def __init__(self, reaclabel=REACTINV, scalelabel=SCALEFAC):
WriterPanel.__init__(self)
self.reacpanel = swing.Box(swing.BoxLayout.LINE_AXIS)
self.reacpanel.add(swing.JLabel(reaclabel))
self.reacfield = swing.JTextField()
self.reacpanel.add(self.reacfield)
self.reacpanel.add(
swing.Box.createRigidArea(awt.Dimension(BORDERWIDTH, 0)))
self.add(self.reacpanel, awt.BorderLayout.CENTER)
self.numscalepanel = swing.Box(swing.BoxLayout.LINE_AXIS)
self.add(self.numscalepanel, awt.BorderLayout.EAST)
self.numpanel = swing.Box(swing.BoxLayout.LINE_AXIS)
self.numpanel.add(swing.JLabel(NUMBER))
self.numfield = swing.JFormattedTextField(value=lang.Float(1.0))
self.numfield.setPreferredSize(
awt.Dimension(FIELDWIDTH, self.numfield.getHeight()))
self.numpanel.add(self.numfield)
self.scalepanel = swing.Box(swing.BoxLayout.LINE_AXIS)
self.scalepanel.add(swing.JLabel(scalelabel))
self.scalefield = swing.JFormattedTextField(
value=lang.Float(Data.Problem.VMAX))
self.scalefield.setPreferredSize(
awt.Dimension(FIELDWIDTH, self.scalefield.getHeight()))
self.scalepanel.add(self.scalefield)
self.optLayout()
def __init__(self):
self.contentPane.layout = swing.BoxLayout(self.contentPane,
swing.BoxLayout.Y_AXIS)
message = swing.JLabel(BUGREPORTMESSAGE)
message.setAlignmentX(awt.Component.CENTER_ALIGNMENT)
self.add(message)
self.add(swing.Box.createVerticalStrut(10))
buttonbox = swing.Box(swing.BoxLayout.X_AXIS)
self.sendbutton = swing.JButton(COMMAND_SEND,
actionPerformed=self.actionPerformed)
self.cancelbutton = swing.JButton(COMMAND_CANCEL,
actionPerformed=self.actionPerformed)
buttonbox.add(self.sendbutton)
buttonbox.add(self.cancelbutton)
#self.add(swing.Box.createVerticalStrut(10))
self.add(buttonbox)
buttonbox.setAlignmentX(awt.Component.CENTER_ALIGNMENT)
self.pack()
self.size = (300, 175)
self.setLocationRelativeTo(None)
self.show()
def addOptions(self):
self.optpanel = swing.JPanel(layout=awt.BorderLayout())
self.add(self.optpanel, awt.BorderLayout.EAST)
self.commentcheck = swing.JCheckBox(
COMMENTS, horizontalTextPosition=swing.SwingConstants.LEFT)
self.commentcheck.setSelected(SHOWCOMMENTS)
self.optpanel.add(self.commentcheck, awt.BorderLayout.EAST)
# self.grbcheck = swing.JCheckBox('Gurobi:', horizontalTextPosition = swing.SwingConstants.LEFT)#w#
# self.grbcheck.setSelected(False)#w#
self.LPbox = swing.Box(swing.BoxLayout.LINE_AXIS)
self.LPbox.add(
swing.Box.createRigidArea(awt.Dimension(2 * BORDERWIDTH, 0)))
self.LPbox.add(swing.JLabel(SOLVER))
self.solverbox = swing.JComboBox(Data.Problem.SOLVERS)
self.solverbox.addActionListener(self.SolverSwitcher(self))
self.LPbox.add(self.solverbox)
self.LPbox.add(swing.Box.createRigidArea(awt.Dimension(BORDERWIDTH,
0)))
self.trimcheck = swing.JCheckBox(
