get("info")
self.errorInfoBtn = JButton(
errorInfoBtnIcon,
actionPerformed=app.on_errorInfoBtn_clicked,
enabled=0)
notErrorIcon = ImageIcon(
File.separator.join([btnsIconsDir, "not_error.png"]))
self.notErrorBtn = JButton(
notErrorIcon,
actionPerformed=app.on_falsePositiveBtn_clicked,
enabled=0)
ignoreIcon = ImageIcon(File.separator.join([btnsIconsDir, "skip.png"]))
self.ignoreBtn = JButton(ignoreIcon,
actionPerformed=app.on_ignoreBtn_clicked,
enabled=0)
correctedIcon = ImageIcon(
File.separator.join([btnsIconsDir, "corrected.png"]))
self.correctedBtn = JButton(
correctedIcon,
actionPerformed=app.on_correctedBtn_clicked,
enabled=0)
nextIcon = ImageIcon(File.separator.join([btnsIconsDir, "next.png"]))
self.nextBtn = JButton(nextIcon,
actionPerformed=app.on_nextBtn_clicked,
enabled=0)
#self.nextBtn.setMnemonic(KeyEvent.VK_RIGHT)
self.errorInfoBtn.setToolTipText(
app.strings.getString("open_error_info_dialog"))
self.notErrorBtn.setToolTipText(
app.strings.getString("flag_false_positive"))
self.ignoreBtn.setToolTipText(
app.strings.getString("Skip_and_don't_show_me_this_error_again"))
self.correctedBtn.setToolTipText(
app.strings.getString("flag_corrected_error"))
self.nextBtn.setToolTipText(app.strings.getString("Go_to_next_error"))
#tab layout
self.panel2 = JPanel(BorderLayout())
self.panel2.add(self.errorTextFld, BorderLayout.PAGE_START)
self.panel2.add(self.errorDesc, BorderLayout.CENTER)
errorButtonsPanel = JPanel(GridLayout(0, 5, 0, 0))
errorButtonsPanel.add(self.errorInfoBtn)
errorButtonsPanel.add(self.notErrorBtn)
errorButtonsPanel.add(self.ignoreBtn)
errorButtonsPanel.add(self.correctedBtn)
errorButtonsPanel.add(self.nextBtn)
self.panel2.add(errorButtonsPanel, BorderLayout.PAGE_END)
#Layout
self.tabbedPane = JTabbedPane()
self.tabbedPane.addTab(self.app.strings.getString("Download"), None,
panel1,
self.app.strings.getString("download_tab"))
mainPnl.add(self.tabbedPane, BorderLayout.CENTER)
self.createLayout(mainPnl, False, None)
def draw(self):
""" init autorize tabs
"""
self._extender.logTable = Table(self._extender)
tableWidth = self._extender.logTable.getPreferredSize().width
self._extender.logTable.getColumn("ID").setPreferredWidth(
Math.round(tableWidth / 50 * 2))
self._extender.logTable.getColumn("Method").setPreferredWidth(
Math.round(tableWidth / 50 * 3))
self._extender.logTable.getColumn("URL").setPreferredWidth(
Math.round(tableWidth / 50 * 25))
self._extender.logTable.getColumn("Orig. Length").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self._extender.logTable.getColumn("Modif. Length").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self._extender.logTable.getColumn("Unauth. Length").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self._extender.logTable.getColumn(
"Authorization Enforcement Status").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self._extender.logTable.getColumn(
"Authorization Unauth. Status").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self._extender.tableSorter = TableRowSorter(self._extender.tableModel)
rowFilter = TableRowFilter(self._extender)
self._extender.tableSorter.setRowFilter(rowFilter)
self._extender.logTable.setRowSorter(self._extender.tableSorter)
self._extender._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
self._extender._splitpane.setResizeWeight(1)
self._extender.scrollPane = JScrollPane(self._extender.logTable)
self._extender._splitpane.setLeftComponent(self._extender.scrollPane)
self._extender.scrollPane.getVerticalScrollBar().addAdjustmentListener(
AutoScrollListener(self._extender))
copyURLitem = JMenuItem("Copy URL")
copyURLitem.addActionListener(CopySelectedURL(self._extender))
