class ConfigurableConfigPanel(ConfigPanel, ActionListener, DocumentListener, ChangeListener):
""" generated source for class ConfigurableConfigPanel """
serialVersionUID = 1L
associatedFile = File()
associatedFileField = JTextField()
params = JSONObject()
savedParams = str()
loadButton = JButton()
saveAsButton = JButton()
saveButton = JButton()
name = JTextField()
strategy = JComboBox()
metagameStrategy = JComboBox()
stateMachine = JComboBox()
cacheStateMachine = JCheckBox()
maxPlys = JSpinner()
heuristicFocus = JSpinner()
heuristicMobility = JSpinner()
heuristicOpponentFocus = JSpinner()
heuristicOpponentMobility = JSpinner()
mcDecayRate = JSpinner()
rightPanel = JPanel()
def __init__(self):
""" generated source for method __init__ """
super(ConfigurableConfigPanel, self).__init__(GridBagLayout())
leftPanel = JPanel(GridBagLayout())
leftPanel.setBorder(TitledBorder("Major Parameters"))
self.rightPanel = JPanel(GridBagLayout())
self.rightPanel.setBorder(TitledBorder("Minor Parameters"))
self.strategy = JComboBox([None]*)
self.metagameStrategy = JComboBox([None]*)
self.stateMachine = JComboBox([None]*)
self.cacheStateMachine = JCheckBox()
self.maxPlys = JSpinner(SpinnerNumberModel(1, 1, 100, 1))
self.heuristicFocus = JSpinner(SpinnerNumberModel(1, 0, 10, 1))
self.heuristicMobility = JSpinner(SpinnerNumberModel(1, 0, 10, 1))
self.heuristicOpponentFocus = JSpinner(SpinnerNumberModel(1, 0, 10, 1))
self.heuristicOpponentMobility = JSpinner(SpinnerNumberModel(1, 0, 10, 1))
self.mcDecayRate = JSpinner(SpinnerNumberModel(0, 0, 99, 1))
self.name = JTextField()
self.name.setColumns(20)
self.name.setText("Player #" + Random().nextInt(100000))
self.loadButton = JButton(loadButtonMethod())
self.saveButton = JButton(saveButtonMethod())
self.saveAsButton = JButton(saveAsButtonMethod())
self.associatedFileField = JTextField()
self.associatedFileField.setEnabled(False)
buttons = JPanel()
buttons.add(self.loadButton)
buttons.add(self.saveButton)
buttons.add(self.saveAsButton)
nRow = 0
leftPanel.add(JLabel("Name"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
__nRow_0 = nRow
nRow += 1
leftPanel.add(self.name, GridBagConstraints(1, __nRow_0, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, Insets(5, 5, 5, 5), 5, 5))
leftPanel.add(JLabel("Gaming Strategy"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
__nRow_1 = nRow
nRow += 1
leftPanel.add(self.strategy, GridBagConstraints(1, __nRow_1, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, Insets(5, 5, 5, 5), 5, 5))
leftPanel.add(JLabel("Metagame Strategy"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
__nRow_2 = nRow
nRow += 1
leftPanel.add(self.metagameStrategy, GridBagConstraints(1, __nRow_2, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, Insets(5, 5, 5, 5), 5, 5))
leftPanel.add(JLabel("State Machine"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
__nRow_3 = nRow
nRow += 1
leftPanel.add(self.stateMachine, GridBagConstraints(1, __nRow_3, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.HORIZONTAL, Insets(5, 5, 5, 5), 5, 5))
__nRow_4 = nRow
nRow += 1
leftPanel.add(buttons, GridBagConstraints(1, __nRow_4, 2, 1, 1.0, 1.0, GridBagConstraints.SOUTHEAST, GridBagConstraints.NONE, Insets(5, 5, 0, 5), 0, 0))
leftPanel.add(self.associatedFileField, GridBagConstraints(0, nRow, 2, 1, 1.0, 0.0, GridBagConstraints.SOUTHEAST, GridBagConstraints.HORIZONTAL, Insets(0, 5, 5, 5), 0, 0))
layoutRightPanel()
add(leftPanel, GridBagConstraints(0, 0, 1, 1, 0.0, 1.0, GridBagConstraints.CENTER, GridBagConstraints.BOTH, Insets(5, 5, 5, 5), 5, 5))
add(self.rightPanel, GridBagConstraints(1, 0, 1, 1, 1.0, 1.0, GridBagConstraints.CENTER, GridBagConstraints.BOTH, Insets(5, 5, 5, 5), 5, 5))
self.params = JSONObject()
syncJSONtoUI()
self.strategy.addActionListener(self)
self.metagameStrategy.addActionListener(self)
self.stateMachine.addActionListener(self)
self.cacheStateMachine.addActionListener(self)
self.maxPlys.addChangeListener(self)
self.heuristicFocus.addChangeListener(self)
self.heuristicMobility.addChangeListener(self)
self.heuristicOpponentFocus.addChangeListener(self)
self.heuristicOpponentMobility.addChangeListener(self)
self.mcDecayRate.addChangeListener(self)
self.name.getDocument().addDocumentListener(self)
def layoutRightPanel(self):
""" generated source for method layoutRightPanel """
nRow = 0