REDUCE, horizontalTextPosition=swing.SwingConstants.LEFT)
self.LPbox.add(self.trimcheck)
self.LPbox.add(swing.Box.createRigidArea(awt.Dimension(BORDERWIDTH,
0)))
self.optpanel.add(self.LPbox, awt.BorderLayout.WEST) #CENTER->WEST
def initToolBar(self):
self.toolbar = swing.Box(swing.BoxLayout.LINE_AXIS)
self.toolbar.setBorder(swing.BorderFactory.createEmptyBorder(BORDERWIDTH, BORDERWIDTH, BORDERWIDTH, BORDERWIDTH));
self.add(self.toolbar, awt.BorderLayout.NORTH)
# self.toolbar.add(swing.JLabel(INSERT))
# self.insertfield = swing.JTextField(actionPerformed = self.insertElement)
# self.toolbar.add(self.insertfield)
# self.toolbar.add(swing.Box.createRigidArea(awt.Dimension(BORDERWIDTH * 5, 0)));
self.problempanel = ProblemPanel.ProblemPanel()
self.toolbar.add(self.problempanel)
def registerExtenderCallbacks(self, callbacks):
print "Name: \t\t" + BurpExtender.EXT_NAME
print "Description: \t" + BurpExtender.EXT_DESC
print "Authors: \t" + BurpExtender.EXT_AUTHOR
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName(BurpExtender.EXT_NAME)
stdout = PrintWriter(callbacks.getStdout(), True)
callbacks.registerContextMenuFactory(self)
self.httpTraffic = None
self.resp = None
#Create panels used for layout; we must stack and layer to get the desired GUI
self.tab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane = swing.JTabbedPane()
self.tab.add(self.tabbedPane)
# First tab
self.duetTab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane.addTab("MSSQLi-DUET", self.duetTab)
# Create objects for the first tab's GUI
# These rows will add top to bottom on the Y Axis
self.t1r1 = swing.JPanel(FlowLayout())
self.t1r2 = swing.JPanel(FlowLayout())
self.t1r3 = swing.JPanel(FlowLayout())
self.t1r4 = swing.JPanel(FlowLayout())
self.t1r5 = swing.JPanel(FlowLayout())
self.t1r6 = swing.JPanel(FlowLayout())
self.t1r7 = swing.JPanel(FlowLayout())
# Now add content to the first tab's GUI objects
self.encodingBox = swing.JComboBox(["None","unicode","unicode_unescaped","doubleencode","unmagicquotes"])
self.delayBox = swing.JTextField("0",3)
self.ridMinBox = swing.JTextField("1000",5)
self.ridMaxBox = swing.JTextField("1500",5)
self.paramBox = swing.JTextField("",15)
self.injectBox = swing.JTextField("",15)
self.outputTxt = swing.JTextArea(10,50)
self.outputScroll = swing.JScrollPane(self.outputTxt)
self.requestTxt = swing.JTextArea(10,50)
self.requestScroll = swing.JScrollPane(self.requestTxt)
self.requestTxt.setLineWrap(True)
self.outputTxt.setBackground(Color.lightGray)
self.outputTxt.setEditable(False)
self.outputTxt.setLineWrap(True)
self.t1r1.add(swing.JLabel("<html><center><h2>MSSQLi-DUET</h2>Enumerate Active Directory users, groups, and machines via SQL injection.</center></html>"))
#Add labels here for all of the args needed.
