def getControlPanel():
global controlPanel
controlPanel = JPanel()
controlPanel.setLayout(BoxLayout(controlPanel, BoxLayout.Y_AXIS))
for row in keyLayout:
rowPanel = JPanel()
rowPanel.setLayout(BoxLayout(rowPanel, BoxLayout.X_AXIS))
controlPanel.add(rowPanel)
for key in row:
button = JButton(key[0], actionPerformed=handleKeyButton)
button.setActionCommand(key[1])
rowPanel.add(button)
global terminalResult
terminalResult = JTextArea()
scroller = JScrollPane(terminalResult)
terminalResult.setLineWrap(True)
scroller.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS)
scroller.setHorizontalScrollBarPolicy(ScrollPaneConstants.HORIZONTAL_SCROLLBAR_NEVER)
controlPanel.add(scroller)
global terminalInput
termInputPanel = JPanel()
termInputPanel.setLayout(BoxLayout(termInputPanel, BoxLayout.X_AXIS))
termInputLabel = JLabel("Command")
termInputPanel.add(termInputLabel)
terminalInput = JTextField(actionPerformed=handleTerminalInput)
minimumSize = terminalInput.getMinimumSize()
maximumSize = terminalInput.getMaximumSize()
terminalInput.setMaximumSize(Dimension(maximumSize.width, minimumSize.height))
termInputPanel.add(terminalInput)
controlPanel.add(termInputPanel)
return controlPanel
class ReportByPointPanelReport(FormPanel):
def __init__(self):
FormPanel.__init__(
self, gvsig.getResource(__file__, "reportbypointpanelreport.xml"))
i18Swing = ToolsSwingLocator.getToolsSwingManager()
self.setPreferredSize(400, 300)
self.txt = JTextPane()
self.txt.setEditable(False)
self.txt.setCaretPosition(0)
i18Swing.setDefaultPopupMenu(self.txt)
self.txt.setContentType("text/html")
self.pane = JScrollPane(self.txt)
#self.setInitHorizontalScroll()
self.pane.setVerticalScrollBarPolicy(
ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS)
#self.setInitHorizontalScroll()
#self.pane.setHorizontalScrollBarPolicy(ScrollPaneConstants.HORIZONTAL_SCROLLBAR_ALWAYS)
#self.setInitHorizontalScroll()
self.jplReport.setLayout(BorderLayout())
self.jplReport.add(self.pane, BorderLayout.CENTER)
self.setInitHorizontalScroll()
def setHTMLText(self, text):
self.txt.setText(text)
self.setInitHorizontalScroll()
self.txt.setCaretPosition(0)
def setInitHorizontalScroll(self):
self.pane.getHorizontalScrollBar().setValue(0)
def configTab(self):
Config = JLabel("Config")
self.startButton = JToggleButton("Intercept Off", actionPerformed=self.startOrStop)
self.startButton.setBounds(40, 30, 200, 30)
self.autoScroll = JCheckBox("Auto Scroll")
self.autoScroll.setBounds(40, 80, 200, 30)
self.xsscheck = JCheckBox("Detect XSS")
self.xsscheck.setSelected(True)
self.xsscheck.setBounds(40, 110, 200, 30)
self.sqlicheck = JCheckBox("Detect SQLi")
self.sqlicheck.setSelected(True)
self.sqlicheck.setBounds(40, 140, 200, 30)
self.ssticheck = JCheckBox("Detect SSTI")
self.ssticheck.setSelected(True)
self.ssticheck.setBounds(40, 170, 200, 30)
self.blindxss = JCheckBox("Blind XSS")
self.blindxss.setBounds(40, 200, 200, 30)
self.BlindXSSText = JTextArea("", 5, 30)
scrollbxssText = JScrollPane(self.BlindXSSText)
scrollbxssText.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollbxssText.setBounds(40, 250, 400, 110)
self.configtab = JPanel()
self.configtab.setLayout(None)
self.configtab.setBounds(0, 0, 300, 300)
self.configtab.add(Config)
self.configtab.add(self.startButton)
self.configtab.add(self.autoScroll)
self.configtab.add(self.xsscheck)
self.configtab.add(self.sqlicheck)
self.configtab.add(self.ssticheck)
self.configtab.add(self.blindxss)
self.configtab.add(scrollbxssText)
def registerExtenderCallbacks(self, callbacks):
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("Otter")
# create the log and a lock on which to synchronize when adding log entries
self._log = ArrayList()
self._lock = Lock()
# main split pane for log entries and request/response viewing
self._settingPanel = JPanel()
self._logPane = JSplitPane(JSplitPane.VERTICAL_SPLIT)
# setup settings pane ui
self._settingPanel.setBounds(0,0,1000,1000)
self._settingPanel.setLayout(None)
self._isRegexp = JCheckBox("Use regexp for matching.")
self._isRegexp.setBounds(10, 10, 220, 20)
matchLabel = JLabel("String to Match:")
matchLabel.setBounds(10, 40, 200, 20)
self._matchString = JTextArea("User 1 Session Information")
self._matchString.setWrapStyleWord(True)
self._matchString.setLineWrap(True)
matchString = JScrollPane(self._matchString)
matchString.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
matchString.setBounds(10, 60, 400, 200)
replaceLabel = JLabel("String to Replace:")
replaceLabel.setBounds(10, 270, 200, 20)
self._replaceString = JTextArea("User 2 Session Information")
self._replaceString.setWrapStyleWord(True)
self._replaceString.setLineWrap(True)
replaceString = JScrollPane(self._replaceString)
replaceString.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
replaceString.setBounds(10, 290, 400, 200)
self._settingPanel.add(self._isRegexp)
self._settingPanel.add(matchLabel)
self._settingPanel.add(matchString)
self._settingPanel.add(replaceLabel)
self._settingPanel.add(replaceString)
# table of log entries
logTable = Table(self)
logTable.getColumnModel().getColumn(0).setPreferredWidth(700)
logTable.getColumnModel().getColumn(1).setPreferredWidth(150)
logTable.getColumnModel().getColumn(2).setPreferredWidth(100)
logTable.getColumnModel().getColumn(3).setPreferredWidth(130)
logTable.getColumnModel().getColumn(4).setPreferredWidth(100)
logTable.getColumnModel().getColumn(5).setPreferredWidth(130)
scrollPane = JScrollPane(logTable)
self._logPane.setLeftComponent(scrollPane)
# tabs with request/response viewers
logTabs = JTabbedPane()
self._origRequestViewer = callbacks.createMessageEditor(self, False)
self._origResponseViewer = callbacks.createMessageEditor(self, False)
self._modRequestViewer = callbacks.createMessageEditor(self, False)
self._modResponseViewer = callbacks.createMessageEditor(self, False)
logTabs.addTab("Original Request", self._origRequestViewer.getComponent())
logTabs.addTab("Original Response", self._origResponseViewer.getComponent())
logTabs.addTab("Modified Request", self._modRequestViewer.getComponent())
logTabs.addTab("Modified Response", self._modResponseViewer.getComponent())
self._logPane.setRightComponent(logTabs)
# top most tab interface that seperates log entries from settings
maintabs = JTabbedPane()
maintabs.addTab("Log Entries", self._logPane)
maintabs.addTab("Settings", self._settingPanel)
self._maintabs = maintabs
# customize the UI components
callbacks.customizeUiComponent(maintabs)
# add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
# register ourselves as an HTTP listener
callbacks.registerHttpListener(self)
return
def draw(self):
""" init the match/replace tab
"""
#todo add an option to ignore large requests
padding = 5
labelWidth = 140
labelHeight = 30
editHeight = 110
editWidth = 300
buttonWidth = 120
buttonHeight = 30
column1X = 10
column2X = column1X + labelWidth + padding
column3X = column2X + editWidth + padding
MRStrings = [
"Headers (simple string):", "Headers (regex):",
"Body (simple string):", "Body (regex):"
]
row1Y = 10
row2Y = row1Y + labelHeight + padding
row3Y = row2Y + editHeight + padding
row4Y = row3Y + editHeight + padding
row5Y = row4Y + labelHeight + padding
row6Y = row5Y + buttonHeight + padding
MRTypeLabel = JLabel("Type:")
MRTypeLabel.setBounds(column1X, row1Y, labelWidth, labelHeight)
MContent = JLabel("Match:")
MContent.setBounds(column1X, row2Y, labelWidth, labelHeight)
RContent = JLabel("Replace:")
RContent.setBounds(column1X, row3Y, labelWidth, labelHeight)
MRLabelList = JLabel("Filter List:")
MRLabelList.setBounds(column1X, row5Y, labelWidth, labelHeight)
self._extender.MRType = JComboBox(MRStrings)
self._extender.MRType.setBounds(column2X, row1Y, editWidth,
labelHeight)
self._extender.MText = JTextArea("", 5, 30)
scrollMText = JScrollPane(self._extender.MText)
scrollMText.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollMText.setBounds(column2X, row2Y, editWidth, editHeight)
self._extender.RText = JTextArea("", 5, 30)
scrollRText = JScrollPane(self._extender.RText)
scrollRText.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollRText.setBounds(column2X, row3Y, editWidth, editHeight)
