class EmployeeList(object):
def __init__(self, employees):
self._employees = employees
self._employees.add_change_listener(self)
self._list = JList(preferredSize=(200, 200), name='employee_list')
self._populate_list()
def _populate_list(self):
self._list.setListData(self._employee_names())
def _employee_names(self):
return [e.name for e in self._employees.all()]
def add_selection_listener(self, listener):
self._list.addListSelectionListener(listener)
def selected_employee(self):
return self._employees.all()[self._list.getSelectedIndex()]
def employee_added(self, employee):
self._populate_list()
self._list.setSelectedValue(employee.name, True)
def adding_employee_failed(self, error):
pass
def clear_selection(self):
self._list.clearSelection()
@property
def widget(self):
return (self._list)
return JScrollPane(self._list)
class EmployeeList(object):
def __init__(self, employees):
self._employees = employees
self._employees.add_change_listener(self)
self._list = JList(preferredSize=(200, 200), name='employee_list')
self._populate_list()
def _populate_list(self):
self._list.setListData(self._employee_names())
def _employee_names(self):
return [e.name for e in self._employees.all()]
def add_selection_listener(self, listener):
self._list.addListSelectionListener(listener)
def selected_employee(self):
return self._employees.all()[self._list.getSelectedIndex()]
def employee_added(self, employee):
self._populate_list()
self._list.setSelectedValue(employee.name, True)
def adding_employee_failed(self, error):
pass
def clear_selection(self):
self._list.clearSelection()
@property
def widget(self):
return self._list
class ProgramsTab(JPanel):
def __init__(self):
self.programs = []
self.setLayout(BoxLayout(self, BoxLayout.PAGE_AXIS))
self.JprogramList = JList()
self.JprogramList.setSelectionMode(ListSelectionModel.SINGLE_SELECTION)
self.JprogramList.addListSelectionListener(self.handle_select)
scrollPane = JScrollPane(self.JprogramList)
scrollPane.setMinimumSize(Dimension(300, 0))
self.splitPane = SplitPanel(scrollPane, JPanel())
self.add(self.splitPane)
context.addon.register_on_connect(self.load_program_list)
context.addon.register_on_error(self.display_error)
def load_program_list(self):
self.display_program_list(context.api.get_programs())
def display_program_list(self, programs):
self.programs = programs
model = DefaultListModel()
for program in programs:
model.addElement(program)
self.JprogramList.setModel(model)
self.JprogramList.setCellRenderer(ProgramRenderer())
if self.programs:
async_call(
lambda: context.api.get_program_details(self.programs[0].slug),
self.load_program_details,
)
else:
self.splitPane.setRightComponent(JPanel())
def display_error(self, error):
self.JprogramList.setListData(tuple())
self.splitPane.setRightComponent(JLabel("You are disconnected"))
def load_program_details(self, pgm_details):
pane = ProgramPane(pgm_details)
loc = self.splitPane.getDividerLocation()
self.splitPane.setRightComponent(pane)
self.splitPane.setDividerLocation(loc)
def handle_select(self, event):
jlist = event.source
if event.valueIsAdjusting:
return None
selected_idx = jlist.getSelectedIndex()
if selected_idx < 0 or selected_idx > len(self.programs):
return None
slug = self.programs[selected_idx].slug
async_call(
lambda: context.api.get_program_details(slug), self.load_program_details
)
def createList(self, content):
model = DefaultListModel()
for elem in content:
model.addElement(elem)
list = JList(model)
list.addListSelectionListener(self)
listPane = JScrollPane(list)
listPane.setPreferredSize(Dimension(250, 400))
return listPane, list, model
def createList(self, content):
model = DefaultListModel()
for elem in content:
model.addElement(elem)
list = JList(model)
list.addListSelectionListener(self)
listPane = JScrollPane(list)
listPane.setPreferredSize(Dimension(250, 400))
return listPane, list, model
class EmployeeList(object):
def __init__(self, employees):
self._employees = employees
self._employees.add_change_listener(self)
self._list = JList(preferredSize=(200, 200), name="employee_list")
self._populate_list()
def _populate_list(self):
self._list.setListData(self._employee_names())
def _employee_names(self):
return [e.name for e in self._employees.all()]
def add_selection_listener(self, listener):
self._list.addListSelectionListener(listener)
def selected_employee(self):
return self._employees.all()[self._list.getSelectedIndex()]
def employee_added(self, employee):
self._populate_list()
self._list.setSelectedValue(employee.name, True)
def adding_employee_failed(self, error):
pass
def clear_selection(self):
self._list.clearSelection()
@property
def widget(self):
# BUGZ: EmployeeList is not scrollable. Adding more employees than
# fits in the visible area makes some of them unreachable via UI.
# Uncomment the following line to fix the bug:
# return JScrollPane(self._list)
return self._list
class EmployeeList(object):
def __init__(self, employees):
self._employees = employees
self._employees.add_change_listener(self)
self._list = JList(preferredSize=(200, 200), name='employee_list')
self._populate_list()
def _populate_list(self):
self._list.setListData(self._employee_names())
def _employee_names(self):
return [e.name for e in self._employees.all()]
def add_selection_listener(self, listener):
self._list.addListSelectionListener(listener)
def selected_employee(self):
return self._employees.all()[self._list.getSelectedIndex()]
def employee_added(self, employee):
self._populate_list()
self._list.setSelectedValue(employee.name, True)
def adding_employee_failed(self, error):
pass
def clear_selection(self):
self._list.clearSelection()
@property
def widget(self):
# BUGZ: EmployeeList is not scrollable. Adding more employees than
# fits in the visible area makes some of them unreachable via UI.
# Uncomment the following line to fix the bug:
# return JScrollPane(self._list)
return self._list
class BurpExtender(IBurpExtender, ITab, IHttpListener,
IMessageEditorController, AbstractTableModel,
IContextMenuFactory):
def registerExtenderCallbacks(self, callbacks):
# smart xss feature (print conclusion and observation)
# mark resulsts
# add automatic check pages in the same domain
self.tagPayloads = [
"<b>test", "<b onmouseover=test()>test",
"<img src=err onerror=test()>", "<script>test</script>"
"", "<scr ipt>test</scr ipt>", "<SCRIPT>test;</SCRIPT>",
"<scri<script>pt>test;</scr</script>ipt>",
"<SCRI<script>PT>test;</SCR</script>IPT>",
"<scri<scr<script>ipt>pt>test;</scr</sc</script>ript>ipt>",
"<IMG \"\"\"><SCRIPT>test</SCRIPT>\">",
"<IMG '''><SCRIPT>test</SCRIPT>'>", "<SCR%00IPT>test</SCR%00IPT>",
"<IFRAME SRC='f' onerror=\"test\"></IFRAME>",
"<IFRAME SRC='f' onerror='test'></IFRAME>",
"<<SCRIPT>test//<</SCRIPT>", "<img src=\"1\" onerror=\"test\">",
"<img src='1' onerror='test'",
"<STYLE TYPE=\"text/javascript\">test;</STYLE>",
"<<SCRIPT>test//<</SCRIPT>"
]
self.attributePayloads = [
"\"\"\"><SCRIPT>test", "'''><SCRIPT>test'",
"\"><script>test</script>", "\"><script>test</script><\"",
"'><script>test</script>", "'><script>test</script><'",
"\";test;\"", "';test;'", ";test;", "\";test;//",
"\"onmouseover=test ", "onerror=\"test\"", "onerror='test'",
"onload=\"test\"", "onload='test'"
]
self.xssKey = 'xssme'
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("XSSor")
self.affectedResponses = ArrayList()
self._log = ArrayList()
self._lock = Lock()
# main split pane
self._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
# table of log entries
logTable = Table(self)
scrollPane = JScrollPane(logTable)
self._splitpane.setLeftComponent(scrollPane)
# tabs with request/response viewers
tabs = JTabbedPane()
self._requestViewer = callbacks.createMessageEditor(self, False)
self._responseViewer = callbacks.createMessageEditor(self, False)
tabs.addTab("Request", self._requestViewer.getComponent())
tabs.addTab("Response", self._responseViewer.getComponent())
