class BurpExtender(IBurpExtender, ITab, IHttpListener,
IMessageEditorController, AbstractTableModel,
IContextMenuInvocation):
name = "Blind XSS_"
_jTabbedPane = JTabbedPane()
_jPanel = JPanel()
_jAboutPanel = JPanel()
_jPanelConstraints = GridBagConstraints()
_jLabelParameters = None
_jTextFieldParameters = None
_jLabelTechniques = None
_jTextFieldURL = None
_jLabelFuzzFactor = None
_jTextFieldFuzzFactor = None
_jLabelAdditionalCmdLine = None
_jTextFieldAdditionalCmdLine = None
_jButtonSetCommandLine = None
_jLabelAbout = None
#
# implement IBurpExtender
#
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
self._callbacks.setExtensionName(self.name)
# lists of hosts with querys
self._dictPayloads = {}
self._dictPayloads_headers = {}
self._dictPayloads_params = {}
self._dictHeaders = {}
self._dictParams = {}
self.status_flag = False
self.table_flag = 0
self.start_button_text = 'Run proxy'
self._layout = GridBagLayout()
self._jPanel.setLayout(self._layout)
self._jPanel.setBounds(0, 0, 1000, 1000)
self._jLabelTechniques = JLabel("Your URL (my.burpcollaborator.net):")
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 1
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self._jLabelTechniques, self._jPanelConstraints)
self._jTextFieldURL = JTextField("", 30)
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 1
self._jPanelConstraints.gridwidth = 4
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self._jTextFieldURL, self._jPanelConstraints)
self._jLabelTechniques = JLabel("Press to start:")
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.anchor = GridBagConstraints.WEST
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 0
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self._jLabelTechniques, self._jPanelConstraints)
self.submitSearchButton = swing.JButton(
self.start_button_text, actionPerformed=self.active_flag)
self.submitSearchButton.setBackground(Color.WHITE)
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 0
self._jPanelConstraints.gridwidth = 4
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self.submitSearchButton, self._jPanelConstraints)
self._tableModelPayloads = DefaultTableModel()
self._tableModelPayloads.addColumn("Payload")
self._tableModelPayloads.addColumn("Using")
self._tableModelHeaders = DefaultTableModel()
self._tableModelHeaders.addColumn("Header")
self._tableModelHeaders.addColumn("Using")
self._tableModelParams = DefaultTableModel()
self._tableModelParams.addColumn("Parameter")
self._tableModelParams.addColumn("Using")
self._table = JTable(self._tableModelPayloads)
self._table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
self._table.getModel().addTableModelListener(
MyTableModelListener(self._table, self, 1))
self._scrolltable = JScrollPane(self._table)
self._scrolltable.setMinimumSize(Dimension(300, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 2
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 0, 10)
self._jPanel.add(self._scrolltable, self._jPanelConstraints)
self._table = JTable(self._tableModelHeaders)
self._table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
self._table.getModel().addTableModelListener(
MyTableModelListener(self._table, self, 2))
self._scrolltable = JScrollPane(self._table)
self._scrolltable.setMinimumSize(Dimension(300, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 2
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 0, 10)
self._jPanel.add(self._scrolltable, self._jPanelConstraints)
self._table = JTable(self._tableModelParams)
self._table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
self._table.getModel().addTableModelListener(
MyTableModelListener(self._table, self, 3))
self._scrolltable = JScrollPane(self._table)
self._scrolltable.setMinimumSize(Dimension(300, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 4
self._jPanelConstraints.gridy = 2
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 0, 0)
self._jPanel.add(self._scrolltable, self._jPanelConstraints)
addPayloadButton = swing.JButton('Add',
actionPerformed=self.addToPayload)
addPayloadButton.setBackground(Color.WHITE)
addPayloadButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 1
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 10)
self._jPanel.add(addPayloadButton, self._jPanelConstraints)
deletePayloadButton = swing.JButton(
'Delete', actionPerformed=self.deleteToPayload)
deletePayloadButton.setBackground(Color.WHITE)
deletePayloadButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(deletePayloadButton, self._jPanelConstraints)
addHeaderButton = swing.JButton('Add',
actionPerformed=self.addToHeader)
addHeaderButton.setBackground(Color.WHITE)
addHeaderButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 3
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 10)
self._jPanel.add(addHeaderButton, self._jPanelConstraints)
deleteHeaderButton = swing.JButton('Delete',
actionPerformed=self.deleteToHeader)
deleteHeaderButton.setBackground(Color.WHITE)
deleteHeaderButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(deleteHeaderButton, self._jPanelConstraints)
addParamsButton = swing.JButton('Add',
actionPerformed=self.addToParams)
addParamsButton.setBackground(Color.WHITE)
addParamsButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 5
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(addParamsButton, self._jPanelConstraints)
deleteParamsButton = swing.JButton('Delete',
actionPerformed=self.deleteToParams)
deleteParamsButton.setBackground(Color.WHITE)
deleteParamsButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 4
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(deleteParamsButton, self._jPanelConstraints)
self._resultsTextArea = swing.JTextArea()