# i couldn't figure out how to have a model that contained anythin other than a string
# so i'll use 2 models, one with the data and one for the JList
self._extender.badProgrammerMRModel = {}
self._extender.MRModel = DefaultListModel()
self._extender.MRList = JList(self._extender.MRModel)
scrollMRList = JScrollPane(self._extender.MRList)
scrollMRList.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollMRList.setBounds(column2X, row5Y, editWidth, editHeight)
scrollMRList.setBorder(LineBorder(Color.BLACK))
self._extender.MRAdd = JButton("Add filter",
actionPerformed=self.addMRFilter)
self._extender.MRAdd.setBounds(column2X, row4Y, buttonWidth,
buttonHeight)
self._extender.MRDel = JButton("Remove filter",
actionPerformed=self.delMRFilter)
self._extender.MRDel.setBounds(column3X, row5Y, buttonWidth,
buttonHeight)
self._extender.MRMod = JButton("Modify filter",
actionPerformed=self.modMRFilter)
self._extender.MRMod.setBounds(column3X,
row5Y + buttonHeight + padding,
buttonWidth, buttonHeight)
self._extender.MRFeedback = JLabel("")
self._extender.MRFeedback.setBounds(column1X, row6Y,
column3X + buttonWidth,
labelHeight)
self._extender.MRPnl = JPanel()
self._extender.MRPnl.setLayout(None)
self._extender.MRPnl.setBounds(0, 0, 1000, 1000)
self._extender.MRPnl.add(MRTypeLabel)
self._extender.MRPnl.add(self._extender.MRType)
self._extender.MRPnl.add(MContent)
self._extender.MRPnl.add(scrollMText)
self._extender.MRPnl.add(RContent)
self._extender.MRPnl.add(scrollRText)
self._extender.MRPnl.add(self._extender.MRAdd)
self._extender.MRPnl.add(MRLabelList)
self._extender.MRPnl.add(scrollMRList)
self._extender.MRPnl.add(self._extender.MRDel)
self._extender.MRPnl.add(self._extender.MRMod)
self._extender.MRPnl.add(self._extender.MRFeedback)
def draw(self):
""" init configuration tab
"""
self._extender.startButton = JToggleButton("Autorize is off",
actionPerformed=self.startOrStop)
self._extender.startButton.setBounds(10, 20, 230, 30)
self._extender.clearButton = JButton("Clear List", actionPerformed=self.clearList)
self._extender.clearButton.setBounds(10, 80, 100, 30)
self._extender.autoScroll = JCheckBox("Auto Scroll")
self._extender.autoScroll.setBounds(145, 80, 130, 30)
self._extender.ignore304 = JCheckBox("Ignore 304/204 status code responses")
self._extender.ignore304.setBounds(280, 5, 300, 30)
self._extender.ignore304.setSelected(True)
self._extender.prevent304 = JCheckBox("Prevent 304 Not Modified status code")
self._extender.prevent304.setBounds(280, 25, 300, 30)
self._extender.interceptRequestsfromRepeater = JCheckBox("Intercept requests from Repeater")
self._extender.interceptRequestsfromRepeater.setBounds(280, 45, 300, 30)
self._extender.doUnauthorizedRequest = JCheckBox("Check unauthenticated")
self._extender.doUnauthorizedRequest.setBounds(280, 65, 300, 30)
self._extender.doUnauthorizedRequest.setSelected(True)
self._extender.saveHeadersButton = JButton("Save headers",
actionPerformed=self.saveHeaders)
self._extender.saveHeadersButton.setBounds(360, 115, 120, 30)
savedHeadersTitles = self.getSavedHeadersTitles()
self._extender.savedHeadersTitlesCombo = JComboBox(savedHeadersTitles)
self._extender.savedHeadersTitlesCombo.addActionListener(SavedHeaderChange(self._extender))
self._extender.savedHeadersTitlesCombo.setBounds(10, 115, 300, 30)
self._extender.replaceString = JTextArea("Cookie: Insert=injected; cookie=or;\nHeader: here", 5, 30)
self._extender.replaceString.setWrapStyleWord(True)
self._extender.replaceString.setLineWrap(True)
scrollReplaceString = JScrollPane(self._extender.replaceString)
scrollReplaceString.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollReplaceString.setBounds(10, 150, 470, 150)
self._extender.fetchButton = JButton("Fetch cookies from last request",
actionPerformed=self.fetchCookies)
self._extender.fetchButton.setEnabled(False)
self._extender.fetchButton.setBounds(10, 305, 250, 30)
self._extender.filtersTabs = JTabbedPane()
self._extender.filtersTabs = self._extender.filtersTabs
self._extender.filtersTabs.addTab("Enforcement Detector", self._extender.EDPnl)
self._extender.filtersTabs.addTab("Detector Unauthenticated", self._extender.EDPnlUnauth)
self._extender.filtersTabs.addTab("Interception Filters", self._extender.filtersPnl)
self._extender.filtersTabs.addTab("Match/Replace", self._extender.MRPnl)
self._extender.filtersTabs.addTab("Table Filter", self._extender.filterPnl)
self._extender.filtersTabs.addTab("Save/Restore", self._extender.exportPnl)
self._extender.filtersTabs.setSelectedIndex(2)
self._extender.filtersTabs.setBounds(0, 350, 2000, 700)
self._extender.pnl = JPanel()
self.pnl = self._extender.pnl
self.pnl.setBounds(0, 0, 1000, 1000)
self.pnl.setLayout(None)
self.pnl.add(self._extender.startButton)
self.pnl.add(self._extender.clearButton)
self.pnl.add(scrollReplaceString)
self.pnl.add(self._extender.saveHeadersButton)
self.pnl.add(self._extender.savedHeadersTitlesCombo)
self.pnl.add(self._extender.fetchButton)
self.pnl.add(self._extender.autoScroll)
self.pnl.add(self._extender.interceptRequestsfromRepeater)
self.pnl.add(self._extender.ignore304)
self.pnl.add(self._extender.prevent304)
self.pnl.add(self._extender.doUnauthorizedRequest)
self.pnl.add(self._extender.filtersTabs)
class JythonGui(ItemListener):
def __init__(self, instructionsURI=''):
self.instructionsURI = instructionsURI
self.logger = logging.getLogger('sasi_runner_gui')
self.logger.addHandler(logging.StreamHandler())
def log_fn(msg):
self.log_msg(msg)
self.logger.addHandler(FnLogHandler(log_fn))
self.logger.setLevel(logging.DEBUG)
self.selected_input_file = None
self.selected_output_file = None
self.frame = JFrame(
"SASI Runner",
defaultCloseOperation = WindowConstants.EXIT_ON_CLOSE,
)
self.frame.size = (650, 600,)
self.main_panel = JPanel()
self.main_panel.layout = BoxLayout(self.main_panel, BoxLayout.Y_AXIS)
self.frame.add(self.main_panel)
self.top_panel = JPanel(SpringLayout())
self.top_panel.alignmentX = Component.CENTER_ALIGNMENT
self.main_panel.add(self.top_panel)
self.stageCounter = 1
def getStageLabel(txt):
label = JLabel("%s. %s" % (self.stageCounter, txt))
self.stageCounter += 1
return label
# Instructions link.
self.top_panel.add(getStageLabel("Read the instructions:"))
instructionsButton = JButton(
('<HTML><FONT color="#000099">'
'<U>open instructions</U></FONT><HTML>'),
actionPerformed=self.browseInstructions)
instructionsButton.setHorizontalAlignment(SwingConstants.LEFT);
instructionsButton.setBorderPainted(False);
instructionsButton.setOpaque(False);
instructionsButton.setBackground(Color.WHITE);
instructionsButton.setToolTipText(self.instructionsURI);
self.top_panel.add(instructionsButton)
# 'Select input' elements.
self.top_panel.add(getStageLabel(
"Select a SASI .zip file or data folder:"))
self.top_panel.add(
JButton("Select input...", actionPerformed=self.openInputChooser))
# 'Select output' elements.
self.top_panel.add(getStageLabel("Specify an output file:"))
self.top_panel.add(
JButton("Specify output...", actionPerformed=self.openOutputChooser))
# 'Set result fields' elements.
result_fields = [
{'id': 'gear_id', 'label': 'Gear', 'selected': True,
'enabled': False},
{'id': 'substrate_id', 'label': 'Substrate', 'selected': True},
{'id': 'energy_id', 'label': 'Energy', 'selected': False},
{'id': 'feature_id', 'label': 'Feature', 'selected': False},
{'id': 'feature_category_id', 'label': 'Feature Category',
'selected': False}
]
self.selected_result_fields = {}
resolutionLabelPanel = JPanel(GridLayout(0,1))
resolutionLabelPanel.add(getStageLabel("Set result resolution:"))
resolutionLabelPanel.add(
JLabel(("<html><i>This sets the specificity with which<br>"
"results will be grouped. Note that enabling<br>"
"more fields can *greatly* increase resulting<br>"
"output sizes and run times.</i>")))
#self.top_panel.add(getStageLabel("Set result resolution:"))
self.top_panel.add(resolutionLabelPanel)
checkPanel = JPanel(GridLayout(0, 1))
self.top_panel.add(checkPanel)
self.resultFieldCheckBoxes = {}
for result_field in result_fields:
self.selected_result_fields.setdefault(
result_field['id'], result_field['selected'])
checkBox = JCheckBox(
result_field['label'], result_field['selected'])
checkBox.setEnabled(result_field.get('enabled', True))
checkBox.addItemListener(self)
checkPanel.add(checkBox)
