def registerExtenderCallbacks(self, callbacks):
self.hashes = {}
#self._stdout = PrintWriter(callbacks.getStdout(), True)
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self._callbacks.setExtensionName("Password Hash Scanner")
self._callbacks.registerScannerCheck(self)
self._fileLocation = None
self._jPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
getFileButton = swing.JButton('Open hashout.txt',
actionPerformed=self.getFile)
self._fileText = swing.JTextArea("", 1, 50)
boxHorizontal.add(getFileButton)
boxHorizontal.add(self._fileText)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
submitQueryButton = swing.JButton('Parse hash file',
actionPerformed=self.hashParse)
boxHorizontal.add(submitQueryButton)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
boxHorizontal.add(swing.JLabel("Output"))
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self._resultsTextArea = swing.JTextArea()
resultsOutput = swing.JScrollPane(self._resultsTextArea)
resultsOutput.setPreferredSize(Dimension(500, 200))
boxHorizontal.add(resultsOutput)
boxVertical.add(boxHorizontal)
self._jPanel.add(boxVertical)
# add the custom tab to Burp's UI
self._callbacks.addSuiteTab(self)
return
def __init__(self, parent):
self.parent = parent
Panel = swing.JPanel()
Panel.layout = awt.BorderLayout()
Panel.border = swing.BorderFactory.createTitledBorder(
"Payload Encoder")
self.text = swing.JTextField(actionPerformed=self.encodePayload)
Panel.add(self.text, Panel.layout.PAGE_START)
self.textArea = swing.JTextArea()
scrollPane = swing.JScrollPane(self.textArea)
Panel.add(scrollPane, Panel.layout.CENTER)
Panel1 = swing.JPanel()
Panel1.layout = awt.BorderLayout()
Panel1.border = swing.BorderFactory.createTitledBorder(
"Payload Parser")
self.text1 = swing.JTextField(actionPerformed=self.parsePayload)
Panel1.add(self.text1, Panel1.layout.PAGE_START)
self.textArea1 = swing.JTextArea()
scrollPane1 = swing.JScrollPane(self.textArea1)
Panel1.add(scrollPane1, Panel1.layout.CENTER)
self.splitPane = swing.JSplitPane(swing.JSplitPane.VERTICAL_SPLIT)
self.splitPane.setDividerLocation(250)
self.splitPane.setLeftComponent(Panel)
self.splitPane.setRightComponent(Panel1)
self.parent.addTabPanel("Options", self.splitPane)
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self.context = None
callbacks.setExtensionName("quoted-printable Parser")
self._jPanel = swing.JPanel()
self._jPanel.setLayout(
swing.BoxLayout(self._jPanel, swing.BoxLayout.Y_AXIS))
self._jTextIn = swing.JTextArea("Input", 20, 10)
self._jTextIn.setLineWrap(True)
self._jScrollPaneIn = swing.JScrollPane(self._jTextIn)
self._jScrollPaneIn.setVerticalScrollBarPolicy(
swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self._jScrollPaneIn.setPreferredSize(awt.Dimension(20, 10))
self._jTextOut = swing.JTextArea("Output", 20, 10)
self._jTextOut.setLineWrap(True)
self._jScrollPaneOut = swing.JScrollPane(self._jTextOut)
self._jScrollPaneOut.setVerticalScrollBarPolicy(
swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self._jScrollPaneOut.setPreferredSize(awt.Dimension(20, 10))
self._jButtonPanel = swing.JPanel()
self._jButtonDecode = swing.JButton('Decode',
actionPerformed=self.decode)
self._jButtonPanel.add(self._jButtonDecode)
self._jPanel.add(self._jScrollPaneIn)
self._jPanel.add(self._jButtonPanel)
self._jPanel.add(self._jScrollPaneOut)
callbacks.customizeUiComponent(self._jPanel)
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
print "SAML BurpSuite Extension"
print "Ben Campbell <eat_meatballs[at]hotmail.co.uk>"
print "http://rewtdance.blogspot.co.uk"
print "http://github.com/Meatballs1/burp_saml"
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("SAML Decoder")
# Create Tab
self._jPanel = swing.JPanel()
self._jPanel.setLayout(
swing.BoxLayout(self._jPanel, swing.BoxLayout.Y_AXIS))
# SAML Binding Format
self._jTextIn = swing.JTextArea("SAML Binding In", 20, 120)
self._jTextIn.setLineWrap(True)
self._jTextOut = swing.JTextArea("SAML Binding Out", 20, 120)
self._jTextOut.setLineWrap(True)
self._jButtonPanel = swing.JPanel()
self._jButtonEncode = swing.JButton('Encode',
actionPerformed=self.encode)
self._jButtonDecode = swing.JButton('Decode',
actionPerformed=self.decode)
self._jButtonPanel.add(self._jButtonEncode)
self._jButtonPanel.add(self._jButtonDecode)
self._jPanel.add(self._jTextIn)
self._jPanel.add(self._jButtonPanel)
self._jPanel.add(self._jTextOut)
# SAML Artifact Format
self._jTextArtIn = swing.JTextArea("SAML Artifact In", 20, 120)
self._jTextArtIn.setLineWrap(True)
self._jTextArtOut = swing.JTextArea("SAML Artifact Out", 20, 120)
self._jTextArtOut.setLineWrap(True)
self._jButtonArtPanel = swing.JPanel()
self._jButtonArtEncode = swing.JButton('Encode',
actionPerformed=self.art_encode)
self._jButtonArtDecode = swing.JButton('Decode',
actionPerformed=self.art_decode)
self._jButtonArtPanel.add(self._jButtonArtEncode)
self._jButtonArtPanel.add(self._jButtonArtDecode)
self._jPanel.add(self._jTextArtIn)
self._jPanel.add(self._jButtonArtPanel)
self._jPanel.add(self._jTextArtOut)
callbacks.customizeUiComponent(self._jPanel)
# register ourselves as a message editor tab factory
callbacks.addSuiteTab(self)
return
def runAboutLeoDialog(self, version, theCopyright, url, email):
"""Create and run Leo's About Leo dialog."""
dialog = self._getDialog("About Leo")
cpane = dialog.getContentPane()
data = "%s\n%s\n\n%s\n\n%s" % (version, theCopyright, url, email)
jtc = swing.JTextArea()
jtc.setText(data)
jtc.setEditable(False)
dialog.add(jtc)
class cl_act(swing.AbstractAction):
def __init__(self, dialog):
swing.AbstractAction.__init__(self, "Close")
self.dialog = dialog
def actionPerformed(self, aE):
self.dialog.dispose()
button = swing.JButton(cl_act(dialog))
jbp = swing.JPanel()
jbp.add(button)
dialog.add(jbp, awt.BorderLayout.SOUTH)
dialog.pack()
w, h = self._calculateCenteredPosition(dialog)
dialog.setLocation(w, h)
dialog.setAlwaysOnTop(1)
dialog.visible = 1
def initGui(self):
self.sigv4ConfigurationTab = swing.JPanel()
layout = swing.GroupLayout(self.sigv4ConfigurationTab)
self.sigv4ConfigurationTab.setLayout(layout)
self.addDomainInfo = swing.JLabel("Domain to test:")
self.addDomainInfo.setFont(Font("Tahoma", 1, 12))
self.configurationLoadedInfo = swing.JLabel("")
self.configurationLoadedInfo.setFont(Font("Tahoma", 1, 12))
self.isJsonCheck = swing.JCheckBox("JSON")
self.isJsonCheck.setFont(Font("Tahoma", 1, 12))
self.parseCredsBtn = swing.JButton('Load configuration', actionPerformed=self.parseCreds)
self.credsPanel = swing.JScrollPane()
self.credsText = swing.JTextArea("Paste Creds Here.")
self.credsText.setLineWrap(True)
self.credsPanel.setViewportView(self.credsText)
self.scopeUrlField = swing.JTextField("api.example.io")
layout.setHorizontalGroup(
layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING)
.addGroup(layout.createSequentialGroup()
.addGap(15)
.addGroup(layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING)
.addComponent(self.isJsonCheck)
.addComponent(self.credsPanel, swing.GroupLayout.PREFERRED_SIZE, 525, swing.GroupLayout.PREFERRED_SIZE)
.addComponent(self.addDomainInfo)
.addComponent(self.scopeUrlField, swing.GroupLayout.PREFERRED_SIZE, 350, swing.GroupLayout.PREFERRED_SIZE)
.addGroup(layout.createSequentialGroup()
.addGroup(layout.createParallelGroup(swing.GroupLayout.Alignment.TRAILING)
.addComponent(self.parseCredsBtn))
.addComponent(self.configurationLoadedInfo)
.addPreferredGap(swing.LayoutStyle.ComponentPlacement.UNRELATED))
.addComponent(self.addDomainInfo))
.addContainerGap(26, lang.Short.MAX_VALUE)))
layout.setVerticalGroup(
layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING)
.addGroup(layout.createSequentialGroup()
.addGap(10)
.addComponent(self.isJsonCheck)
.addGap(10)
.addComponent(self.credsPanel, swing.GroupLayout.PREFERRED_SIZE, 125, swing.GroupLayout.PREFERRED_SIZE)
.addPreferredGap(swing.LayoutStyle.ComponentPlacement.UNRELATED)
.addGroup(layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING)
.addGroup(layout.createSequentialGroup()
.addGap(10)
.addComponent(self.addDomainInfo)
.addGap(10)
.addComponent(self.scopeUrlField, swing.GroupLayout.PREFERRED_SIZE, swing.GroupLayout.DEFAULT_SIZE, swing.GroupLayout.PREFERRED_SIZE)
.addGroup(layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING)
.addGroup(layout.createSequentialGroup()
.addGap(10)
.addComponent(self.parseCredsBtn)
.addGap(10)
.addComponent(self.configurationLoadedInfo)
.addPreferredGap(swing.LayoutStyle.ComponentPlacement.RELATED)
.addPreferredGap(swing.LayoutStyle.ComponentPlacement.RELATED)
.addContainerGap(swing.GroupLayout.DEFAULT_SIZE, lang.Short.MAX_VALUE)))))))
return
def initUI(self):
self.tab = swing.JPanel()
# UI for Output
self.outputLabel = swing.JLabel("pMDetector Log:")
self.outputLabel.setFont(Font("Tahoma", Font.BOLD, 14))
self.outputLabel.setForeground(Color(255, 102, 52))
self.logPane = swing.JScrollPane()
self.outputTxtArea = swing.JTextArea()
self.outputTxtArea.setFont(Font("Consolas", Font.PLAIN, 12))
self.outputTxtArea.setLineWrap(True)
self.logPane.setViewportView(self.outputTxtArea)
self.clearBtn = swing.JButton("Clear Log", actionPerformed=self.clear)
self.exportBtn = swing.JButton("Export Log",
actionPerformed=self.export)
self.parentFrm = swing.JFileChooser()
# Layout
layout = swing.GroupLayout(self.tab)
layout.setAutoCreateGaps(True)
layout.setAutoCreateContainerGaps(True)
self.tab.setLayout(layout)
layout.setHorizontalGroup(layout.createParallelGroup().addGroup(
layout.createSequentialGroup().addGroup(
layout.createParallelGroup().addComponent(
self.outputLabel).addComponent(self.logPane).addComponent(
self.clearBtn).addComponent(self.exportBtn))))
layout.setVerticalGroup(layout.createParallelGroup().addGroup(
layout.createParallelGroup().addGroup(
layout.createSequentialGroup().addComponent(
self.outputLabel).addComponent(self.logPane).addComponent(
self.clearBtn).addComponent(self.exportBtn))))
def __init__(self):
self.frame=swing.JFrame(title="My Frame", size=(300,300))
self.frame.defaultCloseOperation=swing.JFrame.EXIT_ON_CLOSE;
self.frame.layout=awt.BorderLayout()
self.panel1=swing.JPanel(awt.BorderLayout())
self.panel2=swing.JPanel(awt.GridLayout(4,1))
self.panel2.preferredSize = awt.Dimension(10,100)
self.panel3=swing.JPanel(awt.BorderLayout())
self.title=swing.JLabel("Text Rendering")
self.button1=swing.JButton("Print Text", actionPerformed=self.printMessage)
self.button2=swing.JButton("Clear Text", actionPerformed=self.clearMessage)
self.textField=swing.JTextField(30)
self.outputText=swing.JTextArea(4,15)
self.panel1.add(self.title)
self.panel2.add(self.textField)
self.panel2.add(self.button1)
self.panel2.add(self.button2)
self.panel3.add(self.outputText)
self.frame.contentPane.add(self.panel1, awt.BorderLayout.PAGE_START)
self.frame.contentPane.add(self.panel2, awt.BorderLayout.CENTER)
self.frame.contentPane.add(self.panel3, awt.BorderLayout.PAGE_END)
def __init__(self):
self.frame=swing.JFrame(title="Simple Jython Interpreter", size=(600,500))
self.frame.defaultCloseOperation=swing.JFrame.EXIT_ON_CLOSE;
self.frame.layout=awt.BorderLayout()
self.panel1=swing.JPanel(awt.BorderLayout())
self.panel2=swing.JPanel(awt.BorderLayout())
self.title=swing.JLabel("Jython Code")
self.title2 = swing.JLabel("Interpreter Output")
self.button1=swing.JButton("Run", actionPerformed=self.printMessage)
self.button2=swing.JButton("Clear Output", actionPerformed=self.clearMessage)
self.buttonPane = swing.JPanel()
self.buttonPane.layout = swing.BoxLayout(self.buttonPane, swing.BoxLayout.LINE_AXIS)
self.buttonPane.border = swing.BorderFactory.createEmptyBorder(0, 10, 10, 10)
self.buttonPane.add(swing.Box.createHorizontalGlue())
self.buttonPane.add(self.button1)
self.buttonPane.add(swing.Box.createRigidArea(awt.Dimension(10, 0)))
self.buttonPane.add(self.button2)
self.textField=swing.JTextArea(4,15)
self.textField.lineWrap = True
self.scrollPaneOne = swing.JScrollPane(self.textField)
self.scrollPaneOne.verticalScrollBarPolicy = swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS
self.outputText=swing.JTextArea(4,15)
self.outputText.lineWrap = True
self.outputText.editable = False
self.scrollPane2 = swing.JScrollPane(self.outputText)
self.scrollPane2.verticalScrollBarPolicy = swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS
self.panel1.add(self.title, awt.BorderLayout.PAGE_START)
self.panel1.add(self.scrollPaneOne, awt.BorderLayout.CENTER)
self.panel2.add(self.title2, awt.BorderLayout.PAGE_START)
self.panel2.add(self.scrollPane2, awt.BorderLayout.CENTER)
self.splitPane = swing.JSplitPane(swing.JSplitPane.VERTICAL_SPLIT,
self.panel1, self.panel2)
self.splitPane.oneTouchExpandable = True
self.minimumSize = awt.Dimension(50, 100)
self.panel1.minimumSize = self.minimumSize
self.panel2.minimumSize = self.minimumSize
self.frame.contentPane.add(self.splitPane, awt.BorderLayout.CENTER)
self.frame.contentPane.add(self.buttonPane, awt.BorderLayout.PAGE_END)
def __init__(self):
self.messageText = swing.JTextArea(text="new chat instance!",
editable=False,
lineWrap=True,
size=(300, 1))
self.state = "Not in chatroom"
self.CHATID = 0
self.status = swing.JLabel("")
return
def registerExtenderCallbacks(self, callbacks):
print "Install Successful...."