self.rightPanel.removeAll()
self.rightPanel.add(JLabel("State machine cache?"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
__nRow_5 = nRow
nRow += 1
self.rightPanel.add(self.cacheStateMachine, GridBagConstraints(1, __nRow_5, 1, 1, 1.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
if self.strategy.getSelectedItem().__str__() == "Heuristic":
__nRow_6 = nRow
nRow += 1
__nRow_7 = nRow
nRow += 1
__nRow_8 = nRow
nRow += 1
__nRow_9 = nRow
nRow += 1
__nRow_10 = nRow
nRow += 1
self.rightPanel.add(JLabel("Max plys?"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(self.maxPlys, GridBagConstraints(1, __nRow_6, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(JLabel("Focus Heuristic Weight"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(self.heuristicFocus, GridBagConstraints(1, __nRow_7, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(JLabel("Mobility Heuristic Weight"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(self.heuristicMobility, GridBagConstraints(1, __nRow_8, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(JLabel("Opponent Focus Heuristic Weight"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(self.heuristicOpponentFocus, GridBagConstraints(1, __nRow_9, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(JLabel("Opponent Mobility Heuristic Weight"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(self.heuristicOpponentMobility, GridBagConstraints(1, __nRow_10, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
if self.strategy.getSelectedItem().__str__() == "Monte Carlo":
__nRow_11 = nRow
nRow += 1
self.rightPanel.add(JLabel("Goal Decay Rate"), GridBagConstraints(0, nRow, 1, 1, 0.0, 0.0, GridBagConstraints.EAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.add(self.mcDecayRate, GridBagConstraints(1, __nRow_11, 1, 1, 0.0, 0.0, GridBagConstraints.WEST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
__nRow_12 = nRow
nRow += 1
self.rightPanel.add(JLabel(), GridBagConstraints(2, __nRow_12, 1, 1, 1.0, 1.0, GridBagConstraints.SOUTHEAST, GridBagConstraints.NONE, Insets(5, 5, 5, 5), 5, 5))
self.rightPanel.repaint()
@SuppressWarnings("unchecked")
def getParameter(self, name, defaultValue):
""" generated source for method getParameter """
try:
if self.params.has(name):
return self.params.get(name)
else:
return defaultValue
except JSONException as je:
return defaultValue
def actionPerformed(self, arg0):
""" generated source for method actionPerformed """
if arg0.getSource() == self.strategy:
self.layoutRightPanel()
syncJSONtoUI()
def changedUpdate(self, e):
""" generated source for method changedUpdate """
syncJSONtoUI()
def insertUpdate(self, e):
""" generated source for method insertUpdate """
syncJSONtoUI()
def removeUpdate(self, e):
""" generated source for method removeUpdate """
syncJSONtoUI()
def stateChanged(self, arg0):
""" generated source for method stateChanged """
syncJSONtoUI()
def syncJSONtoUI(self):
""" generated source for method syncJSONtoUI """
if settingUI:
return
self.params = getJSONfromUI()
self.saveButton.setEnabled(self.savedParams == None or not self.params.__str__() == self.savedParams)
def getJSONfromUI(self):
""" generated source for method getJSONfromUI """
newParams = JSONObject()
try:
if not self.name.getText().isEmpty():
newParams.put("name", self.name.getText())
newParams.put("strategy", self.strategy.getSelectedItem().__str__())
newParams.put("metagameStrategy", self.metagameStrategy.getSelectedItem().__str__())
newParams.put("stateMachine", self.stateMachine.getSelectedItem().__str__())
newParams.put("cacheStateMachine", self.cacheStateMachine.isSelected())
newParams.put("maxPlys", self.maxPlys.getModel().getValue())
newParams.put("heuristicFocus", self.heuristicFocus.getModel().getValue())
newParams.put("heuristicMobility", self.heuristicMobility.getModel().getValue())
newParams.put("heuristicOpponentFocus", self.heuristicOpponentFocus.getModel().getValue())
newParams.put("heuristicOpponentMobility", self.heuristicOpponentMobility.getModel().getValue())
newParams.put("mcDecayRate", self.mcDecayRate.getModel().getValue())
except JSONException as je:
je.printStackTrace()
return newParams
settingUI = False
def setUIfromJSON(self):
""" generated source for method setUIfromJSON """
self.settingUI = True
try:
if self.params.has("name"):
self.name.setText(self.params.getString("name"))