resultsOutput = swing.JScrollPane(self._resultsTextArea)
resultsOutput.setMinimumSize(Dimension(800, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 4
self._jPanelConstraints.gridwidth = 6
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(10, 0, 0, 0)
self._jPanel.add(resultsOutput, self._jPanelConstraints)
self.clearSearchButton = swing.JButton(
'Clear Search Output', actionPerformed=self.clearOutput)
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 5
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(self.clearSearchButton, self._jPanelConstraints)
self._callbacks.customizeUiComponent(self._jPanel)
self._callbacks.addSuiteTab(self)
# register ourselves as an HTTP listener
self._callbacks.registerHttpListener(self)
return
# def onCheck(self, event):
# if self._checkBoxPayload.isSelected() and self.table_flag != 0:
# self.table_flag = 0
# self._checkBoxHeader.setSelected(False)
# self._checkBoxParam.setSelected(False)
# if self._checkBoxHeader.isSelected() and self.table_flag != 1:
# self.table_flag = 1
# self._checkBoxParam.setSelected(False)
# self._checkBoxPayload.setSelected(False)
# if self._checkBoxParam.isSelected() and self.table_flag != 2:
# self.table_flag = 2
# self._checkBoxHeader.setSelected(False)
# self._checkBoxPayload.setSelected(False)
# run Query for Add to Queue Button
def addToPayload(self, button):
self._tableModelPayloads.insertRow(
self._tableModelPayloads.getRowCount(), ['', ''])
# self.appendToResults(str(self._tableModelPayloads.getDataVector()))
def addToHeader(self, button):
self._tableModelHeaders.insertRow(
self._tableModelHeaders.getRowCount(), ['', ''])
def addToParams(self, button):
self._tableModelParams.insertRow(self._tableModelParams.getRowCount(),
['', ''])
def deleteToPayload(self, button):
self._tableModelPayloads.removeRow(
self._tableModelPayloads.getRowCount() - 1)
# self.appendToResults(str(self._tableModelPayloads.getDataVector()))
def deleteToHeader(self, button):
self._tableModelHeaders.removeRow(
self._tableModelHeaders.getRowCount() - 1)
# self.appendToResults(str(self._tableModelHeaders.getDataVector()))
def deleteToParams(self, button):
self._tableModelParams.removeRow(self._tableModelParams.getRowCount() -
1)
# self.appendToResults(str(self._tableModelParams.getDataVector()))
# Clear Queue Function
def clearQueue(self, button):
table_number = self.table_flag
if table_number == 0:
data = self._tableModelPayloads.getDataVector()
try:
self._dictPayloads.pop(data[-1][0])
except Exception:
pass
self._tableModelPayloads.removeRow(
self._tableModelPayloads.getRowCount() - 1)
elif table_number == 1:
data = self._tableModelHeaders.getDataVector()
try:
self._dictHeaders.pop(data[-1][0])
except Exception:
pass
self._tableModelHeaders.removeRow(
self._tableModelHeaders.getRowCount() - 1)
elif table_number == 2:
data = self._tableModelParams.getDataVector()
try:
self._dictParams.pop(data[-1][0])
except Exception:
pass
self._tableModelParams.removeRow(
self._tableModelParams.getRowCount() - 1)
def updateTables(self, button):
self._dictPayloads = {
x[0]: x[1]
for x in self._tableModelPayloads.getDataVector()
}
self._dictHeaders = {
x[0]: x[1]
for x in self._tableModelHeaders.getDataVector()
}
self._dictParams = {
x[0]: x[1]
for x in self._tableModelParams.getDataVector()
}
# Clear GUI Output Function
def clearOutput(self, button):
self._resultsTextArea.setText("")
def active_flag(self, button):
if not self.status_flag:
for idx, key in enumerate(self._dictHeaders):
if self._dictHeaders[key] == '1':
self._dictPayloads_headers[key] = self._dictHeaders[key]
for idx, key in enumerate(self._dictParams):
if self._dictParams[key] == '1':
self._dictPayloads_params[key] = self._dictParams[key]
self.status_flag = True
self.submitSearchButton.setBackground(Color.GRAY)
self.appendToResults("Proxy start...")
elif self.status_flag:
self.status_flag = False
self.submitSearchButton.setBackground(Color.WHITE)
self.appendToResults("Proxy stop...")
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
try:
if not self.status_flag:
return
# only process requests
if not messageIsRequest:
return
requestString = messageInfo.getRequest().tostring()
listHeader = re.findall('([\w-]+):\s?(.*)', requestString)
dictRealHeaders = {x[0].lower(): x[1] for x in listHeader}
# self.appendToResults(str(self._dictHeaders))
for index, key in enumerate(self._dictPayloads_headers):
if key.lower() in dictRealHeaders.keys():
if len(self._dictPayloads.keys()) == 0:
pass
else:
payload = random.choice(self._dictPayloads.keys())
# payload = payload.replace("$HEADER$", self._jTextFieldURL.text, 1)
payload = payload.replace("$URL$",
self._jTextFieldURL.text, 1)
requestString = requestString.replace(
dictRealHeaders.get(key.lower()), payload, 1)
else:
pass
listParam = re.findall('[\?|\&]([^=]+)\=([^& ])+', requestString)
dictRealParams = {x[0].lower(): x[1] for x in listParam}
url = requestString.split(" HTTP/1.")
for index, key in enumerate(self._dictPayloads_params):
if key.lower() in dictRealParams.keys():
if len(self._dictPayloads.keys()) == 0:
pass
else:
payload = random.choice(self._dictPayloads.keys())
# payload = payload.replace("$PARAM$", self._jTextFieldURL.text, 1)
payload = payload.replace("$URL$",
self._jTextFieldURL.text, 1)
url[0] = url[0].replace(
dictRealParams.get(key.lower()), payload, 1)
else:
pass
requestString = "{} HTTP/1.{}".format(url[0], url[1])
self.appendToResults(requestString.encode())
messageInfo.setRequest(requestString.encode())
except Exception as msg:
self.appendToResults(msg)
# Fnction to provide output to GUI
def appendToResults(self, s):
"""Appends results to the resultsTextArea in a thread safe mannor. Results will be
appended in the order that this function is called.