# 测试文本
testtext = u'''
admin u'\u8fd9\u662f\u4e00\u4e2a\u6d4b\u8bd5\u9875\u9762'
root u'\u4f60\u4ee5\u4e3a\u6709\u91cd\u8981\u4fe1\u606f\u4e48\uff1f'
\u6211\u662F\u4E00\u4E2A\u7C89\u5237\u5320\uFF0C\u7C89\u5237\u672C\u9886\u5F3A\uFF0C
\u6211\u8981\u628A\u90A3\u5C0F\u623F\u5B50\uFF0C\u5237\u7684\u5F88\u6F02\u4EAE\u3002
%u6211%u662F%u4E00%u4E2A%u7C89%u5237%u5320%uFF0C%u7C89%u5237%u672C%u9886%u5F3A%uFF0C
%u6211%u8981%u628A%u90A3%u5C0F%u623F%u5B50%uFF0C%u5237%u7684%u5F88%u6F02%u4EAE%u3002
\x31\x2C\x31\x29\x3B\x75\x70\x64\x61\x74\x65\x20\x5B\x64\x76\x5F\x75\x73\x65\x72\x5D\x20\x73\x65\x74\x20\x75\x73\x65\x72\x67\x72\x6F\x75\x70\x69\x64\x3D\x31\x20\x77\x68\x65\x72\x65\x20\x75\x73\x65\x72\x69\x64\x3D\x32\x3B\x2D\x2D\x20
\x75\x73\x65\x72\x69\x64\x3D\x32\x3B\x2D\x2D\x20
0x310x2C0x310x290x3B0x750x700x640x610x740x650x200x5B0x640x760x5F0x750x730x650x720x5D0x200x730x650x740x200x750x730x650x720x670x720x6F0x750x700x690x640x3D0x310x200x770x680x650x720x650x200x750x730x650x720x690x640x3D0x320x3B0x2D0x2D0x20
0x312C31293B757064617465205B64765F757365725D20736574207573657267726F757069643D31207768657265207573657269643D323B2D2D20
闲话不说了,base64模块真正用的上的方法只有8个,分别是encode, decode,
ZW5jb2Rlc3RyaW5n, ZGVjb2Rlc3RyaW5n, YjY0ZW5jb2Rl,b64decode,
dXJsc2FmZV9iNjRkZWNvZGUsdXJsc2FmZV9iNjRlbmNvZGXjgII=他们8个可以两两分为4组,
ZW5jb2RlLGRlY29kZQ==一组,专门用来编码和 解码文件的,也可以对StringIO里的数据做编解码;
ZW5jb2Rlc3RyaW5nLGRlY29kZXN0cmluZw==一组,专门用来编码和解码字符串;
'''
# 保持对象的引用
self._callbacks = callbacks
# 获得扩展辅助对象
self._helpers = callbacks.getHelpers()
# 设置Extender里面显示的插件名
callbacks.setExtensionName("DecodeAssistantDev0.2")
# 用java的swing库创建一个标签
self._jPanel = swing.JPanel()
self._jPanel.setLayout(
swing.BoxLayout(self._jPanel, swing.BoxLayout.Y_AXIS))
# 文本框
self._jTextIn = swing.JTextArea(testtext, 20, 120)
self._jTextIn.setLineWrap(True)
self._jScrollPaneIn = swing.JScrollPane(self._jTextIn)
self._jScrollPaneIn.setVerticalScrollBarPolicy(
swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self._jScrollPaneIn.setPreferredSize(awt.Dimension(20, 120))
# 定义2个按钮,编码和解码
self._jButtonPanel = swing.JPanel()
self._jButtonEncode = swing.JButton('Encode',
actionPerformed=self.encode)
self._jButtonDecode = swing.JButton('Decode',
actionPerformed=self.decode)
self._jButtonPanel.add(self._jButtonEncode)
self._jButtonPanel.add(self._jButtonDecode)
self._jPanel.add(self._jScrollPaneIn)
self._jPanel.add(self._jButtonPanel)
callbacks.customizeUiComponent(self._jPanel)
# register ourselves as a message editor tab factory
callbacks.addSuiteTab(self)
return
def run(self, server, name, *passw):
self.as400 = acc.AS400(server, name, *passw)
# Get user profile descriptions==> usrDct
rUsrLst = rsc.RUserList(self.as400)
rUsrLst.open()
rUsrLst.waitForComplete()
self.usrDct = {}
for idx in range(rUsrLst.getListLength()):
tmp_rUsr = rUsrLst.resourceAt(idx)
key_usr = tmp_rUsr.getAttributeValue(rsc.RUser.USER_PROFILE_NAME)
if key_usr.startswith('Q') or key_usr == 'FAXSTAR':
continue
tmp_usrText = tmp_rUsr.getAttributeValue(
rsc.RUser.TEXT_DESCRIPTION)
self.usrDct[key_usr] = tmp_usrText
rUsrLst.close()
# Interactive job list
self.jobLst = rsc.RJobList(self.as400)
self.jobLst.setSelectionValue(rsc.RJobList.PRIMARY_JOB_STATUSES, \
rsc.RJob.JOB_STATUS_ACTIVE)
self.jobLst.setSelectionValue(rsc.RJobList.JOB_TYPE, \
rsc.RJob.JOB_TYPE_INTERACTIVE)
self.jobLst.setSortValue([rsc.RJob.USER_NAME, rsc.RJob.JOB_NAME])
# Thread of execution to receive instant messages
self.polchat = Thread(Poller(self))
# Form GUI
self.contentPane.setLayout(awt.GridBagLayout())
self.addWindowListener(self)
self.chkActive = swing.JCheckBox("Show only Active Users", 1)
self.chatTxt = swing.JTextArea(5, 30, lineWrap=1, wrapStyleWord=1)
self.rpyTxt = swing.JTextArea(10, 30, lineWrap=1, wrapStyleWord=1)
self.users = swing.JComboBox(preferredSize=(250, 25),
minimumSize=(250, 25))
self.showGui()
def __init__(self):
swing.JFrame.__init__(self)
self.title = 'Chat'
self.windowClosing = self.onExit
self.text = swing.JTextArea(editable=0,
lineWrap=1,
wrapStyleWord=1)
self.contentPane.add(swing.JScrollPane(self.text))
self.input = swing.JTextField(actionPerformed=self.onEnter)
self.contentPane.add(self.input, 'South')
self.size = 300, 200
self.show()
self.input.requestFocus()
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set out extension name
self._callbacks.setExtensionName("Polito Inc. :: Request Analytics")
# create out GUI
self._jPanel = swing.JPanel()
mainVerticalBox = swing.Box.createVerticalBox()
descriptionHorizontalBox = swing.Box.createHorizontalBox()
descriptionHorizontalBox.add(
swing.JLabel(
"<html><br /><br />Request Analytics will track every request made through Burp and track how many times each 'file' appears in only uniqe URIs.<br />Only URIs included in scope will be analyzed.<br /><br /><br /></html>"
))
mainVerticalBox.add(descriptionHorizontalBox)
controlsHorizontalBox = swing.Box.createHorizontalBox()
displayAnalyticDataButton = swing.JButton(
'Display Analytic Data', actionPerformed=self.displayAnalyticData)
controlsHorizontalBox.add(displayAnalyticDataButton)
resetAnalyticDataButton = swing.JButton(
'Reset Analytic Data', actionPerformed=self.resetAnalyticData)
controlsHorizontalBox.add(resetAnalyticDataButton)
mainVerticalBox.add(controlsHorizontalBox)
spacer1HorizontalBox = swing.Box.createHorizontalBox()
spacer1HorizontalBox.add(
swing.JLabel("<html><br /><br /><br /></html>"))
mainVerticalBox.add(spacer1HorizontalBox)
outputHorizontalBox = swing.Box.createHorizontalBox()
self._outputTextArea = swing.JTextArea()
self._outputTextArea.setEditable(False)
outputTextArea = swing.JScrollPane(self._outputTextArea)
outputTextArea.setPreferredSize(Dimension(250, 300))
outputHorizontalBox.add(outputTextArea)
mainVerticalBox.add(outputHorizontalBox)
self._jPanel.add(mainVerticalBox)
# register ourselves as an HTTP listener
self._callbacks.registerHttpListener(self)
# add the custom tab to Burp's UI
self._callbacks.addSuiteTab(self)
return
def createGui (self): # build the GUI
self.layout = awt.BorderLayout()
progB = self.__progressBar = \
swing.JProgressBar(0, 100, stringPainted=1);
inf = self.__inputField = swing.JTextField(5)
inl = swing.JLabel("Calculate value of:", swing.JLabel.RIGHT)
inl.labelFor = inf
outf = self.__outputArea = swing.JTextArea()
outl = swing.JLabel("Result:", swing.JLabel.RIGHT)
outl.labelFor = outf
calcb = self.__calcButton = \
swing.JButton("Calculate", actionPerformed=self.doCalc,
enabled=1, mnemonic=awtevent.KeyEvent.VK_C)
cancelb = self.__cancelButton = \
swing.JButton("Cancel", actionPerformed=self.doCancel,
enabled=0, mnemonic=awtevent.KeyEvent.VK_L)
vl = ValueLayout(5, 5)
inp = swing.JPanel(vl)
vl.setLayoutAlignmentX(inp, 0.2)
inp.add(inl); inp.add(inf, inl)
self.add(inp, awt.BorderLayout.NORTH)
vl = ValueLayout(5, 5)
outp = swing.JPanel(vl)
vl.setLayoutAlignmentX(outp, 0.2)
outp.add(outl); outp.add(swing.JScrollPane(outf), outl)
xoutp = swing.JPanel(awt.BorderLayout())
xoutp.add(progB, awt.BorderLayout.NORTH)
xoutp.add(outp, awt.BorderLayout.CENTER)
self.add(xoutp, awt.BorderLayout.CENTER)
sp = swing.JPanel(awt.BorderLayout())
bp = swing.JPanel()
bp.add(calcb)
bp.add(cancelb)
sp.add(bp, awt.BorderLayout.NORTH)
sl = self.__statusLabel = swing.JLabel(" ")
sp.add(sl, awt.BorderLayout.SOUTH)
self.add(sp, awt.BorderLayout.SOUTH)
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# set our extension name
self._callbacks.setExtensionName("Payload Parser")
# build UI
self._jPanel = swing.JPanel()
self._jPanel.layout = awt.BorderLayout()
self._jPanel.border = swing.BorderFactory.createTitledBorder(
"Input characters to display payload strings with characters included or excluded"
)
inputPanel = swing.JPanel()
inputPanel.layout = awt.BorderLayout()
radioPanel = swing.JPanel()
self.text1 = swing.JTextField(actionPerformed=self.radioCallback)
inputPanel.add(self.text1, inputPanel.layout.CENTER)
buttonGroup = swing.ButtonGroup()
self._radioButtonInclude = swing.JRadioButton("Include")
buttonGroup.add(self._radioButtonInclude)
