def handle_message(self, toolFlag, messageIsRequest, messageInfo): if tool_needs_to_be_ignored(self, toolFlag): return handle_cookies_feature(self, messageInfo) if self.intercept and valid_tool(self, toolFlag): handle_304_status_code_prevention(self, messageIsRequest, messageInfo) if not messageIsRequest: if message_not_from_autorize(self, messageInfo): if self.ignore304.isSelected(): if isStatusCodesReturned(self, messageInfo, ["304", "204"]): return if no_filters_defined(self): checkAuthorization( self, messageInfo, self._helpers.analyzeResponse( messageInfo.getResponse()).getHeaders(), self.doUnauthorizedRequest.isSelected()) else: if message_passed_interception_filters(self, messageInfo): checkAuthorization( self, messageInfo, self._helpers.analyzeResponse( messageInfo.getResponse()).getHeaders(), self.doUnauthorizedRequest.isSelected())
def checkBypass(self, oldStatusCode, newStatusCode, oldContentLen, newContentLen, filters, requestResponse, andOrEnforcement): response = requestResponse.getResponse() analyzedResponse = self._helpers.analyzeResponse(response) impression = "" if oldStatusCode == newStatusCode: if oldContentLen == newContentLen: impression = self.BYPASSSED_STR if len(filters) > 0: if andOrEnforcement == "And": andEnforcementCheck = True auth_enforced = 1 else: andEnforcementCheck = False auth_enforced = 0 for filter in filters: if str(filter).startswith("Status code equals: "): statusCode = filter[20:] if andEnforcementCheck: if auth_enforced == 1 and not isStatusCodesReturned( self, requestResponse, statusCode): auth_enforced = 0 else: if auth_enforced == 0 and isStatusCodesReturned( self, requestResponse, statusCode): auth_enforced = 1 if str(filter).startswith("Headers (simple string): "): if andEnforcementCheck: if auth_enforced == 1 and not filter[ 25:] in self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()]): auth_enforced = 0 else: if auth_enforced == 0 and filter[ 25:] in self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()]): auth_enforced = 1 if str(filter).startswith("Headers (regex): "): regex_string = filter[17:] p = re.compile(regex_string, re.IGNORECASE) if andEnforcementCheck: if auth_enforced == 1 and not p.search( self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()])): auth_enforced = 0 else: if auth_enforced == 0 and p.search( self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()])): auth_enforced = 1 if str(filter).startswith("Body (simple string): "): if andEnforcementCheck: if auth_enforced == 1 and not filter[ 22:] in self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():]): auth_enforced = 0 else: if auth_enforced == 0 and filter[ 22:] in self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():]): auth_enforced = 1 if str(filter).startswith("Body (regex): "): regex_string = filter[14:] p = re.compile(regex_string, re.IGNORECASE) if andEnforcementCheck: if auth_enforced == 1 and not p.search( self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():])): auth_enforced = 0 else: if auth_enforced == 0 and p.search( self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():])): auth_enforced = 1 if str(filter).startswith("Full response (simple string): "): if andEnforcementCheck: if auth_enforced == 1 and not filter[ 31:] in self._helpers.bytesToString( requestResponse.getResponse()): auth_enforced = 0 else: if auth_enforced == 0 and filter[ 31:] in self._helpers.bytesToString( requestResponse.getResponse()): auth_enforced = 1 if str(filter).startswith("Full response (regex): "): regex_string = filter[23:] p = re.compile(regex_string, re.IGNORECASE) if andEnforcementCheck: if auth_enforced == 1 and not p.search( self._helpers.bytesToString( requestResponse.getResponse())): auth_enforced = 0 else: if auth_enforced == 0 and p.search( self._helpers.bytesToString( requestResponse.getResponse())): auth_enforced = 1 if str(filter).startswith("Full response length: "): if andEnforcementCheck: if auth_enforced == 1 and not str( len(response)) == filter[22:].strip(): auth_enforced = 0 else: if auth_enforced == 0 and str( len(response)) == filter[22:].strip(): auth_enforced = 1 else: # If no enforcement detectors are set and the HTTP response is the same, the impression is yellow auth_enforced = 0 if auth_enforced: impression = self.ENFORCED_STR else: impression = self.IS_ENFORCED_STR else: impression = self.ENFORCED_STR return impression