"""
def appendToResults_run(s):
self._resultsTextArea.append(s)
self._resultsTextArea.append('\n')
swing.SwingUtilities.invokeLater(PyRunnable(appendToResults_run, s))
def getTabCaption(self):
return self.name
def getUiComponent(self):
return self._jPanel
class BurpExtender(IBurpExtender, ITab, IHttpListener,
IMessageEditorController, AbstractTableModel,
IContextMenuFactory, IScannerCheck):
name = "Femida XSS"
conf_path = "./config.py"
_jTabbedPane = JTabbedPane()
_jPanel = JPanel()
_jAboutPanel = JPanel()
_jPanelConstraints = GridBagConstraints()
_jLabelParameters = None
_jTextFieldParameters = None
_jLabelTechniques = None
_jTextFieldURL = None
_jLabelFuzzFactor = None
_jTextFieldFuzzFactor = None
_jLabelAdditionalCmdLine = None
_jTextFieldAdditionalCmdLine = None
_jButtonSetCommandLine = None
_jLabelAbout = None
_overwriteHeader = False
_overwriteParam = False
_forkRequestParam = False
def doActiveScan(self, baseRequestResponse, insertionPoint):
scan_issues = []
try:
requestString = str(baseRequestResponse.getRequest().tostring())
newRequestString = self.prepareRequest(requestString)
vulnerable, verifyingRequestResponse = self.quickCheckScan(
newRequestString, baseRequestResponse)
except Exception as msg:
print(msg)
return []
def quickCheckScan(self, preparedRequest, requestResponse):
check = self._callbacks.makeHttpRequest(
requestResponse.getHttpService(),
self._helpers.stringToBytes(preparedRequest))
vulner = self._helpers.analyzeResponse(
check.getResponse()).getStatusCode() == 200
return vulner, check
#
# implement IBurpExtender
#
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self._callbacks.setExtensionName(self.name)
self._callbacks.registerScannerCheck(self)
self._dictPayloads = {}
self._dictHeaders = {}
self._dictParams = {}
self.status_flag = False
self.jfc = JFileChooser("./")
self.jfc.setDialogTitle("Upload Payloads")
self.jfc.setFileFilter(FileNameExtensionFilter("TXT file", ["txt"]))
self._layout = GridBagLayout()
self._jPanel.setLayout(self._layout)
self._jLabelTechniques = JLabel("Press to start:")
self.createAnyView(self._jLabelTechniques, 0, 0, 3, 1,
Insets(0, 0, 10, 0))
self.submitSearchButton = swing.JButton(
'Run proxy', actionPerformed=self.active_flag)
self.submitSearchButton.setBackground(Color.WHITE)
self.createAnyView(self.submitSearchButton, 3, 0, 6, 1,
Insets(0, 0, 10, 0))
self._jPanel.setBounds(0, 0, 1000, 1000)
self._jLabelTechniques = JLabel("Your URL (my.burpcollaborator.net):")
self.createAnyView(self._jLabelTechniques, 0, 1, 3, 1,
Insets(0, 0, 10, 0))
self._jTextFieldURL = JTextField("", 30)
self._jTextFieldURL.addActionListener(self.setCallbackUrl)
self.createAnyView(self._jTextFieldURL, 3, 1, 5, 1,
Insets(0, 0, 10, 0))
self._forkRequestButton = swing.JButton(
'Parallel Request', actionPerformed=self.forkRequest)
self._forkRequestButton.setBackground(Color.WHITE)
self.createAnyView(self._forkRequestButton, 8, 1, 1, 1,
Insets(0, 0, 10, 0))
self._tableModelPayloads = DefaultTableModel()
self._tableModelPayloads.addColumn("Payload")
self._tableModelPayloads.addColumn("Active")
self._tableModelHeaders = DefaultTableModel()
self._tableModelHeaders.addColumn("Header")
self._tableModelHeaders.addColumn("Active")
self._tableModelParams = DefaultTableModel()
self._tableModelParams.addColumn("Parameter")
self._tableModelParams.addColumn("Active")
self._payloadTable = self.createAnyTable(self._tableModelPayloads, 1,
Dimension(300, 200))
self.createAnyView(self._payloadTable, 0, 2, 3, 1, Insets(0, 0, 0, 10))
self._headerTable = self.createAnyTable(self._tableModelHeaders, 2,
Dimension(300, 200))
self.createAnyView(self._headerTable, 3, 2, 3, 1, Insets(0, 0, 0, 10))
self._paramTable = self.createAnyTable(self._tableModelParams, 3,
Dimension(300, 200))
self.createAnyView(self._paramTable, 6, 2, 3, 1, Insets(0, 0, 0, 0))
deletePayloadButton = swing.JButton(
'Delete', actionPerformed=self.deleteToPayload)
deletePayloadButton.setBackground(Color.WHITE)
self.createAnyView(deletePayloadButton, 0, 3, 1, 1, Insets(3, 0, 0, 0))
deletePayloadButton = swing.JButton(
'Upload', actionPerformed=self.uploadToPayload)
deletePayloadButton.setBackground(Color.WHITE)
self.createAnyView(deletePayloadButton, 1, 3, 1, 1, Insets(3, 0, 0, 0))
addPayloadButton = swing.JButton('Add',
actionPerformed=self.addToPayload)
addPayloadButton.setBackground(Color.WHITE)
self.createAnyView(addPayloadButton, 2, 3, 1, 1, Insets(3, 0, 0, 10))
deleteHeaderButton = swing.JButton('Delete',
actionPerformed=self.deleteToHeader)
deleteHeaderButton.setBackground(Color.WHITE)
self.createAnyView(deleteHeaderButton, 3, 3, 1, 1, Insets(3, 0, 0, 0))
self._overwriteHeaderButton = swing.JButton(
'Overwrite', actionPerformed=self.overwriteHeader)
self._overwriteHeaderButton.setBackground(Color.WHITE)
self.createAnyView(self._overwriteHeaderButton, 4, 3, 1, 1,
Insets(3, 0, 0, 0))
addHeaderButton = swing.JButton('Add',
actionPerformed=self.addToHeader)
addHeaderButton.setBackground(Color.WHITE)
self.createAnyView(addHeaderButton, 5, 3, 1, 1, Insets(3, 0, 0, 10))
deleteParamsButton = swing.JButton('Delete',
actionPerformed=self.deleteToParams)
deleteParamsButton.setBackground(Color.WHITE)
self.createAnyView(deleteParamsButton, 6, 3, 1, 1, Insets(3, 0, 0, 0))
self._overwriteParamButton = swing.JButton(
'Overwrite', actionPerformed=self.overwriteParam)
self._overwriteParamButton.setBackground(Color.WHITE)
self.createAnyView(self._overwriteParamButton, 7, 3, 1, 1,
Insets(3, 0, 0, 0))
addParamsButton = swing.JButton('Add',
actionPerformed=self.addToParams)
addParamsButton.setBackground(Color.WHITE)
self.createAnyView(addParamsButton, 8, 3, 1, 1, Insets(3, 0, 0, 0))
self._resultsTextArea = swing.JTextArea()
resultsOutput = swing.JScrollPane(self._resultsTextArea)
resultsOutput.setMinimumSize(Dimension(800, 200))
self.createAnyView(resultsOutput, 0, 4, 9, 1, Insets(10, 0, 0, 0))
self.clearSearchButton = swing.JButton(
'Clear Search Output', actionPerformed=self.clearOutput)