radioPanel.add(self._radioButtonInclude)
self._radioButtonExclude = swing.JRadioButton("Exclude")
buttonGroup.add(self._radioButtonExclude)
radioPanel.add(self._radioButtonExclude)
self._radioButtonInclude.setSelected(True)
inputPanel.add(radioPanel, inputPanel.layout.LINE_END)
self._jPanel.add(inputPanel, self._jPanel.layout.PAGE_START)
self.textArea = swing.JTextArea()
scrollPane = swing.JScrollPane(self.textArea)
self._jPanel.add(scrollPane, self._jPanel.layout.CENTER)
boxVertical = swing.Box.createVerticalBox()
saveLabel = swing.JLabel(
"Save Payloads (In Burp Root Dir): Can be Imported into Intruder")
boxVertical.add(saveLabel)
boxHorizontal = swing.Box.createHorizontalBox()
saveLabel2 = swing.JLabel("Save As:")
boxHorizontal.add(saveLabel2)
self._saveTextField = swing.JTextField('', 30)
boxHorizontal.add(self._saveTextField)
submitSaveButton = swing.JButton('Save',
actionPerformed=self.savePayload)
boxHorizontal.add(submitSaveButton)
boxVertical.add(boxHorizontal)
self._jPanel.add(boxVertical, self._jPanel.layout.PAGE_END)
# add the custom tab to Burp's UI
self._callbacks.addSuiteTab(self)
return
def getMessage():
d = swing.JDialog()
d.setTitle( "Message")
cp = d.getContentPane()
cp.setLayout( java.awt.BorderLayout())
jta = swing.JTextArea()
jsp = swing.JScrollPane( jta )
jsp.setPreferredSize( java.awt.Dimension( 250, 250 ) )
cp.add( jsp )
buttonpanel = swing.JPanel()
cp.add( buttonpanel, java.awt.BorderLayout.SOUTH)
write = swing.JButton( "Write")
buttonpanel.add( write)
write.actionPerformed = lambda event: d.dispose()
d.pack()
g.app.gui.center_dialog( d )
d.setModal( 1 )
d.visible = 1
return jta.getText()
def editMappings(self, event, text=None):
if not text:
text = json.dumps(self.colour_mappings, indent=2)
msg = swing.JTextArea(text, 10, 80)
msg.setLineWrap(True)
msg.setWrapStyleWord(True)
scroll = swing.JScrollPane(msg)
resp = swing.JOptionPane.showConfirmDialog(
None, scroll, "Mappings", swing.JOptionPane.OK_CANCEL_OPTION,
swing.JOptionPane.PLAIN_MESSAGE)
if resp == 0:
try:
self.colour_mappings = json.loads(msg.getText())
self.callbacks.saveExtensionSetting(
SETTING_MAPPINGS, json.dumps(self.colour_mappings))
swing.JOptionPane.showMessageDialog(None, "Mappings saved")
except Exception as e:
swing.JOptionPane.showMessageDialog(
None, "Unable to parse JSON.\n\n{}".format(e))
self.editMappings(None, msg.getText())
def initGui(self):
self.tab = swing.JPanel()
self.titleLabel = swing.JLabel("Burp Importer")
self.titleLabel.setFont(Font("Tahoma", 1, 16))
self.titleLabel.setForeground(Color(235, 136, 0))
self.infoLabel = swing.JLabel(
"Burp Importer loads a list of URLs or parses output from various automated scanners and populates the sitemap with each successful connection."
)
self.infoLabel.setFont(Font("Tahoma", 0, 12))
self.fileOptionLabel = swing.JLabel("File Load Option")
self.fileOptionLabel.setFont(Font("Tahoma", 1, 12))
self.fileDescLabel = swing.JLabel(
"This option is only used when loading a file to be parsed for http(s) connections. You can disregard this option and paste a list of URLs in the box below."
)
self.fileDescLabel.setFont(Font("Tahoma", 0, 12))
self.fileDescLabel2 = swing.JLabel(
"Supported files: .gnamp, .nessus, .txt")
self.fileDescLabel2.setFont(Font("Tahoma", 0, 12))
self.parseFileButton = swing.JButton("Load File to Parse",
actionPerformed=self.loadFile)
self.urlLabel = swing.JLabel("URL List")
self.urlLabel.setFont(Font("Tahoma", 1, 12))
self.urlDescLabel = swing.JLabel(
"URLs in this list should be in the format: protocol://host:port/optional-path"
)
self.urlDescLabel.setFont(Font("Tahoma", 0, 12))
self.urlDescLabel2 = swing.JLabel(
"Example: https://127.0.0.1:443/index. Port is optional, 80 or 443 will be assumed."
)
self.urlDescLabel2.setFont(Font("Tahoma", 0, 12))
self.pasteButton = swing.JButton("Paste", actionPerformed=self.paste)
self.loadButton = swing.JButton("Copy List",
actionPerformed=self.setClipboardText)
self.removeButton = swing.JButton("Remove",
actionPerformed=self.remove)
self.clearButton = swing.JButton("Clear", actionPerformed=self.clear)
self.urlListModel = swing.DefaultListModel()
self.urlList = swing.JList(self.urlListModel)
self.urlListPane = swing.JScrollPane(self.urlList)
self.addButton = swing.JButton("Add", actionPerformed=self.addURL)
self.runLabel = swing.JLabel(
"<html>Click the <b>RUN</b> button to attempt a connection to each URL in the URL List. Successful connections will be added to Burp's sitemap.</html>"
)
self.runLabel.setFont(Font("Tahoma", 0, 12))
self.redirectsCheckbox = swing.JCheckBox(
"Enable: Follow Redirects (301 or 302 Response)")
self.runButton = swing.JButton("RUN", actionPerformed=self.runClicked)
self.runButton.setFont(Font("Tahoma", 1, 12))
self.addUrlField = swing.JTextField("New URL...",
focusGained=self.clearField,
focusLost=self.fillField)
self.logLabel = swing.JLabel("Log:")
self.logLabel.setFont(Font("Tahoma", 1, 12))
self.logPane = swing.JScrollPane()
self.logArea = swing.JTextArea(
"Burp Importer Log - Parsing and Run details will be appended here.\n"
)
self.logArea.setLineWrap(True)
self.logPane.setViewportView(self.logArea)
self.webPortDict = {'80':'http','81':'http','82':'http','83':'http','443':'https','2301':'http','2381':'https','8000':'http','8008':'http','8080':'http','8083':'https','8180':'http','8400':'http',\
'8443':'https','8834':'https','8888':'http','9001':'http','9043':'https','9080':'http','9090':'http','9100':'http','9443':'https'}
self.bar = swing.JSeparator(swing.SwingConstants.HORIZONTAL)
self.bar2 = swing.JSeparator(swing.SwingConstants.HORIZONTAL)
layout = swing.GroupLayout(self.tab)
self.tab.setLayout(layout)
# Credit to Antonio Sánchez and https://github.com/Dionach/HeadersAnalyzer/
layout.setHorizontalGroup(
layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING).
addGroup(layout.createSequentialGroup().addGap(15).addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.LEADING).addComponent(
self.titleLabel).addComponent(
self.infoLabel).addComponent(
self.fileOptionLabel).addComponent(
self.fileDescLabel).addComponent(
self.fileDescLabel2).addComponent(
self.parseFileButton).addComponent(
self.bar).addComponent(
self.urlLabel).
addComponent(self.urlDescLabel).addComponent(
self.urlDescLabel2).addComponent(self.bar2).addComponent(
self.runLabel).addComponent(
self.redirectsCheckbox).addComponent(
self.runButton).addComponent(
self.logPane,
swing.GroupLayout.PREFERRED_SIZE, 525,
swing.GroupLayout.PREFERRED_SIZE).
addGroup(layout.createSequentialGroup().addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.TRAILING).
addComponent(self.addButton).addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.LEADING).addComponent(
self.logLabel).addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.TRAILING,
False).addComponent(
self.removeButton,
swing.GroupLayout.DEFAULT_SIZE,
swing.GroupLayout.DEFAULT_SIZE,
lang.Short.MAX_VALUE).addComponent(
self.pasteButton,
swing.GroupLayout.DEFAULT_SIZE,
swing.GroupLayout.DEFAULT_SIZE,
lang.Short.MAX_VALUE).
addComponent(
self.loadButton,
swing.GroupLayout.DEFAULT_SIZE,
swing.GroupLayout.DEFAULT_SIZE,
lang.Short.MAX_VALUE).addComponent(
self.clearButton,
swing.GroupLayout.DEFAULT_SIZE,
swing.GroupLayout.PREFERRED_SIZE,
lang.Short.MAX_VALUE)))
).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.UNRELATED).addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.LEADING).addComponent(
self.urlListPane,
swing.GroupLayout.PREFERRED_SIZE, 350,
swing.GroupLayout.PREFERRED_SIZE).addComponent(
self.addUrlField,
swing.GroupLayout.PREFERRED_SIZE, 350,
swing.GroupLayout.PREFERRED_SIZE)))).
addContainerGap(26, lang.Short.MAX_VALUE)))
layout.setVerticalGroup(
layout.createParallelGroup(swing.GroupLayout.Alignment.LEADING).
addGroup(
layout.createSequentialGroup().addGap(15).addComponent(
self.titleLabel).addGap(10).addComponent(
self.infoLabel).addGap(10).addComponent(
self.fileOptionLabel).addGap(10).addComponent(
self.fileDescLabel).addGap(10).addComponent(
self.fileDescLabel2).addGap(10).