self.resultFieldCheckBoxes[checkBox] = result_field
# 'Run' elements.
self.top_panel.add(getStageLabel("Run SASI: (this might take a while)"))
self.run_button = JButton("Run...", actionPerformed=self.runSASI)
self.top_panel.add(self.run_button)
SpringUtilities.makeCompactGrid(
self.top_panel, self.stageCounter - 1, 2, 6, 6, 6, 6)
# Progress bar.
self.progressBar = JProgressBar(0, 100)
self.main_panel.add(self.progressBar)
# Log panel.
self.log_panel = JPanel()
self.log_panel.alignmentX = Component.CENTER_ALIGNMENT
self.log_panel.setBorder(EmptyBorder(10,10,10,10))
self.main_panel.add(self.log_panel)
self.log_panel.setLayout(BorderLayout())
self.log = JTextArea()
self.log.editable = False
self.logScrollPane = JScrollPane(self.log)
self.logScrollPane.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self.logScrollBar = self.logScrollPane.getVerticalScrollBar()
self.log_panel.add(self.logScrollPane, BorderLayout.CENTER)
# File selectors
self.inputChooser = JFileChooser()
self.inputChooser.fileSelectionMode = JFileChooser.FILES_AND_DIRECTORIES
self.outputChooser = JFileChooser()
defaultOutputFile = os.path.join(System.getProperty("user.home"),
"sasi_project.zip")
self.outputChooser.setSelectedFile(File(defaultOutputFile));
self.outputChooser.fileSelectionMode = JFileChooser.FILES_ONLY
self.frame.setLocationRelativeTo(None)
self.frame.visible = True
def browseInstructions(self, event):
""" Open a browser to the instructions page. """
browseURI(self.instructionsURI)
def itemStateChanged(self, event):
""" Listen for checkbox changes. """
checkBox = event.getItemSelectable()
is_selected = (event.getStateChange() == ItemEvent.SELECTED)
result_field = self.resultFieldCheckBoxes[checkBox]
self.selected_result_fields[result_field['id']] = is_selected
def log_msg(self, msg):
""" Print message to log and scroll to bottom. """
self.log.append(msg + "\n")
self.log.setCaretPosition(self.log.getDocument().getLength())
def openInputChooser(self, event):
ret = self.inputChooser.showOpenDialog(self.frame)
if ret == JFileChooser.APPROVE_OPTION:
self.selected_input_file = self.inputChooser.selectedFile
self.log_msg("Selected '%s' as input." % self.selected_input_file.path)
def openOutputChooser(self, event):
ret = self.outputChooser.showSaveDialog(self.frame)
if ret == JFileChooser.APPROVE_OPTION:
selectedPath = self.outputChooser.selectedFile.path
if not selectedPath.endswith('.zip'):
zipPath = selectedPath + '.zip'
self.outputChooser.setSelectedFile(File(zipPath))
self.selected_output_file = self.outputChooser.selectedFile
self.log_msg(
"Selected '%s' as output." % self.selected_output_file.path)
def runSASI(self, event):
try:
self.validateParameters()
except Exception as e:
self.log_msg("ERROR: '%s'" % e)
# Run task in a separate thread, so that log
# messages will be shown as task progresses.
def run_task():
self.tmp_dir = tempfile.mkdtemp(prefix="sasi_runner.")
self.db_file = os.path.join(self.tmp_dir, "sasi_runner.db")
self.progressBar.setValue(0)
self.progressBar.setIndeterminate(True)
def get_connection():
engine = create_engine('h2+zxjdbc:////%s' % self.db_file)
con = engine.connect()
return con
try:
# Set result fields.
result_fields = []
for field_id, is_selected in self.selected_result_fields.items():
if is_selected: result_fields.append(field_id)
task = RunSasiTask(
input_path=self.selected_input_file.path,
output_file=self.selected_output_file.path,
logger=self.logger,
get_connection=get_connection,
config={
'result_fields': result_fields,
'run_model': {
'run': {
'batch_size': 'auto',
}
},
'output': {
'batch_size': 'auto',
},
}
)
task.call()
except Exception as e:
self.logger.exception("Could not complete task")
self.progressBar.setIndeterminate(False)
self.progressBar.setValue(100)
try:
shutil.rmtree(self.tmp_dir)
except:
pass
Thread(target=run_task).start()
def validateParameters(self):
return True
def initProjSettingsTab(self):
# init project settings
projNameLabel = JLabel("Name:")
projNameLabel.setBounds(10, 50, 140, 30)
self.projName = JTextField("")
self.projName.setBounds(140, 50, 320, 30)
self.projName.getDocument().addDocumentListener(projTextChanged(self))
detailsLabel = JLabel("Details:")
detailsLabel.setBounds(10, 120, 140, 30)
reportLabel = JLabel("Generate Report:")
reportLabel.setBounds(10, 375, 140, 30)
types = ["DOCX","HTML","XLSX"]
self.reportType = JComboBox(types)
self.reportType.setBounds(10, 400, 140, 30)
generateReportButton = JButton("Generate", actionPerformed=self.generateReport)
generateReportButton.setBounds(160, 400, 90, 30)
self.projDetails = JTextArea("", 5, 30)
self.projDetails.setWrapStyleWord(True);
self.projDetails.setLineWrap(True)
projDetailsScroll = JScrollPane(self.projDetails)
projDetailsScroll.setBounds(10, 150, 450, 175)
projDetailsScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
projPathLabel = JLabel("Path:")
projPathLabel.setBounds(10, 90, 140, 30)
self.projPath = JTextField("")
self.projPath.setBounds(140, 90, 320, 30)
chooseProjPathButton = JButton("Browse...",actionPerformed=self.chooseProjPath)
chooseProjPathButton.setBounds(470, 90, 100, 30)
importProjButton = JButton("Import",actionPerformed=self.importProj)
importProjButton.setBounds(470, 10, 100, 30)
exportProjButton = JButton("Export",actionPerformed=self.exportProj)
exportProjButton.setBounds(575, 10, 100, 30)
openProjButton = JButton("Open Directory",actionPerformed=self.openProj)
openProjButton.setBounds(680, 10, 130, 30)
currentProjectLabel = JLabel("Current:")
currentProjectLabel.setBounds(10, 10, 140, 30)
projects = self.config.options('projects')
self.currentProject = JComboBox(projects)
self.currentProject.addActionListener(projectChangeHandler(self))
self.currentProject.setBounds(140, 10, 140, 30)
self.autoSave = JCheckBox("Auto Save Mode")
self.autoSave.setEnabled(False) # implement this feature
self.autoSave.setBounds(300, 10, 140, 30)
self.autoSave.setToolTipText("Will save any changed value while focus is out")
addProjButton = JButton("Add / Update",actionPerformed=self.addProj)
addProjButton.setBounds(10, 330, 150, 30)
removeProjButton = JButton("Remove Current",actionPerformed=self.rmProj)
removeProjButton.setBounds(315, 330, 146, 30)
generalOptions = self.config.options('general')
if 'default project' in generalOptions:
defaultProj = self.config.get('general','default project')
self.currentProject.getModel().setSelectedItem(defaultProj)
self.projPath.setText(self.config.get('projects',self.currentProject.getSelectedItem()))
self.clearProjTab = True
self.projectSettings = JPanel()
self.projectSettings.setBounds(0, 0, 1000, 1000)
self.projectSettings.setLayout(None)
self.projectSettings.add(reportLabel)
self.projectSettings.add(detailsLabel)
self.projectSettings.add(projPathLabel)
self.projectSettings.add(addProjButton)
self.projectSettings.add(openProjButton)
self.projectSettings.add(projNameLabel)
self.projectSettings.add(projDetailsScroll)
self.projectSettings.add(importProjButton)
self.projectSettings.add(exportProjButton)
self.projectSettings.add(removeProjButton)
self.projectSettings.add(generateReportButton)
self.projectSettings.add(chooseProjPathButton)
self.projectSettings.add(currentProjectLabel)
self.projectSettings.add(self.projPath)
self.projectSettings.add(self.autoSave)
self.projectSettings.add(self.projName)
self.projectSettings.add(self.reportType)