self.createAnyView(self.clearSearchButton, 3, 6, 3, 1,
Insets(3, 0, 0, 0))
self._callbacks.customizeUiComponent(self._jPanel)
self._callbacks.addSuiteTab(self)
self.starterPack()
self._callbacks.registerHttpListener(self)
self._callbacks.registerContextMenuFactory(self)
return
def createAnyTable(self, table_model, table_number, min_size):
_table = JTable(table_model)
_table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
for i in range(2):
column = _table.getColumnModel().getColumn(i)
if i == 0:
column.setPreferredWidth(250)
else:
column.setPreferredWidth(50)
_scrolltable = JScrollPane(_table)
_scrolltable.setMinimumSize(min_size)
return _scrolltable
def insertAnyTable(self, table, data):
def detectTable(table):
name = table.getColumnName(0)
if name == 'Payloads':
return 0
elif name == 'Headers':
return 1
elif name == 'Parameters':
return 2
tableNum = detectTable(table)
new_data = [str(x) for x in data]
table.insertRow(table.getRowCount(), new_data)
return table.getRowCount()
def replaceLine(self, file_path, new_line):
from tempfile import mkstemp
from shutil import move
from os import fdopen, remove
#Create temp file
fh, abs_path = mkstemp()
with fdopen(fh, 'w') as new_file:
with open(file_path) as old_file:
for line in old_file:
a = re.findall('^Callback_url[ =]+(.+)$', line)
if a:
for k in a:
temp = k.replace("\'", "").replace("\"", "")
new_file.write(line.replace(temp, new_line))
else:
new_file.write(line)
#Remove original file
remove(file_path)
#Move new file
move(abs_path, file_path)
def createAnyView(self, _component, gridx, gridy, gridwidth, gridheight,
insets):
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = gridx
self._jPanelConstraints.gridy = gridy
self._jPanelConstraints.gridwidth = gridwidth
self._jPanelConstraints.gridheight = gridheight
self._jPanelConstraints.insets = insets
self._jPanel.add(_component, self._jPanelConstraints)
def createMenuItems(self, contextMenuInvocation):
context = contextMenuInvocation.getInvocationContext()
filterMenu = JMenu("Femida XSS")
self._contextMenuData = contextMenuInvocation
if (context == 0 or context == 1 or context == 2 or context == 3
or context == 8 or context == 9):
filterMenu.add(
JMenuItem("Add to Headers",
actionPerformed=self.addToHeadersItem))
filterMenu.add(
JMenuItem("Add to Parameters",
actionPerformed=self.addToParametersItem))
return Arrays.asList(filterMenu)
return Arrays.asList([])
def addToHeadersItem(self, event):
start, end = self._contextMenuData.getSelectionBounds()
message = self._contextMenuData.getSelectedMessages()[0]
ctx = self._contextMenuData.getInvocationContext()
if ctx == 0 or ctx == 2:
message = message.getRequest()
elif ctx == 1 or ctx == 3:
message = message.getResponse()
else:
print(ctx)
return
try:
selected_text = self._helpers.bytesToString(message)[start:end]
self.insertAnyTable(self._tableModelHeaders,
[str(selected_text), '1'])
except Exception:
pass
def addToParametersItem(self, event):
start, end = self._contextMenuData.getSelectionBounds()
message = self._contextMenuData.getSelectedMessages()[0]
ctx = self._contextMenuData.getInvocationContext()
if ctx == 0 or ctx == 2:
message = message.getRequest()
elif ctx == 1 or ctx == 3:
message = message.getResponse()
else:
print(ctx)
return
try:
selected_text = self._helpers.bytesToString(message)[start:end]
self.insertAnyTable(self._tableModelParams,
[str(selected_text), '1'])
except Exception:
pass
def starterPack(self):
self.addFromFileAsync(config.Payloads, self._tableModelPayloads)
self.addFromFileAsync(config.Headers, self._tableModelHeaders)
self.addFromFileAsync(config.Parameters, self._tableModelParams)
self._jTextFieldURL.setText(config.Callback_url)
self._tableModelPayloads.addTableModelListener(
MyTableModelListener(self._tableModelPayloads, self,
self._dictPayloads, config.Payloads))
self._tableModelHeaders.addTableModelListener(
MyTableModelListener(self._tableModelHeaders, self,
self._dictHeaders, config.Headers))
self._tableModelParams.addTableModelListener(
MyTableModelListener(self._tableModelParams, self,
self._dictParams, config.Parameters))
def setCallbackUrl(self, event):
self.replaceLine(self.conf_path, self._jTextFieldURL.getText())
self.appendToResults('New url={} saved.'.format(
self._jTextFieldURL.getText()))
def addToPayload(self, button):
self.insertAnyTable(self._tableModelPayloads, ['', '1'])
def addToHeader(self, button):
self.insertAnyTable(self._tableModelHeaders, ['', '1'])
def addToParams(self, button):
self.insertAnyTable(self._tableModelParams, ['', '1'])
def uploadToPayload(self, button):
self._returnFileChooser = self.jfc.showDialog(None, "Open")
if (self._returnFileChooser == JFileChooser.APPROVE_OPTION):
selectedFile = self.jfc.getSelectedFile()
self.fileUpload(selectedFile, self._tableModelPayloads)
def deleteToPayload(self, button):
try:
val = self._tableModelPayloads.getValueAt(
self._tableModelPayloads.getRowCount() - 1, 0)
self._tableModelPayloads.removeRow(
self._tableModelPayloads.getRowCount() - 1)
self._dictPayloads.pop(val)
self.saveToFileAsync(config.Payloads, self._dictPayloads)
except Exception as msg:
# print(msg)
pass
def deleteToHeader(self, button):
try:
val = self._tableModelHeaders.getValueAt(
self._tableModelHeaders.getRowCount() - 1, 0)
self._tableModelHeaders.removeRow(
self._tableModelHeaders.getRowCount() - 1)
self._dictHeaders.pop(val)
self.saveToFileAsync(config.Headers, self._dictHeaders)
except Exception as msg:
# print(msg)
pass
def deleteToParams(self, button):
try:
val = self._tableModelParams.getValueAt(
self._tableModelParams.getRowCount() - 1, 0)
self._tableModelParams.removeRow(
self._tableModelParams.getRowCount() - 1)
self._dictParams.pop(val)
self.saveToFileAsync(config.Parameters, self._dictParams)
except Exception as msg:
# print(msg)
pass
def clearOutput(self, button):
self._resultsTextArea.setText("")
def fileUpload(self, path, table):
with open(str(path), "r") as f:
for line in f:
self.insertAnyTable(table, [str(line), '1'])