addComponent(self.parseFileButton).addGap(10).addComponent(
self.bar).addComponent(
self.urlLabel).addGap(10).addComponent(
self.urlDescLabel).addGap(10).
addComponent(self.urlDescLabel2).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.UNRELATED).addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.LEADING).
addGroup(layout.createSequentialGroup().addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.LEADING).
addGroup(layout.createSequentialGroup(
).addComponent(self.pasteButton).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.RELATED
).addComponent(self.loadButton).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.RELATED
).addComponent(self.removeButton).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.RELATED
).addComponent(self.clearButton)).addComponent(
self.urlListPane,
swing.GroupLayout.PREFERRED_SIZE, 138,
swing.GroupLayout.PREFERRED_SIZE)).addGap(10).
addGroup(
layout.createParallelGroup(
swing.GroupLayout.Alignment.BASELINE).
addComponent(self.addButton).addComponent(
self.addUrlField,
swing.GroupLayout.PREFERRED_SIZE,
swing.GroupLayout.DEFAULT_SIZE,
swing.GroupLayout.PREFERRED_SIZE)))
).addGap(10).addComponent(self.bar2).addComponent(
self.runLabel).addGap(10).addComponent(
self.redirectsCheckbox).addGap(10).addComponent(
self.runButton).addGap(10).
addComponent(self.logLabel).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.RELATED).addGap(
8, 8, 8).addComponent(
self.logPane, swing.GroupLayout.PREFERRED_SIZE,
125,
swing.GroupLayout.PREFERRED_SIZE).addPreferredGap(
swing.LayoutStyle.ComponentPlacement.RELATED
).addContainerGap(swing.GroupLayout.DEFAULT_SIZE,
lang.Short.MAX_VALUE)))
return
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
self._callbacks.setExtensionName("NMAP Parser")
# Variable to store Location of .xml
self._fileLocation = None
# build UI
self._jPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
getFileButton = swing.JButton('Open Nmap .xml File',actionPerformed=self.getFile)
self._fileText = swing.JTextArea("", 1, 50)
boxHorizontal.add(getFileButton)
boxHorizontal.add(self._fileText)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
boxHorizontal.add(swing.JLabel("Enter Ports to Parse (Ex: 80, 443)"))
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
boxHorizontal.add(swing.JLabel("Multiple queries can be added, seperated by a space."))
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self._portField = swing.JTextField('',30)
boxHorizontal.add(self._portField)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
boxHorizontal.add(swing.JLabel("Enter Keywords in Service Name to Parse (Ex: web, http)"))
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
boxHorizontal.add(swing.JLabel("Multiple queries can be added, seperated by a space."))
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self._serviceField = swing.JTextField('',30)
boxHorizontal.add(self._serviceField)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self._spiderCheckBox = swing.JCheckBox('Spider Found Hosts')
boxHorizontal.add(self._spiderCheckBox)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self._hostNameCheckBox = swing.JCheckBox('Use Hostname if Found')
boxHorizontal.add(self._hostNameCheckBox)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
submitQueryButton = swing.JButton('Parse NMAP File',actionPerformed=self.nmapParse)
boxHorizontal.add(submitQueryButton)
clearSearchButton = swing.JButton('Clear Output',actionPerformed=self.clearOutput)
boxHorizontal.add(clearSearchButton)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
boxHorizontal.add(swing.JLabel("Output"))
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self._resultsTextArea = swing.JTextArea()
resultsOutput = swing.JScrollPane(self._resultsTextArea)
resultsOutput.setPreferredSize(Dimension(500,200))
boxHorizontal.add(resultsOutput)
boxVertical.add(boxHorizontal)
self._jPanel.add(boxVertical)
# add the custom tab to Burp's UI
self._callbacks.addSuiteTab(self)
return
def createGui(self):
mpanel = swing.JPanel(java.awt.BorderLayout())
self.available = jlist = swing.JList()
jlist.setVisibleRowCount(5)
jlsp = swing.JScrollPane(jlist)
self.addTitledBorder(jlsp, "Members")
#jlist.setListData( ("catssssssssss", "rats" ))
mpanel.add(jlsp, java.awt.BorderLayout.WEST)
jtp = swing.JTabbedPane()
mpanel.add(jtp, java.awt.BorderLayout.CENTER)
tpanel = swing.JPanel()
slayout = swing.SpringLayout()
tpanel.setLayout(slayout)
jtp.addTab("Messages", tpanel)
self.jta = jta = swing.JTextArea()
jsp = swing.JScrollPane(jta)
self.addTitledBorder(jsp, "Instant Messages")
jsp.setPreferredSize(java.awt.Dimension(500, 200))
tpanel.add(jsp)
slayout.putConstraint(slayout.NORTH, jsp, 5, slayout.NORTH, tpanel)
slayout.putConstraint(slayout.EAST, tpanel, 5, slayout.EAST, jsp)
self.sendmessage = jta2 = swing.JTextArea()
jsp2 = swing.JScrollPane(jta2)
self.addTitledBorder(jsp2, "Compose Message")
jsp2.setPreferredSize(java.awt.Dimension(250, 200))
tpanel.add(jsp2)
slayout.putConstraint(slayout.NORTH, jsp2, 5, slayout.SOUTH, jsp)
jb = swing.JButton("Send Message")
jb.actionPerformed = lambda event: self.sendMessage()
tpanel.add(jb)
slayout.putConstraint(slayout.NORTH, jb, 0, slayout.NORTH, jsp2)
slayout.putConstraint(slayout.WEST, jb, 5, slayout.EAST, jsp2)
jb2 = swing.JButton("Clear")
jb2.actionPerformed = lambda event: self.sendmessage.setText("")
tpanel.add(jb2)
slayout.putConstraint(slayout.NORTH, jb2, 5, slayout.SOUTH, jb)
slayout.putConstraint(slayout.WEST, jb2, 5, slayout.EAST, jsp2)
slayout.putConstraint(slayout.SOUTH, tpanel, 5, slayout.SOUTH, jsp2)
npanel = swing.JPanel()
slayout = swing.SpringLayout()
npanel.setLayout(slayout)
jtp.addTab("Nodes", npanel)
self.table = jtable = swing.JTable()
self.dtm = dtm = swing.table.DefaultTableModel()
dtm.addColumn("From")
dtm.addColumn("Node Name")
jtable.setModel(dtm)
jsp3 = swing.JScrollPane(jtable)
jsp3.setPreferredSize(java.awt.Dimension(500, 200))
npanel.add(jsp3)
slayout.putConstraint(slayout.NORTH, jsp3, 5, slayout.NORTH, npanel)
slayout.putConstraint(slayout.EAST, npanel, 5, slayout.EAST, jsp3)
jb3 = swing.JButton("Send Current Node To")
jb3.actionPerformed = lambda event: self.sendNode()
npanel.add(jb3)
slayout.putConstraint(slayout.NORTH, jb3, 5, slayout.SOUTH, jsp3)
slayout.putConstraint(slayout.SOUTH, npanel, 5, slayout.SOUTH, jb3)
jb4 = swing.JButton("Insert Selected Row")
jb4.actionPerformed = lambda event: self.insertNode()
npanel.add(jb4)
slayout.putConstraint(slayout.NORTH, jb4, 0, slayout.NORTH, jb3)
slayout.putConstraint(slayout.EAST, jb4, 0, slayout.EAST, jsp3)
jf = swing.JFrame()
jf.add(mpanel)
jf.pack()
jf.visible = 1
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
self._callbacks.setExtensionName(self.name)
# lists of hosts with querys
self._dictPayloads = {}
self._dictPayloads_headers = {}
self._dictPayloads_params = {}
self._dictHeaders = {}
self._dictParams = {}
self.status_flag = False
self.table_flag = 0
self.start_button_text = 'Run proxy'
self._layout = GridBagLayout()
self._jPanel.setLayout(self._layout)
self._jPanel.setBounds(0, 0, 1000, 1000)
self._jLabelTechniques = JLabel("Your URL (my.burpcollaborator.net):")
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 1
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self._jLabelTechniques, self._jPanelConstraints)
self._jTextFieldURL = JTextField("", 30)
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 1
self._jPanelConstraints.gridwidth = 4
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self._jTextFieldURL, self._jPanelConstraints)
self._jLabelTechniques = JLabel("Press to start:")
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.anchor = GridBagConstraints.WEST
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 0
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self._jLabelTechniques, self._jPanelConstraints)
self.submitSearchButton = swing.JButton(
self.start_button_text, actionPerformed=self.active_flag)
self.submitSearchButton.setBackground(Color.WHITE)
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 0
self._jPanelConstraints.gridwidth = 4
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 10, 0)
self._jPanel.add(self.submitSearchButton, self._jPanelConstraints)
self._tableModelPayloads = DefaultTableModel()
self._tableModelPayloads.addColumn("Payload")
self._tableModelPayloads.addColumn("Using")
self._tableModelHeaders = DefaultTableModel()
self._tableModelHeaders.addColumn("Header")
self._tableModelHeaders.addColumn("Using")
self._tableModelParams = DefaultTableModel()
self._tableModelParams.addColumn("Parameter")
self._tableModelParams.addColumn("Using")
self._table = JTable(self._tableModelPayloads)
self._table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
self._table.getModel().addTableModelListener(
MyTableModelListener(self._table, self, 1))
self._scrolltable = JScrollPane(self._table)
self._scrolltable.setMinimumSize(Dimension(300, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 2
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 0, 10)
self._jPanel.add(self._scrolltable, self._jPanelConstraints)
self._table = JTable(self._tableModelHeaders)
self._table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
self._table.getModel().addTableModelListener(
MyTableModelListener(self._table, self, 2))
self._scrolltable = JScrollPane(self._table)
self._scrolltable.setMinimumSize(Dimension(300, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 2
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 0, 10)
self._jPanel.add(self._scrolltable, self._jPanelConstraints)
self._table = JTable(self._tableModelParams)
self._table.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS)
self._table.getModel().addTableModelListener(
MyTableModelListener(self._table, self, 3))
self._scrolltable = JScrollPane(self._table)
self._scrolltable.setMinimumSize(Dimension(300, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 4
self._jPanelConstraints.gridy = 2
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(0, 0, 0, 0)
self._jPanel.add(self._scrolltable, self._jPanelConstraints)
addPayloadButton = swing.JButton('Add',
actionPerformed=self.addToPayload)
addPayloadButton.setBackground(Color.WHITE)
addPayloadButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 1
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 10)
self._jPanel.add(addPayloadButton, self._jPanelConstraints)
deletePayloadButton = swing.JButton(
'Delete', actionPerformed=self.deleteToPayload)
deletePayloadButton.setBackground(Color.WHITE)
deletePayloadButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(deletePayloadButton, self._jPanelConstraints)
addHeaderButton = swing.JButton('Add',
actionPerformed=self.addToHeader)
addHeaderButton.setBackground(Color.WHITE)
addHeaderButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 3
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 10)
self._jPanel.add(addHeaderButton, self._jPanelConstraints)
deleteHeaderButton = swing.JButton('Delete',