sendRequestMenu = JMenuItem("Send Original Request to Repeater")
sendRequestMenu.addActionListener(
SendRequestRepeater(self._extender, self._extender._callbacks,
True))
sendRequestMenu2 = JMenuItem("Send Modified Request to Repeater")
sendRequestMenu2.addActionListener(
SendRequestRepeater(self._extender, self._extender._callbacks,
False))
sendResponseMenu = JMenuItem("Send Responses to Comparer")
sendResponseMenu.addActionListener(
SendResponseComparer(self._extender, self._extender._callbacks))
retestSelecteditem = JMenuItem("Retest selected request")
retestSelecteditem.addActionListener(
RetestSelectedRequest(self._extender))
deleteSelectedItem = JMenuItem("Delete")
deleteSelectedItem.addActionListener(
DeleteSelectedRequest(self._extender))
self._extender.menu = JPopupMenu("Popup")
self._extender.menu.add(sendRequestMenu)
self._extender.menu.add(sendRequestMenu2)
self._extender.menu.add(sendResponseMenu)
self._extender.menu.add(copyURLitem)
self._extender.menu.add(retestSelecteditem)
# self.menu.add(deleteSelectedItem) disabling this feature until bug will be fixed.
message_editor = MessageEditor(self._extender)
self._extender.tabs = JTabbedPane()
self._extender._requestViewer = self._extender._callbacks.createMessageEditor(
message_editor, False)
self._extender._responseViewer = self._extender._callbacks.createMessageEditor(
message_editor, False)
self._extender._originalrequestViewer = self._extender._callbacks.createMessageEditor(
message_editor, False)
self._extender._originalresponseViewer = self._extender._callbacks.createMessageEditor(
message_editor, False)
self._extender._unauthorizedrequestViewer = self._extender._callbacks.createMessageEditor(
message_editor, False)
self._extender._unauthorizedresponseViewer = self._extender._callbacks.createMessageEditor(
message_editor, False)
self._extender.tabs.addTab(
"Modified Request", self._extender._requestViewer.getComponent())
self._extender.tabs.addTab(
"Modified Response", self._extender._responseViewer.getComponent())
self._extender.tabs.addTab(
"Original Request",
self._extender._originalrequestViewer.getComponent())
self._extender.tabs.addTab(
"Original Response",
self._extender._originalresponseViewer.getComponent())
self._extender.tabs.addTab(
"Unauthenticated Request",
self._extender._unauthorizedrequestViewer.getComponent())
self._extender.tabs.addTab(
"Unauthenticated Response",
self._extender._unauthorizedresponseViewer.getComponent())
self._extender.tabs.addTab("Configuration", self._extender.pnl)
self._extender.tabs.setSelectedIndex(6)
self._extender._splitpane.setRightComponent(self._extender.tabs)
def __init__(self, actions=[], restore=None):
self._actions = actions
self._load_headers = []
self._run_config = [['Proxy', None], ['Authorization Key', None],
['Load Placeholders', True],
['Generate HTML DOC', False],
['Generate Schema DOC', False],
['Generate Stub Queries', True],
['Accept Invalid SSL Certificate', False]]
self._default_config = {}
for k, v in self._run_config:
self._default_config[k] = v
self._old_config_hash = None
self._actions.append(BrowserAction())
self._actions.append(
ExecutorAction("Configure", lambda _: self._setup()))
self._actions.append(ExecutorAction("Load", self._loadurl))
self._actions = [a for a in reversed(self._actions)]
self.this = JPanel()
self.this.setLayout(BorderLayout())
self._omnibar = Omnibar(hint=DEFAULT_LOAD_URL,
label="Load",
action=self._loadurl)
self.this.add(BorderLayout.PAGE_START, self._omnibar.this)
self._fileview = FileView(
dir=os.getcwd(),
filetree_label="Queries, Mutations and Subscriptions",