def active_flag(self, button):
if not self.status_flag:
self.status_flag = True
self.submitSearchButton.setBackground(Color.GRAY)
self.appendToResults("Proxy start...\n")
else:
self.status_flag = False
self.submitSearchButton.setBackground(Color.WHITE)
self.appendToResults("Proxy stop...\n")
def overwriteHeader(self, button):
if not self._overwriteHeader:
self._overwriteHeader = True
self._overwriteHeaderButton.setBackground(Color.GRAY)
else:
self._overwriteHeader = False
self._overwriteHeaderButton.setBackground(Color.WHITE)
def overwriteParam(self, button):
if not self._overwriteParam:
self._overwriteParam = True
self._overwriteParamButton.setBackground(Color.GRAY)
else:
self._overwriteParam = False
self._overwriteParamButton.setBackground(Color.WHITE)
def forkRequest(self, button):
if not self._forkRequestParam:
self._forkRequestParam = True
self._forkRequestButton.setBackground(Color.GRAY)
else:
self._forkRequestParam = False
self._forkRequestButton.setBackground(Color.WHITE)
def prepareRequest(self, requestString, messageInfo=None):
requestString = str(requestString)
listHeader = re.findall('([\w-]+):\s?(.*)', requestString)
dictRealHeaders = {x[0].lower(): x[1] for x in listHeader}
selectedPayloads = {}
for ind, k in enumerate(self._dictPayloads):
if self._dictPayloads[k] == '1':
selectedPayloads[k] = '1'
else:
continue
for index, key in enumerate(self._dictHeaders):
if key.lower() in dictRealHeaders.keys(
) and self._dictHeaders[key] == '1':
if len(self._dictPayloads.keys()) == 0:
pass
elif self._overwriteHeader:
payload = random.choice(selectedPayloads.keys())
payload = payload.replace(r"{URL}",
self._jTextFieldURL.getText(), 1)
requestString = requestString.replace(
dictRealHeaders.get(key.lower()), payload, 1)
elif not self._overwriteHeader:
payload = random.choice(selectedPayloads.keys())
payload = payload.replace(r"{URL}",
self._jTextFieldURL.getText(), 1)
payload = dictRealHeaders.get(key.lower()) + payload
requestString = requestString.replace(
dictRealHeaders.get(key.lower()), payload, 1)
else:
pass
for index, key in enumerate(self._dictParams):
analyzed = self._helpers.analyzeRequest(requestString.encode())
param = analyzed.getParameters()
dictRealParams = {
x.getName().lower():
[x.getValue(),
x.getValueStart(),
x.getValueEnd()]
for x in param
}
if key.lower() in dictRealParams.keys(
) and self._dictParams[key] == '1':
if len(self._dictPayloads.keys()) == 0:
pass
elif self._overwriteParam:
payload = random.choice(selectedPayloads.keys())
payload = payload.replace(r"{URL}",
self._jTextFieldURL.getText(), 1)
start_word = dictRealParams[key.lower()][1]
end_word = dictRealParams[key.lower()][2]
requestString = requestString[:
start_word] + payload + requestString[
end_word:]
elif not self._overwriteParam:
payload = random.choice(selectedPayloads.keys())
payload = payload.replace(r"{URL}",
self._jTextFieldURL.getText(), 1)
payload = dictRealParams[key.lower()][0] + payload
start_word = dictRealParams[key.lower()][1]
end_word = dictRealParams[key.lower()][2]
requestString = requestString[:
start_word] + payload + requestString[
end_word:]
else:
pass
return requestString
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
if not self.status_flag:
return
# only process requests
if not messageIsRequest:
return
if self._forkRequestParam:
requestString = messageInfo.getRequest().tostring()
# SOOOO HARD FIX! It should be better
if requestString[0] == '@':
messageInfo.setRequest(
self._helpers.stringToBytes(requestString[1:]))
else:
newRequestString = self.prepareRequest(requestString,
messageInfo)
self.appendToResults('Parallel Request:')
self.appendToResults(newRequestString.encode())
newRequestString = '@' + newRequestString
func = self._callbacks.makeHttpRequest
thread = Thread(
target=func,
args=(messageInfo.getHttpService(),
self._helpers.stringToBytes(newRequestString)))
thread.start()
else:
requestString = messageInfo.getRequest().tostring()
newRequestString = self.prepareRequest(requestString, messageInfo)
self.appendToResults(newRequestString.encode())
messageInfo.setRequest(
self._helpers.stringToBytes(newRequestString))
# Fnction to provide output to GUI
def appendToResults(self, s):
def appendToResults_run(s):
self._resultsTextArea.append(s)
self._resultsTextArea.append('\n')
swing.SwingUtilities.invokeLater(
PyRunnable(appendToResults_run, str(s)))
def addFromFileAsync(self, file, table):
def addFromFile_run(file, table):
if os.path.exists(file):
with open(file, 'r') as f:
for row in f.readlines():
if row != '':
temp = row[:-1] if row[-1] == '\n' else row
self.insertAnyTable(table, [str(temp), '1'])
swing.SwingUtilities.invokeLater(
PyRunnable(addFromFile_run, file, table))
def saveToFileAsync(self, file, data, isAppend=False):
def saveToFile_run(file, data, isAppend):
isAppend = 'w'
with open(file, isAppend) as f:
for i, k in enumerate(data):
f.write("{}\n".format(k))
f.seek(-1, os.SEEK_END)
f.truncate()
swing.SwingUtilities.invokeLater(
PyRunnable(saveToFile_run, file, data, isAppend))
def getTabCaption(self):
return self.name
def getUiComponent(self):
return self._jPanel
class PropertyEditor(WindowAdapter):
"""
Edits Tabular Properties of a given WindowAdapter
"""
instances = {}
last_location = None
locations = {}
last_size = None
sizes = {}
NEW_WINDOW_OFFSET = 32
offset = NEW_WINDOW_OFFSET
@staticmethod
def get_instance(text="Property Editor",
columns=None,
data=None,
empty=None,
add_actions=True,
actions=None):
"""
Singleton Method based on the text property. It tries to generate only one property configuration page per text.
:param text: getinstance key
:param columns: proparty columns it should be an array alike
:param data: it contains the current property rows
:param empty: empty row property when adding a new one
:param add_actions: include or not new actions
:param actions: default set of actions to be appended to Add and Delete Rows
:return: a new instance of PropertyEditor or a reused one.