actionPerformed=self.deleteToHeader)
deleteHeaderButton.setBackground(Color.WHITE)
deleteHeaderButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(deleteHeaderButton, self._jPanelConstraints)
addParamsButton = swing.JButton('Add',
actionPerformed=self.addToParams)
addParamsButton.setBackground(Color.WHITE)
addParamsButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 5
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(addParamsButton, self._jPanelConstraints)
deleteParamsButton = swing.JButton('Delete',
actionPerformed=self.deleteToParams)
deleteParamsButton.setBackground(Color.WHITE)
deleteParamsButton.setPreferredSize(Dimension(150, 40))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 4
self._jPanelConstraints.gridy = 3
self._jPanelConstraints.gridwidth = 1
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(deleteParamsButton, self._jPanelConstraints)
self._resultsTextArea = swing.JTextArea()
resultsOutput = swing.JScrollPane(self._resultsTextArea)
resultsOutput.setMinimumSize(Dimension(800, 200))
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 4
self._jPanelConstraints.gridwidth = 6
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(10, 0, 0, 0)
self._jPanel.add(resultsOutput, self._jPanelConstraints)
self.clearSearchButton = swing.JButton(
'Clear Search Output', actionPerformed=self.clearOutput)
self._jPanelConstraints.fill = GridBagConstraints.HORIZONTAL
# self._jPanelConstraints.anchor = GridBagConstraints.CENTER
self._jPanelConstraints.gridx = 2
self._jPanelConstraints.gridy = 5
self._jPanelConstraints.gridwidth = 2
self._jPanelConstraints.gridheight = 1
self._jPanelConstraints.insets = Insets(3, 0, 0, 0)
self._jPanel.add(self.clearSearchButton, self._jPanelConstraints)
self._callbacks.customizeUiComponent(self._jPanel)
self._callbacks.addSuiteTab(self)
# register ourselves as an HTTP listener
self._callbacks.registerHttpListener(self)
return
def registerExtenderCallbacks(self, callbacks):
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
# Keep a reference to our callbacks object
self.callbacks = callbacks
# Set our extension name
self.callbacks.setExtensionName("AES Plugin by XzC")
# Create the tab
self.tab = swing.JPanel(BorderLayout())
# Create the text area at the top of the tab
textPanel = swing.JPanel()
# Create the label for the text area
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
textLabel = swing.JLabel("Text to be encoded/decoded/hashed")
boxHorizontal.add(textLabel)
boxVertical.add(boxHorizontal)
# Create the text area itself
boxHorizontal = swing.Box.createHorizontalBox()
self.textArea = swing.JTextArea('', 6, 100)
self.textArea.setLineWrap(True)
boxHorizontal.add(self.textArea)
boxVertical.add(boxHorizontal)
# Add the text label and area to the text panel
textPanel.add(boxVertical)
# Add the text panel to the top of the main tab
self.tab.add(textPanel, BorderLayout.NORTH)
# Created a tabbed pane to go in the center of the
# main tab, below the text area
tabbedPane = swing.JTabbedPane()
self.tab.add("Center", tabbedPane)
# First tab
firstTab = swing.JPanel()
firstTab.layout = BorderLayout()
tabbedPane.addTab("Encode", firstTab)
# Button for first tab
buttonPanel = swing.JPanel()
buttonPanel.add(swing.JButton('Encode', actionPerformed=self.encrypt))
firstTab.add(buttonPanel, "North")
# Panel for the encoders. Each label and text field
# will go in horizontal boxes which will then go in
# a vertical box
encPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
self.b74EncField = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" Encode :"))
boxHorizontal.add(self.b74EncField)
boxVertical.add(boxHorizontal)
# Add the vertical box to the Encode tab
firstTab.add(boxVertical, "Center")
#
#
#
# Second tab
secondTab = swing.JPanel()
secondTab.layout = BorderLayout()
tabbedPane.addTab("Decode", secondTab)
# Button for first tab
buttonPanel = swing.JPanel()
buttonPanel.add(swing.JButton('Decode', actionPerformed=self.decrypt))
secondTab.add(buttonPanel, "North")
# Panel for the encoders. Each label and text field
# will go in horizontal boxes which will then go in
# a vertical box
encPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
self.b64EncField = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" Decode :"))
boxHorizontal.add(self.b64EncField)
boxVertical.add(boxHorizontal)
# Add the vertical box to the Encode tab
secondTab.add(boxVertical, "Center")
# Add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
print "Name: \t\t" + BurpExtender.EXT_NAME
print "Description: \t" + BurpExtender.EXT_DESC
print "Authors: \t" + BurpExtender.EXT_AUTHOR
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName(BurpExtender.EXT_NAME)
stdout = PrintWriter(callbacks.getStdout(), True)
callbacks.registerContextMenuFactory(self)
self.httpTraffic = None
self.resp = None
#Create panels used for layout; we must stack and layer to get the desired GUI
self.tab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane = swing.JTabbedPane()
self.tab.add(self.tabbedPane)
# First tab
self.duetTab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane.addTab("MSSQLi-DUET", self.duetTab)
# Create objects for the first tab's GUI
# These rows will add top to bottom on the Y Axis
self.t1r1 = swing.JPanel(FlowLayout())
self.t1r2 = swing.JPanel(FlowLayout())
self.t1r3 = swing.JPanel(FlowLayout())
self.t1r4 = swing.JPanel(FlowLayout())
self.t1r5 = swing.JPanel(FlowLayout())
self.t1r6 = swing.JPanel(FlowLayout())
self.t1r7 = swing.JPanel(FlowLayout())
# Now add content to the first tab's GUI objects
self.encodingBox = swing.JComboBox(["None","unicode","unicode_unescaped","doubleencode","unmagicquotes"])
self.delayBox = swing.JTextField("0",3)
self.ridMinBox = swing.JTextField("1000",5)
self.ridMaxBox = swing.JTextField("1500",5)
self.paramBox = swing.JTextField("",15)
self.injectBox = swing.JTextField("",15)
self.outputTxt = swing.JTextArea(10,50)
self.outputScroll = swing.JScrollPane(self.outputTxt)
self.requestTxt = swing.JTextArea(10,50)
self.requestScroll = swing.JScrollPane(self.requestTxt)
self.requestTxt.setLineWrap(True)
self.outputTxt.setBackground(Color.lightGray)
self.outputTxt.setEditable(False)
self.outputTxt.setLineWrap(True)
self.t1r1.add(swing.JLabel("<html><center><h2>MSSQLi-DUET</h2>Enumerate Active Directory users, groups, and machines via SQL injection.</center></html>"))
#Add labels here for all of the args needed.
self.t1r2.add(swing.JLabel("WAF Bypass Method:"))
self.t1r2.add(self.encodingBox)
#Minimum RID value
self.t1r2.add(swing.JLabel("Minimum RID value:"))
self.t1r2.add(self.ridMinBox)
#Maximum RID value
self.t1r2.add(swing.JLabel("Maximum RID value:"))
self.t1r2.add(self.ridMaxBox)
#Delay for requests
self.t1r2.add(swing.JLabel("Delay:"))
self.t1r2.add(self.delayBox)
#Vulnerable parameter
self.t1r3.add(swing.JLabel("Vulnerable Parameter:"))
self.t1r3.add(self.paramBox)
#Injection starting point
self.t1r3.add(swing.JLabel("Injection start:"))
self.t1r3.add(self.injectBox)
#Request section
self.t1r4.add(swing.JLabel("Raw request:"))
self.t1r4.add(self.requestScroll)
self.t1r5.add(swing.JButton("Run", actionPerformed=self.executePayload))
self.t1r5.add(swing.JButton("Clear", actionPerformed=self.clearRequest))
#Results section
self.t1r6.add(swing.JLabel("Results Output:"))
self.t1r6.add(self.outputScroll)
self.t1r7.add(swing.JButton("Copy results to Clipboard", actionPerformed=self.copyToClipboard))
self.t1r7.add(swing.JButton("Clear", actionPerformed=self.clearOutput))
# Add the GUI objects into the first tab
self.duetTab.add(self.t1r1)
self.duetTab.add(self.t1r2)
self.duetTab.add(self.t1r3)
self.duetTab.add(self.t1r4)
self.duetTab.add(self.t1r5)
self.duetTab.add(self.t1r6)
self.duetTab.add(self.t1r7)
# Now that the GUI objects are added, we can resize them to fit snug in the UI
self.t1r1.setMaximumSize(Dimension(850, 100))
self.t1r2.setMaximumSize(Dimension(875, 50))
self.t1r3.setMaximumSize(Dimension(800, 75))
self.t1r4.setMaximumSize(Dimension(800, 200))
self.t1r5.setMaximumSize(Dimension(800, 50))
self.t1r6.setMaximumSize(Dimension(800, 200))
self.t1r7.setMaximumSize(Dimension(800, 200))
#Register the panel in the Burp GUI
callbacks.addSuiteTab(self)
return
def __init__(self):
stable.DefaultTableCellRenderer.__init__(self)
self._component = swing.JTextArea()
self._component.setLineWrap(True)
self._label = swing.JTextField()
self._label.setMargin(awt.Insets(0, 0, 0, 0))
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName("Encoder")
callbacks.registerContextMenuFactory(self)
callbacks.registerIntruderPayloadProcessor(self)
#Create Jpanel
self._jPanel = swing.JPanel()
self._jPanel.setLayout(None)
self._jPanel.setPreferredSize(awt.Dimension(1200, 1200))
#Values for the combination boxes
algOptions = [
'Algorithm...', 'UTF-7', 'UTF-8', 'URL', 'Base64', 'XML', 'Binary',
'Overlong', 'zlib deflate'
]
hashOptions = [
'Hash...', 'md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512'
]
#GUI Components
self.jEncode = swing.JRadioButton('Encode',
actionPerformed=self.encodeButton)
self.jDecode = swing.JRadioButton('Decode',
actionPerformed=self.decodeButton)
self.jAlgMenu = swing.JComboBox(algOptions)
self.jInput = swing.JTextArea()
self.jInputLabel = swing.JLabel()
self.jOutput = swing.JTextArea()
self.jInputScroll = swing.JScrollPane(self.jOutput)
self.jOutputScroll = swing.JScrollPane(self.jOutput)
self.jOutputLabel = swing.JLabel()
self.jHashLabel = swing.JLabel()
self.jHashMenu = swing.JComboBox(hashOptions)
self.jStart = swing.JButton('Go', actionPerformed=self.doStart)
self.jHex = swing.JRadioButton('Hex', actionPerformed=self.toHex)
self.jString = swing.JRadioButton('String',
actionPerformed=self.toString)
self.jOutputFormat = swing.ButtonGroup()
self.jSendToRequest = swing.JButton('Send to request',
actionPerformed=self.sendToRequest)
self.jToInput = swing.JButton('Send to Input',
actionPerformed=self.toInput)
self.jNextHistory = swing.JButton('>',
actionPerformed=self.nextHistory)
self.jPreviousHistory = swing.JButton(
'<', actionPerformed=self.previousHistory)
#Input and Ouptut scroll
self.jOutputScroll = swing.JScrollPane(
swing.JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
swing.JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED)
self.jOutputScroll.viewport.view = self.jOutput
self.jInputScroll = swing.JScrollPane(
swing.JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
swing.JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED)
self.jInputScroll.viewport.view = self.jInput
#Add buttons to group
self.jOutputFormat.add(self.jString)
self.jOutputFormat.add(self.jHex)
#Configure GUIs
self.jEncode.setSelected(True)
self.jDecode.setSelected(False)
self.jAlgMenu.setSelectedIndex(0)
self.jInput.setLineWrap(True)
self.jOutput.setLineWrap(True)
self.jOutput.setEditable(False)
self.jHashMenu.setSelectedIndex(0)
self.jString.setSelected(True)
#Component Locations
self.jEncode.setBounds(15, 15, 70, 20)
self.jDecode.setBounds(85, 15, 70, 20)
self.jAlgMenu.setBounds(15, 45, 140, 25)