clearAPListBtn = JButton("Clear List",
actionPerformed=self.clearAPList)
clearAPListBtn.setBounds(10, 85, 120, 30)
apListLabel = JLabel('Affected Pages List:')
apListLabel.setBounds(10, 10, 140, 30)
self.affectedModel = DefaultListModel()
self.affectedList = JList(self.affectedModel)
self.affectedList.addListSelectionListener(listSelectedChange(self))
scrollAList = JScrollPane(self.affectedList)
scrollAList.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollAList.setBounds(150, 10, 550, 200)
scrollAList.setBorder(LineBorder(Color.BLACK))
APtabs = JTabbedPane()
self._requestAPViewer = callbacks.createMessageEditor(self, False)
self._responseAPViewer = callbacks.createMessageEditor(self, False)
APtabs.addTab("Request", self._requestAPViewer.getComponent())
APtabs.addTab("Affeced Page Response",
self._responseAPViewer.getComponent())
APtabs.setBounds(0, 250, 700, 350)
APtabs.setSelectedIndex(1)
self.APpnl = JPanel()
self.APpnl.setBounds(0, 0, 1000, 1000)
self.APpnl.setLayout(None)
self.APpnl.add(scrollAList)
self.APpnl.add(clearAPListBtn)
self.APpnl.add(APtabs)
self.APpnl.add(apListLabel)
tabs.addTab("Affected Pages", self.APpnl)
self.intercept = 0
## init conf panel
startLabel = JLabel("Plugin status:")
startLabel.setBounds(10, 10, 140, 30)
payloadLabel = JLabel("Basic Payload:")
payloadLabel.setBounds(10, 50, 140, 30)
self.basicPayload = "<script>alert(1)</script>"
self.basicPayloadTxt = JTextArea(self.basicPayload, 5, 30)
self.basicPayloadTxt.setBounds(120, 50, 305, 30)
self.bruteForceMode = JCheckBox("Brute Force Mode")
self.bruteForceMode.setBounds(120, 80, 300, 30)
self.bruteForceMode.addItemListener(handleBFModeChange(self))
self.tagPayloadsCheck = JCheckBox("Tag paylods")
self.tagPayloadsCheck.setBounds(120, 100, 300, 30)
self.tagPayloadsCheck.setSelected(True)
self.tagPayloadsCheck.setEnabled(False)
self.tagPayloadsCheck.addItemListener(handleBFModeList(self))
self.attributePayloadsCheck = JCheckBox("Attribute payloads")
self.attributePayloadsCheck.setBounds(260, 100, 300, 30)
self.attributePayloadsCheck.setSelected(True)
self.attributePayloadsCheck.setEnabled(False)
self.attributePayloadsCheck.addItemListener(handleBFModeList(self))
payloadListLabel = JLabel("Payloads list (for BF mode):")
payloadListLabel.setBounds(10, 130, 140, 30)
self.payloadsModel = DefaultListModel()
self.payloadsList = JList(self.payloadsModel)
scrollPayloadsList = JScrollPane(self.payloadsList)
scrollPayloadsList.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollPayloadsList.setBounds(120, 170, 300, 200)
scrollPayloadsList.setBorder(LineBorder(
Color.BLACK)) # add buttons to remove payloads and add
for payload in self.tagPayloads:
self.payloadsModel.addElement(payload)
for payload in self.attributePayloads:
self.payloadsModel.addElement(payload)
self.startButton = JButton("XSSor is off",
actionPerformed=self.startOrStop)
self.startButton.setBounds(120, 10, 120, 30)
self.startButton.setBackground(Color(255, 100, 91, 255))
consoleTab = JTabbedPane()
self.consoleLog = JTextArea("", 5, 30)
scrollLog = JScrollPane(self.consoleLog)
scrollLog.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollLog.setBounds(120, 170, 550, 200)
scrollLog.setBorder(LineBorder(Color.BLACK))
scrollLog.getVerticalScrollBar().addAdjustmentListener(
autoScrollListener(self))
consoleTab.addTab("Console", scrollLog)
consoleTab.setBounds(0, 400, 500, 200)
self.pnl = JPanel()
self.pnl.setBounds(0, 0, 1000, 1000)
self.pnl.setLayout(None)
self.pnl.add(self.startButton)
self.pnl.add(startLabel)
self.pnl.add(payloadLabel)
self.pnl.add(self.basicPayloadTxt)
self.pnl.add(self.bruteForceMode)
self.pnl.add(payloadListLabel)
self.pnl.add(scrollPayloadsList)
self.pnl.add(self.attributePayloadsCheck)
self.pnl.add(self.tagPayloadsCheck)
self.pnl.add(consoleTab)
tabs.addTab("Configuration", self.pnl)
tabs.setSelectedIndex(3)
self._splitpane.setRightComponent(tabs)
# customize our UI components
callbacks.customizeUiComponent(self._splitpane)
callbacks.customizeUiComponent(logTable)
callbacks.customizeUiComponent(scrollPane)
callbacks.customizeUiComponent(tabs)
# add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
# register ourselves as an HTTP listener
callbacks.registerHttpListener(self)
self._callbacks.registerContextMenuFactory(self)
print "Thank you for installing XSSor v0.1 extension"
print "Created by Barak Tawily"
print "\nGithub:\nhttps://github.com/Quitten/XSSor"
return
#
# implement ITab
#
def getTabCaption(self):
return "XSSor"
def getUiComponent(self):
return self._splitpane
#
# implement IHttpListener
#
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
if self.intercept == 1:
if toolFlag == 4:
# only process requests
if not messageIsRequest:
self.checkForKey(messageInfo)
return
def printLog(self, message):
self.consoleLog.setText(self.consoleLog.getText() + '\r\n' + message)
def checkXSS(self, messageInfo, urlStr, requestBody, currentPayload):
self.printLog('trying exploit with the payload: ' + currentPayload)
requestURL = URL(urlStr.replace(self.xssKey, currentPayload))
requestBody = requestBody.replace(self.xssKey,
urllib.pathname2url(currentPayload))
httpService = self._helpers.buildHttpService(
str(requestURL.getHost()), int(requestURL.getPort()),
requestURL.getProtocol() == "https")
response = self._callbacks.makeHttpRequest(httpService, requestBody)
responseInfo = self._helpers.analyzeResponse(response.getResponse())
analyzedResponse = self._helpers.bytesToString(response.getResponse(
)) # change body offeset + make ui for affeccted pages
responseBody = analyzedResponse.encode('utf-8')
vulnOrNot = 'no'
if currentPayload in responseBody:
self.printLog('payload: ' + currentPayload +
' found to be vulnarble')
vulnOrNot = 'yes'
# mark the payload
if not len(self.affectedResponses) == 0:
for request in self.affectedResponses: # bug in case of no response in messageinfo
self.printLog('checking affeccted page' +
str(request.getUrl()))
requestURL = request.getUrl()
httpService = self._helpers.buildHttpService(
str(requestURL.getHost()), int(requestURL.getPort()),
requestURL.getProtocol() == "https")
affectedPageResponse = self._callbacks.makeHttpRequest(
httpService, request.getRequest())
analyzedResponse = self._helpers.bytesToString(
affectedPageResponse.getResponse())
responseBody = analyzedResponse.encode('utf-8')
if currentPayload in responseBody:
vulnOrNot = 'yes, affected page'
self.printLog('affeccted page has been found as vulnerable')
self._lock.acquire()
row = self._log.size()
self._log.add(
LogEntry(
self._helpers.analyzeRequest(response).getUrl(),
self._callbacks.saveBuffersToTempFiles(response),
currentPayload, vulnOrNot))
self.fireTableRowsInserted(row, row)
self._lock.release()
def checkForKey(self, messageInfo):
currentPayload = self.tagPayloads[0]
requestInfo = self._helpers.analyzeRequest(messageInfo)
requestHeaders = list(requestInfo.getHeaders())
requestURL = requestInfo.getUrl()
urlStr = str(requestURL)
self.printLog('checking for xss key in URL: ' + urlStr)
requestBody = self._helpers.bytesToString(messageInfo.getRequest())
requestBody = re.sub(
'Referer:.*\n', '', requestBody, flags=re.MULTILINE,
count=1) # workaround avoid xsskey in the referer newHeaders
if self.xssKey in urlStr or self.xssKey in requestBody:
self.printLog('xss key has been found')
if self.bruteForceMode.isSelected():
for i in range(0, self.payloadsModel.getSize()):
payload = self.payloadsModel.getElementAt(i)
self.checkXSS(messageInfo, urlStr, requestBody, payload)
else:
self.checkXSS(messageInfo, urlStr, requestBody,
self.basicPayloadTxt.getText())
#
# extend AbstractTableModel
#
def getRowCount(self):
try:
return self._log.size()
except:
return 0
def getColumnCount(self):
return 3
def getColumnName(self, columnIndex):
if columnIndex == 0:
return "URL"
if columnIndex == 1:
return "Payload"
if columnIndex == 2:
return "Vulnerable?"