if self.params.has("strategy"):
self.strategy.setSelectedItem(self.params.getString("strategy"))
if self.params.has("metagameStrategy"):
self.metagameStrategy.setSelectedItem(self.params.getString("metagameStrategy"))
if self.params.has("stateMachine"):
self.stateMachine.setSelectedItem(self.params.getString("stateMachine"))
if self.params.has("cacheStateMachine"):
self.cacheStateMachine.setSelected(self.params.getBoolean("cacheStateMachine"))
if self.params.has("maxPlys"):
self.maxPlys.getModel().setValue(self.params.getInt("maxPlys"))
if self.params.has("heuristicFocus"):
self.heuristicFocus.getModel().setValue(self.params.getInt("heuristicFocus"))
if self.params.has("heuristicMobility"):
self.heuristicMobility.getModel().setValue(self.params.getInt("heuristicMobility"))
if self.params.has("heuristicOpponentFocus"):
self.heuristicOpponentFocus.getModel().setValue(self.params.getInt("heuristicOpponentFocus"))
if self.params.has("heuristicOpponentMobility"):
self.heuristicOpponentMobility.getModel().setValue(self.params.getInt("heuristicOpponentMobility"))
if self.params.has("mcDecayRate"):
self.mcDecayRate.getModel().setValue(self.params.getInt("mcDecayRate"))
except JSONException as je:
je.printStackTrace()
finally:
self.settingUI = False
def loadParamsJSON(self, fromFile):
""" generated source for method loadParamsJSON """
if not fromFile.exists():
return
self.associatedFile = fromFile
self.associatedFileField.setText(self.associatedFile.getPath())
self.params = JSONObject()
try:
try:
while (line = br.readLine()) != None:
pdata.append(line)
finally:
br.close()
self.params = JSONObject(pdata.__str__())
self.savedParams = self.params.__str__()
self.setUIfromJSON()
self.syncJSONtoUI()
except Exception as e:
e.printStackTrace()
def saveParamsJSON(self, saveAs):
""" generated source for method saveParamsJSON """
try:
if saveAs or self.associatedFile == None:
fc.setFileFilter(PlayerFilter())
if returnVal == JFileChooser.APPROVE_OPTION and fc.getSelectedFile() != None:
if toFile.__name__.contains("."):
self.associatedFile = File(toFile.getParentFile(), toFile.__name__.substring(0, toFile.__name__.lastIndexOf(".")) + ".player")
else:
self.associatedFile = File(toFile.getParentFile(), toFile.__name__ + ".player")
self.associatedFileField.setText(self.associatedFile.getPath())
else:
return
bw.write(self.params.__str__())
bw.close()
self.savedParams = self.params.__str__()
self.syncJSONtoUI()
except IOException as ie:
ie.printStackTrace()
def saveButtonMethod(self):
""" generated source for method saveButtonMethod """
return AbstractAction("Save")
def saveAsButtonMethod(self):
""" generated source for method saveAsButtonMethod """
return AbstractAction("Save As")
def loadButtonMethod(self):
""" generated source for method loadButtonMethod """
return AbstractAction("Load")
class PlayerFilter(FileFilter):
""" generated source for class PlayerFilter """
def accept(self, f):
""" generated source for method accept """
if f.isDirectory():
return True
return f.__name__.endsWith(".player")
def getDescription(self):
""" generated source for method getDescription """
return "GGP Players (*.player)"
class BurpExtender(IBurpExtender, IBurpExtenderCallbacks, IIntruderPayloadProcessor, ITab, IExtensionStateListener):
def registerExtenderCallbacks( self, callbacks):
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName("JWT FuzzHelper")
callbacks.registerIntruderPayloadProcessor(self)
callbacks.registerExtensionStateListener(self)
self._stdout = PrintWriter(callbacks.getStdout(), True)
self._stderr = PrintWriter(callbacks.getStderr(), True)
# Holds values passed by user from Configuration panel
self._fuzzoptions = {
"target" : "Header",
"selector" : None,
"signature" : False,
"algorithm" : "HS256",
"key" : "",
"key_cmd" : ""
}
self._isNone = lambda val: isinstance(val, type(None))
# Configuration panel Layout
self._configurationPanel = JPanel()
gridBagLayout = GridBagLayout()
gridBagLayout.columnWidths = [ 0, 0, 0]
gridBagLayout.rowHeights = [ 10, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ]
gridBagLayout.columnWeights = [ 0.0, 0.0, 0.0 ]
gridBagLayout.rowWeights = [0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 1.0]
self._configurationPanel.setLayout(gridBagLayout)
# Setup tabs
self._tabs = JTabbedPane()
self._tabs.addTab('Configuration',self._configurationPanel)