self.projectSettings.add(self.currentProject)
def openGUI(self, invocation):
try:
# Get values from request or response the extension is invoked from and prepopulate GUI values
invMessage = invocation.getSelectedMessages()
message = invMessage[0]
originalHttpService = message.getHttpService()
self.originalMsgProtocol = originalHttpService.getProtocol()
self.originalMsgHost = originalHttpService.getHost()
self.originalMsgPort = originalHttpService.getPort()
except:
self.originalMsgProtocol = ''
self.originalMsgHost = ''
self.originalMsgPort = ''
try:
self.cookies = self._callbacks.getCookieJarContents()
self.cookie = ''
except:
pass
self.SSL = 'http://'
self.listType = ''
self.parsedList = []
# Set up main window (JFrame)
self.window = JFrame("Directory Listing Parser for Burp Suite", preferredSize=(600, 475), windowClosing=self.closeUI)
self.window.setDefaultCloseOperation(JFrame.DO_NOTHING_ON_CLOSE)
emptyBorder = BorderFactory.createEmptyBorder(10, 10, 10, 10)
self.window.contentPane.setBorder(emptyBorder)
self.window.contentPane.layout = BorderLayout()
# Main window title placed at the top of the main window with an invisible bottom border
titlePanel = JPanel()
titleBorder = BorderFactory.createEmptyBorder(0, 0, 10, 0)
title = JLabel("Directory Listing Parser for Burp Suite", JLabel.CENTER)
title.setBorder(titleBorder)
title.setFont(Font("Default", Font.PLAIN, 18))
titlePanel.add(title)
self.window.contentPane.add("North", titlePanel)
# Left panel for user input, consisting of hostname, directory prefix, ssl, port, type of listing, and file
self.leftPanel = JPanel()
self.leftPanel.layout = GridLayout(14, 1, 3, 3)
hostnameLabel = JLabel("Hostname:")
if self.originalMsgHost:
self.hostnameTextField = JTextField(self.originalMsgHost.rstrip())
else:
self.hostnameTextField = JTextField('Hostname')
dirPrefixLabel = JLabel("Full Directory Prefix (Windows):")
self.dirPrefixField = JTextField('C:\\var\www\\')
sslLabel = JLabel("SSL:")
self.radioBtnSslEnabled = JRadioButton('Enabled (https)', actionPerformed=self.radioSsl)
self.radioBtnSslDisabled = JRadioButton('Disabled (http)', actionPerformed=self.radioSsl)
sslButtonGroup = ButtonGroup()
sslButtonGroup.add(self.radioBtnSslEnabled)
sslButtonGroup.add(self.radioBtnSslDisabled)
if self.originalMsgProtocol == "https":
self.radioBtnSslEnabled.setSelected(True)
else:
self.radioBtnSslDisabled.setSelected(True)
portLabel = JLabel("Port:")
if self.originalMsgPort:
self.portTextField = JTextField(str(self.originalMsgPort).rstrip())
else:
self.portTextField = JTextField('80')
osLabel = JLabel("Type of File Listing:")
self.types = ('Windows \'dir /s\'', 'Linux \'ls -lR\'', 'Linux \'ls -R\'')
self.comboListingType = JComboBox(self.types)
uploadLabel = JLabel("Directory Listing File:")
self.uploadTextField = JTextField('')
uploadButton = JButton('Choose File', actionPerformed=self.chooseFile)
self.leftPanel.add(hostnameLabel)
self.leftPanel.add(self.hostnameTextField)
self.leftPanel.add(dirPrefixLabel)
self.leftPanel.add(self.dirPrefixField)
self.leftPanel.add(sslLabel)
self.leftPanel.add(self.radioBtnSslEnabled)
self.leftPanel.add(self.radioBtnSslDisabled)
self.leftPanel.add(portLabel)
self.leftPanel.add(self.portTextField)
self.leftPanel.add(osLabel)
self.leftPanel.add(self.comboListingType)
self.leftPanel.add(uploadLabel)
self.leftPanel.add(self.uploadTextField)
self.leftPanel.add(uploadButton)
# Right panel consisting of a text area for the URL list
self.UrlPanelLabel = JLabel("URL List:")
self.textArea = JTextArea()
self.textArea.setEditable(True)
self.textArea.setFont(Font("Default", Font.PLAIN, 14))
if self.cookies:
self.textArea.append('Cookies Found:\n')
for cookie in self.cookies:
if cookie.getDomain() in self.originalMsgHost:
self.cookie += cookie.getName() + '=' + cookie.getValue() + '; '
self.textArea.append(cookie.getName() + '=' + cookie.getValue() + '\n')
scrollArea = JScrollPane(self.textArea)
scrollArea.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
scrollArea.setPreferredSize(Dimension(400, 200))
self.rightPanel = JPanel()
self.rightPanel.setLayout(BorderLayout(3, 3))
self.rightPanel.add(self.UrlPanelLabel, BorderLayout.NORTH)
self.rightPanel.add(scrollArea, BorderLayout.CENTER)
# Panel for the generate URL list and import URL list buttons
generatePanel = JPanel()
generatePanel.layout = BorderLayout(3, 3)
generateButton = JButton('Generate URL List', actionPerformed=self.generateUrlList)
importButton = JButton('Import URL List to Burp Site Map', actionPerformed=self.confirmImport)
generatePanel.add("North", generateButton)
generatePanel.add("South", importButton)
self.rightPanel.add("South", generatePanel)
# Add the two main panels to the left and right sides
self.window.contentPane.add("East", self.rightPanel)
self.window.contentPane.add("West", self.leftPanel)
# Create a panel to be used for the file chooser window
self.uploadPanel = JPanel()
self.window.pack()
self.window.show()
class BurpExtender(IBurpExtender, IContextMenuFactory, ITab, IHttpListener, IMessageEditorController, AbstractTableModel):
def registerExtenderCallbacks(self, callbacks):
self.messages = []
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self._callbacks.setExtensionName('TPLogScan')
self._log = ArrayList()
self._lock = Lock()
self.jSplitPaneV = JSplitPane(JSplitPane.VERTICAL_SPLIT, True)
self.jSplitPaneV.setDividerLocation(300)
self.jSplitPaneV.setOneTouchExpandable(True)
self.jPanel_top = JPanel()
self.jTabbedPane = JTabbedPane(JTabbedPane.TOP)
self.iRequestTextEditor = self._callbacks.createMessageEditor(self, False)
self.iResponseTextEditor = self._callbacks.createMessageEditor(self, False)
self.jTable = CustomTable(self)
self.jTable.setShowGrid(True)
self.jTable.setAutoCreateRowSorter(True)
self.jTable.setAutoResizeMode(JTable.AUTO_RESIZE_SUBSEQUENT_COLUMNS)
first_column_model = self.jTable.getColumnModel().getColumn(0)
first_column_model.setPreferredWidth(60);
first_column_model.setMaxWidth(60)
first_column_model.setMinWidth(60)
self.jTable.getColumnModel().getColumn(1).setPreferredWidth(300)
third_column_model = self.jTable.getColumnModel().getColumn(2)
third_column_model.setPreferredWidth(100)
third_column_model.setMinWidth(100)
self.jTable.getColumnModel().getColumn(3).setPreferredWidth(600)
self.jTable.getColumnModel().getColumn(4).setPreferredWidth(100)
self.jTable.getColumnModel().getColumn(5).setPreferredWidth(100)
self.jScrollPane1 = JScrollPane(self.jTable)
self.jScrollPane1.setHorizontalScrollBarPolicy(ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED)
self.jScrollPane1.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
self.jTabbedPane.addTab("Log", self.jScrollPane1)
self.jPanel_top.add(self.jTabbedPane)
self.jPanel_top.setLayout(GridLayout(1,1))
self.jSplitPaneInfo = JSplitPane(JSplitPane.HORIZONTAL_SPLIT, True)
self.jSplitPaneInfo.setDividerLocation(650)
self.jSplitPaneInfo.setOneTouchExpandable(True)
self.jPanel_reqInfo_left = JPanel()
self.jPanel_respInfo_right = JPanel()
self.jPanel_reqInfo_left.setLayout(BorderLayout())
self.jPanel_respInfo_right.setLayout(BorderLayout())
self.jPanel_reqInfo_left.add(self.iRequestTextEditor.getComponent(),
BorderLayout.CENTER)
self.jPanel_respInfo_right.add(self.iResponseTextEditor.getComponent(),
BorderLayout.CENTER)
self.jSplitPaneInfo.add(self.jPanel_reqInfo_left, JSplitPane.LEFT)