payloadview_label="Query Template")
self.this.add(BorderLayout.CENTER, self._fileview.this)
self._fileview.addTreeListener(self._tree_listener)
self._fileview.addPayloadListener(self._payload_listener)
self._popup = JPopupMenu()
self.this.setComponentPopupMenu(self._popup)
inherits_popup_menu(self.this)
for action in self._actions:
self._popup.add(action.menuitem)
self._state = {'runs': []}
try:
if restore:
cfg = json.loads(restore)
for target, key, proxy, headers, load_placeholer, generate_html, generate_schema, generate_queries, accept_invalid_certificate, flag in cfg[
'runs']:
self._run(
target=target,
key=key,
proxy=proxy,
headers=headers,
load_placeholer=load_placeholer,
generate_html=generate_html,
generate_schema=generate_schema,
generate_queries=generate_queries,
accept_invalid_certificate=accept_invalid_certificate,
flag=flag)
self._run_config = cfg['config']
except Exception as ex:
print(
"Cannot Load old configuration: starting with a clean state: %s"
% ex)
sys.stdout.flush()
self._state['config'] = self._run_config
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our Burp callbacks object
self._callbacks = callbacks
# obtain an Burp extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("AuthMatrix - v0.4")
# DB that holds everything users, roles, and messages
self._db = MatrixDB()
# For saving/loading config
self._fc = JFileChooser()
# Used by ActionListeners
selfExtender = self
self._selectedColumn = -1
self._selectedRow = -1
# Table of User entries
self._userTable = UserTable(self, model=UserTableModel(self._db))
roleScrollPane = JScrollPane(self._userTable)
self._userTable.redrawTable()
# Table of Request (AKA Message) entries
self._messageTable = MessageTable(self,
model=MessageTableModel(self._db))
messageScrollPane = JScrollPane(self._messageTable)
self._messageTable.redrawTable()
# Semi-Generic Popup stuff
def addPopup(component, popup):
class genericMouseListener(MouseAdapter):
def mousePressed(self, e):
if e.isPopupTrigger():
self.showMenu(e)
def mouseReleased(self, e):
if e.isPopupTrigger():
self.showMenu(e)
def showMenu(self, e):
if type(component) is JTableHeader:
table = component.getTable()
column = component.columnAtPoint(e.getPoint())
if type(
table
) is MessageTable and column >= selfExtender._db.STATIC_MESSAGE_TABLE_COLUMN_COUNT or type(
table
) is UserTable and column >= selfExtender._db.STATIC_USER_TABLE_COLUMN_COUNT:
selfExtender._selectedColumn = column
else:
return
else:
selfExtender._selectedRow = component.rowAtPoint(
e.getPoint())
popup.show(e.getComponent(), e.getX(), e.getY())
component.addMouseListener(genericMouseListener())
class actionRunMessage(ActionListener):
def actionPerformed(self, e):
if selfExtender._selectedRow >= 0:
if selfExtender._selectedRow not in selfExtender._messageTable.getSelectedRows(
):
indexes = [
selfExtender._db.getMessageByRow(
selfExtender._selectedRow)._index
]
else:
indexes = [
selfExtender._db.getMessageByRow(rowNum)._index
for rowNum in
selfExtender._messageTable.getSelectedRows()
]
t = Thread(target=selfExtender.runMessagesThread,
args=[indexes])
t.start()
selfExtender._selectedColumn = -1
# Redrawing the table happens in colorcode within the thread
class actionRemoveMessage(ActionListener):
def actionPerformed(self, e):
if selfExtender._selectedRow >= 0:
if selfExtender._selectedRow not in selfExtender._messageTable.getSelectedRows(
):
indexes = [
selfExtender._db.getMessageByRow(
selfExtender._selectedRow)._index
]
else:
indexes = [
selfExtender._db.getMessageByRow(rowNum)._index
for rowNum in
selfExtender._messageTable.getSelectedRows()
]
for i in indexes:
selfExtender._db.deleteMessage(i)