#self._tabs.addTab('Help',self._helpPanel)
# Target Options
targetLabel = JLabel("Target Selection (Required): ")
targetLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 1
c.insets = Insets(0,10,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(targetLabel,c)
options = [ 'Header', 'Payload' ]
self._targetComboBox = JComboBox(options)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 1
c.anchor = GridBagConstraints.LINE_START
self._configurationPanel.add(self._targetComboBox,c)
# Help Button
self._helpButton = JButton("Help", actionPerformed=self.helpMenu)
c = GridBagConstraints()
c.gridx = 2
c.gridy = 1
c.anchor = GridBagConstraints.FIRST_LINE_START
self._configurationPanel.add(self._helpButton,c)
# Selector Options
self._selectorLabel = JLabel("JSON Selector [Object Identifier-Index Syntax] (Required): ")
self._selectorLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 2
c.insets = Insets(0,10,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(self._selectorLabel, c)
self._selectorTextField = JTextField('',50)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 2
self._configurationPanel.add(self._selectorTextField, c)
# Regex option
self._regexLabel = JLabel("Use regex as JSON Selector? (Optional): ")
self._regexLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 3
c.insets = Insets(0,0,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(self._regexLabel,c)
self._regexCheckBox = JCheckBox("", actionPerformed=self.regexSelector)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 3
c.anchor = GridBagConstraints.FIRST_LINE_START
self._configurationPanel.add(self._regexCheckBox,c)
# Signature Options
generateSignatureLabel = JLabel("Generate signature? (Required): ")
generateSignatureLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 4
c.insets = Insets(0,10,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(generateSignatureLabel,c)
options = ["False", "True"]
self._generateSignatureComboBox = JComboBox(options)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 4
c.anchor = GridBagConstraints.LINE_START
self._configurationPanel.add(self._generateSignatureComboBox,c)
signatureAlgorithmLabel = JLabel("Signature Algorithm (Optional): ")
signatureAlgorithmLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 5
c.insets = Insets(0,10,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(signatureAlgorithmLabel,c)
options = ["None", "HS256","HS384","HS512","ES256","ES384","ES512","RS256","RS384","RS512","PS256","PS256","PS384","PS512"]
self._algorithmSelectionComboBox = JComboBox(options)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 5
c.anchor = GridBagConstraints.LINE_START
self._configurationPanel.add(self._algorithmSelectionComboBox,c)
# Signing key options
self._signingKeyLabel = JLabel("Signing Key (Optional): ")
self._signingKeyLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 6
c.insets = Insets(0,10,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(self._signingKeyLabel,c)
self.addSigningKeyTextArea()
self._fromFileTextField = JTextField('',50)
fromFileLabel = JLabel("Signing key from file? (Optional): ")
fromFileLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 7
c.insets = Insets(0,0,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(fromFileLabel,c)
self._fromFileCheckBox = JCheckBox("", actionPerformed=self.fromFile)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 7
c.anchor = GridBagConstraints.FIRST_LINE_START
self._configurationPanel.add(self._fromFileCheckBox,c)
self._fromCmdTextField = JTextField('',50)
fromCmdLabel = JLabel("Signing key from command? (Optional): ")
fromCmdLabel.setFont(Font("Tahoma",Font.BOLD, 12))
c = GridBagConstraints()
c.gridx = 0
c.gridy = 8
c.insets = Insets(0,0,0,0)
c.anchor = GridBagConstraints.LINE_END
self._configurationPanel.add(fromCmdLabel,c)
self._fromCmdCheckBox = JCheckBox("", actionPerformed=self.fromCmd)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 8
c.anchor = GridBagConstraints.FIRST_LINE_START
self._configurationPanel.add(self._fromCmdCheckBox,c)
self._saveButton = JButton("Save Configuration", actionPerformed=self.saveOptions)
self._saveButton.setText("Save Configuration")
c = GridBagConstraints()
c.gridx = 1
c.gridy = 9
c.anchor = GridBagConstraints.FIRST_LINE_START
self._configurationPanel.add(self._saveButton,c)