return ""
def getValueAt(self, rowIndex, columnIndex):
logEntry = self._log.get(rowIndex)
if columnIndex == 0:
# return self._callbacks.getToolName(logEntry._tool)
return logEntry._url.toString()
if columnIndex == 1:
return logEntry._payload
if columnIndex == 2:
return logEntry._vulnOrNot
return ""
#
# implement IMessageEditorController
# this allows our request/response viewers to obtain details about the messages being displayed
#
def getHttpService(self):
return self._currentlyDisplayedItem.getHttpService()
def getRequest(self):
return self._currentlyDisplayedItem.getRequest()
def getResponse(self):
return self._currentlyDisplayedItem.getResponse()
def startOrStop(self, event):
if self.startButton.getText() == "XSSor is off":
self.startButton.setText("XSSor is on")
self.startButton.setBackground(Color.GREEN)
self.printLog('on, waiting for key word to be found (' +
self.xssKey + ')')
self.intercept = 1
else:
self.startButton.setText("XSSor is off")
self.startButton.setBackground(Color(255, 100, 91, 255))
self.intercept = 0
def clearAPList(self, event):
self.affectedModel.clear()
self.affectedResponses = ArrayList()
#
# implement IContextMenuFactory
#
def createMenuItems(self, invocation):
responses = invocation.getSelectedMessages()
if responses > 0:
ret = LinkedList()
affectedMenuItem = JMenuItem("XSSor: Add affected page")
affectedMenuItem.addActionListener(
handleMenuItems(self, responses[0], "affected"))
ret.add(affectedMenuItem)
return (ret)
return null
def addAfectedPage(self, messageInfo):
self.affectedModel.addElement(
str(self._helpers.analyzeRequest(messageInfo).getUrl()))
self.affectedResponses.add(messageInfo)
class ProtoBufEditorTab(burp.IMessageEditorTab):
"""Tab in interceptor/repeater for editing protobuf message.
Decodes them to JSON and back.
The message type is attached to this object.
"""
def __init__(self, extension, controller, editable, callbacks):
self._callbacks = callbacks
self._extension = extension
self._callbacks = extension.callbacks
self._helpers = extension.helpers
self._controller = controller
self._text_editor = self._callbacks.createTextEditor()
self._text_editor.setEditable(editable)
self._editable = editable
self._last_valid_type_index = None
self._filtered_message_model = FilteredMessageModel(
extension.known_message_model, self._callbacks
)
self._type_list_component = JList(self._filtered_message_model)
self._type_list_component.setSelectionMode(ListSelectionModel.SINGLE_SELECTION)
self._type_list_component.addListSelectionListener(TypeListListener(self))
self._new_type_field = JTextField()
self._component = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
self._component.setLeftComponent(self._text_editor.getComponent())
self._component.setRightComponent(self.createButtonPane())
self._component.setResizeWeight(0.95)
self.message_type = None
self._is_request = None
self._encoder = None
self._original_json = None
self._original_typedef = None
self._last_set_json = ""
self._content_info = None
self._request_content_info = None
self._request = None
self._original_content = None
def getTabCaption(self):
"""Return message tab caption"""
return "Protobuf"
def getMessage(self):
"""Transform the JSON format back to the binary protobuf message"""
try:
if self.message_type is None or not self.isModified():
return self._original_content
json_data = self._text_editor.getText().tostring()
protobuf_data = blackboxprotobuf.protobuf_from_json(
json_data, self.message_type
)
protobuf_data = self.encodePayload(protobuf_data)
if "set_protobuf_data" in dir(user_funcs):
result = user_funcs.set_protobuf_data(
protobuf_data,
self._original_content,
self._is_request,
self._content_info,
self._helpers,
self._request,
self._request_content_info,
)
if result is not None:
return result
headers = self._content_info.getHeaders()
return self._helpers.buildHttpMessage(headers, str(protobuf_data))
except Exception as exc:
self._callbacks.printError(traceback.format_exc())
JOptionPane.showMessageDialog(
self._component, "Error encoding protobuf: " + str(exc)
)
# Resets state
return self._original_content
def setMessage(self, content, is_request, retry=True):
"""Get the data from the request/response and parse into JSON.
sets self.message_type
"""
# Save original content
self._original_content = content
if is_request:
self._content_info = self._helpers.analyzeRequest(
self._controller.getHttpService(), content
)
else:
self._content_info = self._helpers.analyzeResponse(content)
self._is_request = is_request
self._request = None
self._request_content_info = None
if not is_request:
self._request = self._controller.getRequest()
self._request_content_info = self._helpers.analyzeRequest(
self._controller.getHttpService(), self._request
)
# how we remember which message type correlates to which endpoint
self._message_hash = self.getMessageHash()
# Try to find saved messsage type
self.message_type = None
self.message_type_name = None
if self._message_hash in self._extension.saved_types:
typename = self._extension.saved_types[self._message_hash]
if typename in default_config.known_types:
self.message_type_name = typename
self.message_type = default_config.known_types[typename]
else:
del self._extension.saved_types[self._message_hash]
try:
protobuf_data = None
if "get_protobuf_data" in dir(user_funcs):
protobuf_data = user_funcs.get_protobuf_data(
content,
is_request,
self._content_info,
self._helpers,
self._request,
self._request_content_info,
)
if protobuf_data is None:
protobuf_data = content[self._content_info.getBodyOffset() :].tostring()
protobuf_data = self.decodePayload(protobuf_data)
# source_typedef will be the original, updatable version of the dict
# TODO fix this hack
self._original_data = protobuf_data
self._filtered_message_model.set_new_data(protobuf_data)
self._source_typedef = self.message_type
json_data, self.message_type = blackboxprotobuf.protobuf_to_json(
protobuf_data, self.message_type
)
self._original_json = json_data
self._original_typedef = self.message_type
self._last_set_json = str(json_data)
self._text_editor.setText(json_data)
success = True
except Exception as exc:
success = False
self._callbacks.printError(
"Got error decoding protobuf binary: " + traceback.format_exc()
)
# Bring out of exception handler to avoid nexting handlers
if not success:
if self._message_hash in self._extension.saved_types:
del self._extension.saved_types[self._message_hash]
self.setMessage(content, is_request, False)
self._text_editor.setText("Error decoding protobuf")
if self.message_type_name:
self.forceSelectType(self.message_type_name)
def decodePayload(self, payload):
"""Add support for decoding a few default methods. Including Base64 and GZIP"""
if payload.startswith(bytearray([0x1F, 0x8B, 0x08])):
gzip_decompress = zlib.decompressobj(-zlib.MAX_WBITS)
self._encoder = "gzip"
return gzip_decompress.decompress(payload)
# Try to base64 decode
try:
protobuf = base64.b64decode(payload, validate=True)
self._encoder = "base64"
return protobuf
except Exception as exc:
pass
# try decoding as a gRPC payload: https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md
# we're naiively handling only uncompressed payloads
if len(payload) > 1 + 4 and payload.startswith(
bytearray([0x00])
): # gRPC has 1 byte flag + 4 byte length
(message_length,) = struct.unpack_from(">I", payload[1:])
if len(payload) == 1 + 4 + message_length:
self._encoder = "gRPC"
return payload[1 + 4 :]
# try:
# protobuf = base64.urlsafe_b64decode(payload)
# self._encoder = 'base64_url'
# return protobuf
# except Exception as exc:
# pass
self._encoder = None
return payload
def encodePayload(self, payload):
"""If we detected an encoding like gzip or base64 when decoding, redo
that encoding step here
"""
if self._encoder == "base64":
return base64.b64encode(payload)
elif self._encoder == "base64_url":
return base64.urlsafe_b64encode(payload)
elif self._encoder == "gzip":
gzip_compress = zlib.compressobj(-1, zlib.DEFLATED, -zlib.MAX_WBITS)
self._encoder = "gzip"
return gzip_compress.compress(payload)
elif self._encoder == "gRPC":
message_length = struct.pack(">I", len(payload))
return bytearray([0x00]) + bytearray(message_length) + payload
else:
return payload
def getSelectedData(self):
"""Get text currently selected in message"""
return self._text_editor.getSelectedText()
def getUiComponent(self):
"""Return Java AWT component for this tab"""
return self._component
def isEnabled(self, content, is_request):
"""Try to detect a protobuf in the message to enable the tab. Defaults
to content-type header of 'x-protobuf'. User overridable
"""
# TODO implement some more default checks
if is_request:
info = self._helpers.analyzeRequest(content)
else:
info = self._helpers.analyzeResponse(content)
if "detect_protobuf" in dir(user_funcs):
result = user_funcs.detect_protobuf(
content, is_request, info, self._helpers
)
if result is not None:
return result
# Bail early if there is no body
if info.getBodyOffset() == len(content):
return False
protobuf_content_types = [
"protobuf",
"grpc",
]
# Check all headers for x-protobuf
for header in info.getHeaders():
if "content-type" in header.lower():
for protobuf_content_type in protobuf_content_types:
if protobuf_content_type in header.lower():
return True
return False
def isModified(self):
"""Return if the message was modified"""
return self._text_editor.isTextModified()
def createButtonPane(self):
"""Create a new button pane for the message editor tab"""
self._button_listener = EditorButtonListener(self)
panel = JPanel()
panel.setLayout(BoxLayout(panel, BoxLayout.Y_AXIS))
panel.setBorder(EmptyBorder(5, 5, 5, 5))
panel.add(Box.createRigidArea(Dimension(0, 5)))
type_scroll_pane = JScrollPane(self._type_list_component)
type_scroll_pane.setMaximumSize(Dimension(200, 100))
type_scroll_pane.setMinimumSize(Dimension(150, 100))
panel.add(type_scroll_pane)
panel.add(Box.createRigidArea(Dimension(0, 3)))
new_type_panel = JPanel()
new_type_panel.setLayout(BoxLayout(new_type_panel, BoxLayout.X_AXIS))
new_type_panel.add(self._new_type_field)
new_type_panel.add(Box.createRigidArea(Dimension(3, 0)))
new_type_panel.add(
self.createButton(
"New", "new-type", "Save this message's type under a new name"
)
)
new_type_panel.setMaximumSize(Dimension(200, 20))
new_type_panel.setMinimumSize(Dimension(150, 20))
panel.add(new_type_panel)
button_panel = JPanel()
button_panel.setLayout(FlowLayout())
if self._editable:
button_panel.add(
self.createButton(
"Validate", "validate", "Validate the message can be encoded."