selfExtender._selectedColumn = -1
selfExtender._messageTable.redrawTable()
class actionRemoveUser(ActionListener):
def actionPerformed(self, e):
if selfExtender._selectedRow >= 0:
if selfExtender._selectedRow not in selfExtender._userTable.getSelectedRows(
):
indexes = [
selfExtender._db.getUserByRow(
selfExtender._selectedRow)._index
]
else:
indexes = [
selfExtender._db.getUserByRow(rowNum)._index
for rowNum in
selfExtender._userTable.getSelectedRows()
]
for i in indexes:
selfExtender._db.deleteUser(i)
selfExtender._selectedColumn = -1
selfExtender._userTable.redrawTable()
# TODO combine these next two classes
# TODO Also, clean up the variable names where M and U are in place of MessageTable and UserTable
class actionRemoveRoleHeaderFromM(ActionListener):
def actionPerformed(self, e):
if selfExtender._selectedColumn >= 0:
selfExtender._db.deleteRole(
selfExtender._db.getRoleByMColumn(
selfExtender._selectedColumn)._index)
selfExtender._selectedColumn = -1
selfExtender._userTable.redrawTable()
selfExtender._messageTable.redrawTable()
class actionRemoveRoleHeaderFromU(ActionListener):
def actionPerformed(self, e):
if selfExtender._selectedColumn >= 0:
selfExtender._db.deleteRole(
selfExtender._db.getRoleByUColumn(
selfExtender._selectedColumn)._index)
selfExtender._selectedColumn = -1
selfExtender._userTable.redrawTable()
selfExtender._messageTable.redrawTable()
# Message Table popups
messagePopup = JPopupMenu()
addPopup(self._messageTable, messagePopup)
messageRun = JMenuItem("Run Request(s)")
messageRun.addActionListener(actionRunMessage())
messagePopup.add(messageRun)
messageRemove = JMenuItem("Remove Request(s)")
messageRemove.addActionListener(actionRemoveMessage())
messagePopup.add(messageRemove)
messageHeaderPopup = JPopupMenu()
addPopup(self._messageTable.getTableHeader(), messageHeaderPopup)
roleRemoveFromM = JMenuItem("Remove Role")
roleRemoveFromM.addActionListener(actionRemoveRoleHeaderFromM())
messageHeaderPopup.add(roleRemoveFromM)
# User Table popup
userPopup = JPopupMenu()
addPopup(self._userTable, userPopup)
userRemove = JMenuItem("Remove Users(s)")
userRemove.addActionListener(actionRemoveUser())
userPopup.add(userRemove)
userHeaderPopup = JPopupMenu()
addPopup(self._userTable.getTableHeader(), userHeaderPopup)
roleRemoveFromU = JMenuItem("Remove Role")
roleRemoveFromU.addActionListener(actionRemoveRoleHeaderFromU())
userHeaderPopup.add(roleRemoveFromU)
# Top pane
topPane = JSplitPane(JSplitPane.VERTICAL_SPLIT, roleScrollPane,
messageScrollPane)
topPane.setResizeWeight(0.3)
# request tabs added to this tab on click in message table
self._tabs = JTabbedPane()
# Button pannel
buttons = JPanel()
runButton = JButton("Run", actionPerformed=self.runClick)
newUserButton = JButton("New User",
actionPerformed=self.getInputUserClick)
newRoleButton = JButton("New Role",
actionPerformed=self.getInputRoleClick)
#debugButton = JButton("Debug", actionPerformed=self.printDB)
saveButton = JButton("Save", actionPerformed=self.saveClick)
loadButton = JButton("Load", actionPerformed=self.loadClick)
clearButton = JButton("Clear", actionPerformed=self.clearClick)
buttons.add(runButton)
buttons.add(newUserButton)
buttons.add(newRoleButton)
#buttons.add(debugButton)
buttons.add(saveButton)
buttons.add(loadButton)
buttons.add(clearButton)
bottomPane = JSplitPane(JSplitPane.VERTICAL_SPLIT, self._tabs, buttons)
bottomPane.setResizeWeight(0.95)
# Main Pane
self._splitpane = JSplitPane(JSplitPane.VERTICAL_SPLIT, topPane,
bottomPane)
self._splitpane.setResizeWeight(0.5)
# customize our UI components
callbacks.customizeUiComponent(self._splitpane)
callbacks.customizeUiComponent(topPane)