self.t1r2.add(swing.JLabel("WAF Bypass Method:"))
self.t1r2.add(self.encodingBox)
#Minimum RID value
self.t1r2.add(swing.JLabel("Minimum RID value:"))
self.t1r2.add(self.ridMinBox)
#Maximum RID value
self.t1r2.add(swing.JLabel("Maximum RID value:"))
self.t1r2.add(self.ridMaxBox)
#Delay for requests
self.t1r2.add(swing.JLabel("Delay:"))
self.t1r2.add(self.delayBox)
#Vulnerable parameter
self.t1r3.add(swing.JLabel("Vulnerable Parameter:"))
self.t1r3.add(self.paramBox)
#Injection starting point
self.t1r3.add(swing.JLabel("Injection start:"))
self.t1r3.add(self.injectBox)
#Request section
self.t1r4.add(swing.JLabel("Raw request:"))
self.t1r4.add(self.requestScroll)
self.t1r5.add(swing.JButton("Run", actionPerformed=self.executePayload))
self.t1r5.add(swing.JButton("Clear", actionPerformed=self.clearRequest))
#Results section
self.t1r6.add(swing.JLabel("Results Output:"))
self.t1r6.add(self.outputScroll)
self.t1r7.add(swing.JButton("Copy results to Clipboard", actionPerformed=self.copyToClipboard))
self.t1r7.add(swing.JButton("Clear", actionPerformed=self.clearOutput))
# Add the GUI objects into the first tab
self.duetTab.add(self.t1r1)
self.duetTab.add(self.t1r2)
self.duetTab.add(self.t1r3)
self.duetTab.add(self.t1r4)
self.duetTab.add(self.t1r5)
self.duetTab.add(self.t1r6)
self.duetTab.add(self.t1r7)
# Now that the GUI objects are added, we can resize them to fit snug in the UI
self.t1r1.setMaximumSize(Dimension(850, 100))
self.t1r2.setMaximumSize(Dimension(875, 50))
self.t1r3.setMaximumSize(Dimension(800, 75))
self.t1r4.setMaximumSize(Dimension(800, 200))
self.t1r5.setMaximumSize(Dimension(800, 50))
self.t1r6.setMaximumSize(Dimension(800, 200))
self.t1r7.setMaximumSize(Dimension(800, 200))
#Register the panel in the Burp GUI
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
print "Name: \t\t" + BurpExtender.EXT_NAME
print "Description: \t" + BurpExtender.EXT_DESC
print "Authors: \t" + BurpExtender.EXT_AUTHOR
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName(BurpExtender.EXT_NAME)
#Create Burp Collaborator Instance
self.burpCollab = self._callbacks.createBurpCollaboratorClientContext()
self.collaboratorDomain = self.burpCollab.generatePayload(True)
#Create panels used for layout; we must stack and layer to get the desired GUI
self.tab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane = swing.JTabbedPane()
self.tab.add(self.tabbedPane)
# First tab
self.collabfiltratorTab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane.addTab("Collabfiltrator", self.collabfiltratorTab)
# Second tab
#self.configurationTab = swing.Box(swing.BoxLayout.Y_AXIS)
#self.tabbedPane.addTab("Configuration", self.configurationTab)
# Create objects for the first tab's GUI
# These rows will add top to bottom on the Y Axis
self.t1r1 = swing.JPanel(FlowLayout())
self.t1r2 = swing.JPanel(FlowLayout())
self.t1r3 = swing.JPanel(FlowLayout())
self.t1r4 = swing.JPanel(FlowLayout())
self.t1r5 = swing.JPanel(FlowLayout())
self.t1r6 = swing.JPanel(FlowLayout())
self.t1r7 = swing.JPanel(FlowLayout())
# Now add content to the first tab's GUI objects
self.osComboBox = swing.JComboBox(
["Windows", "Linux_ping", "Linux_nslookup", "Linux_dig"])
#self.commandTxt = swing.JTextField("ls -lah", 35)
self.commandTxt = swing.JTextField("dir C:\inetpub\wwwroot", 25)
self.payloadTxt = swing.JTextArea(10, 50)
self.payloadTxt.setBackground(Color.lightGray)
self.payloadTxt.setEditable(
False) # So you can't messup the generated payload
self.payloadTxt.setLineWrap(True) #Wordwrap the output of payload box
self.outputTxt = swing.JTextArea(10, 50)