)
)
button_panel.add(
self.createButton("Edit Type", "edit-type", "Edit the message type")
)
button_panel.add(
self.createButton(
"Reset Message", "reset", "Reset the message and undo changes"
)
)
button_panel.add(
self.createButton(
"Clear Type", "clear-type", "Reparse the message with an empty type"
)
)
button_panel.setMinimumSize(Dimension(100, 200))
button_panel.setPreferredSize(Dimension(200, 1000))
panel.add(button_panel)
return panel
def createButton(self, text, command, tooltip):
"""Create a new button with the given text and command"""
button = JButton(text)
button.setAlignmentX(Component.CENTER_ALIGNMENT)
button.setActionCommand(command)
button.addActionListener(self._button_listener)
button.setToolTipText(tooltip)
return button
def validateMessage(self):
"""Callback for validate button. Attempts to encode the message with
the current type definition
"""
try:
json_data = self._text_editor.getText().tostring()
blackboxprotobuf.protobuf_from_json(json_data, self.message_type)
# If it works, save the message
self._original_json = json_data
self._original_typedef = self.message_type
except Exception as exc:
JOptionPane.showMessageDialog(self._component, str(exc))
self._callbacks.printError(traceback.format_exc())
def resetMessage(self):
"""Drop any changes and reset the message. Callback for "reset"
button
"""
self._last_set_json = str(self._original_json)
self._text_editor.setText(self._original_json)
self.message_type = self._original_typedef
def getMessageHash(self):
"""Compute an "identifier" for the message which is used for sticky
type definitions. User modifiable
"""
message_hash = None
if "hash_message" in dir(user_funcs):
message_hash = user_funcs.hash_message(
self._original_content,
self._is_request,
self._content_info,
self._helpers,
self._request,
self._request_content_info,
)
if message_hash is None:
# Base it off just the URL and request/response
content_info = (
self._content_info if self._is_request else self._request_content_info
)
url = content_info.getUrl().getPath()
message_hash = ":".join([url, str(self._is_request)])
return message_hash
def forceSelectType(self, typename):
index = self._filtered_message_model.get_type_index(typename)
if index is not None:
self._last_valid_type_index = index
self._type_list_component.setSelectedIndex(index)
def updateTypeSelection(self):
"""Apply a new typedef based on the selected type in the type list"""
# Check if something is selected
if self._type_list_component.isSelectionEmpty():
self._last_valid_type_index = None
del self._extension.saved_types[self._message_hash]
return
# TODO won't actually work right if we delete the type we're using a
# new type is now in the index
if self._last_valid_type_index == self._type_list_component.getSelectedIndex():
# hasn't actually changed since last time we tried
# otherwise can trigger a second time when we call setSelectedIndex below on failure
return
type_name = self._type_list_component.getSelectedValue()
# try to catch none here...
if not type_name or type_name not in default_config.known_types:
return
try:
self.applyType(default_config.known_types[type_name])
except BlackboxProtobufException as exc:
self._callbacks.printError(traceback.format_exc())
if isinstance(exc, EncoderException):
JOptionPane.showMessageDialog(
self._component,
"Error encoding protobuf with previous type: %s" % (exc),
)
elif isinstance(exc, DecoderException):
JOptionPane.showMessageDialog(
self._component,
"Error encoding protobuf with type %s: %s" % (type_name, exc),
)
# decoder exception means it doesn't match the message that was sucessfully encoded by the prev type
self._filtered_message_model.remove_type(type_name)
if self._last_valid_type_index is not None:
type_name = self._type_list_component.setSelectedIndex(
self._last_valid_type_index
)
else:
self._type_list_component.clearSelection()
return
self._extension.saved_types[self._message_hash] = type_name
self._last_valid_type_index = self._type_list_component.getSelectedIndex()
def editType(self, typedef):
"""Apply the new typedef. Use dict.update to change the original
dictionary, so we also update the anonymous cached definition and ones
stored in known_messages"""
# TODO this is kind of an ugly hack. Should redo how these are referenced
# probably means rewriting a bunch of the editor
old_source = self._source_typedef
old_source.clear()
old_source.update(typedef)
self.applyType(old_source)
def applyType(self, typedef):
"""Apply a new typedef to the message. Throws an exception if type is invalid."""