callbacks.customizeUiComponent(self._configurationPanel)
callbacks.customizeUiComponent(self._tabs)
callbacks.addSuiteTab(self)
self._stdout.println("[JWT FuzzHelper] Loaded successfully")
return
def getProcessorName(self):
return "JWT Fuzzer"
def extensionUnloaded(self):
del self._configurationPanel
return
# Intruder logic function
def processPayload(self, currentPayload, originalPayload, baseValue):
dataParameter = self._helpers.bytesToString(
self._helpers.urlDecode(baseValue)
)
# utf-8 encode
header,payload,signature = [unicode(s).encode('utf-8') for s in dataParameter.split(".",3)]
decoded_header = self._helpers.bytesToString(
self._helpers.base64Decode(header + "=" * (-len(header) % 4))
)
decoded_payload = self._helpers.bytesToString(
self._helpers.base64Decode(payload+"=" * (-len(payload) % 4))
)
# Decode header and payload, preserving order if they are JSON objects
# Decode header
try:
header_dict = json.loads(decoded_header, object_pairs_hook=OrderedDict)
except ValueError:
raise RuntimeException("[JWT FuzzHelper] Error: ValueError. Failed to decode header!")
except Exception as e:
self._stderr.println("[ERROR] Encountered an unknown error when decoding header:\n{}\nCarrying on...".format(e))
# Decode payload
# Payload does not have to be a JSON object.
# Ref: https://github.com/auth0/node-jsonwebtoken#usage
payload_is_string = False
try:
payload_dict = json.loads(decoded_payload, object_pairs_hook=OrderedDict)
except ValueError:
payload_is_string = True
payload_dict = decoded_payload
except Exception as e:
self._stderr.println("[ERROR] Encountered an unknown error when decoding payload:\n{}\nCarrying on...".format(e))
target = header_dict if self._fuzzoptions["target"] == "Header" else payload_dict
selector = self._fuzzoptions["selector"]
# If using Object Identifier-Index then retrieve the
# value specified by the selector,
# if this value does not exist, assume the user
# wants to add the value that would have been specified
# by the selector to the desired JWT segment (this behavior will
# be noted in the help docs)
intruderPayload = self._helpers.bytesToString(currentPayload)
if not self._fuzzoptions["regex"]:
if selector != [""]:
try:
value = self.getValue(target, selector)
except Exception:
target = self.buildDict(target, selector)
if not self._isNone(selector) and selector != [""]:
target = self.setValue(target, selector, intruderPayload)
# Simple match-replace for regex
if self._fuzzoptions["regex"]:
target_string = target if payload_is_string else json.dumps(target)
target_string = re.sub(selector, intruderPayload, target_string)
target = target_string if payload_is_string else json.loads(target_string, object_pairs_hook=OrderedDict)
if self._fuzzoptions["target"] == "Payload":
payload_dict = target
else:
header_dict = target
algorithm = self._fuzzoptions["algorithm"]
if self._fuzzoptions["signature"]:
# pyjwt requires lowercase 'none'. If user wants to try
# "none", "NonE", "nOnE", etc... they should use .alg
# as selector, delete sig from intruder and use those
# permutations as their fuzz list (outlined in help docs)
# and keep "Generate Signature" as False
algorithm = "none" if algorithm.lower() == "none" else algorithm
header_dict["alg"] = algorithm
header = json.dumps(header_dict, separators=(",",":"))
payload = payload_dict if payload_is_string else json.dumps(payload_dict, separators=(",",":"))
header = self._helpers.base64Encode(header).strip("=")
payload = self._helpers.base64Encode(payload).strip("=")
contents = header + "." + payload
key = self._fuzzoptions["key"]
if len(self._fuzzoptions["key_cmd"]) > 0:
# we provide 'contents' value as an only argument to key-generating command
# it is expected that the command will print only the signature
signature = check_output([self._fuzzoptions["key_cmd"], contents])
modified_jwt = contents + "." + signature
elif self._fuzzoptions["signature"]:
# pyjwt throws error when using a public key in symmetric alg (for good reason of course),
# must do natively to support algorithmic sub attacks
if algorithm.startswith("HS"):
if algorithm == "HS256":
hmac_algorithm = hashlib.sha256
elif algorithm == "HS384":
hmac_algorithm = hashlib.sha384
else:
hmac_algorithm = hashlib.sha512
signature = self._helpers.base64Encode(
hmac.new(
key, contents, hmac_algorithm
).digest()
).strip("=")