self.outputScroll = swing.JScrollPane(
self.outputTxt) # Make the output scrollable
self.progressBar = swing.JProgressBar(5, 15)
self.progressBar.setVisible(False) # Progressbar is hiding
self.outputTxt.setBackground(Color.lightGray)
self.outputTxt.setEditable(False)
self.outputTxt.setLineWrap(True)
self.burpCollaboratorDomainTxt = swing.JTextPane(
) # burp collaboratorTextPane
self.burpCollaboratorDomainTxt.setText(
" ") #burp collaborator domain goes here
self.burpCollaboratorDomainTxt.setEditable(False)
self.burpCollaboratorDomainTxt.setBackground(None)
self.burpCollaboratorDomainTxt.setBorder(None)
self.t1r1.add(
swing.JLabel(
"<html><center><h2>Collabfiltrator</h2>Exfiltrate blind remote code execution output over DNS via Burp Collaborator.</center></html>"
))
self.t1r2.add(swing.JLabel("Platform"))
self.t1r2.add(self.osComboBox)
self.t1r2.add(swing.JLabel("Command"))
self.t1r2.add(self.commandTxt)
self.t1r2.add(
swing.JButton("Execute", actionPerformed=self.executePayload))
self.t1r3.add(swing.JLabel("Payload"))
self.t1r3.add(self.payloadTxt)
self.t1r6.add(
self.burpCollaboratorDomainTxt) #burp Collab Domain will go here
self.t1r4.add(
swing.JButton("Copy Payload to Clipboard",
actionPerformed=self.copyToClipboard))
self.t1r4.add(
swing.JButton("Start poll results",
actionPerformed=self.startPollResults))
self.t1r4.add(
swing.JButton("Stop listener",
actionPerformed=self.stopPollResults))
self.t1r4.add(swing.JButton("Show logs",
actionPerformed=self.showLogs))
self.t1r5.add(swing.JLabel("Output"))
self.t1r5.add(self.outputScroll) #add output scroll bar to page
self.t1r7.add(self.progressBar)
# Add the GUI objects into the first tab
self.collabfiltratorTab.add(self.t1r1)
self.collabfiltratorTab.add(self.t1r2)
self.collabfiltratorTab.add(self.t1r3)
self.collabfiltratorTab.add(self.t1r6)
self.collabfiltratorTab.add(self.t1r4)
self.collabfiltratorTab.add(self.t1r7)
self.collabfiltratorTab.add(self.t1r5)
# Create objects for the second tab's GUI
self.dummylabel = swing.JLabel(
"Burp Collaborator Config options will go here.")
# Add the GUI objects into the second tab
########self.configurationTab.add(self.dummylabel)
# Now that the GUI objects are added, we can resize them to fit snug in the UI
self.t1r1.setMaximumSize(Dimension(800, 100))
self.t1r2.setMaximumSize(Dimension(800, 50))
self.t1r3.setMaximumSize(Dimension(800, 200))
self.t1r4.setMaximumSize(Dimension(800, 200))
self.t1r6.setMaximumSize(Dimension(800, 50))
self.t1r7.setMaximumSize(Dimension(800, 50))
#Register the panel in the Burp GUI
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
print("Name: \t\t" + BurpExtender.EXT_NAME)
print("Description: \t" + BurpExtender.EXT_DESC)
print("Authors: \t" + BurpExtender.EXT_AUTHOR)
print("Version: \t" + BurpExtender.EXT_VERSION + "\n")
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName(BurpExtender.EXT_NAME)
self.killDanglingThreadsOnUnload = callbacks.registerExtensionStateListener(
self.killDanglingThreads)
#Create Burp Collaborator Instance
self.burpCollab = self._callbacks.createBurpCollaboratorClientContext()
self.collaboratorDomain = self.burpCollab.generatePayload(True)
#Create panels used for layout; we must stack and layer to get the desired GUI
self.tab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane = swing.JTabbedPane()
self.tab.add(self.tabbedPane)
# First tab
self.collabfiltratorTab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane.addTab("Collabfiltrator", self.collabfiltratorTab)
# Second tab
#self.configurationTab = swing.Box(swing.BoxLayout.Y_AXIS)
#self.tabbedPane.addTab("Configuration", self.configurationTab)