# store a reference for later mutation?
self._source_typedef = typedef
# Convert to protobuf as old type and re-interpret as new type
old_message_type = self.message_type
json_data = self._text_editor.getText().tostring()
protobuf_data = blackboxprotobuf.protobuf_from_json(json_data, old_message_type)
new_json, message_type = blackboxprotobuf.protobuf_to_json(
str(protobuf_data), typedef
)
# Should exception out before now if there is an issue
self.message_type = message_type
# if the json data was modified, then re-check our types
if json_data != self._last_set_json:
self._filtered_message_model.set_new_data(protobuf_data)
self._last_set_json = str(new_json)
self._text_editor.setText(str(new_json))
def saveAsNewType(self):
"""Copy the current type into known_messages"""
name = self._new_type_field.getText().strip()
if not NAME_REGEX.match(name):
JOptionPane.showMessageDialog(
self._component,
"%s is not a valid "
"message name. Message names should be alphanumeric." % name,
)
return
if name in default_config.known_types:
JOptionPane.showMessageDialog(
self._component, "Message name %s is " "already taken." % name
)
return
# Do a deep copy on the dictionary so we don't accidentally modify others
default_config.known_types[name] = copy.deepcopy(self.message_type)
# update the list of messages. This should trickle down to known message model
self._extension.known_message_model.addElement(name)
self._new_type_field.setText("")
self._extension.saved_types[self._message_hash] = name
# force select our new type
self.forceSelectType(name)
def clearType(self):
self.applyType({})
self._type_list_component.clearSelection()
self._new_type_field.setText("")
def open_typedef_window(self):
self._extension.open_typedef_editor(self.message_type, self.editType)
class BurpExtender(IBurpExtender, ITab, IMessageEditorController, AbstractTableModel, IContextMenuFactory):
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("PT Vulnerabilities Manager")
self.config = SafeConfigParser()
self.createSection('projects')
self.createSection('general')
self.config.read('config.ini')
self.chooser = JFileChooser()
# create the log and a lock on which to synchronize when adding log entries
self._log = ArrayList()
self._lock = Lock()
self.logTable = Table(self)
self.logTable.getColumnModel().getColumn(0).setMaxWidth(35)
self.logTable.getColumnModel().getColumn(1).setMinWidth(100)
self._requestViewer = self._callbacks.createMessageEditor(self, False)
self._responseViewer = self._callbacks.createMessageEditor(self, False)
self.initVulnerabilityTab()
self.initProjSettingsTab()
self.initTabs()
self.initCallbacks()
if self.projPath.getText() != None:
self.loadVulnerabilities(self.projPath.getText())
print "Thank you for installing PT Vulnerabilities Manager v1.0 extension"
print "by Barak Tawily\n\n\n"
print "Disclaimer:\nThis extension might create folders and files in your hardisk which might be declared as sensitive information, make sure you are creating projects under encrypted partition"
return
def initVulnerabilityTab(self):
#
## init vulnerability tab
#
nameLabel = JLabel("Vulnerability Name:")
nameLabel.setBounds(10, 10, 140, 30)
self.addButton = JButton("Add",actionPerformed=self.addVuln)
self.addButton.setBounds(10, 500, 100, 30)
rmVulnButton = JButton("Remove",actionPerformed=self.rmVuln)
rmVulnButton.setBounds(465, 500, 100, 30)
mitigationLabel = JLabel("Mitigation:")
mitigationLabel.setBounds(10, 290, 150, 30)
addSSBtn = JButton("Add SS",actionPerformed=self.addSS)
addSSBtn.setBounds(750, 40, 110, 30)
deleteSSBtn = JButton("Remove SS",actionPerformed=self.removeSS)
deleteSSBtn.setBounds(750, 75, 110, 30)
piclistLabel = JLabel("Images list:")
piclistLabel.setBounds(580, 10, 140, 30)
self.screenshotsList = DefaultListModel()
self.ssList = JList(self.screenshotsList)
self.ssList.setBounds(580, 40, 150, 250)
self.ssList.addListSelectionListener(ssChangedHandler(self))
self.ssList.setBorder(BorderFactory.createLineBorder(Color.GRAY))
previewPicLabel = JLabel("Selected image preview: (click to open in image viewer)")
previewPicLabel.setBounds(580, 290, 500, 30)
copyImgMenu = JMenuItem("Copy")
copyImgMenu.addActionListener(copyImg(self))
self.imgMenu = JPopupMenu("Popup")
self.imgMenu.add(copyImgMenu)
self.firstPic = JLabel()
self.firstPic.setBorder(BorderFactory.createLineBorder(Color.GRAY))
self.firstPic.setBounds(580, 320, 550, 400)
self.firstPic.addMouseListener(imageClicked(self))
self.vulnName = JTextField("")
self.vulnName.getDocument().addDocumentListener(vulnTextChanged(self))
self.vulnName.setBounds(140, 10, 422, 30)
sevirities = ["Unclassified", "Critical","High","Medium","Low"]
self.threatLevel = JComboBox(sevirities);
self.threatLevel.setBounds(140, 45, 140, 30)
colors = ["Color:", "Green", "Red"]
self.colorCombo = JComboBox(colors);
self.colorCombo.setBounds(465, 45, 100, 30)
self.colorCombo
severityLabel = JLabel("Threat Level:")
severityLabel.setBounds(10, 45, 100, 30)
descriptionLabel = JLabel("Description:")
descriptionLabel.setBounds(10, 80, 100, 30)
self.descriptionString = JTextArea("", 5, 30)
self.descriptionString.setWrapStyleWord(True);
self.descriptionString.setLineWrap(True)
self.descriptionString.setBounds(10, 110, 555, 175)
descriptionStringScroll = JScrollPane(self.descriptionString)
descriptionStringScroll.setBounds(10, 110, 555, 175)
descriptionStringScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
self.mitigationStr = JTextArea("", 5, 30)
self.mitigationStr.setWrapStyleWord(True);
self.mitigationStr.setLineWrap(True)
self.mitigationStr.setBounds(10, 320, 555, 175)
mitigationStrScroll = JScrollPane(self.mitigationStr)
mitigationStrScroll.setBounds(10, 320, 555, 175)
mitigationStrScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
self.pnl = JPanel()
self.pnl.setBounds(0, 0, 1000, 1000);
self.pnl.setLayout(None);
self.pnl.add(addSSBtn)
self.pnl.add(piclistLabel)
self.pnl.add(nameLabel)
self.pnl.add(deleteSSBtn)
self.pnl.add(rmVulnButton)
self.pnl.add(severityLabel)
self.pnl.add(mitigationLabel)
self.pnl.add(descriptionLabel)
self.pnl.add(previewPicLabel)
self.pnl.add(mitigationStrScroll)
self.pnl.add(descriptionStringScroll)
self.pnl.add(self.ssList)
self.pnl.add(self.firstPic)
self.pnl.add(self.addButton)
self.pnl.add(self.vulnName)
self.pnl.add(self.threatLevel)
self.pnl.add(self.colorCombo)
def initProjSettingsTab(self):
# init project settings
projNameLabel = JLabel("Name:")
projNameLabel.setBounds(10, 50, 140, 30)
self.projName = JTextField("")
self.projName.setBounds(140, 50, 320, 30)
self.projName.getDocument().addDocumentListener(projTextChanged(self))
detailsLabel = JLabel("Details:")
detailsLabel.setBounds(10, 120, 140, 30)
reportLabel = JLabel("Generate Report:")
reportLabel.setBounds(10, 375, 140, 30)
types = ["DOCX","HTML","XLSX"]
self.reportType = JComboBox(types)
self.reportType.setBounds(10, 400, 140, 30)
generateReportButton = JButton("Generate", actionPerformed=self.generateReport)
generateReportButton.setBounds(160, 400, 90, 30)
self.projDetails = JTextArea("", 5, 30)
self.projDetails.setWrapStyleWord(True);
self.projDetails.setLineWrap(True)
projDetailsScroll = JScrollPane(self.projDetails)
projDetailsScroll.setBounds(10, 150, 450, 175)
projDetailsScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
projPathLabel = JLabel("Path:")
projPathLabel.setBounds(10, 90, 140, 30)
self.projPath = JTextField("")
self.projPath.setBounds(140, 90, 320, 30)
chooseProjPathButton = JButton("Browse...",actionPerformed=self.chooseProjPath)
chooseProjPathButton.setBounds(470, 90, 100, 30)
importProjButton = JButton("Import",actionPerformed=self.importProj)
importProjButton.setBounds(470, 10, 100, 30)
exportProjButton = JButton("Export",actionPerformed=self.exportProj)
exportProjButton.setBounds(575, 10, 100, 30)
openProjButton = JButton("Open Directory",actionPerformed=self.openProj)
openProjButton.setBounds(680, 10, 130, 30)
currentProjectLabel = JLabel("Current:")
currentProjectLabel.setBounds(10, 10, 140, 30)