modified_jwt = contents + "." +signature
# JWT can't sign non-JSON payloads. WTF. This block is for non-JSON payloads.
elif algorithm.startswith("RS") and payload_is_string:
if algorithm == "RS256":
rsa_algorithm = "SHA-256"
elif algorithm == "RS384":
rsa_algorithm = "SHA-384"
else:
rsa_algorithm = "SHA-512"
privkey = rsa.PrivateKey.load_pkcs1(key)
signature = rsa.sign(contents,privkey,rsa_algorithm)
signature = base64.b64encode(signature).encode('utf-8').replace("=", "")
modified_jwt = contents + "." + signature
else:
# Use pyjwt when using asymmetric alg
if algorithm == "none":
key = ""
modified_jwt = jwt.encode(payload_dict,key,algorithm=algorithm,headers=header_dict)
else:
modified_jwt = contents + "." + signature
return self._helpers.stringToBytes(modified_jwt)
#-----------------------
# getValue:
# @return: A value at arbitrary depth in dictionary
# @throws: TypeError
#-----------------------
def getValue(self, dictionary, values):
return reduce(dict.__getitem__, values, dictionary)
#-----------------------
# buildDict:
# @note: Will build dictionary of arbitrary depth
#-----------------------
def buildDict(self, dictionary, keys):
if self._isNone(keys):
return dictionary
root = current = dictionary
for key in keys:
if key not in current:
current[key] = {}
current = current[key]
return root
#----------------------
# setValue:
# @note: Will set key of arbitrary depth
#-----------------------
def setValue(self, dictionary, keys, value):
root = current = dictionary
for i,key in enumerate(keys):
if i == len(keys) - 1:
current[key] = value
break
if key in current:
current = current[key]
else:
# Should never happen
current = self.buildDict(current, keys)
return root
#-----------------------
# addSigningKeyTextArea:
# @note: Will toggle if fromFile selected. Be DRY.
#----------------------
def addSigningKeyTextArea(self):
self._signingKeyTextArea = JTextArea()
self._signingKeyTextArea.setColumns(50)
self._signingKeyTextArea.setRows(10)
self._signingKeyScrollPane = JScrollPane(self._signingKeyTextArea)
c = GridBagConstraints()
c.gridx = 1
c.gridy = 6
c.anchor = GridBagConstraints.LINE_START
self._configurationPanel.add(self._signingKeyScrollPane,c)
def addSigningKeyFromFileTextField(self):
c = GridBagConstraints()
c.gridx = 1
c.gridy = 6
self._configurationPanel.add(self._fromFileTextField, c)
def addSigningKeyFromCmdTextField(self):
c = GridBagConstraints()
c.gridx = 1
c.gridy = 6
self._configurationPanel.add(self._fromCmdTextField, c)
#-----------------------
# End Helpers
#-----------------------
#-----------------------
# Implement ITab
#-----------------------
def getTabCaption(self):
return "JWT FuzzHelper"
def getUiComponent(self):
return self._tabs
#---------------------------
# Save configuration options
#---------------------------
def saveOptions(self,event):
self._fuzzoptions["target"] = self._targetComboBox.getSelectedItem()
self._fuzzoptions["selector"] = self._selectorTextField.getText()
self._fuzzoptions["signature"] = True if self._generateSignatureComboBox.getSelectedItem() == "True" else False
self._fuzzoptions["algorithm"] = self._algorithmSelectionComboBox.getSelectedItem()
self._fuzzoptions["key_cmd"] = ""
if self._fromFileCheckBox.isSelected():
filename = self._fromFileTextField.getText()
if os.path.isdir(filename):
self._stderr.println("{} is a directory".format(filename))
return
if os.path.exists(filename):
with open(filename, 'rb') as f:
self._fuzzoptions["key"] = f.read()
elif self._fromCmdCheckBox.isSelected():
self._fuzzoptions["key_cmd"] = self._fromCmdTextField.getText()
else:
self._fuzzoptions["key"] = unicode(self._signingKeyTextArea.getText()).encode("utf-8")