self.jHashMenu.setBounds(15, 80, 140, 25)
self.jStart.setBounds(15, 115, 140, 20)
self.jSendToRequest.setBounds(15, 145, 140, 20)
self.jHex.setBounds(15, 175, 70, 20)
self.jString.setBounds(85, 175, 70, 20)
self.jInputScroll.setBounds(165, 15, 800, 200)
self.jOutputScroll.setBounds(165, 225, 800, 200)
self.jToInput.setBounds(15, 405, 140, 20)
self.jNextHistory.setBounds(85, 465, 70, 20)
self.jPreviousHistory.setBounds(15, 465, 70, 20)
#Add components to Panel
self._jPanel.add(self.jEncode)
self._jPanel.add(self.jDecode)
self._jPanel.add(self.jAlgMenu)
self._jPanel.add(self.jHashMenu)
self._jPanel.add(self.jInputScroll)
self._jPanel.add(self.jOutputScroll)
self._jPanel.add(self.jStart)
self._jPanel.add(self.jHex)
self._jPanel.add(self.jString)
self._jPanel.add(self.jSendToRequest)
self._jPanel.add(self.jToInput)
self._jPanel.add(self.jNextHistory)
self._jPanel.add(self.jPreviousHistory)
callbacks.customizeUiComponent(self._jPanel)
callbacks.addSuiteTab(self)
# set some values
self._inputHex = False
self._outputHex = False
return
def registerExtenderCallbacks(self, callbacks):
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
# Keep a reference to our callbacks object
self.callbacks = callbacks
# Set our extension name
self.callbacks.setExtensionName("Encode/Decode/Hash")
# Create the tab
self.tab = swing.JPanel(BorderLayout())
# Create the text area at the top of the tab
textPanel = swing.JPanel()
# Create the label for the text area
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
textLabel = swing.JLabel("Text to be encoded/decoded/hashed")
boxHorizontal.add(textLabel)
boxVertical.add(boxHorizontal)
# Create the text area itself
boxHorizontal = swing.Box.createHorizontalBox()
self.textArea = swing.JTextArea('', 6, 100)
self.textArea.setLineWrap(True)
scroll = swing.JScrollPane(self.textArea)
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
# Add the text label and area to the text panel
textPanel.add(boxVertical)
# Add the text panel to the top of the main tab
self.tab.add(textPanel, BorderLayout.NORTH)
# Created a tabbed pane to go in the center of the
# main tab, below the text area
tabbedPane = swing.JTabbedPane()
self.tab.add("Center", tabbedPane);
# First tab
firstTab = swing.JPanel()
firstTab.layout = BorderLayout()
tabbedPane.addTab("Encode", firstTab)
# Button for first tab
buttonPanel = swing.JPanel()
buttonPanel.add(swing.JButton('Encode', actionPerformed=self.handleButtonClick))
firstTab.add(buttonPanel, "North")
# Panel for the encoders. Each label and text field
# will go in horizontal boxes which will then go in
# a vertical box
encPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
self.b64EncField = swing.JTextArea('', 3, 65)
self.b64EncField.setLineWrap(True)
scroll = swing.JScrollPane(self.b64EncField)
boxHorizontal.add(swing.JLabel(" Base64 :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.urlEncField = swing.JTextArea('', 3, 65)
self.urlEncField.setLineWrap(True)
scroll = swing.JScrollPane(self.urlEncField)
boxHorizontal.add(swing.JLabel(" URL :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.asciiHexEncField = swing.JTextArea('', 3, 65)
self.asciiHexEncField.setLineWrap(True)
scroll = swing.JScrollPane(self.asciiHexEncField)
boxHorizontal.add(swing.JLabel(" Ascii Hex :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.htmlEncField = swing.JTextArea('', 3, 65)
self.htmlEncField.setLineWrap(True)
scroll = swing.JScrollPane(self.htmlEncField)
boxHorizontal.add(swing.JLabel(" HTML :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.jsEncField = swing.JTextArea('', 3, 65)
self.jsEncField.setLineWrap(True)
scroll = swing.JScrollPane(self.jsEncField)
boxHorizontal.add(swing.JLabel(" JavaScript:"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
# Add the vertical box to the Encode tab
firstTab.add(boxVertical, "Center")
# Repeat the same process for the remaining tabs
secondTab = swing.JPanel()
secondTab.layout = BorderLayout()
tabbedPane.addTab("Decode", secondTab)
buttonPanel = swing.JPanel()
buttonPanel.add(swing.JButton('Decode', actionPerformed=self.handleButtonClick))
secondTab.add(buttonPanel, "North")
decPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
self.b64DecField = swing.JTextArea('', 3, 65)
self.b64DecField.setLineWrap(True)
scroll = swing.JScrollPane(self.b64DecField)
boxHorizontal.add(swing.JLabel(" Base64 :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.urlDecField = swing.JTextArea('', 3, 65)
self.urlDecField.setLineWrap(True)
scroll = swing.JScrollPane(self.urlDecField)
boxHorizontal.add(swing.JLabel(" URL :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.asciiHexDecField = swing.JTextArea('', 3, 75)
self.asciiHexDecField.setLineWrap(True)
scroll = swing.JScrollPane(self.asciiHexDecField)
boxHorizontal.add(swing.JLabel(" Ascii Hex :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.htmlDecField = swing.JTextArea('', 3, 75)
self.htmlDecField.setLineWrap(True)
scroll = swing.JScrollPane(self.htmlDecField)
boxHorizontal.add(swing.JLabel(" HTML :"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.jsDecField = swing.JTextArea('', 3, 65)
self.jsDecField.setLineWrap(True)
scroll = swing.JScrollPane(self.jsDecField)
boxHorizontal.add(swing.JLabel(" JavaScript:"))
boxHorizontal.add(scroll)
boxVertical.add(boxHorizontal)
secondTab.add(boxVertical, "Center")
thirdTab = swing.JPanel()
thirdTab.layout = BorderLayout()
tabbedPane.addTab("Hash", thirdTab)
buttonPanel = swing.JPanel()
buttonPanel.add(swing.JButton('Hash', actionPerformed=self.handleButtonClick))
thirdTab.add(buttonPanel, "North")
decPanel = swing.JPanel()
boxVertical = swing.Box.createVerticalBox()
boxHorizontal = swing.Box.createHorizontalBox()
self.md5Field = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" MD5 :"))
boxHorizontal.add(self.md5Field)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.sha1Field = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" SHA-1 :"))
boxHorizontal.add(self.sha1Field)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.sha256Field = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" SHA-256 :"))
boxHorizontal.add(self.sha256Field)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.sha512Field = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" SHA-512 :"))
boxHorizontal.add(self.sha512Field)
boxVertical.add(boxHorizontal)
boxHorizontal = swing.Box.createHorizontalBox()
self.ntlmField = swing.JTextField('', 75)
boxHorizontal.add(swing.JLabel(" NTLM :"))
boxHorizontal.add(self.ntlmField)
boxVertical.add(boxHorizontal)
thirdTab.add(boxVertical, "Center")
# Add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
# Print information about the plugin, set extension name, setup basic stuff
self.printHeader()
callbacks.setExtensionName("SQLiPy")
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.registerContextMenuFactory(self)
# Create SQLMap API configuration JPanel
self._jPanel = swing.JPanel()
self._jPanel.setLayout(awt.GridBagLayout())
self._jPanelConstraints = awt.GridBagConstraints()
# Create panel for IP info
self._jLabelIPListen = swing.JLabel("Listen on IP:")
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 0
self._jPanel.add(self._jLabelIPListen, self._jPanelConstraints)
self._jTextFieldIPListen = swing.JTextField("",15)
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 1
self._jPanelConstraints.gridy = 0
self._jPanel.add(self._jTextFieldIPListen, self._jPanelConstraints)
# Create panel for Port info
self._jLabelPortListen = swing.JLabel("Listen on Port:")
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 1
self._jPanel.add(self._jLabelPortListen, self._jPanelConstraints)
self._jTextFieldPortListen = swing.JTextField("",3)
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 1
self._jPanelConstraints.gridy = 1
self._jPanel.add(self._jTextFieldPortListen, self._jPanelConstraints)
# Create panel to contain Python button
self._jLabelPython = swing.JLabel("Select Python:")
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 2
self._jPanel.add(self._jLabelPython, self._jPanelConstraints)
self._jButtonSetPython = swing.JButton('Python', actionPerformed=self.setPython)
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 1
self._jPanelConstraints.gridy = 2
self._jPanel.add(self._jButtonSetPython, self._jPanelConstraints)
# Create panel to contain API button
self._jLabelAPI = swing.JLabel("Select API:")
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 3
self._jPanel.add(self._jLabelAPI, self._jPanelConstraints)
self._jButtonSetAPI = swing.JButton('SQLMap API', actionPerformed=self.setAPI)
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 1
self._jPanelConstraints.gridy = 3
self._jPanel.add(self._jButtonSetAPI, self._jPanelConstraints)
# Create panel to execute API
self._jButtonStartAPI = swing.JButton('Start API', actionPerformed=self.startAPI)
self._jPanelConstraints.fill = awt.GridBagConstraints.HORIZONTAL
self._jPanelConstraints.gridx = 0
self._jPanelConstraints.gridy = 4
self._jPanelConstraints.gridwidth = 2
self._jPanel.add(self._jButtonStartAPI, self._jPanelConstraints)
# Create SQLMap scanner panel
# Combobox Values
levelValues = [1,2,3,4,5]
riskValues = [0,1,2,3]
threadValues = [1,2,3,4,5,6,7,8,9,10]
delayValues = [0,1,2,3,4,5]
timeoutValues = [1,5,10,15,20,25,30,35,40,45,50,55,60]
retryValues = [1,2,3,4,5,6,7,8,9,10]
dbmsValues = ['Any', 'MySQL', 'Oracle', 'PostgreSQL', 'Microsoft SQL Server', 'Microsoft Access', 'SQLite', 'Firebird', 'Sybase', 'SAP MaxDB', 'DB2']
osValues = ['Any', 'Linux', 'Windows']
timeSecValues = [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15]
torTypes = ['HTTP', 'SOCKS4', 'SOCKS5']
# GUI components
self._jLabelScanText = swing.JLabel()
self._jLabelScanIPListen = swing.JLabel()
self._jLabelScanPortListen = swing.JLabel()
self._jTextFieldScanIPListen = swing.JTextField()
self._jTextFieldScanPortListen = swing.JTextField()
self._jSeparator1 = swing.JSeparator()
self._jLabelURL = swing.JLabel()
self._jTextFieldURL = swing.JTextField()
self._jLabelData = swing.JLabel()
self._jTextData = swing.JTextArea()
self._jScrollPaneData = swing.JScrollPane(self._jTextData)
self._jLabelCookie = swing.JLabel()
self._jTextFieldCookie = swing.JTextField()
self._jLabelReferer = swing.JLabel()
self._jTextFieldReferer = swing.JTextField()
self._jLabelUA = swing.JLabel()
self._jTextFieldUA = swing.JTextField()
self._jSeparator2 = swing.JSeparator()
self._jLabelParam = swing.JLabel()
self._jTextFieldParam = swing.JTextField()
self._jCheckTO = swing.JCheckBox()
self._jSeparator3 = swing.JSeparator()
self._jComboLevel = swing.JComboBox(levelValues)
self._jLabelLevel = swing.JLabel()
self._jLabelRisk = swing.JLabel()
self._jComboRisk = swing.JComboBox(riskValues)
self._jSeparator4 = swing.JSeparator()
self._jCheckHPP = swing.JCheckBox('Param Pollution')
self._jCheckCU = swing.JCheckBox('Current User')
self._jCheckDB = swing.JCheckBox('Current DB')
self._jCheckHost = swing.JCheckBox('Hostname')
self._jCheckDBA = swing.JCheckBox('Is DBA?')