def handle_message(self, toolFlag, messageIsRequest, messageInfo): for i in range(0, self.IFList.getModel().getSize()): if self.IFList.getModel().getElementAt(i).split( ":")[0] == "Ignore spider requests": if (toolFlag == self._callbacks.TOOL_SPIDER): return if self.IFList.getModel().getElementAt(i).split( ":")[0] == "Ignore proxy requests": if (toolFlag == self._callbacks.TOOL_PROXY): return if self.IFList.getModel().getElementAt(i).split( ":")[0] == "Ignore target requests": if (toolFlag == self._callbacks.TOOL_TARGET): return cookies = getCookieFromMessage(self, messageInfo) if cookies: self.lastCookies = cookies self.fetchButton.setEnabled(True) if self.intercept == 1 and ( toolFlag == self._callbacks.TOOL_PROXY or (toolFlag == self._callbacks.TOOL_REPEATER and self.interceptRequestsfromRepeater.isSelected())): if self.prevent304.isSelected(): if messageIsRequest: requestHeaders = list( self._helpers.analyzeRequest(messageInfo).getHeaders()) newHeaders = list() found = 0 for header in requestHeaders: if not "If-None-Match:" in header and not "If-Modified-Since:" in header: newHeaders.append(header) found = 1 if found == 1: requestInfo = self._helpers.analyzeRequest(messageInfo) bodyBytes = messageInfo.getRequest()[requestInfo. getBodyOffset():] bodyStr = self._helpers.bytesToString(bodyBytes) messageInfo.setRequest( self._helpers.buildHttpMessage(newHeaders, bodyStr)) if not messageIsRequest: # Requests with the same headers of the Autorize headers are # not intercepted if not self.replaceString.getText( ) in self._helpers.analyzeRequest(messageInfo).getHeaders(): if self.ignore304.isSelected(): if isStatusCodesReturned(self, messageInfo, ["304", "204"]): return if self.IFList.getModel().getSize() == 0: checkAuthorization( self, messageInfo, self._helpers.analyzeResponse( messageInfo.getResponse()).getHeaders(), self.doUnauthorizedRequest.isSelected()) else: urlString = str( self._helpers.analyzeRequest(messageInfo).getUrl()) do_the_check = 1 for i in range(0, self.IFList.getModel().getSize()): if self.IFList.getModel().getElementAt(i).split( ":")[0] == "Scope items only": currentURL = URL(urlString) if not self._callbacks.isInScope(currentURL): do_the_check = 0 if self.IFList.getModel().getElementAt(i).split( ":")[0] == "URL Contains (simple string)": if self.IFList.getModel().getElementAt( i)[30:] not in urlString: do_the_check = 0 if self.IFList.getModel().getElementAt(i).split( ":")[0] == "URL Contains (regex)": regex_string = self.IFList.getModel().getElementAt( i)[22:] if re.search(regex_string, urlString, re.IGNORECASE) is None: do_the_check = 0 if self.IFList.getModel().getElementAt(i).split( ":")[0] == "URL Not Contains (simple string)": if self.IFList.getModel().getElementAt( i)[34:] in urlString: do_the_check = 0 if self.IFList.getModel().getElementAt(i).split( ":")[0] == "URL Not Contains (regex)": regex_string = self.IFList.getModel().getElementAt( i)[26:] if not re.search(regex_string, urlString, re.IGNORECASE) is None: do_the_check = 0 if self.IFList.getModel().getElementAt(i).split( ":")[0] == "URL Not Contains (regex)": regex_string = self.IFList.getModel().getElementAt( i)[26:] if not re.search(regex_string, urlString, re.IGNORECASE) is None: do_the_check = 0 if self.IFList.getModel().getElementAt(i).split(":")[ 0] == "Only HTTP methods (newline separated)": filterMethods = self.IFList.getModel( ).getElementAt(i)[39:].split("\n") filterMethods = [x.lower() for x in filterMethods] reqMethod = str( self._helpers.analyzeRequest( messageInfo).getMethod()) if reqMethod.lower() not in filterMethods: do_the_check = 0 if self.IFList.getModel().getElementAt(i).split( ":" )[0] == "Ignore HTTP methods (newline separated)": filterMethods = self.IFList.getModel( ).getElementAt(i)[41:].split("\n") filterMethods = [x.lower() for x in filterMethods] reqMethod = str( self._helpers.analyzeRequest( messageInfo).getMethod()) if reqMethod.lower() in filterMethods: do_the_check = 0 if do_the_check: checkAuthorization( self, messageInfo, self._helpers.analyzeResponse( messageInfo.getResponse()).getHeaders(), self.doUnauthorizedRequest.isSelected())
def auth_enforced_via_enforcement_detectors(self, filters, requestResponse, andOrEnforcement): response = requestResponse.getResponse() analyzedResponse = self._helpers.analyzeResponse(response) auth_enforced = False if andOrEnforcement == "And": andEnforcementCheck = True auth_enforced = True else: andEnforcementCheck = False auth_enforced = False response = requestResponse.getResponse() for filter in filters: if str(filter).startswith("Status code equals: "): statusCode = filter[20:] if andEnforcementCheck: if auth_enforced and not isStatusCodesReturned( self, requestResponse, statusCode): auth_enforced = False else: if not auth_enforced and isStatusCodesReturned( self, requestResponse, statusCode): auth_enforced = True if str(filter).startswith("Headers (simple string): "): if andEnforcementCheck: if auth_enforced and not filter[ 25:] in self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()]): auth_enforced = False else: if not auth_enforced and filter[ 25:] in self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()]): auth_enforced = True if str(filter).startswith("Headers (regex): "): regex_string = filter[17:] p = re.compile(regex_string, re.IGNORECASE) if andEnforcementCheck: if auth_enforced and not p.search( self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()])): auth_enforced = False else: if not auth_enforced and p.search( self._helpers.bytesToString( requestResponse.getResponse() [0:analyzedResponse.getBodyOffset()])): auth_enforced = True if str(filter).startswith("Body (simple string): "): if andEnforcementCheck: if auth_enforced and not filter[ 22:] in self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():]): auth_enforced = False else: if not auth_enforced and filter[ 22:] in self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():]): auth_enforced = True if str(filter).startswith("Body (regex): "): regex_string = filter[14:] p = re.compile(regex_string, re.IGNORECASE) if andEnforcementCheck: if auth_enforced and not p.search( self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():])): auth_enforced = False else: if not auth_enforced and p.search( self._helpers.bytesToString( requestResponse.getResponse() [analyzedResponse.getBodyOffset():])): auth_enforced = True if str(filter).startswith("Full response (simple string): "): if andEnforcementCheck: if auth_enforced and not filter[ 31:] in self._helpers.bytesToString( requestResponse.getResponse()): auth_enforced = False else: if not auth_enforced and filter[ 31:] in self._helpers.bytesToString( requestResponse.getResponse()): auth_enforced = True if str(filter).startswith("Full response (regex): "): regex_string = filter[23:] p = re.compile(regex_string, re.IGNORECASE) if andEnforcementCheck: if auth_enforced and not p.search( self._helpers.bytesToString( requestResponse.getResponse())): auth_enforced = False else: if not auth_enforced and p.search( self._helpers.bytesToString( requestResponse.getResponse())): auth_enforced = True if str(filter).startswith("Full response length: "): if andEnforcementCheck: if auth_enforced and not str( len(response)) == filter[22:].strip(): auth_enforced = False else: if not auth_enforced and str( len(response)) == filter[22:].strip(): auth_enforced = True return auth_enforced