self.jSplitPaneInfo.add(self.jPanel_respInfo_right, JSplitPane.RIGHT)
self.jSplitPaneV.add(self.jPanel_top, JSplitPane.TOP)
self.jSplitPaneV.add(self.jSplitPaneInfo, JSplitPane.BOTTOM)
self._callbacks.customizeUiComponent(self.jSplitPaneV)
self._callbacks.customizeUiComponent(self.jPanel_top)
self._callbacks.customizeUiComponent(self.jTabbedPane)
self._callbacks.customizeUiComponent(self.jTable)
self._callbacks.customizeUiComponent(self.jScrollPane1)
self._callbacks.customizeUiComponent(self.jSplitPaneInfo)
self._callbacks.customizeUiComponent(self.jPanel_reqInfo_left)
self._callbacks.customizeUiComponent(self.jPanel_respInfo_right)
self._callbacks.addSuiteTab(self)
self._callbacks.registerHttpListener(self)
self._callbacks.registerContextMenuFactory(self)
return
def getTabCaption(self):
return 'TPLogScan'
def getUiComponent(self):
return self.jSplitPaneV
def getRowCount(self):
try:
return self._log.size()
except:
return 0
def getColumnCount(self):
return 6
def getColumnName(self, columnIndex):
if columnIndex == 0:
return "#"
if columnIndex == 1:
return "Host"
if columnIndex == 2:
return "Method"
if columnIndex == 3:
return "URL"
if columnIndex == 4:
return "Status"
if columnIndex == 5:
return "Length"
return ""
def getValueAt(self, rowIndex, columnIndex):
logEntry = self._log.get(rowIndex)
url = logEntry._url.toString()
url_parse = urlparse.urlparse(url)
if url_parse.netloc.find(':') != -1:
netloc = url_parse.netloc[:url_parse.netloc.find(':')]
host = url_parse.scheme + '://' + netloc
path = url_parse.path
if columnIndex == 0:
return rowIndex+1
if columnIndex == 1:
return host
if columnIndex == 2:
return logEntry._method
if columnIndex == 3:
return path
if columnIndex == 4:
return logEntry._status_code
if columnIndex == 5:
return logEntry._length
return ""
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
# tool_name = self._callbacks.getToolName(toolFlag)
# if tool_name != 'Extender':
if toolFlag != 1024:
return
if messageIsRequest:
return
request_info = self._helpers.analyzeRequest(messageInfo)
response_info = self._helpers.analyzeResponse(messageInfo.getResponse())
response_headers = response_info.getHeaders()
response_length = 0
for header in response_headers:
header = header.encode('utf-8')
if header.startswith("Content-Length"):
response_length = int(header.replace('Content-Length: ', ''))
length = response_length if response_length > 0 else 0
self._lock.acquire()
row = self._log.size()
self._log.add(LogEntry(toolFlag, self._callbacks.saveBuffersToTempFiles(messageInfo), request_info.getUrl(),request_info.getMethod(),response_info.getStatusCode(),length))
self.fireTableRowsInserted(row, row)
self._lock.release()
def getHttpService(self):
return self._currentlyDisplayedItem.getHttpService()
def getRequest(self):
return self._currentlyDisplayedItem.getRequest()
def getResponse(self):
return self._currentlyDisplayedItem.getResponse()
def loadMenus(self):
self.menus = []
self.mainMenu = JMenu("TPLogScan")
self.menus.append(self.mainMenu)
menu = JMenuItem('ThinkPHP v3', None, actionPerformed=lambda x: self.eventHandler(x))
self.mainMenu.add(menu)
menu = JMenuItem('ThinkPHP v5', None, actionPerformed=lambda x: self.eventHandler(x))
self.mainMenu.add(menu)
def createMenuItems(self, invocation):
self.loadMenus()
self.messages = invocation.getSelectedMessages()
return self.menus if self.menus else None
def eventHandler(self, x):
menuName = x.getSource().text
if menuName == 'ThinkPHP v3':
version = 3
elif menuName == 'ThinkPHP v5':
version = 5
else:
print("chose error")
return
for message in self.messages:
url = str(self._helpers.analyzeRequest(message).getUrl())
url_parse = urlparse.urlparse(url)
url = url_parse.scheme + '://' + url_parse.netloc
print("[*] url: {}".format(url))
datetime_now = datetime.datetime.now()
year = (datetime_now - datetime.timedelta(days=30)).year
month = (datetime_now - datetime.timedelta(days=30)).month
day = (datetime_now - datetime.timedelta(days=30)).day
tplogscan = TPLogScan(url, version, year, month, day)
log_path = tplogscan.checkLogPath()
if not log_path:
print("[-] {} can't get log file! ".format(url))
self._callbacks.issueAlert("{} can't get log file".format(url))
return
filename_list = tplogscan.genFileName()
t = threading.Thread(target=self.logScan, args=(message, version, log_path, filename_list))
t.start()
def logScan(self, message, version, log_path, filename_list):
http_service = message.getHttpService()
old_request = self._helpers.bytesToString(message.getRequest())
old_path = self._helpers.analyzeRequest(message).getUrl().getPath()
for filename in filename_list:
try:
new_request = old_request.replace(" " + old_path + " HTTP/", " " + log_path+filename + " HTTP/")
response, status_code = self.sendRequest(http_service, new_request)
if status_code != 200:
continue
tmp_filename = filename
now_filename = ''
pattern = re.compile(r"\[ (\d{4}-\d{2}-\d{2})T((\d{2}:){2}\d{2})\+08:00 \]")
flag = True
while flag:
match_result = pattern.search(response)
if not match_result:
break
time_str = match_result.group(1) + ' ' + match_result.group(2)
timeArray = time.strptime(time_str, "%Y-%m-%d %H:%M:%S")
timestamp = int(time.mktime(timeArray))
timestamp_list = [str(timestamp), str(timestamp-1), str(timestamp-2), str(timestamp-3)]
for timestamp in timestamp_list:
if version == 3:
tmp_filename = timestamp + '-' + filename
else:
tmp_filename = filename[:filename.find('/')] + '/' + timestamp + '-' + filename[filename.find('/')+1:]
if tmp_filename == now_filename:
flag = False
break
new_request = old_request.replace(" " + old_path + " HTTP/", " " + log_path+tmp_filename + " HTTP/")
response, status_code = self.sendRequest(http_service, new_request)
if status_code == 200:
now_filename = tmp_filename
break
except Exception as e:
print("[-] error: {}".format(e))
print('[*] Log Scan complete!')
def sendRequest(self, http_service, new_request):
checkRequestResponse = self._callbacks.makeHttpRequest(http_service, self._helpers.stringToBytes(new_request))
status_code = self._helpers.analyzeResponse(checkRequestResponse.getResponse()).getStatusCode()
print('[*] {} | {}'.format(self._helpers.analyzeRequest(checkRequestResponse).getUrl(), status_code))
return self._helpers.bytesToString(checkRequestResponse.getResponse()), status_code
def draw(self):
""" init interception filters tab
"""
self._extender.savedHeaders = [{"title": "Temporary headers", "headers": "Cookie: Insert=injected; cookie=or;\nHeader: here"}]
# IFStrings has to contains : character
IFStrings = ["Scope items only: (Content is not required)",
"URL Contains (simple string): ",
"URL Contains (regex): ",
"URL Not Contains (simple string): ",
"URL Not Contains (regex): ",
"Only HTTP methods (newline separated): ",
"Ignore HTTP methods (newline separated): ",
"Ignore spider requests: (Content is not required)",
"Ignore proxy requests: (Content is not required)",
"Ignore target requests: (Content is not required)"]
self._extender.IFType = JComboBox(IFStrings)
self._extender.IFType.setBounds(80, 10, 430, 30)
self._extender.IFModel = DefaultListModel()
self._extender.IFList = JList(self._extender.IFModel)
scrollIFList = JScrollPane(self._extender.IFList)
scrollIFList.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollIFList.setBounds(80, 175, 300, 110)
scrollIFList.setBorder(LineBorder(Color.BLACK))