self._jCheckUsers = swing.JCheckBox('List Users')
self._jCheckPrivs = swing.JCheckBox('List Privs')
self._jCheckPswds = swing.JCheckBox('List Passwords')
self._jCheckRoles = swing.JCheckBox('List Roles')
self._jCheckDBs = swing.JCheckBox('List DBs')
self._jSeparator5 = swing.JSeparator()
self._jLabelThreads = swing.JLabel()
self._jLabelDelay = swing.JLabel()
self._jLabelTimeout = swing.JLabel()
self._jLabelRetry = swing.JLabel()
self._jLabelTimeSec = swing.JLabel()
self._jComboThreads = swing.JComboBox(threadValues)
self._jComboDelay = swing.JComboBox(delayValues)
self._jComboTimeout = swing.JComboBox(timeoutValues)
self._jComboRetry = swing.JComboBox(retryValues)
self._jComboTimeSec = swing.JComboBox(timeSecValues)
self._jSeparator6 = swing.JSeparator()
self._jLabelDBMS = swing.JLabel()
self._jComboDBMS = swing.JComboBox(dbmsValues)
self._jLabelOS = swing.JLabel()
self._jComboOS = swing.JComboBox(osValues)
self._jSeparator7 = swing.JSeparator()
self._jLabelProxy = swing.JLabel()
self._jTextFieldProxy = swing.JTextField()
self._jSeparator8 = swing.JSeparator()
self._jLabelTamper = swing.JLabel()
self._jTextFieldTamper = swing.JTextField()
self._jButtonStartScan = swing.JButton('Start Scan', actionPerformed=self.startScan)
self._jLabelScanAPI = swing.JLabel()
self._jSeparator9 = swing.JSeparator()
self._jSeparator10 = swing.JSeparator()
self._jCheckTor = swing.JCheckBox('Enable Tor')
self._jLabelTorType = swing.JLabel()
self._jComboTorType = swing.JComboBox(torTypes)
self._jLabelTorPort = swing.JLabel()
self._jTextFieldTorPort = swing.JTextField()
# Configure GUI
self._jLabelScanText.setText('API Listening On:')
self._jLabelScanIPListen.setText('SQLMap API IP:')
self._jLabelScanPortListen.setText('SQLMap API Port:')
self._jLabelURL.setText('URL:')
self._jLabelData.setText('Post Data:')
self._jTextData.setColumns(20)
self._jTextData.setRows(5)
self._jTextData.setLineWrap(True)
self._jScrollPaneData.setVerticalScrollBarPolicy(swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self._jLabelCookie.setText('Cookies:')
self._jLabelReferer.setText('Referer:')
self._jLabelUA.setText('User-Agent:')
self._jLabelParam.setText('Test Parameter(s):')
self._jCheckTO.setText('Text Only')
self._jLabelLevel.setText('Level:')
self._jLabelRisk.setText('Risk:')
self._jComboLevel.setSelectedIndex(2)
self._jComboRisk.setSelectedIndex(1)
self._jComboThreads.setSelectedIndex(0)
self._jComboDelay.setSelectedIndex(0)
self._jComboTimeout.setSelectedIndex(6)
self._jComboRetry.setSelectedIndex(2)
self._jComboTimeSec.setSelectedIndex(4)
self._jComboDBMS.setSelectedIndex(0)
self._jComboOS.setSelectedIndex(0)
self._jComboTorType.setSelectedIndex(2)
self._jLabelThreads.setText('Threads:')
self._jLabelDelay.setText('Delay:')
self._jLabelTimeout.setText('Timeout:')
self._jLabelRetry.setText('Retries:')
self._jLabelTimeSec.setText('Time-Sec:')
self._jLabelDBMS.setText('DBMS Backend:')
self._jLabelOS.setText('Operating System:')
self._jLabelProxy.setText('Proxy (HTTP://IP:Port):')
self._jLabelTamper.setText('Tamper Scripts:')
self._jLabelTorType.setText('Tor Type:')
self._jLabelTorPort.setText('Tor Port:')
self._jTextFieldTorPort.setText('9050')
# Configure locations
self._jLabelScanText.setBounds(15, 16, 126, 20)
self._jLabelScanIPListen.setBounds(15, 58, 115, 20)
self._jLabelScanPortListen.setBounds(402, 55, 129, 20)
self._jTextFieldScanIPListen.setBounds(167, 52, 206, 26)
self._jTextFieldScanPortListen.setBounds(546, 52, 63, 26)
self._jSeparator1.setBounds(15, 96, 790, 10)
self._jLabelURL.setBounds(15, 117, 35, 20)
self._jTextFieldURL.setBounds(166, 114, 535, 26)
self._jLabelData.setBounds(15, 156, 73, 20)
self._jTextData.setColumns(20)
self._jTextData.setRows(5)
self._jScrollPaneData.setBounds(166, 156, 535, 96)
self._jLabelCookie.setBounds(15, 271, 61, 20)
self._jTextFieldCookie.setBounds(166, 271, 535, 26)
self._jLabelReferer.setBounds(15, 320, 57, 20)
self._jTextFieldReferer.setBounds(166, 320, 535, 26)
self._jLabelUA.setBounds(15, 374, 86, 20)
self._jTextFieldUA.setBounds(166, 371, 535, 26)
self._jSeparator2.setBounds(15, 459, 790, 10)
self._jLabelParam.setBounds(15, 483, 132, 20)
self._jTextFieldParam.setBounds(165, 480, 366, 26)
self._jCheckTO.setBounds(584, 479, 101, 29)
self._jSeparator3.setBounds(15, 526, 790, 10)
self._jComboLevel.setBounds(165, 544, 180, 26)
self._jLabelLevel.setBounds(15, 547, 42, 20)
self._jLabelRisk.setBounds(430, 547, 35, 20)
self._jComboRisk.setBounds(518, 544, 180, 26)
self._jSeparator4.setBounds(15, 588, 790, 10)
self._jCheckHPP.setBounds(15, 608, 145, 29)
self._jCheckCU.setBounds(191, 608, 123, 29)
self._jCheckDB.setBounds(340, 608, 111, 29)
self._jCheckHost.setBounds(469, 608, 103, 29)
self._jCheckDBA.setBounds(599, 608, 105, 29)
self._jCheckUsers.setBounds(15, 655, 101, 29)
self._jCheckPswds.setBounds(191, 655, 135, 29)
self._jCheckPrivs.setBounds(344, 655, 95, 29)
self._jCheckRoles.setBounds(469, 655, 99, 29)
self._jCheckDBs.setBounds(599, 655, 89, 29)
self._jSeparator5.setBounds(15, 696, 790, 10)
self._jLabelThreads.setBounds(15, 719, 63, 20)
self._jLabelDelay.setBounds(173, 719, 45, 20)
self._jLabelTimeout.setBounds(326, 719, 65, 20)
self._jLabelRetry.setBounds(484, 719, 48, 20)
self._jLabelTimeSec.setBounds(642, 719, 65, 20)
self._jComboThreads.setBounds(80, 716, 78, 26)
self._jComboDelay.setBounds(233, 716, 78, 26)
self._jComboTimeout.setBounds(391, 716, 78, 26)
self._jComboRetry.setBounds(549, 716, 78, 26)
self._jComboTimeSec.setBounds(717, 716, 78, 26)
self._jSeparator6.setBounds(15, 758, 790, 10)
self._jLabelDBMS.setBounds(15, 781, 110, 20)
self._jComboDBMS.setBounds(143, 778, 191, 26)
self._jLabelOS.setBounds(352, 781, 132, 20)
self._jComboOS.setBounds(502, 778, 191, 26)
self._jSeparator7.setBounds(15, 820, 790, 10)
self._jLabelProxy.setBounds(15, 844, 171, 20)
self._jTextFieldProxy.setBounds(204, 841, 256, 26)
self._jSeparator8.setBounds(15, 887, 790, 10)
self._jCheckTor.setBounds(15, 911, 171, 20)
self._jLabelTorType.setBounds(206, 908, 65, 26)
self._jComboTorType.setBounds(291, 908, 100, 26)
self._jLabelTorPort.setBounds(460, 908, 129, 26)
self._jTextFieldTorPort.setBounds(545, 908, 65, 26)
self._jSeparator9.setBounds(15, 954, 790, 10)
self._jLabelTamper.setBounds(15, 979, 171, 20)
self._jTextFieldTamper.setBounds(204, 976, 256, 26)
self._jSeparator10.setBounds(15, 1024, 790, 10)
self._jButtonStartScan.setBounds(346, 1047, 103, 29)
self._jLabelScanAPI.setBounds(167, 16, 275, 20)
# Create main panel
self._jScanPanel = swing.JPanel()
self._jScanPanel.setLayout(None)
self._jScanPanel.setPreferredSize(awt.Dimension(1010,1010))
self._jScanPanel.add(self._jLabelScanText)
self._jScanPanel.add(self._jLabelScanIPListen)
self._jScanPanel.add(self._jLabelScanPortListen)
self._jScanPanel.add(self._jTextFieldScanIPListen)
self._jScanPanel.add(self._jTextFieldScanPortListen)
self._jScanPanel.add(self._jSeparator1)
self._jScanPanel.add(self._jLabelURL)
self._jScanPanel.add(self._jTextFieldURL)
self._jScanPanel.add(self._jLabelData)
self._jScanPanel.add(self._jScrollPaneData)
self._jScanPanel.add(self._jLabelCookie)
self._jScanPanel.add(self._jTextFieldCookie)
self._jScanPanel.add(self._jLabelReferer)
self._jScanPanel.add(self._jTextFieldReferer)
self._jScanPanel.add(self._jLabelUA)
self._jScanPanel.add(self._jTextFieldUA)
self._jScanPanel.add(self._jSeparator2)
self._jScanPanel.add(self._jLabelParam)
self._jScanPanel.add(self._jTextFieldParam)
self._jScanPanel.add(self._jCheckTO)
self._jScanPanel.add(self._jSeparator3)
self._jScanPanel.add(self._jComboLevel)
self._jScanPanel.add(self._jLabelLevel)
self._jScanPanel.add(self._jLabelRisk)
self._jScanPanel.add(self._jComboRisk)
self._jScanPanel.add(self._jSeparator4)
self._jScanPanel.add(self._jCheckHPP)
self._jScanPanel.add(self._jCheckCU)
self._jScanPanel.add(self._jCheckDB)
self._jScanPanel.add(self._jCheckHost)
self._jScanPanel.add(self._jCheckDBA)
self._jScanPanel.add(self._jCheckUsers)
self._jScanPanel.add(self._jCheckPswds)
self._jScanPanel.add(self._jCheckPrivs)
self._jScanPanel.add(self._jCheckRoles)
self._jScanPanel.add(self._jCheckDBs)
self._jScanPanel.add(self._jSeparator5)
self._jScanPanel.add(self._jLabelThreads)
self._jScanPanel.add(self._jLabelDelay)
self._jScanPanel.add(self._jLabelTimeout)
self._jScanPanel.add(self._jLabelRetry)
self._jScanPanel.add(self._jLabelTimeSec)
self._jScanPanel.add(self._jComboThreads)
self._jScanPanel.add(self._jComboDelay)
self._jScanPanel.add(self._jComboTimeout)
self._jScanPanel.add(self._jComboRetry)
self._jScanPanel.add(self._jComboTimeSec)
self._jScanPanel.add(self._jSeparator6)
self._jScanPanel.add(self._jLabelDBMS)
self._jScanPanel.add(self._jComboDBMS)
self._jScanPanel.add(self._jLabelOS)
self._jScanPanel.add(self._jComboOS)
self._jScanPanel.add(self._jSeparator7)
self._jScanPanel.add(self._jLabelProxy)
self._jScanPanel.add(self._jTextFieldProxy)
self._jScanPanel.add(self._jSeparator8)
self._jScanPanel.add(self._jCheckTor)
self._jScanPanel.add(self._jLabelTorType)
self._jScanPanel.add(self._jComboTorType)
self._jScanPanel.add(self._jLabelTorPort)
self._jScanPanel.add(self._jTextFieldTorPort)
self._jScanPanel.add(self._jSeparator9)
self._jScanPanel.add(self._jLabelTamper)
self._jScanPanel.add(self._jTextFieldTamper)
self._jScanPanel.add(self._jSeparator10)
self._jScanPanel.add(self._jButtonStartScan)
self._jScanPanel.add(self._jLabelScanAPI)
self._jScrollPaneMain = swing.JScrollPane(self._jScanPanel)
self._jScrollPaneMain.setViewportView(self._jScanPanel)
self._jScrollPaneMain.setPreferredSize(awt.Dimension(999,999))
# Create SQLMap log JPanel
self._jLogPanel = swing.JPanel()
self._jLogPanel.setLayout(None)
# Create label, combobox, and button to get logs and textarea to display them
self._jLabelLog = swing.JLabel("Logs for Scan ID:")
self._jComboLogs = swing.JComboBox(self.scantasks)