callbacks.customizeUiComponent(bottomPane)
callbacks.customizeUiComponent(messageScrollPane)
callbacks.customizeUiComponent(roleScrollPane)
callbacks.customizeUiComponent(self._messageTable)
callbacks.customizeUiComponent(self._userTable)
callbacks.customizeUiComponent(self._tabs)
callbacks.customizeUiComponent(buttons)
# Handles checkbox color coding
# Must be bellow the customizeUiComponent calls
self._messageTable.setDefaultRenderer(Boolean,
SuccessBooleanRenderer(self._db))
# add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
# register SendTo option
callbacks.registerContextMenuFactory(self)
return
def registerExtenderCallbacks(self, callbacks):
self._panel = JPanel()
self._panel.setLayout(BorderLayout())
#self._panel.setSize(400,400)
# sourrounding try\except because Burp is not giving enough info
try:
# creating all the UI elements
# create the split pane
self._split_pane_horizontal = JSplitPane(
JSplitPane.HORIZONTAL_SPLIT)
self._split_panel_vertical = JSplitPane(JSplitPane.VERTICAL_SPLIT)
# create panels
self._panel_top = JPanel()
self._panel_top.setLayout(BorderLayout())
self._panel_bottom = JPanel()
self._panel_bottom.setLayout(BorderLayout())
self._panel_right = JPanel()
self._panel_right.setLayout(BorderLayout())
self._panel_request = JPanel()
self._panel_request.setLayout(BorderLayout())
self._panel_response = JPanel()
self._panel_response.setLayout(BorderLayout())
# create the tabbed pane used to show request\response
self._tabbed_pane = JTabbedPane(JTabbedPane.TOP)
# create the tabbed pane used to show aslan++\concretization file
self._tabbed_pane_editor = JTabbedPane(JTabbedPane.TOP)
# create the bottom command for selecting the SQL file and
# generating the model
self._button_generate = JButton(
'Generate!', actionPerformed=self._generate_model)
self._button_save = JButton('Save',
actionPerformed=self._save_model)
self._button_select_sql = JButton(
'Select SQL', actionPerformed=self._select_sql_file)
self._text_field_sql_file = JTextField(20)
self._panel_bottom_commands = JPanel()
layout = GroupLayout(self._panel_bottom_commands)
layout.setAutoCreateGaps(True)
layout.setAutoCreateContainerGaps(True)
seq_layout = layout.createSequentialGroup()
seq_layout.addComponent(self._text_field_sql_file)
seq_layout.addComponent(self._button_select_sql)
seq_layout.addComponent(self._button_generate)
seq_layout.addComponent(self._button_save)
layout.setHorizontalGroup(seq_layout)
# create the message editors that will be used to show request and response
self._message_editor_request = callbacks.createMessageEditor(
None, True)
self._message_editor_response = callbacks.createMessageEditor(
None, True)
# create the table that will be used to show the messages selected for
# the translation
self._columns_names = ('Host', 'Method', 'URL')
dataModel = NonEditableModel(self._table_data, self._columns_names)
self._table = JTable(dataModel)
self._scrollPane = JScrollPane()
self._scrollPane.getViewport().setView((self._table))
popmenu = JPopupMenu()
delete_item = JMenuItem("Delete")
delete_item.addActionListener(self)
popmenu.add(delete_item)
self._table.setComponentPopupMenu(popmenu)
self._table.addMouseListener(self)
# add all the elements
self._panel_request.add(
self._message_editor_request.getComponent())
self._panel_response.add(
self._message_editor_response.getComponent())
self._tabbed_pane.addTab("Request", self._panel_request)
self._tabbed_pane.addTab("Response", self._panel_response)
self._panel_top.add(self._scrollPane, BorderLayout.CENTER)
self._panel_bottom.add(self._tabbed_pane, BorderLayout.CENTER)
scroll = JScrollPane(self._panel_bottom)