# Adding some default interception filters
# self.IFModel.addElement("Scope items only: (Content is not required)") # commented for better first impression.
self._extender.IFModel.addElement("URL Not Contains (regex): \\.js|\\.css|\\.png|\\.jpg|\\.svg|\\.jpeg|\\.gif|\\.woff|\\.map|\\.bmp|\\.ico$")
self._extender.IFModel.addElement("Ignore spider requests: ")
self._extender.IFText = JTextArea("", 5, 30)
scrollIFText = JScrollPane(self._extender.IFText)
scrollIFText.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollIFText.setBounds(80, 50, 300, 110)
IFLType = JLabel("Type:")
IFLType.setBounds(10, 10, 140, 30)
IFLContent = JLabel("Content:")
IFLContent.setBounds(10, 50, 140, 30)
IFLabelList = JLabel("Filter List:")
IFLabelList.setBounds(10, 165, 140, 30)
self._extender.IFAdd = JButton("Add filter", actionPerformed=self.addIFFilter)
self._extender.IFAdd.setBounds(390, 85, 120, 30)
self._extender.IFDel = JButton("Remove filter", actionPerformed=self.delIFFilter)
self._extender.IFDel.setBounds(390, 210, 120, 30)
self._extender.IFMod = JButton("Modify filter", actionPerformed=self.modIFFilter)
self._extender.IFMod.setBounds(390, 250, 120, 30)
self._extender.filtersPnl = JPanel()
self._extender.filtersPnl.setLayout(None)
self._extender.filtersPnl.setBounds(0, 0, 1000, 1000)
self._extender.filtersPnl.add(IFLType)
self._extender.filtersPnl.add(self._extender.IFType)
self._extender.filtersPnl.add(IFLContent)
self._extender.filtersPnl.add(scrollIFText)
self._extender.filtersPnl.add(self._extender.IFAdd)
self._extender.filtersPnl.add(self._extender.IFDel)
self._extender.filtersPnl.add(self._extender.IFMod)
self._extender.filtersPnl.add(IFLabelList)
self._extender.filtersPnl.add(scrollIFList)
def setLayer(self, layer):
self.__layer = layer
### PROPERTY NAME
propertyTablenametosue = self.__layer.getProperty(
"reportbypoint.tablenametouse")
if propertyTablenametosue == None:
propertyTablenametosue = self.__layer.getName()
self.txtTableNameToUse.setText(propertyTablenametosue)
### PROPERTY FIELDS
i18nManager = ToolsLocator.getI18nManager()
columnNames = [
i18nManager.getTranslation("_Field_name"),
i18nManager.getTranslation("_Name_to_show"),
i18nManager.getTranslation("_Show")
]
propertyFields = self.__layer.getProperty("reportbypoint.fields")
if propertyFields == None:
featureType = self.__layer.getFeatureStore().getDefaultFeatureType(
)
propertyFields = [[attr.getName(),
attr.getName(), True] for attr in featureType]
model = MyDefaultTableModel(propertyFields, columnNames)
table = FieldsPropertiesTable(model)
table.setAutoResizeMode(3)
#table.getColumnModel().getColumn(0).setPreferredWidth(50)
#table.getColumnModel().getColumn(1).setPreferredWidth(50)
#table.getColumnModel().getColumn(2).setPreferredWidth(8)
pane = JScrollPane(table)
pane.setVerticalScrollBarPolicy(
ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS)
self.jplTable.setLayout(BorderLayout())
self.jplTable.add(pane, BorderLayout.CENTER)
# Access
# jpl1 = self.jpl1.getComponents()[0]
# print "Jpl1 - Value Slider: ", jpl1.getValue()
#
#self.tblFields.setModel(model)
#self.getFieldsToUse()
###
### Property one record
###
propertyOnerecordreport = self.__layer.getProperty(
"reportbypoint.onerecordreport")
if propertyOnerecordreport == None:
propertyOnerecordreport = False
self.chkOneRecord.setSelected(propertyOnerecordreport)
###
### Property format
###
propertyFormat = self.__layer.getProperty("reportbypoint.typereport")
if propertyFormat == None:
propertyFormat = 0
model = self.cboTypeReport.getModel()
size = model.getSize()
for i in range(0, size):
element = model.getElementAt(i)
if element.getFormatType() == propertyFormat:
self.cboTypeReport.setSelectedIndex(i)
class ChatClient(JFrame):
## Constructor method, receives the variables from the ChatApp class as parameters
def __init__(self, name, greeting, tn):
'''Constructor, initialises base class & assigns variables
'''
# Call to the super method to take care of the base class(es)
super(ChatClient, self).__init__()
# Assign the relevent variable names
self.username=name
self.greeting=greeting
self.tn = tn
self.no_users=[]
# Initiate the Threaded function for receiving messages
t1=Thread(target=self.recvFunction)
# Set to daemon
t1.daemon=True
t1.start()
#Call the main UI
uI=self.clientUI()
## Main GUI building function
def clientUI(self):
'''ClientUI and Widget creation
'''
# Colours
foreground_colour = Color(30,57,68)
background_colour = Color(247,246,242)
window_background = Color(145,190,210)
# Borders
self.border2=BorderFactory.createLineBorder(foreground_colour,1, True)
# Fonts
self.font= Font("Ubuntu Light", Font.BOLD, 20)
self.label_font= Font("Ubuntu Light", Font.BOLD, 17)
self.label_2_font= Font( "Ubuntu Light",Font.BOLD, 12)
self.btn_font=Font("Ubuntu Light", Font.BOLD, 15)
# Set the layout parameters
self.client_layout=GroupLayout(self.getContentPane())
self.getContentPane().setLayout(self.client_layout)
self.getContentPane().setBackground(window_background)
self.client_layout.setAutoCreateGaps(True)
self.client_layout.setAutoCreateContainerGaps(True)
self.setPreferredSize(Dimension(400, 450))
# Create widgets and assemble the GUI
# Main display area
self.main_content=JTextPane()
self.main_content.setBackground(background_colour)
#self.main_content.setForeground(foreground_colour)
self.main_content.setEditable(False)
# Message entry area
self.message=JTextArea( 2,2, border=self.border2, font=self.label_font, keyPressed=self.returnKeyPress)
self.message.requestFocusInWindow()
self.message.setBackground(background_colour)
self.message.setForeground(foreground_colour)
self.message.setLineWrap(True)
self.message.setWrapStyleWord(True)
self.message.setBorder(BorderFactory.createEmptyBorder(3,3,3,3))
self.message.getInputMap().put(KeyStroke.getKeyStroke(KeyEvent.VK_ENTER,0), self.returnKeyPress)
# BUttons
quit_btn=JButton("Quit!", actionPerformed=ChatApp().closeEvent, border=self.border2, font=self.btn_font)
go_btn=JButton("Send", actionPerformed=self.grabText, border=self.border2, font=self.btn_font)
quit_btn.setBackground(background_colour)
go_btn.setBackground(background_colour)
quit_btn.setForeground(foreground_colour)
go_btn.setForeground(foreground_colour)
# Make scrollable
self.scroll_content=JScrollPane(self.main_content)
self.scroll_content.setPreferredSize(Dimension(150,275))
self.scroll_content.setHorizontalScrollBarPolicy(ScrollPaneConstants.HORIZONTAL_SCROLLBAR_NEVER)
self.scroll_content.setViewportView(self.main_content)
self.scroll_content.setBackground(Color.WHITE)
self.scroll_message=JScrollPane(self.message)
self.scroll_message.setPreferredSize(Dimension(150,20))
self.scroll_message.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS)
# Test user label, still not updating after first round of messages
self.user_label=JLabel(" Users online : %s "%(str(len(self.no_users))),JLabel.RIGHT, font=self.label_2_font)
# Assemble the components
# Horizontal layout
self.client_layout.setHorizontalGroup(self.client_layout.createParallelGroup()
.addComponent(self.scroll_content)
.addGroup(self.client_layout.createParallelGroup(GroupLayout.Alignment.CENTER)
.addComponent(self.scroll_message))
.addGroup(self.client_layout.createSequentialGroup()
.addComponent(quit_btn)
.addComponent(go_btn).addGap(20))
.addGroup(self.client_layout.createParallelGroup()
.addComponent(self.user_label))
)
# Vertical layout
self.client_layout.setVerticalGroup(self.client_layout.createSequentialGroup()
.addGroup(self.client_layout.createParallelGroup()
.addComponent(self.scroll_content))
.addComponent(self.scroll_message)
.addGroup(self.client_layout.createParallelGroup()
.addComponent(quit_btn)
.addComponent(go_btn))
.addGroup(self.client_layout.createParallelGroup()
.addComponent(self.user_label))
)
# Finalise the GUI
self.client_layout.linkSize(SwingConstants.HORIZONTAL, [quit_btn,go_btn, self.user_label])
self.pack()
self.message.requestFocusInWindow()
self.setTitle(">>> Client %s <<<"%self.username)
self.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE)
self.setLocationRelativeTo(None)
self.setVisible(True)
# Display the server greeting
self.appendText('\n'+self.greeting+'\n')
## Function responsible for receiving and processing new messages
def recvFunction(self):
'''A function to control the receiving of data from the connection
'''
# While the connection is available
while self.tn:
# Try to receive data using "<<<" as the delimiter
try:
message = self.tn.read_until('<<<')
# If a message is received
if message:
garb, message=message.split('>>>')
message, garb = message.split('<<<')
message = ('\n'+message+'\n')
# Call the append text function
self.appendText(message)
# Except if there is no data available
except:
#print('No message')
pass
## Event driven function to retrieve and send data to the server
def grabText(self, event):
'''Function to repeatedly grab new messages entered into the text
area and display them in the main text area. Resets the entry area
'''
# Grab the text from the text area
text=self.message.getText()
# Don't allow an empty string through
if text=='':
return
text=text.strip()
# Call the append text function
self.appendText('\nYou : '+text+'\n', self.username)
# Reset the text to be empty and grab focus so that it is ready for new text input
self.message.requestFocusInWindow()
self.message.setText('')
# Send the message to the server
data=text.encode()
self.tn.write(data+'\r\n')
## Function to handle appending of messages
def appendText(self, message, user=None):
'''This function takes care of appending any new messages to the content area
'''
message_label=JTextArea(message,2,3, font=self.label_2_font)
# If this is a message from the grab text function, create a new label, assign it's colours
if user!=None:
message_label.setBackground(Color(240,240,240))
message_label.setForeground(Color(129,129,129))
# Otherwise set the format for receive function (no user passed in)
else:
message_label.setBackground(Color(215,215,215))
message_label.setForeground(Color(40,153,153))
# Format and style options for the new message labels
message_label.setEditable(False)
message_label.setLineWrap(True)
message_label.setWrapStyleWord(True)
message_label.setBorder(BorderFactory.createLineBorder( Color(247,246,242),4))
# Sets the positioning of messages
self.main_content.setCaretPosition(self.main_content.getDocument().getLength())
doc = self.main_content.getStyledDocument()
attr=SimpleAttributeSet()
self.main_content.insertComponent(message_label)
# Essential for jtextarea to be able to stack message
doc.insertString( self.main_content.getDocument().getLength(),'\n ', attr)
# Not sure if needed
self.main_content.repaint()