self._jButtonGetLogs = swing.JButton('Get', actionPerformed=self.getLogs)
self._jButtonRemoveLogs = swing.JButton('Remove', actionPerformed=self.removeLogs)
self._jTextLogs = swing.JTextArea()
self._jTextLogs.setColumns(50)
self._jTextLogs.setRows(50)
self._jTextLogs.setLineWrap(True)
self._jTextLogs.setEditable(False)
self._jScrollPaneLogs = swing.JScrollPane(self._jTextLogs)
self._jScrollPaneLogs.setVerticalScrollBarPolicy(swing.JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self._jLabelLog.setBounds(15, 16, 126, 20)
self._jComboLogs.setBounds(167, 16, 535, 20)
self._jButtonGetLogs.setBounds(718, 16, 50, 20)
self._jButtonRemoveLogs.setBounds(783, 16, 80, 20)
self._jScrollPaneLogs.setBounds(15, 58, 846, 400)
self._jLogPanel.add(self._jLabelLog)
self._jLogPanel.add(self._jComboLogs)
self._jLogPanel.add(self._jButtonGetLogs)
self._jLogPanel.add(self._jButtonRemoveLogs)
self._jLogPanel.add(self._jScrollPaneLogs)
# Create SQLMap stop scan JPanel
self._jStopScanPanel = swing.JPanel()
self._jStopScanPanel.setLayout(None)
# Create label, combobox, and button to stop scans and textfield to display success
self._jLabelStopScan = swing.JLabel("Stop Scan ID:")
self._jComboStopScan = swing.JComboBox(self.scantasks)
self._jButtonStopScan = swing.JButton('Stop', actionPerformed=self.stopScan)
self._jButtonRemoveScan = swing.JButton('Remove', actionPerformed=self.removeScan)
self._jLabelStopStatus = swing.JLabel()
self._jLabelStopScan.setBounds(15, 16, 126, 20)
self._jComboStopScan.setBounds(167, 16, 535, 20)
self._jButtonStopScan.setBounds(718, 16, 55, 20)
self._jButtonRemoveScan.setBounds(783, 16, 80, 20)
self._jLabelStopStatus.setBounds(167, 58, 846, 20)
self._jStopScanPanel.add(self._jLabelStopScan)
self._jStopScanPanel.add(self._jComboStopScan)
self._jStopScanPanel.add(self._jButtonStopScan)
self._jStopScanPanel.add(self._jButtonRemoveScan)
self._jStopScanPanel.add(self._jLabelStopStatus)
# Setup Tabs
self._jConfigTab = swing.JTabbedPane()
self._jConfigTab.addTab("SQLMap API", self._jPanel)
self._jConfigTab.addTab("SQLMap Scanner", self._jScrollPaneMain)
self._jConfigTab.addTab("SQLMap Logs", self._jLogPanel)
self._jConfigTab.addTab("SQLMap Scan Stop", self._jStopScanPanel)
callbacks.customizeUiComponent(self._jConfigTab)
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
print "Name: \t\t" + BurpExtender.EXT_NAME
print "Description: \t" + BurpExtender.EXT_DESC
print "Authors: \t" + BurpExtender.EXT_AUTHOR
# Required for easier debugging:
# https://github.com/securityMB/burp-exceptions
sys.stdout = callbacks.getStdout()
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName(BurpExtender.EXT_NAME)
#Create Burp Collaborator Instance
self.burpCollab = self._callbacks.createBurpCollaboratorClientContext()
self.collaboratorDomain = self.burpCollab.generatePayload(True)
#Create panels used for layout; we must stack and layer to get the desired GUI
self.tab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane = swing.JTabbedPane()
self.tab.add(self.tabbedPane)
# First tab
self.collabfiltratorTab = swing.Box(swing.BoxLayout.Y_AXIS)
self.tabbedPane.addTab("Collabfiltrator", self.collabfiltratorTab)
# Second tab
#self.configurationTab = swing.Box(swing.BoxLayout.Y_AXIS)
#self.tabbedPane.addTab("Configuration", self.configurationTab)
# Create objects for the first tab's GUI
# These rows will add top to bottom on the Y Axis
self.t1r1 = swing.JPanel(FlowLayout())
self.t1r2 = swing.JPanel(FlowLayout())
self.t1r3 = swing.JPanel(FlowLayout())
self.t1r4 = swing.JPanel(FlowLayout())
self.t1r5 = swing.JPanel(FlowLayout())
self.t1r6 = swing.JPanel(FlowLayout())
self.t1r7 = swing.JPanel(FlowLayout())
# Now add content to the first tab's GUI objects
self.osComboBox = swing.JComboBox(
["Windows", "Linux_ping", "Linux_nslookup", "Linux_dig"])
#self.commandTxt = swing.JTextField("ls -lah", 35)
self.commandTxt = swing.JTextField("dir C:\inetpub\wwwroot", 25)
self.payloadTxt = swing.JTextArea(10, 50)
self.payloadTxt.setBackground(Color.lightGray)
self.payloadTxt.setEditable(
False) # So you can't messup the generated payload
self.payloadTxt.setLineWrap(True) #Wordwrap the output of payload box
self.outputTxt = swing.JTextArea(10, 50)
self.outputScroll = swing.JScrollPane(
self.outputTxt) # Make the output scrollable
self.progressBar = swing.JProgressBar(5, 15)
self.progressBar.setVisible(False) # Progressbar is hiding
self.outputTxt.setBackground(Color.lightGray)
self.outputTxt.setEditable(False)
self.outputTxt.setLineWrap(True)
self.burpCollaboratorDomainTxt = swing.JTextPane(
) # burp collaboratorTextPane
self.burpCollaboratorDomainTxt.setText(
" ") #burp collaborator domain goes here
self.burpCollaboratorDomainTxt.setEditable(False)
self.burpCollaboratorDomainTxt.setBackground(None)
self.burpCollaboratorDomainTxt.setBorder(None)
self.t1r1.add(
swing.JLabel(
"<html><center><h2>Collabfiltrator</h2>Exfiltrate blind remote code execution output over DNS via Burp Collaborator.</center></html>"
))
self.t1r2.add(swing.JLabel("Platform"))
self.t1r2.add(self.osComboBox)
self.t1r2.add(swing.JLabel("Command"))
self.t1r2.add(self.commandTxt)
self.t1r2.add(
swing.JButton("Execute", actionPerformed=self.executePayload))
self.t1r3.add(swing.JLabel("Payload"))
self.t1r3.add(self.payloadTxt)
self.t1r6.add(
self.burpCollaboratorDomainTxt) #burp Collab Domain will go here
self.t1r4.add(
swing.JButton("Copy Payload to Clipboard",
actionPerformed=self.copyToClipboard))
self.t1r4.add(
swing.JButton("Start poll results",
actionPerformed=self.startPollResults))
self.t1r4.add(
swing.JButton("Stop listener",
actionPerformed=self.stopPollResults))
self.t1r4.add(swing.JButton("Show logs",
actionPerformed=self.showLogs))
self.t1r5.add(swing.JLabel("Output"))
self.t1r5.add(self.outputScroll) #add output scroll bar to page
self.t1r7.add(self.progressBar)
# Add the GUI objects into the first tab
self.collabfiltratorTab.add(self.t1r1)
self.collabfiltratorTab.add(self.t1r2)
self.collabfiltratorTab.add(self.t1r3)
self.collabfiltratorTab.add(self.t1r6)
self.collabfiltratorTab.add(self.t1r4)
self.collabfiltratorTab.add(self.t1r7)
self.collabfiltratorTab.add(self.t1r5)
# Create objects for the second tab's GUI
self.dummylabel = swing.JLabel(
"Burp Collaborator Config options will go here.")
# Add the GUI objects into the second tab
########self.configurationTab.add(self.dummylabel)
# Now that the GUI objects are added, we can resize them to fit snug in the UI
self.t1r1.setMaximumSize(Dimension(800, 100))
self.t1r2.setMaximumSize(Dimension(800, 50))
self.t1r3.setMaximumSize(Dimension(800, 200))
self.t1r4.setMaximumSize(Dimension(800, 200))
self.t1r6.setMaximumSize(Dimension(800, 50))
self.t1r7.setMaximumSize(Dimension(800, 50))
#Register the panel in the Burp GUI
callbacks.addSuiteTab(self)
return
def registerExtenderCallbacks(self, callbacks):
self._helpers = callbacks.getHelpers()
self._jDecoderPanel = swing.JPanel()
self._jDecoderPanel.setLayout(None)
# Combobox Values
self._decodeType = ['Convert to chniese',
'Str to Unicode',
'Str To UTF-8',
'Base64 Eecode',
'Base64 Decode']
self._decodeTypeFunc = [self.convertToChinese,
self.strToUnicode,
self.strToUtf8,
self.base64Encode,
self.base64Decode]
# GUI components
self._jLabelInput = swing.JLabel()
self._jLabelOutput = swing.JLabel()
self._jLabelExample = swing.JLabel()
self._jLabelOputFormat = swing.JLabel()
self._jCheckBoxOutputFormat = swing.JCheckBox()
self._jTextAreaInputData = swing.JTextArea()
self._jTextAreaOutputData = swing.JTextArea()
self._jScrollPaneIntput = swing.JScrollPane(self._jTextAreaInputData)
self._jScrollPaneOutput = swing.JScrollPane(self._jTextAreaOutputData)
self._jButtonDecoder = swing.JButton('Execute', actionPerformed=self.decode)
self._jComboDecodeType = swing.JComboBox(self._decodeType, actionListener=self.change_decode)
# Configure GUI
self._jLabelInput.setText('Input:')
self._jLabelOutput.setText('Output:')
self._jLabelExample.setText('Example: ')
self._jLabelOputFormat.setText(r'Replace % with \ ')
self._jLabelExample.setFont(Font("Consolas", Font.PLAIN, 14))
self._jDecoderPanel.add(self._jLabelInput)
self._jDecoderPanel.add(self._jLabelOutput)
self._jScrollPaneIntput.setVerticalScrollBarPolicy(swing.JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
self._jScrollPaneOutput.setVerticalScrollBarPolicy(swing.JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
self._jLabelExample.setText(self._decodeTypeFunc[0]())
# Configure locations
self._jLabelInput.setBounds(20, 15, self.LABEL_WIDTH, self.LABEL_HEIGHT)
self._jLabelOutput.setBounds(20, 225, self.LABEL_WIDTH, self.LABEL_HEIGHT)
self._jLabelExample.setBounds(20, 190, self.TEXTAREA_WIDTH, 30)
self._jLabelOputFormat.setBounds(self.TEXTAREA_WIDTH + 80, 117, 150, 30)
self._jCheckBoxOutputFormat.setBounds(self.TEXTAREA_WIDTH + 50, 120, 20, 20)
self._jScrollPaneIntput.setBounds(20 ,40, self.TEXTAREA_WIDTH, self.TEXTAREA_HEIGHT)
self._jScrollPaneOutput.setBounds(20, 250, self.TEXTAREA_WIDTH, self.TEXTAREA_HEIGHT)
self._jButtonDecoder.setBounds(self.TEXTAREA_WIDTH + 50, 40, 150, 30)
self._jComboDecodeType.setBounds(self.TEXTAREA_WIDTH + 50, 80, 150,30)
self._jDecoderPanel.add(self._jLabelInput)
self._jDecoderPanel.add(self._jLabelOutput)
self._jDecoderPanel.add(self._jLabelExample)
self._jDecoderPanel.add(self._jLabelOputFormat)
self._jDecoderPanel.add(self._jCheckBoxOutputFormat)
self._jDecoderPanel.add(self._jComboDecodeType)
self._jDecoderPanel.add(self._jScrollPaneIntput)
self._jDecoderPanel.add(self._jScrollPaneOutput)
self._jDecoderPanel.add(self._jButtonDecoder)
# Setup Tabs
self._jConfigTab = swing.JTabbedPane()
self._jConfigTab.addTab("Decoder", self._jDecoderPanel)
callbacks.customizeUiComponent(self._jConfigTab)
callbacks.addSuiteTab(self)
callbacks.registerContextMenuFactory(self)
return