"""
if not actions: actions = []
if not columns: columns = []
if data == None: data = []
if not empty: empty = []
try:
PropertyEditor.instances[text]
except KeyError:
PropertyEditor.instances[text] = \
PropertyEditor().__private_init__(text, columns, data, empty, add_actions, actions)
try:
PropertyEditor.instances[text].this.setLocation(
PropertyEditor.locations[text])
except KeyError:
if PropertyEditor.last_location:
PropertyEditor.instances[text].this.setLocation(
PropertyEditor.last_location.x + PropertyEditor.offset,
PropertyEditor.last_location.y + PropertyEditor.offset)
PropertyEditor.offset = PropertyEditor.NEW_WINDOW_OFFSET
try:
PropertyEditor.instances[text].this.setSize(
PropertyEditor.sizes[text])
except KeyError:
if PropertyEditor.last_size:
PropertyEditor.instances[text].this.setSize(
PropertyEditor.last_size)
PropertyEditor.last_location = PropertyEditor.instances[
text].this.getLocation()
PropertyEditor.last_size = PropertyEditor.instances[
text].this.getSize()
## Hack ON: Bring on Front
PropertyEditor.instances[text].this.setAlwaysOnTop(True)
PropertyEditor.instances[text].this.setAlwaysOnTop(False)
## Hack OFF
return PropertyEditor.instances[text]
def __private_init__(self,
text="Property Editor",
columns=None,
data=None,
empty=None,
add_actions=True,
actions=None):
if not actions: actions = []
if not columns: columns = []
if data == None: data = []
if not empty: empty = []
self._text = text
self.this = JFrame(text)
self._table = JTable()
self._dtm = DefaultTableModel(0, 0)
self._dtm.setColumnIdentifiers(columns)
self._table.setModel(self._dtm)
self._data = data
for d in data:
self._dtm.addRow(d)
self._pane = JScrollPane(self._table)
self.this.add(self._pane)
self._empty = empty
self.this.addWindowListener(self)
self._dtm.addTableModelListener(lambda _: self._update_model())
self.this.setLocation(PropertyEditor.NEW_WINDOW_OFFSET,
PropertyEditor.NEW_WINDOW_OFFSET)
if add_actions:
self._popup = JPopupMenu()
self._pane.setComponentPopupMenu(self._popup)
inherits_popup_menu(self._pane)
self._actions = actions
self._actions.append(
ExecutorAction('Remove Selected Rows',
action=lambda e: self._remove_row()))
self._actions.append(
ExecutorAction('Add New Row',
action=lambda e: self._add_row()))
for action in self._actions:
self._popup.add(action.menuitem)
self.this.setForeground(Color.black)
self.this.setBackground(Color.lightGray)
self.this.pack()
self.this.setVisible(True)
self.this.setDefaultCloseOperation(JFrame.DO_NOTHING_ON_CLOSE)
return self
def _add_row(self):
"""
Add a new row the selection
:return: None
"""
self._dtm.addRow(self._empty)
def _remove_row(self):
"""
Remove all the selected rows from the selection
:return:
"""
rows = self._table.getSelectedRows()
for i in range(0, len(rows)):
self._dtm.removeRow(rows[i] - i)
def windowClosing(self, evt):
"""
Overrides WindowAdapter method
:param evt: unused
:return: None
"""
PropertyEditor.locations[self._text] = self.this.getLocation()
PropertyEditor.sizes[self._text] = self.this.getSize()
PropertyEditor.last_location = self.this.getLocation()
PropertyEditor.last_size = self.this.getSize()
PropertyEditor.offset = 0
self.this.setVisible(False)
self.this.dispose()
del PropertyEditor.instances[self._text]
def _update_model(self):
"""
Update the data content with the updated rows
:return: None
"""
del self._data[:]
nRow = self._dtm.getRowCount()
nCol = self._dtm.getColumnCount()
for i in range(0, nRow):
self._data.append([None] * nCol)
for j in range(0, nCol):
d = str(self._dtm.getValueAt(i, j)).lower()
if d == 'none' or d == '':
self._data[i][j] = None
elif d == 'true' or d == 't':
self._data[i][j] = True
elif d == 'false' or d == 'f':
self._data[i][j] = False
else:
try:
self._data[i][j] = int(self._dtm.getValueAt(i, j))
except ValueError:
self._data[i][j] = self._dtm.getValueAt(i, j)
class BurpExtender(IBurpExtender, ISessionHandlingAction, ITab,
IContextMenuFactory, IContextMenuInvocation, ActionListener,
ITextEditor):
#
# implement IBurpExtender
#
def registerExtenderCallbacks(self, callbacks):
# save the helpers for later
self.helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("Custom Request Handler")
callbacks.registerSessionHandlingAction(self)
callbacks.registerContextMenuFactory(self)
self._text_editor = callbacks.createTextEditor()
self._text_editor.setEditable(False)
#How much loaded the table row
self.current_column_id = 0
#GUI
self._split_main = JSplitPane(JSplitPane.VERTICAL_SPLIT)
self._split_top = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
self._split_top.setPreferredSize(Dimension(100, 50))
self._split_top.setDividerLocation(700)
self._split_center = JSplitPane(JSplitPane.VERTICAL_SPLIT)
boxVertical = swing.Box.createVerticalBox()
box_top = swing.Box.createHorizontalBox()
boxHorizontal = swing.Box.createHorizontalBox()
buttonHorizontal = swing.Box.createHorizontalBox()
boxVertical.add(boxHorizontal)
box_regex = swing.Box.createVerticalBox()
border = BorderFactory.createTitledBorder(LineBorder(Color.BLACK),
"Extract target strings",
TitledBorder.LEFT,
TitledBorder.TOP)
box_regex.setBorder(border)
self._add_btn = JButton("Add")
self._add_btn.addActionListener(self)
self._remove_btn = JButton("Remove")
self._remove_btn.addActionListener(self)
items = [
'JSON',
'Header',
]
self._dropdown = JComboBox(items)
type_panel = JPanel(FlowLayout(FlowLayout.LEADING))
type_panel.add(JLabel('Type:'))