# RSA keys need to end with a line break. Many headaches because of this.
if not self._fuzzoptions["key"].endswith("\n") and self._fuzzoptions["algorithm"].startswith("RS"):
self._fuzzoptions["key"] += "\n"
self._stdout.println("[JWT FuzzHelper] Saved options:\n{}".format(self._fuzzoptions))
# Sanity check selector if it's not a regular expression
self._fuzzoptions["regex"] = self._regexCheckBox.isSelected()
if not self._regexCheckBox.isSelected():
m = re.search("(\.\w+)+",self._fuzzoptions["selector"])
if self._fuzzoptions["selector"] != "." and (isinstance(m,type(None)) or m.group(0) != self._fuzzoptions["selector"]):
self._saveButton.setText("Invalid JSON Selector!")
else:
self._fuzzoptions["selector"] = self._fuzzoptions["selector"].split(".")[1:]
self._saveButton.setText("Saved!")
# Sanity check the regular expression
else:
try:
re.compile(self._fuzzoptions["selector"])
self._saveButton.setText("Saved!")
except re.error:
self._saveButton.setText("Invalid Regex!")
return
#-------------------------
# From file options
#------------------------
def fromFile(self,event):
if self._fromFileCheckBox.isSelected():
self._signingKeyLabel.setText("Path to Signing Key (Optional): ")
self._configurationPanel.remove(self._signingKeyScrollPane)
self.addSigningKeyFromFileTextField()
else:
self._signingKeyLabel.setText("Signing Key (Optional): ")
self._configurationPanel.remove(self._fromFileTextField)
self.addSigningKeyTextArea()
self._configurationPanel.repaint()
return
def fromCmd(self,event):
if self._fromCmdCheckBox.isSelected():
self._signingKeyLabel.setText("Path to Signing Cmd (Optional): ")
self._configurationPanel.remove(self._signingKeyScrollPane)
self.addSigningKeyFromCmdTextField()
else:
self._signingKeyLabel.setText("Signing Key (Optional): ")
self._configurationPanel.remove(self._fromCmdTextField)
self.addSigningKeyTextArea()
self._configurationPanel.repaint()
return
def regexSelector(self,event):
if self._regexCheckBox.isSelected():
self._selectorLabel.setText("Selector [Regex] (Required): ")
else:
self._selectorLabel.setText("JSON Selector [Object Identifier-Index Syntax] (Required): ")
self._configurationPanel.repaint()
return
#-------------------------
# Help popup
#-------------------------
def helpMenu(self,event):
self._helpPopup = JFrame('JWT Fuzzer', size=(550, 450) );
self._helpPopup.setDefaultCloseOperation(JFrame.DISPOSE_ON_CLOSE)
helpPanel = JPanel()
helpPanel.setPreferredSize(Dimension(550, 450))
helpPanel.setBorder(EmptyBorder(10, 10, 10, 10))
helpPanel.setLayout(BoxLayout(helpPanel, BoxLayout.Y_AXIS))
self._helpPopup.setContentPane(helpPanel)
helpHeadingText = JLabel("<html><h2>JWT Fuzzer</h2></html>")
authorText = JLabel("<html><p>@author: <pinnace></p></html>")
aboutText = JLabel("<html><br /> <p>This extension adds an Intruder payload processor for JWTs.</p><br /></html>")
repositoryText = JLabel("<html>Documentation and source code:</html>")
repositoryLink = JLabel("<html>- <a href=\"https://github.com/pinnace/burp-jwt-fuzzhelper-extension\">https://github.com/pinnace/burp-jwt-fuzzhelper-extension</a></html>")
licenseText = JLabel("<html><br/><p>JWT Fuzzer uses a GPL 3 license. This license does not apply to the dependency below:<p></html>")