self._panel_right.add(self._tabbed_pane_editor,
BorderLayout.CENTER)
self._panel_right.add(self._panel_bottom_commands,
BorderLayout.PAGE_END)
self._split_panel_vertical.setTopComponent(self._panel_top)
self._split_panel_vertical.setBottomComponent(scroll)
self._split_pane_horizontal.setLeftComponent(
self._split_panel_vertical)
self._split_pane_horizontal.setRightComponent(self._panel_right)
self._panel.addComponentListener(self)
self._panel.add(self._split_pane_horizontal)
self._callbacks = callbacks
callbacks.setExtensionName("WAFEx")
callbacks.addSuiteTab(self)
callbacks.registerContextMenuFactory(self)
except Exception as e:
exc_type, exc_obj, exc_tb = sys.exc_info()
fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1]
print(exc_type, fname, exc_tb.tb_lineno)
def initTabs(self):
#
## init autorize tabs
#
self.logTable = Table(self)
self.logTable.setAutoCreateRowSorter(True)
tableWidth = self.logTable.getPreferredSize().width
self.logTable.getColumn("ID").setPreferredWidth(
Math.round(tableWidth / 50 * 2))
self.logTable.getColumn("URL").setPreferredWidth(
Math.round(tableWidth / 50 * 24))
self.logTable.getColumn("Orig. Length").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self.logTable.getColumn("Modif. Length").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self.logTable.getColumn("Unauth. Length").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self.logTable.getColumn(
"Authorization Enforcement Status").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self.logTable.getColumn(
"Authorization Unauth. Status").setPreferredWidth(
Math.round(tableWidth / 50 * 4))
self._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
self._splitpane.setResizeWeight(1)
self.scrollPane = JScrollPane(self.logTable)
self._splitpane.setLeftComponent(self.scrollPane)
self.scrollPane.getVerticalScrollBar().addAdjustmentListener(
autoScrollListener(self))
self.menuES0 = JCheckBoxMenuItem(self._enfocementStatuses[0], True)
self.menuES1 = JCheckBoxMenuItem(self._enfocementStatuses[1], True)
self.menuES2 = JCheckBoxMenuItem(self._enfocementStatuses[2], True)
self.menuES0.addItemListener(menuTableFilter(self))
self.menuES1.addItemListener(menuTableFilter(self))
self.menuES2.addItemListener(menuTableFilter(self))
copyURLitem = JMenuItem("Copy URL")
copyURLitem.addActionListener(copySelectedURL(self))
self.menu = JPopupMenu("Popup")
self.menu.add(copyURLitem)
self.menu.add(self.menuES0)
self.menu.add(self.menuES1)
self.menu.add(self.menuES2)
self.tabs = JTabbedPane()
self._requestViewer = self._callbacks.createMessageEditor(self, False)
self._responseViewer = self._callbacks.createMessageEditor(self, False)
self._originalrequestViewer = self._callbacks.createMessageEditor(
self, False)
self._originalresponseViewer = self._callbacks.createMessageEditor(
self, False)
self._unauthorizedrequestViewer = self._callbacks.createMessageEditor(
self, False)
self._unauthorizedresponseViewer = self._callbacks.createMessageEditor(
self, False)
self.tabs.addTab("Modified Request",
self._requestViewer.getComponent())
self.tabs.addTab("Modified Response",
self._responseViewer.getComponent())
self.tabs.addTab("Original Request",
self._originalrequestViewer.getComponent())
self.tabs.addTab("Original Response",
self._originalresponseViewer.getComponent())
self.tabs.addTab("Unauthenticated Request",
self._unauthorizedrequestViewer.getComponent())
self.tabs.addTab("Unauthenticated Response",
self._unauthorizedresponseViewer.getComponent())
self.tabs.addTab("Configuration", self.pnl)
self.tabs.setSelectedIndex(6)
self._splitpane.setRightComponent(self.tabs)