projects = self.config.options('projects')
self.currentProject = JComboBox(projects)
self.currentProject.addActionListener(projectChangeHandler(self))
self.currentProject.setBounds(140, 10, 140, 30)
self.autoSave = JCheckBox("Auto Save Mode")
self.autoSave.setEnabled(False) # implement this feature
self.autoSave.setBounds(300, 10, 140, 30)
self.autoSave.setToolTipText("Will save any changed value while focus is out")
addProjButton = JButton("Add / Update",actionPerformed=self.addProj)
addProjButton.setBounds(10, 330, 150, 30)
removeProjButton = JButton("Remove Current",actionPerformed=self.rmProj)
removeProjButton.setBounds(315, 330, 146, 30)
generalOptions = self.config.options('general')
if 'default project' in generalOptions:
defaultProj = self.config.get('general','default project')
self.currentProject.getModel().setSelectedItem(defaultProj)
self.projPath.setText(self.config.get('projects',self.currentProject.getSelectedItem()))
self.clearProjTab = True
self.projectSettings = JPanel()
self.projectSettings.setBounds(0, 0, 1000, 1000)
self.projectSettings.setLayout(None)
self.projectSettings.add(reportLabel)
self.projectSettings.add(detailsLabel)
self.projectSettings.add(projPathLabel)
self.projectSettings.add(addProjButton)
self.projectSettings.add(openProjButton)
self.projectSettings.add(projNameLabel)
self.projectSettings.add(projDetailsScroll)
self.projectSettings.add(importProjButton)
self.projectSettings.add(exportProjButton)
self.projectSettings.add(removeProjButton)
self.projectSettings.add(generateReportButton)
self.projectSettings.add(chooseProjPathButton)
self.projectSettings.add(currentProjectLabel)
self.projectSettings.add(self.projPath)
self.projectSettings.add(self.autoSave)
self.projectSettings.add(self.projName)
self.projectSettings.add(self.reportType)
self.projectSettings.add(self.currentProject)
def initTabs(self):
#
## init autorize tabs
#
self._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
self.scrollPane = JScrollPane(self.logTable)
self._splitpane.setLeftComponent(self.scrollPane)
colorsMenu = JMenu("Paint")
redMenu = JMenuItem("Red")
noneMenu = JMenuItem("None")
greenMenu = JMenuItem("Green")
redMenu.addActionListener(paintChange(self, "Red"))
noneMenu.addActionListener(paintChange(self, None))
greenMenu.addActionListener(paintChange(self, "Green"))
colorsMenu.add(redMenu)
colorsMenu.add(noneMenu)
colorsMenu.add(greenMenu)
self.menu = JPopupMenu("Popup")
self.menu.add(colorsMenu)
self.tabs = JTabbedPane()
self.tabs.addTab("Request", self._requestViewer.getComponent())
self.tabs.addTab("Response", self._responseViewer.getComponent())
self.tabs.addTab("Vulnerability", self.pnl)
self.tabs.addTab("Project Settings", self.projectSettings)
self.tabs.setSelectedIndex(2)
self._splitpane.setRightComponent(self.tabs)
def initCallbacks(self):
#
## init callbacks
#
# customize our UI components
self._callbacks.customizeUiComponent(self._splitpane)
self._callbacks.customizeUiComponent(self.logTable)
self._callbacks.customizeUiComponent(self.scrollPane)
self._callbacks.customizeUiComponent(self.tabs)
self._callbacks.registerContextMenuFactory(self)
# add the custom tab to Burp's UI
self._callbacks.addSuiteTab(self)
def loadVulnerabilities(self, projPath):
self.clearList(None)
selected = False
for root, dirs, files in os.walk(projPath): # make it go only for dirs
for dirName in dirs:
xmlPath = projPath+"/"+dirName+"/vulnerability.xml"
# xmlPath = xmlPath.replace("/","//")
document = self.getXMLDoc(xmlPath)
nodeList = document.getDocumentElement().getChildNodes()
vulnName = nodeList.item(0).getTextContent()
severity = nodeList.item(1).getTextContent()
description = nodeList.item(2).getTextContent()
mitigation = nodeList.item(3).getTextContent()
color = nodeList.item(4).getTextContent()
test = vulnerability(vulnName,severity,description,mitigation,color)
self._lock.acquire()
row = self._log.size()
self._log.add(test)
self.fireTableRowsInserted(row, row)
self._lock.release()
if vulnName == self.vulnName.getText():
self.logTable.setRowSelectionInterval(row,row)
selected = True
if selected == False and self._log.size() > 0:
self.logTable.setRowSelectionInterval(0, 0)
self.loadVulnerability(self._log.get(0))
def createSection(self, sectioName):
self.config.read('config.ini')
if not (sectioName in self.config.sections()):
self.config.add_section(sectioName)
cfgfile = open("config.ini",'w')
self.config.write(cfgfile)
cfgfile.close()
def saveCfg(self):
f = open('config.ini', 'w')
self.config.write(f)
f.close()
def getXMLDoc(self, xmlPath):
try:
document = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(xmlPath)
return document
except:
self._extender.popup("XML file not found")
return
def saveXMLDoc(self, doc, xmlPath):
transformerFactory = TransformerFactory.newInstance()
transformer = transformerFactory.newTransformer()
source = DOMSource(doc)
result = StreamResult(File(xmlPath))
transformer.transform(source, result)
def generateReport(self,event):
if self.reportType.getSelectedItem() == "HTML":
path = self.reportToHTML()
if self.reportType.getSelectedItem() == "XLSX":
path = self.reportToXLS()
if self.reportType.getSelectedItem() == "DOCX":
path = self.generateReportFromDocxTemplate('template.docx',"newfile.docx", 'word/document.xml')
n = JOptionPane.showConfirmDialog(None, "Report generated successfuly:\n%s\nWould you like to open it?" % (path), "PT Manager", JOptionPane.YES_NO_OPTION)
if n == JOptionPane.YES_OPTION:
os.system('"' + path + '"') # Bug! stucking burp until the file get closed
def exportProj(self,event):
self.chooser.setDialogTitle("Save project")
Ffilter = FileNameExtensionFilter("Zip files", ["zip"])
self.chooser.setFileFilter(Ffilter)
returnVal = self.chooser.showSaveDialog(None)
if returnVal == JFileChooser.APPROVE_OPTION:
dst = str(self.chooser.getSelectedFile())
shutil.make_archive(dst,"zip",self.getCurrentProjPath())
self.popup("Project export successfuly")
def importProj(self,event):
self.chooser.setDialogTitle("Select project zip to directory")
Ffilter = FileNameExtensionFilter("Zip files", ["zip"])
self.chooser.setFileFilter(Ffilter)
returnVal = self.chooser.showOpenDialog(None)
if returnVal == JFileChooser.APPROVE_OPTION:
zipPath = str(self.chooser.getSelectedFile())
self.chooser.setDialogTitle("Select project directory")
self.chooser.setFileSelectionMode(JFileChooser.DIRECTORIES_ONLY)
returnVal = self.chooser.showOpenDialog(None)
if returnVal == JFileChooser.APPROVE_OPTION:
projPath = str(self.chooser.getSelectedFile()) + "/PTManager"
with zipfile.ZipFile(zipPath, "r") as z:
z.extractall(projPath)
xmlPath = projPath + "/project.xml"
document = self.getXMLDoc(xmlPath)
nodeList = document.getDocumentElement().getChildNodes()
projName = nodeList.item(0).getTextContent()
nodeList.item(1).setTextContent(projPath)
self.saveXMLDoc(document, xmlPath)
self.config.set('projects', projName, projPath)
self.saveCfg()
self.reloadProjects()
self.currentProject.getModel().setSelectedItem(projName)
self.clearVulnerabilityTab()
def reportToXLS(self):
if not xlsxwriterImported:
self.popup("xlsxwriter library is not imported")
return
workbook = xlsxwriter.Workbook(self.getCurrentProjPath() + '/PT Manager Report.xlsx')
worksheet = workbook.add_worksheet()
bold = workbook.add_format({'bold': True})
worksheet.write(0, 0, "Vulnerability Name", bold)
worksheet.write(0, 1, "Threat Level", bold)
worksheet.write(0, 2, "Description", bold)
worksheet.write(0, 3, "Mitigation", bold)
row = 1
for i in range(0,self._log.size()):
worksheet.write(row, 0, self._log.get(i).getName())
worksheet.write(row, 1, self._log.get(i).getSeverity())
worksheet.write(row, 2, self._log.get(i).getDescription())
worksheet.write(row, 3, self._log.get(i).getMitigation())
row = row + 1
# add requests and images as well
workbook.close()
return self.getCurrentProjPath() + '/PT Manager Report.xlsx'
def reportToHTML(self):
htmlContent = """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="he" dir="ltr">
<head>