### This is a late edit so it isn't included in the documentation. Basically trying to dynamically update the number
### of users label at runtime. Works for incrementing the value but not decrementing it.
print(message)
# Only split the message if there are enough values to split (greeting messages differ in format to chat messages)
try:
user, text=message.split(' : ')
except:
return
#print('Split values are %s %s'%(user, text))
user=str(user.strip())
#print(self.no_users)
#print(user+' : '+text)
# If the user already in the list, pass
if user in self.no_users:
if text == ('User %s amach sa teach !'%user):
self.no_users.remove(user)
print('User % removed'%user)
else:
#print('User %s not in list'%user)
if str(user) == 'You':
#print('User is equal to "You"')
return
self.no_users.append(user)
print('User appended')
self.number_users=len(self.no_users)
#print('Length of user list is '+str(self.number_users))
self.user_label2=JLabel(" Users online : %s "%str(len(self.no_users)),JLabel.RIGHT, font=self.label_2_font)
#print('Label created')
#print('Attempt to replace label')
self.client_layout.replace(self.user_label, self.user_label2)
self.user_label = self.user_label2
self.user_label.repaint()
self.user_label.revalidate()
print('Label updated')
## Function to control return button press in message field
def returnKeyPress(self,event):
'''This function creates an object for return key press when inside the message entry area,
creates an object of KeyAdapter and tests keycode for a match, responds with grab text callback
'''
key_object=Key()
key_value=key_object.keyPressed(event)
if key_value == 10:
self.grabText(event)
def initVulnerabilityTab(self):
#
## init vulnerability tab
#
nameLabel = JLabel("Vulnerability Name:")
nameLabel.setBounds(10, 10, 140, 30)
self.addButton = JButton("Add",actionPerformed=self.addVuln)
self.addButton.setBounds(10, 500, 100, 30)
rmVulnButton = JButton("Remove",actionPerformed=self.rmVuln)
rmVulnButton.setBounds(465, 500, 100, 30)
mitigationLabel = JLabel("Mitigation:")
mitigationLabel.setBounds(10, 290, 150, 30)
addSSBtn = JButton("Add SS",actionPerformed=self.addSS)
addSSBtn.setBounds(750, 40, 110, 30)
deleteSSBtn = JButton("Remove SS",actionPerformed=self.removeSS)
deleteSSBtn.setBounds(750, 75, 110, 30)
piclistLabel = JLabel("Images list:")
piclistLabel.setBounds(580, 10, 140, 30)
self.screenshotsList = DefaultListModel()
self.ssList = JList(self.screenshotsList)
self.ssList.setBounds(580, 40, 150, 250)
self.ssList.addListSelectionListener(ssChangedHandler(self))
self.ssList.setBorder(BorderFactory.createLineBorder(Color.GRAY))
previewPicLabel = JLabel("Selected image preview: (click to open in image viewer)")
previewPicLabel.setBounds(580, 290, 500, 30)
copyImgMenu = JMenuItem("Copy")
copyImgMenu.addActionListener(copyImg(self))
self.imgMenu = JPopupMenu("Popup")
self.imgMenu.add(copyImgMenu)
self.firstPic = JLabel()
self.firstPic.setBorder(BorderFactory.createLineBorder(Color.GRAY))
self.firstPic.setBounds(580, 320, 550, 400)
self.firstPic.addMouseListener(imageClicked(self))
self.vulnName = JTextField("")
self.vulnName.getDocument().addDocumentListener(vulnTextChanged(self))
self.vulnName.setBounds(140, 10, 422, 30)
sevirities = ["Unclassified", "Critical","High","Medium","Low"]
self.threatLevel = JComboBox(sevirities);
self.threatLevel.setBounds(140, 45, 140, 30)
colors = ["Color:", "Green", "Red"]
self.colorCombo = JComboBox(colors);
self.colorCombo.setBounds(465, 45, 100, 30)
self.colorCombo
severityLabel = JLabel("Threat Level:")
severityLabel.setBounds(10, 45, 100, 30)
descriptionLabel = JLabel("Description:")
descriptionLabel.setBounds(10, 80, 100, 30)
self.descriptionString = JTextArea("", 5, 30)
self.descriptionString.setWrapStyleWord(True);
self.descriptionString.setLineWrap(True)
self.descriptionString.setBounds(10, 110, 555, 175)
descriptionStringScroll = JScrollPane(self.descriptionString)
descriptionStringScroll.setBounds(10, 110, 555, 175)
descriptionStringScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
self.mitigationStr = JTextArea("", 5, 30)
self.mitigationStr.setWrapStyleWord(True);
self.mitigationStr.setLineWrap(True)
self.mitigationStr.setBounds(10, 320, 555, 175)
mitigationStrScroll = JScrollPane(self.mitigationStr)
mitigationStrScroll.setBounds(10, 320, 555, 175)
mitigationStrScroll.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED)
self.pnl = JPanel()
self.pnl.setBounds(0, 0, 1000, 1000);
self.pnl.setLayout(None);
self.pnl.add(addSSBtn)
self.pnl.add(piclistLabel)
self.pnl.add(nameLabel)
self.pnl.add(deleteSSBtn)
self.pnl.add(rmVulnButton)
self.pnl.add(severityLabel)
self.pnl.add(mitigationLabel)
self.pnl.add(descriptionLabel)
self.pnl.add(previewPicLabel)
self.pnl.add(mitigationStrScroll)
self.pnl.add(descriptionStringScroll)
self.pnl.add(self.ssList)
self.pnl.add(self.firstPic)
self.pnl.add(self.addButton)
self.pnl.add(self.vulnName)
self.pnl.add(self.threatLevel)
self.pnl.add(self.colorCombo)
def output(self, value):
eingabe = value.getString()
if eingabe == "Lexikon":
# Falls "Lexikon" an den Clienten übergeben wird, wird die GUI geöffnet,
# in der man deutsche Wörter eingeben kann, die einem dann auf Englisch
# vorgelesen werden.
def change_text(event):
text = feld.getText()
x = suche(text)
self.send(x)
frame.visible = False
frame = JFrame(
'Woerterbuch',
defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
size=(380, 350),
)
frame.setLayout(None)
frame.visible = True
hintergrund = ImageIcon("Hintergrund.jpg")
hintergrundlabel = JLabel(hintergrund)
frame.setContentPane(hintergrundlabel)
uebersetzerlabel = JLabel()
uebersetzerlabel.setForeground(Color(025, 025, 112))
uebersetzerlabel.setText(
"<html><font size=+1>Welches Wort soll ich uebersetzen?</font></html>"
)
uebersetzerlabel.setBounds(10, 20, 500, 50)
frame.add(uebersetzerlabel)
feld = JTextField()
feld.setText("")
feld.setBounds(20, 80, 300, 25)
frame.add(feld)
button = JButton('Uebersetzen',
actionPerformed=change_text,
size=(10, 20))
button.setBounds(20, 110, 300, 30)
frame.add(button)
if eingabe == "neue Lektion":
# Falls dem Clienten "neue Lektion" übergeben wird, öffnet er er die
# GUI für das Verwalten der Lektionen
frame = JFrame('Lektion erstellen',
defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
size=(1000, 1000))
frame.setLayout(None)
def auflisten_in(ort):
font = Font("Verdana", Font.BOLD, 15)
liste_mit_Lektionen = []
with open(pfad, "r") as f:
for line in f:
liste_mit_Lektionen.append(line.strip())
liste_mit_Lektionen.sort()
text = ""
for lektion in liste_mit_Lektionen:
text += lektion
text += "\n"
ort.setText(text)
ort.setFont(font)
frame.setLayout(None)
uebersichtLabel = JLabel()
def uebersetzen(event):
frage = feld_frage.getText()
x = suche(frage)
feld_frage.setText(x)
liste = []
with open(pfad, "r") as lektionen:
for lektion in lektionen:
if "nachgeschlagen" in lektion:
liste.append(lektion)
if liste:
name = liste[-1]
words = []
sql = "SELECT deutsch, englisch, symbol FROM " + name
zeile = stmt.executeQuery(sql)
while zeile.next():
d = zeile.getString("deutsch")
e = zeile.getString("englisch")
symb = zeile.getString("symbol")
words.append((d, e, symb))
if len(words) < 50:
sql = "INSERT INTO " + name + " (deutsch, englisch, symbol) VALUES(?,?,?);"
pstmt = conn.prepareStatement(sql)
pstmt.setString(1, frage)
pstmt.setString(2, x)
pstmt.setString(3, "X")
pstmt.executeUpdate()