type_panel.add(self._dropdown)
self._jLabel_param = JLabel("Name:")
self._param_error = JLabel("Name is required")
self._param_error.setVisible(False)
self._param_error.setFont(Font(Font.MONOSPACED, Font.ITALIC, 12))
self._param_error.setForeground(Color.red)
regex_checkbox = JPanel(FlowLayout(FlowLayout.LEADING))
self._is_use_regex = JCheckBox("Extract from regex group")
regex_checkbox.add(self._is_use_regex)
self._jTextIn_param = JTextField(20)
self._jLabel_regex = JLabel("Regex:")
self._jTextIn_regex = JTextField(20)
self._regex_error = JLabel("No group defined")
self._regex_error.setVisible(False)
self._regex_error.setFont(Font(Font.MONOSPACED, Font.ITALIC, 12))
self._regex_error.setForeground(Color.red)
self._param_panel = JPanel(FlowLayout(FlowLayout.LEADING))
self._param_panel.add(self._jLabel_param)
self._param_panel.add(self._jTextIn_param)
self._param_panel.add(self._param_error)
self._regex_panel = JPanel(FlowLayout(FlowLayout.LEADING))
self._regex_panel.add(self._jLabel_regex)
self._regex_panel.add(self._jTextIn_regex)
self._regex_panel.add(self._regex_error)
button_panel = JPanel(FlowLayout(FlowLayout.LEADING))
#padding
button_panel.add(JPanel())
button_panel.add(JPanel())
button_panel.add(JPanel())
button_panel.add(self._add_btn)
button_panel.add(self._remove_btn)
box_regex.add(type_panel)
box_regex.add(self._param_panel)
box_regex.add(regex_checkbox)
box_regex.add(self._regex_panel)
buttonHorizontal.add(button_panel)
box_regex.add(buttonHorizontal)
boxVertical.add(box_regex)
box_top.add(boxVertical)
box_file = swing.Box.createHorizontalBox()
checkbox_panel = JPanel(FlowLayout(FlowLayout.LEADING))
border = BorderFactory.createTitledBorder(
LineBorder(Color.BLACK), 'Payload Sets [Simple list]',
TitledBorder.LEFT, TitledBorder.TOP)
box_file.setBorder(border)
box_param = swing.Box.createVerticalBox()
box_param.add(checkbox_panel)
file_column_names = [
"Type",
"Name",
"Payload",
]
data = []
self.file_table_model = DefaultTableModel(data, file_column_names)
self.file_table = JTable(self.file_table_model)
self.file_table.setAutoResizeMode(JTable.AUTO_RESIZE_OFF)
column_model = self.file_table.getColumnModel()
for count in xrange(column_model.getColumnCount()):
column = column_model.getColumn(count)
column.setPreferredWidth(160)
self.file_table.preferredScrollableViewportSize = Dimension(500, 70)
self.file_table.setFillsViewportHeight(True)
panel_dropdown = JPanel(FlowLayout(FlowLayout.LEADING))
self._file_dropdown = JComboBox(items)
panel_dropdown.add(JLabel('Type:'))
panel_dropdown.add(self._file_dropdown)
box_param.add(panel_dropdown)
box_param.add(JScrollPane(self.file_table))
callbacks.customizeUiComponent(self.file_table)
file_param_panel = JPanel(FlowLayout(FlowLayout.LEADING))
self._file_param = JLabel("Name:")
self._file_param_text = JTextField(20)
file_param_panel.add(self._file_param)
file_param_panel.add(self._file_param_text)
self._error_message = JLabel("Name is required")
self._error_message.setVisible(False)
self._error_message.setFont(Font(Font.MONOSPACED, Font.ITALIC, 12))
self._error_message.setForeground(Color.red)
file_param_panel.add(self._error_message)
box_param.add(file_param_panel)
box_button_file = swing.Box.createVerticalBox()
self._file_load_btn = JButton("Load")
self._file_clear_btn = JButton("Clear")
self._file_clear_btn.addActionListener(self)
self._file_load_btn.addActionListener(self)
box_button_file.add(self._file_load_btn)
box_button_file.add(self._file_clear_btn)
box_file.add(box_button_file)
box_file.add(box_param)
boxVertical.add(box_file)
regex_column_names = [
"Type",
"Name",
"Regex",
"Start at offset",
"End at offset",
]
#clear target.json
with open("target.json", "w") as f:
pass
data = []
self.target_table_model = DefaultTableModel(data, regex_column_names)
self.target_table = JTable(self.target_table_model)
self.target_table.setAutoResizeMode(JTable.AUTO_RESIZE_OFF)
column_model = self.target_table.getColumnModel()
for count in xrange(column_model.getColumnCount()):
column = column_model.getColumn(count)
column.setPreferredWidth(100)
self.target_table.preferredScrollableViewportSize = Dimension(500, 70)
self.target_table.setFillsViewportHeight(True)
callbacks.customizeUiComponent(self.target_table)
callbacks.customizeUiComponent(boxVertical)
table_panel = swing.Box.createVerticalBox()
table_panel.add(JScrollPane(self.target_table))
box_top.add(table_panel)
self._jScrollPaneOut = JScrollPane()
#self._split_main.setBottomComponent(self._jScrollPaneOut)
self._split_main.setBottomComponent(self._text_editor.getComponent())
self._split_main.setTopComponent(box_top)
self._split_main.setDividerLocation(450)
callbacks.customizeUiComponent(self._split_main)
callbacks.addSuiteTab(self)
return
def getTabCaption(self):
return "CRH"
def getUiComponent(self):
return self._split_main
def createMenuItems(self, invocation):
menu = []
ctx = invocation.getInvocationContext()
menu.append(
swing.JMenuItem("Send to CRH",
None,
actionPerformed=lambda x, inv=invocation: self.
menu_action(inv)))
return menu if menu else None
#
# Implementation of Menu Action
#
def menu_action(self, invocation):
try:
invMessage = invocation.getSelectedMessages()
message = invMessage[0].getResponse()
res_info = self.helpers.analyzeResponse(message)
send_res = message.tostring()
self._text_editor.setText(send_res)
except:
print('Failed to add data to CRH tab.')