<title>PT Manager Report</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style>
body {
background-repeat: no-repeat;
background-attachment: fixed;
font-family: Arial,Tahoma,sens-serif;
font-size: 13px;
margin: auto;
}
#warpcenter {
width: 900px;
margin: 0px auto;
}
table {
border: 2px dashed #000000;
}
td {
border-top: 2px dashed #000000;
padding: 10px;
}
img {
border: 0px;
}
</style>
<script language="javascript">
function divHideShow(divToHideOrShow)
{
var div = document.getElementById(divToHideOrShow);
if (div.style.display == "block")
{
div.style.display = "none";
}
else
{
div.style.display = "block";
}
}
</script>
</head>
<body>
<div id="warpcenter">
<h1> PT Manager Report </h1>
<h2> Project: %s</h1>
""" % (self.projName.getText())
for i in range(0,self._log.size()):
name = self._log.get(i).getName()
request = "None"
response = "None"
path = self.getVulnReqResPath("request",name)
if os.path.exists(path):
request = self.newlineToBR(self.getFileContent(path))
path = self.getVulnReqResPath("response",name)
if os.path.exists(path):
response = self.newlineToBR(self.getFileContent(path))
images = ""
for fileName in os.listdir(self.projPath.getText()+"/"+self.clearStr(name)):
if fileName.endswith(".jpg"):
images += "%s<br><img src=\"%s\"><br><br>" % (fileName, self.projPath.getText()+"/"+self.clearStr(name) + "/" + fileName)
description = self.newlineToBR(self._log.get(i).getDescription())
mitigation = self.newlineToBR(self._log.get(i).getMitigation())
htmlContent += self.convertVulntoTable(i,name,self._log.get(i).getSeverity(), description,mitigation, request, response, images)
htmlContent += "</div></body></html>"
f = open(self.getCurrentProjPath() + '/PT Manager Report.html', 'w')
f.writelines(htmlContent)
f.close()
return self.getCurrentProjPath() + '/PT Manager Report.html'
def newlineToBR(self,string):
return "<br />".join(string.split("\n"))
def getFileContent(self,path):
f = open(path, "rb")
content = f.read()
f.close()
return content
def convertVulntoTable(self, number, name, severity, description, mitigation, request = "None", response = "None", images = "None"):
return """<div style="width: 100%%;height: 30px;text-align: center;background-color:#E0E0E0;font-size: 17px;font-weight: bold;color: #000;padding-top: 10px;">%s <a href="javascript:divHideShow('Table_%s');" style="color:#191970">(OPEN / CLOSE)</a></div>
<div id="Table_%s" style="display: none;">
<table width="100%%" cellspacing="0" cellpadding="0" style="margin: 0px auto;text-align: left;border-top: 0px;">
<tr>
<td>
<div style="font-size: 16px;font-weight: bold;">
<span style="color:#000000">Threat Level: </span>
<span style="color:#8b8989">%s</span>
</td>
</tr>
<tr>
<td>
<div style="font-size: 16px;font-weight: bold;">
<span style="color:#000000">Description</span>
<a href="javascript:divHideShow('Table_%s_Command_03');" style="color:#191970">OPEN / CLOSE >>></a>
</div>
<div id="Table_%s_Command_03" style="display: none;margin-top: 25px;">
%s
</div>
</td>
</tr>
<tr>
<td>
<div style="font-size: 16px;font-weight: bold;">
<span style="color:#000000">Mitigration</span>
<a href="javascript:divHideShow('Table_%s_Command_04');" style="color:#191970">OPEN / CLOSE >>></a>
</div>
<div id="Table_%s_Command_04" style="display: none;margin-top: 25px;">
%s
<b>
</td>
</tr>
<tr>
<td>
<div style="font-size: 16px;font-weight: bold;">
<span style="color:#000000">Request</span>
<a href="javascript:divHideShow('Table_%s_Command_05');" style="color:#191970">OPEN / CLOSE >>></a>
</div>
<div id="Table_%s_Command_05" style="display: none;margin-top: 25px;">
%s
<b>
</td>
</tr>
<tr>
<td>
<div style="font-size: 16px;font-weight: bold;">
<span style="color:#000000">Response</span>
<a href="javascript:divHideShow('Table_%s_Command_06');" style="color:#191970">OPEN / CLOSE >>></a>
</div>
<div id="Table_%s_Command_06" style="display: none;margin-top: 25px;">
%s
<b>
</td>
</tr>
<tr>
<td>
<div style="font-size: 16px;font-weight: bold;">
<span style="color:#000000">Images</span>
<a href="javascript:divHideShow('Table_%s_Command_07');" style="color:#191970">OPEN / CLOSE >>></a>
</div>
<div id="Table_%s_Command_07" style="display: none;margin-top: 25px;">
%s
<b>
</td>
</tr>
</table>
</div><br><br>""" % (name,number,number,severity,number,number,description,number,number,mitigation,number,number,request,number,number,response,number,number,images)
def clearVulnerabilityTab(self, rmVuln=True):
if rmVuln:
self.vulnName.setText("")
self.descriptionString.setText("")
self.mitigationStr.setText("")
self.colorCombo.setSelectedIndex(0)
self.threatLevel.setSelectedIndex(0)
self.screenshotsList.clear()
self.addButton.setText("Add")
self.firstPic.setIcon(None)
def saveRequestResponse(self, type, requestResponse, vulnName):
path = self.getVulnReqResPath(type,vulnName)
f = open(path, 'wb')
f.write(requestResponse)
f.close()
def openProj(self, event):
os.system('explorer ' + self.projPath.getText())
def getVulnReqResPath(self, requestOrResponse, vulnName):
return self.getCurrentProjPath() + "/" + self.clearStr(vulnName) + "/"+requestOrResponse+"_" + self.clearStr(vulnName)
def htmlEscape(self,data):
return data.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''')
def generateReportFromDocxTemplate(self, zipname, newZipName, filename):
newZipName = self.getCurrentProjPath() + "/" + newZipName
with zipfile.ZipFile(zipname, 'r') as zin:
with zipfile.ZipFile(newZipName, 'w') as zout:
zout.comment = zin.comment
for item in zin.infolist():
if item.filename != filename:
zout.writestr(item, zin.read(item.filename))
else:
xml_content = zin.read(item.filename)
result = re.findall("(.*)<w:body>(?:.*)<\/w:body>(.*)",xml_content)[0]
newXML = result[0]
templateBody = re.findall("<w:body>(.*)<\/w:body>", xml_content)[0]
newBody = ""
for i in range(0,self._log.size()):
tmp = templateBody
tmp = tmp.replace("$vulnerability", self.htmlEscape(self._log.get(i).getName()))
tmp = tmp.replace("$severity", self.htmlEscape(self._log.get(i).getSeverity()))
tmp = tmp.replace("$description", self.htmlEscape(self._log.get(i).getDescription()))
tmp = tmp.replace("$mitigation", self.htmlEscape(self._log.get(i).getMitigation()))
newBody = newBody + tmp
newXML = newXML + newBody
newXML = newXML + result[1]
with zipfile.ZipFile(newZipName, mode='a', compression=zipfile.ZIP_DEFLATED) as zf:
zf.writestr(filename, newXML)
return newZipName
def chooseProjPath(self, event):
self.chooser.setDialogTitle("Select target directory")
self.chooser.setFileSelectionMode(JFileChooser.DIRECTORIES_ONLY)
returnVal = self.chooser.showOpenDialog(None)
if returnVal == JFileChooser.APPROVE_OPTION:
projPath = str(self.chooser.getSelectedFile()) + "/PTManager"
os.makedirs(projPath)
self.projPath.setText(projPath)
def reloadProjects(self):
self.currentProject.setModel(DefaultComboBoxModel(self.config.options('projects')))
def rmProj(self, event):
if self.popUpAreYouSure() == JOptionPane.YES_OPTION:
self._requestViewer.setMessage("None", False)
self._responseViewer.setMessage("None", False)
shutil.rmtree(self.projPath.getText())
self.config.remove_option('projects',self.currentProject.getSelectedItem())
self.reloadProjects()
self.currentProject.setSelectedIndex(0)
self.loadVulnerabilities(self.projPath.getText())
def popup(self,msg):
JOptionPane.showMessageDialog(None,msg)
def addProj(self, event):
projPath = self.projPath.getText()
if projPath == None or projPath == "":
self.popup("Please select path")
return
self.config.set('projects', self.projName.getText(), projPath)
self.saveCfg()
xml = ET.Element('project')
name = ET.SubElement(xml, "name")
path = ET.SubElement(xml, "path")
details = ET.SubElement(xml, "details")
autoSaveMode = ET.SubElement(xml, "autoSaveMode")
name.text = self.projName.getText()
path.text = projPath
details.text = self.projDetails.getText()
autoSaveMode.text = str(self.autoSave.isSelected())
tree = ET.ElementTree(xml)
try:
tree.write(self.getCurrentProjPath()+'/project.xml')
except:
self.popup("Invalid path")
return
self.reloadProjects()
self.clearVulnerabilityTab()
self.clearList(None)