dependencyLink = JLabel("<html>- <a href=\"https://github.com/jpadilla/pyjwt/blob/master/LICENSE\">pyjwt</a></html>")
dependencyLink.addMouseListener(ClickListener())
dependencyLink.setCursor(Cursor.getPredefinedCursor(Cursor.HAND_CURSOR))
repositoryLink.addMouseListener(ClickListener())
repositoryLink.setCursor(Cursor.getPredefinedCursor(Cursor.HAND_CURSOR))
helpPanel.add(helpHeadingText)
helpPanel.add(authorText)
helpPanel.add(aboutText)
helpPanel.add(repositoryText)
helpPanel.add(repositoryLink)
helpPanel.add(licenseText)
helpPanel.add(dependencyLink)
self._helpPopup.setSize(Dimension(550, 450))
self._helpPopup.pack()
self._helpPopup.setLocationRelativeTo(None)
self._helpPopup.setVisible(True)
return
class VisibilityCellRenderer(TreeCellRenderer):
def __init__(self, tree, mapContext):
self.tree = tree
self.mapContext = mapContext
self.lblGroup = JLabel()
self.lblGroup.setBackground(Color(222, 227, 233)) #.BLUE.brighter())
self.lblGroup.setOpaque(True)
self.lblGroup.setText(
"plddddddddddddddddddddddddddddddddddddddddddddddddddddddd")
self.lblGroupPreferredSize = self.lblGroup.getPreferredSize()
#border = BorderFactory.createEtchedBorder(EtchedBorder.LOWERED)
#border = BorderFactory.createLineBorder(Color(222,227,233).darker(),1)
#self.lblGroup.setBorder(border)
#self.lblGroupPreferredSize.setSize(30,200)#self.lblGroupPreferredSize.getHeight()+4, self.lblGroupPreferredSize.getWidth())
self.pnlLayer = JPanel()
self.pnlLayer.setOpaque(False)
#self.pnlLayer.setBorder(EmptyBorder(2,2,2,2))
self.pnlLayer.setLayout(FlowLayout(FlowLayout.LEFT))
self.chkLayerVisibility = JCheckBox()
self.chkLayerVisibility.setOpaque(False)
self.pnlLayer.add(self.chkLayerVisibility)
self.lblLayerIcon = JLabel()
self.lblLayerName = JLabel()
self.lblLayerName.setText(
"plddddddddddddddddddddddddddddddddddddddddddddddddddddddd")
self.tree.setRowHeight(
int(self.pnlLayer.getPreferredSize().getHeight()) - 3) #+2
self.pnlLayer.add(self.lblLayerIcon)
self.pnlLayer.add(self.lblLayerName)
self.lblUnknown = JLabel()
def getTreeCellRendererComponent(self, tree, value, selected, expanded,
leaf, row, hasFocus):
uo = value.getUserObject()
if isinstance(uo, DataGroup):
text = "[" + str(value.getChildCount()) + "] " + uo.getName()
self.lblGroup.setText(text)
self.lblGroup.setPreferredSize(self.lblGroupPreferredSize)
return self.lblGroup
if isinstance(uo, DataLayer):
layer = uo.getLayer()
self.lblLayerName.setText(layer.getName())
self.lblLayerIcon.setIcon(getIconFromLayer(layer))
self.chkLayerVisibility.setSelected(layer.isVisible())
if layer.isWithinScale(
self.mapContext.getScaleView()): # and layer.isVisible():
self.chkLayerVisibility.setEnabled(True)
else:
self.chkLayerVisibility.setEnabled(False)
self.lblLayerName.setForeground(Color.BLACK)
font = self.lblLayerName.getFont()
self.lblLayerName.setForeground(Color.BLACK)
if layer.isEditing():
self.lblLayerName.setForeground(Color.RED)
if layer.isActive() and font.isBold():
pass
elif layer.isActive() and not font.isBold():
newfont = font.deriveFont(Font.BOLD)
self.lblLayerName.setFont(newfont)
else:
newfont = font.deriveFont(Font.PLAIN)
self.lblLayerName.setFont(newfont)
self.pnlLayer.repaint()
return self.pnlLayer
self.lblUnknown.setText("")
self.lblUnknown.setPreferredSize(Dimension(0, 0))
return self.lblUnknown