#
# Implementation of event action
#
def actionPerformed(self, actionEvent):
# onclick add button of extract from regex group
if actionEvent.getSource() is self._add_btn:
start, end = self._text_editor.getSelectionBounds()
value = None
regex = None
item = self._dropdown.getSelectedItem()
param = self._jTextIn_param.getText()
if len(param) is 0:
self._param_error.setVisible(True)
return
self._param_error.setVisible(False)
is_selected = self._is_use_regex.isSelected()
if is_selected:
start = None
end = None
regex = self._jTextIn_regex.getText()
if len(regex) is 0:
self._regex_error.setVisible(True)
return
req = self._text_editor.getText()
try:
pattern = re.compile(regex)
match = pattern.search(req)
value = match.group(1) if match else None
if value is None:
raise IndexError
except IndexError:
self._regex_error.setVisible(True)
return
self._regex_error.setVisible(False)
data = [
item,
param,
regex,
start,
end,
]
self.target_table_model.addRow(data)
with open("target.json", "r+") as f:
try:
json_data = json.load(f)
except ValueError:
json_data = dict()
if is_selected:
data = {
param: [
item,
regex,
]
}
else:
data = {
param: [
item,
start,
end,
]
}
json_data.update(data)
self.write_file(f, json.dumps(json_data))
# onclick remove button of extract from regex group
if actionEvent.getSource() is self._remove_btn:
rowno = self.target_table.getSelectedRow()
if rowno != -1:
column_model = self.target_table.getColumnModel()
param_name = self.target_table_model.getValueAt(rowno, 1)
start = self.target_table_model.getValueAt(rowno, 3)
self.target_table_model.removeRow(rowno)
with open("target.json", 'r+') as f:
try:
json_data = json.load(f)
except ValueError:
json_data = dict()
for key, value in json_data.items():
if value[1] == start and key == param_name:
try:
del json_data[key]
except IndexError:
print('Error: {0}: No such json key.'.format(
key))
self.write_file(f, json.dumps(json_data))
# onclick load button of payload sets
if actionEvent.getSource() is self._file_load_btn:
#clear table
self.remove_all(self.file_table_model)
self.current_column_id = 0
target_param = self._file_param_text.getText()
item = self._file_dropdown.getSelectedItem()
if len(target_param) == 0:
self._error_message.setVisible(True)
return
self._error_message.setVisible(False)
chooser = JFileChooser()
chooser.showOpenDialog(actionEvent.getSource())
file_path = chooser.getSelectedFile().getAbsolutePath()
with open(file_path, 'r') as f:
while True:
line = f.readline().strip()
if not line:
break
data = [
item,
target_param,
line,
]
self.file_table_model.addRow(data)
with open('target.json', 'r+') as f:
try:
json_data = json.load(f)
except ValueError:
json_data = dict()
json_data.update({target_param: [
item,
'Set payload',
]})
self.write_file(f, json.dumps(json_data))
# onclick clear button of payload sets
if actionEvent.getSource() is self._file_clear_btn:
self.remove_all(self.file_table_model)
self.current_column_id = 0
with open("target.json", 'r+') as f:
try:
json_data = json.load(f)
except:
json_data = dict()
for key, value in json_data.items():
if isinstance(value[1], unicode):
if value[1].encode('utf-8') == 'Set payload':
try:
del json_data[key]
except IndexError:
print('Error: {0}: No such json key.'.format(
key))
self.write_file(f, json.dumps(json_data))
#
# Implementaion of ISessionHandlingAction
#
def getActionName(self):
return "custom request handler"
def performAction(self, current_request, macro_items):
if len(macro_items) == 0:
return
# extract the response headers
final_response = macro_items[len(macro_items) - 1].getResponse()
if final_response is None:
return
req = self.helpers.analyzeRequest(current_request)
try:
with open('target.json', 'r') as f:
read_data = f.read()
self.read_data = json.loads(read_data)
except ValueError:
sys.stderr.write('Error: json.loads()')
return
for key, value in self.read_data.items():
if value[0] == 'JSON':
self.set_json_parameter(current_request, final_response, key,
value)
elif value[0] == 'Header':
self.set_header(current_request, final_response, key, value)
def set_json_parameter(self, current_request, final_response, key, value):
req = self.helpers.analyzeRequest(current_request)
if IRequestInfo.CONTENT_TYPE_JSON != req.getContentType():
return False
body = current_request.getRequest()[req.getBodyOffset():].tostring()
json_data = json.loads(body, object_pairs_hook=collections.OrderedDict)
target_keys = filter(lambda x: x == key, json_data.keys())
if not target_keys:
return
req_data = json_data
column_model = self.file_table.getColumnModel()
row_count = self.file_table_model.getRowCount()
for key in target_keys:
if value[-1] == 'Set payload':
if row_count > self.current_column_id:
req_value = self.file_table_model.getValueAt(
self.current_column_id, 2)
self.current_column_id += 1
else:
# No selected regex
if len(value) > 2:
start, end = value[1:]
req_value = final_response[start:end].tostring()
else:
regex = value[1]
match = re.search(regex, final_response.tostring())
req_value = match.group(1) if match else None
req_data[key] = req_value
req = current_request.getRequest()
json_data_start = self.helpers.indexOf(req, bytearray(body), False, 0,
len(req))
# glue together header + customized json of request
current_request.setRequest(
req[0:json_data_start] +
self.helpers.stringToBytes(json.dumps(req_data)))
def set_header(self, current_request, final_response, key, value):
req = self.helpers.analyzeRequest(current_request)
headers = req.getHeaders()
target_keys = []
for header in headers:
if header.startswith(key):
target_keys += [key]
if not target_keys:
return
column_model = self.file_table.getColumnModel()
row_count = self.file_table_model.getRowCount()
req = current_request.getRequest()
for key in target_keys:
if value[-1] == 'Set payload':
if row_count > self.current_column_id:
req_value = self.file_table_model.getValueAt(
self.current_column_id, 2)
self.current_column_id += 1
else:
# No selected regex
if len(value) > 2:
start, end = value[1:]
req_value = final_response[start:end].tostring()
else:
regex = value[1]
match = re.search(regex, final_response.string())
req_value = match.group(1) if match else None
key_start = self.helpers.indexOf(req,
bytearray(key.encode('utf-8')),
False, 0, len(req))
key_end = self.helpers.indexOf(req, bytearray('\r\n'), False,
key_start, len(req))
keylen = len(key)
# glue together first line + customized hedaer + rest of request
current_request.setRequest(
req[0:key_start] +
self.helpers.stringToBytes("%s: %s" %
(key.encode('utf-8'), req_value)) +
req[key_end:])
#
# Implementation of function for Remove all for specific table data
#
def remove_all(self, model):
count = model.getRowCount()
for i in xrange(count):
model.removeRow(0)
#
# Implementaion of function for write data for specific file
#
def write_file(self, f, data):
f.seek(0)
f.write(data)
f.truncate()
return