self.currentProject.getModel().setSelectedItem(self.projName.getText())
def resize(self, image, width, height):
bi = BufferedImage(width, height, BufferedImage.TRANSLUCENT)
g2d = bi.createGraphics()
g2d.addRenderingHints(RenderingHints(RenderingHints.KEY_RENDERING, RenderingHints.VALUE_RENDER_QUALITY))
g2d.drawImage(image, 0, 0, width, height, None)
g2d.dispose()
return bi;
def clearStr(self, var):
return var.replace(" " , "_").replace("\\" , "").replace("/" , "").replace(":" , "").replace("*" , "").replace("?" , "").replace("\"" , "").replace("<" , "").replace(">" , "").replace("|" , "").replace("(" , "").replace(")" , "")
def popUpAreYouSure(self):
dialogResult = JOptionPane.showConfirmDialog(None,"Are you sure?","Warning",JOptionPane.YES_NO_OPTION)
if dialogResult == 0:
return 0
return 1
def removeSS(self,event):
if self.popUpAreYouSure() == JOptionPane.YES_OPTION:
os.remove(self.getCurrentVulnPath() + "/" + self.ssList.getSelectedValue())
self.ssList.getModel().remove(self.ssList.getSelectedIndex())
self.firstPic.setIcon(ImageIcon(None))
# check if there is images and select the first one
# bug in linux
def addSS(self,event):
clipboard = Toolkit.getDefaultToolkit().getSystemClipboard()
try:
image = clipboard.getData(DataFlavor.imageFlavor)
except:
self.popup("Clipboard not contains image")
return
vulnPath = self.projPath.getText() + "/" + self.clearStr(self.vulnName.getText())
if not os.path.exists(vulnPath):
os.makedirs(vulnPath)
name = self.clearStr(self.vulnName.getText()) + str(random.randint(1, 99999))+".jpg"
fileName = self.projPath.getText()+"/"+ self.clearStr(self.vulnName.getText()) + "/" + name
file = File(fileName)
bufferedImage = BufferedImage(image.getWidth(None), image.getHeight(None), BufferedImage.TYPE_INT_RGB);
g = bufferedImage.createGraphics();
g.drawImage(image, 0, 0, bufferedImage.getWidth(), bufferedImage.getHeight(), Color.WHITE, None);
ImageIO.write(bufferedImage, "jpg", file)
self.addVuln(self)
self.ssList.setSelectedValue(name,True)
def rmVuln(self, event):
if self.popUpAreYouSure() == JOptionPane.YES_OPTION:
self._requestViewer.setMessage("None", False)
self._responseViewer.setMessage("None", False)
shutil.rmtree(self.getCurrentVulnPath())
self.clearVulnerabilityTab()
self.loadVulnerabilities(self.getCurrentProjPath())
def addVuln(self, event):
if self.colorCombo.getSelectedItem() == "Color:":
colorTxt = None
else:
colorTxt = self.colorCombo.getSelectedItem()
self._lock.acquire()
row = self._log.size()
vulnObject = vulnerability(self.vulnName.getText(),self.threatLevel.getSelectedItem(),self.descriptionString.getText(),self.mitigationStr.getText() ,colorTxt)
self._log.add(vulnObject)
self.fireTableRowsInserted(row, row)
self._lock.release()
vulnPath = self.projPath.getText() + "/" + self.clearStr(self.vulnName.getText())
if not os.path.exists(vulnPath):
os.makedirs(vulnPath)
xml = ET.Element('vulnerability')
name = ET.SubElement(xml, "name")
severity = ET.SubElement(xml, "severity")
description = ET.SubElement(xml, "description")
mitigation = ET.SubElement(xml, "mitigation")
color = ET.SubElement(xml, "color")
name.text = self.vulnName.getText()
severity.text = self.threatLevel.getSelectedItem()
description.text = self.descriptionString.getText()
mitigation.text = self.mitigationStr.getText()
color.text = colorTxt
tree = ET.ElementTree(xml)
tree.write(vulnPath+'/vulnerability.xml')
self.loadVulnerabilities(self.getCurrentProjPath())
self.loadVulnerability(vulnObject)
def vulnNameChanged(self):
if os.path.exists(self.getCurrentVulnPath()) and self.vulnName.getText() != "":
self.addButton.setText("Update")
elif self.addButton.getText() != "Add":
options = ["Create a new vulnerability", "Change current vulnerability name"]
n = JOptionPane.showOptionDialog(None,
"Would you like to?",
"Vulnerability Name",
JOptionPane.YES_NO_CANCEL_OPTION,
JOptionPane.QUESTION_MESSAGE,
None,
options,
options[0]);
if n == 0:
self.clearVulnerabilityTab(False)
self.addButton.setText("Add")
else:
newName = JOptionPane.showInputDialog(
None,
"Enter new name:",
"Vulnerability Name",
JOptionPane.PLAIN_MESSAGE,
None,
None,
self.vulnName.getText())
row = self.logTable.getSelectedRow()
old = self.logTable.getValueAt(row,1)
self.changeVulnName(newName,old)
def changeVulnName(self,new,old):
newpath = self.getCurrentProjPath() + "/" + new
oldpath = self.getCurrentProjPath() + "/" + old
os.rename(oldpath,newpath)
self.changeCurrentVuln(new,0, newpath + "/vulnerability.xml")
def getCurrentVulnPath(self):
return self.projPath.getText() + "/" + self.clearStr(self.vulnName.getText())
def getCurrentProjPath(self):
return self.projPath.getText()
def loadSS(self, imgPath):
image = ImageIO.read(File(imgPath))
if image.getWidth() <= 550 and image.getHeight() <= 400:
self.firstPic.setIcon(ImageIcon(image))
self.firstPic.setSize(image.getWidth(),image.getHeight())
else:
self.firstPic.setIcon(ImageIcon(self.resize(image,550, 400)))
self.firstPic.setSize(550,400)
def clearProjectTab(self):
self.projPath.setText("")
self.projDetails.setText("")
def clearList(self, event):
self._lock.acquire()
self._log = ArrayList()
row = self._log.size()
self.fireTableRowsInserted(row, row)
self._lock.release()
#
# implement IContextMenuFactory
#
def createMenuItems(self, invocation):
responses = invocation.getSelectedMessages();
if responses > 0:
ret = LinkedList()
requestMenuItem = JMenuItem("Send to PT Manager");
requestMenuItem.addActionListener(handleMenuItems(self,responses[0], "request"))
ret.add(requestMenuItem);
return(ret);
return null;
#
# implement ITab
#
def getTabCaption(self):
return "PT Manager"
def getUiComponent(self):
return self._splitpane
#
# extend AbstractTableModel
#
def getRowCount(self):
try:
return self._log.size()
except:
return 0
def getColumnCount(self):
return 3
def getColumnName(self, columnIndex):
if columnIndex == 0:
return "#"
if columnIndex == 1:
return "Vulnerability Name"
if columnIndex == 2:
return "Threat Level"
return ""
def getValueAt(self, rowIndex, columnIndex):
vulnObject = self._log.get(rowIndex)
if columnIndex == 0:
return rowIndex+1
if columnIndex == 1:
return vulnObject.getName()
if columnIndex == 2:
return vulnObject.getSeverity()
if columnIndex == 3:
return vulnObject.getMitigation()
if columnIndex == 4:
return vulnObject.getColor()
return ""
def changeCurrentVuln(self,value,fieldNumber, xmlPath = "def"):
if xmlPath == "def":
xmlPath = self.getCurrentVulnPath() + "/vulnerability.xml"
document = self.getXMLDoc(xmlPath)
nodeList = document.getDocumentElement().getChildNodes()
nodeList.item(fieldNumber).setTextContent(value)
self.saveXMLDoc(document, xmlPath)
self.loadVulnerabilities(self.getCurrentProjPath())
def loadVulnerability(self, vulnObject):
self.addButton.setText("Update")
self.vulnName.setText(vulnObject.getName())
self.threatLevel.setSelectedItem(vulnObject.getSeverity())
self.descriptionString.setText(vulnObject.getDescription())
self.mitigationStr.setText(vulnObject.getMitigation())
if vulnObject.getColor() == "" or vulnObject.getColor() == None:
self.colorCombo.setSelectedItem("Color:")
else:
self.colorCombo.setSelectedItem(vulnObject.getColor())
self.screenshotsList.clear()
for fileName in os.listdir(self.projPath.getText()+"/"+self.clearStr(vulnObject.getName())):
if fileName.endswith(".jpg"):
self.screenshotsList.addElement(fileName)
imgPath = self.projPath.getText()+"/"+self.clearStr(vulnObject.getName())+'/'+fileName
# imgPath = imgPath.replace("/","//")
self.loadSS(imgPath)
if (self.screenshotsList.getSize() == 0):
self.firstPic.setIcon(None)
else:
self.ssList.setSelectedIndex(0)
path = self.getVulnReqResPath("request",vulnObject.getName())
if os.path.exists(path):
f = self.getFileContent(path)
self._requestViewer.setMessage(f, False)
else:
self._requestViewer.setMessage("None", False)
path = self.getVulnReqResPath("response",vulnObject.getName())
if os.path.exists(path):
f = self.getFileContent(path)
self._responseViewer.setMessage(f, False)
else:
self._responseViewer.setMessage("None", False)