# Create objects for the first tab's GUI
# These rows will add top to bottom on the Y Axis
self.t1r1 = swing.JPanel(FlowLayout()) # title and description frame
self.t1r2 = swing.JPanel(FlowLayout()) #platform and command box frame
self.t1r3 = swing.JPanel(FlowLayout()) #payload box frame
self.t1r5 = swing.JPanel(
FlowLayout()) #copy payload to clipboard frame
self.t1r7 = swing.JPanel(FlowLayout()) #output box frame
self.t1r4 = swing.JPanel(FlowLayout()) # collaborator domainname frame
self.t1r6 = swing.JPanel(
FlowLayout()
) # hidden stop listener frame that only appears upon payload generation
self.t1r8 = swing.JPanel(FlowLayout()) #clearOutput box frame
# Now add content to the first tab's GUI objects
self.osComboBox = swing.JComboBox(
["Windows PowerShell", "Linux (sh + ping)"])
self.commandTxt = swing.JTextField("hostname", 35)
#self.commandTxt = swing.JTextField("dir c:\inetpub\wwwroot", 35)
self.payloadTxt = swing.JTextArea(10, 55)
self.payloadTxt.setEditable(
False) # So you can't messup the generated payload
self.payloadTxt.setLineWrap(True) #Wordwrap the output of payload box
self.outputTxt = swing.JTextArea(10, 55)
self.outputScroll = swing.JScrollPane(
self.outputTxt) # Make the output scrollable
self.payloadScroll = swing.JScrollPane(
self.payloadTxt) # Make the payloadText scrollable
self.progressBar = swing.JProgressBar(5, 15)
self.progressBar.setVisible(False) # Progressbar is hiding
self.outputTxt.setEditable(False)
self.outputTxt.setLineWrap(True)
self.burpCollaboratorDomainTxt = swing.JTextPane(
) # burp collaboratorTextPane
self.burpCollaboratorDomainTxt.setText(
" ") #burp collaborator domain goes here
self.burpCollaboratorDomainTxt.setEditable(False)
self.burpCollaboratorDomainTxt.setBackground(None)
self.burpCollaboratorDomainTxt.setBorder(None)
titleLabel = swing.JLabel(
"<html><center><h2>Collabfiltrator</h2>Exfiltrate blind remote code execution output over DNS via Burp Collaborator.</center></html>"
)
titleLabel.putClientProperty("html.disable", None)
self.t1r1.add(titleLabel)
self.t1r2.add(swing.JLabel("Platform"))
self.t1r2.add(self.osComboBox)
self.t1r2.add(swing.JLabel("Command"))
self.t1r2.add(self.commandTxt)
self.t1r2.add(
swing.JButton("Execute", actionPerformed=self.executePayload))
self.t1r3.add(swing.JLabel("Payload"))
self.t1r3.add(self.payloadScroll)
self.t1r4.add(
self.burpCollaboratorDomainTxt) #burp Collab Domain will go here
self.t1r5.add(
swing.JButton("Copy Payload to Clipboard",
actionPerformed=self.copyToClipboard))
self.t1r6.add(self.progressBar)
self.stopListenerButton = swing.JButton(
"Stop Listener", actionPerformed=self.stopListener)
self.stopListenerButton.setVisible(False) # hide stopListenerButton
self.t1r6.add(self.stopListenerButton)
self.t1r7.add(swing.JLabel("Output"))
self.t1r7.add(self.outputScroll) #add output scroll bar to page
self.t1r8.add(
swing.JButton("Clear Output", actionPerformed=self.clearOutput))
# Add the GUI objects into the first tab
self.collabfiltratorTab.add(self.t1r1)
self.collabfiltratorTab.add(self.t1r2)
self.collabfiltratorTab.add(self.t1r3)
self.collabfiltratorTab.add(self.t1r4)
self.collabfiltratorTab.add(self.t1r5)
self.collabfiltratorTab.add(self.t1r6)
self.collabfiltratorTab.add(self.t1r7)
self.collabfiltratorTab.add(self.t1r8)
# Create objects for the second tab's GUI
self.dummylabel = swing.JLabel(
"Burp Collaborator Config options will go here.")
# Add the GUI objects into the second tab
########self.configurationTab.add(self.dummylabel)
#Register the panel in the Burp GUI
callbacks.addSuiteTab(self)
return