else:
namensteile = name.split("_")
nummer = int(namensteile[1].strip()) + 1
name = "nachgeschlagen_" + str(nummer)
test = ""
with open(pfad, "r") as f:
for line in f:
test += line
if not name in test:
with open(pfad, "a") as f:
f.write(name + "\n")
sql = "CREATE TABLE " + name + " (deutsch text, englisch text, symbol text);"
stmt.execute(sql)
sql = "INSERT INTO " + name + " (deutsch, englisch, symbol) VALUES(?,?,?);"
pstmt = conn.prepareStatement(sql)
pstmt.setString(1, frage)
pstmt.setString(2, x)
pstmt.setString(3, "X")
pstmt.executeUpdate()
else:
name = "nachgeschlagen_1"
test = ""
with open(pfad, "r") as f:
for line in f:
test += line
if not name in test:
with open(pfad, "a") as f:
f.write(name + "\n")
sql = "CREATE TABLE " + name + " (deutsch text, englisch text, symbol text);"
stmt.execute(sql)
sql = "INSERT INTO " + name + " (deutsch, englisch, symbol) VALUES(?,?,?);"
pstmt = conn.prepareStatement(sql)
pstmt.setString(1, frage)
pstmt.setString(2, x)
pstmt.setString(3, "X")
pstmt.executeUpdate()
auflisten_in(uebersicht)
def delete(event):
name = feld.getText()
print name
print self.geladen
if name == self.geladen:
count = 0
while tabelle.getValueAt(count, 0) != None:
tabelle.setValueAt(None, count, 0)
tabelle.setValueAt(None, count, 1)
count += 1
stmt.execute("DROP TABLE " + name + ";")
lektionen = []
with open(pfad, "r") as f:
for line in f:
lektion = line.strip()
if not name == lektion:
lektionen.append(lektion)
with open(pfad, "w") as f:
for lektion in lektionen:
f.write(lektion + "\n")
auflisten_in(uebersicht)
def laden(event):
name = feld.getText()
self.geladen = name
sql = "SELECT deutsch, englisch FROM " + name
results = stmt.executeQuery(sql)
count = 0
while results.next():
d = results.getString("deutsch")
e = results.getString("englisch")
tabelle.setValueAt(d, count, 0)
tabelle.setValueAt(e, count, 1)
count += 1
while tabelle.getValueAt(count, 0) != None:
tabelle.setValueAt(None, count, 0)
tabelle.setValueAt(None, count, 1)
count += 1
def erstelle_Lektionstabelle(event):
reihen = []
for i in range(0, 50):
deutsch = tabelle.getValueAt(i, 0)
englisch = tabelle.getValueAt(i, 1)
if deutsch != None:
symbol = "X"
reihen.append([deutsch, englisch, symbol])
else:
break
z = 0
name = feld.getText()
sql = "CREATE TABLE " + name + " (deutsch text, englisch text, symbol text);"
try:
stmt.execute(sql)
except SQLError:
stmt.execute("DROP TABLE " + name + ";")
stmt.execute(sql)
for reihe in reihen:
print(reihe)
deutsch = reihe[0]
englisch = reihe[1]
symbol = reihe[2]
sql = "INSERT INTO " + name + " (deutsch, englisch, symbol) VALUES(?,?,?);"
pstmt = conn.prepareStatement(sql)
pstmt.setString(1, deutsch)
pstmt.setString(2, englisch)
pstmt.setString(3, symbol)
pstmt.executeUpdate()
test = ""
with open(pfad, "r") as f:
for line in f:
test += line
if not name in test:
with open(pfad, "a") as f:
f.write(name + "\n")
self.send(name)
frame.setVisible(False)
frame = JFrame('Vokabel Listen',
defaultCloseOperation=JFrame.EXIT_ON_CLOSE,
size=(1000, 1000))
frame.setLayout(None)
label_enter = JLabel()
label_enter.setText(
"<html><font size=+0.5 color = 000000>Bitte vor dem Speichern<br>die Entertaste bedienen</font></html>"
)
label_enter.setBounds(20, 720, 250, 50)
uebersichtLabel = JLabel()
uebersichtLabel.setText(
"<html><font size=+1 color=#191970>Bereits vorhandene Lektionen:</font></html>"
)
uebersichtLabel.setBounds(450, 230, 250, 50)
uebersicht = JTextArea()
uebersicht.editable = False
uebersicht_scroll = JScrollPane(uebersicht)
uebersicht_scroll.viewport.view = uebersicht
uebersicht_scroll.setBounds(450, 300, 250, 380)
auflisten_in(uebersicht)
button = JButton('Lektion speichern/Lektion reseten',
actionPerformed=erstelle_Lektionstabelle,
size=(10, 20))
button.setBounds(20, 700, 300, 30)
button_laden = JButton('vorhandene Lektion laden',
actionPerformed=laden,
size=(10, 20))
button_laden.setBounds(20, 110, 210, 30)
button_delete = JButton("Lektion entfernen",
actionPerformed=delete)
button_delete.setBounds(20, 140, 210, 30)
hintergrund = ImageIcon("Hintergrund.jpg")
pnl = JPanel()
hintergrundlabel = JLabel(hintergrund)
frame.setContentPane(hintergrundlabel)
lektionsnamensLabel = JLabel()
lektionsnamensLabel.setForeground(Color(025, 025, 112))
lektionsnamensLabel.setText(
"<html><font size=+1>Hier bitte Namen der Lektion eingeben<br>(Nur ein Wort lang)</font></html>"
)
lektionsnamensLabel.setBounds(10, 20, 500, 50)
frame.add(lektionsnamensLabel)
feld = JTextField()
feld.setText("")
feld.setBounds(20, 80, 210, 25)
frame.add(feld)
column_names = [
"<html><font size=+1 color=#191970><b>Deutsch</b></font></html>",
"<html><font size=+1 color=#191970><b>Englisch</b></font></html>"
]
table_model = DefaultTableModel(column_names, 50)
tabelle = JTable(table_model)
lektionsnamensLabel.setForeground(Color(025, 025, 112))
scrollbar = JScrollPane(tabelle)
scrollbar.viewport.view = tabelle
scrollbar.setVerticalScrollBarPolicy(
scrollbar.VERTICAL_SCROLLBAR_ALWAYS)
scrollbar.setVisible(True)
tabelle.setVisible(True)
scrollbar.setBounds(20, 190, 300, 490)
feld_frage = JTextField()
feld_frage.setText("")
feld_frage.setBounds(450, 30, 300, 50)
uebersetzerlabel = JLabel()
uebersetzerlabel.setForeground(Color(025, 025, 112))
uebersetzerlabel.setText(
"<html><font size=+1>Hier kannst Du ein deutsches Wort eintragen,<br>dass ich fuer Dich nachschlage</font></html>"
)
uebersetzerlabel.setBounds(450, 80, 500, 50)
button_uebersetzen = JButton('Uebersetzen',
actionPerformed=uebersetzen,
size=(10, 20))
button_uebersetzen.setBounds(450, 130, 300, 30)
frame.add(button_uebersetzen)
frame.add(uebersetzerlabel)
frame.add(feld_frage)
frame.add(feld)
frame.add(scrollbar)
frame.add(button)
frame.add(button_laden)
frame.setVisible(True)
frame.add(uebersicht_scroll)
frame.add(uebersichtLabel)
frame.add(button_delete)
frame.add(label_enter)
elif eingabe == "alle Lektionen auflisten":
# Hier erstellt der Client eine dynamische Grammatik
# mit den vorhandenen Lektionen, die man sich abfragen lassen kann
# und gibt diese wieder an DialogOS zurück.
# Außerdem wird der Feedback Frame geöffnet.
def auflisten_in2(ort):
font = Font("Verdana", Font.BOLD, 15)
liste_mit_Lektionen = []
with open(pfad, "r") as f:
for line in f:
liste_mit_Lektionen.append(line.strip())
liste_mit_Lektionen.sort()
text = ""
for lektion in liste_mit_Lektionen:
text += lektion
text += "\n"
ort.setText(text)
ort.setFont(font)
frame_feedback.setVisible(True)
auflisten_in2(uebersicht2)
grammatik = ""
grammatik = "root $NamevonLektion;\n"
grammatik += "$NamevonLektion = "
with open(pfad, "r") as f:
z = 0
for line in f:
if z == 0:
if not "_" in line:
grammatik += line
else:
zeile = line.split("_")
grammatik += zeile[0] + " "
grammatik += zeile[1].strip()
else:
if not "_" in line:
grammatik += "|" + line
else:
zeile = line.split("_")
grammatik += "|" + zeile[0] + " "
grammatik += zeile[1].strip()
if line != "\n":
z += 1
grammatik += ";"
self.send(grammatik)
elif "sende" in eingabe:
# DialogOS sagt dem Clienten, welche Lektion der User abgefragt
# werden möchte. Der Client ließt dann die entsprechende Lektion
# aus der Datenbank aus und gibt eine Liste mit 2 Listen zurück.
# In der ersten Liste befinden sich die deutschen Bedeutungen, der
# noch nicht gewussten Wörter, in der 2. Liste die englsichen Bedeutungen.
# Falls alle Wörter bereits gekonnt wurden, wird stattdessen eine entsprechende
# Anmerkung an DialogOS geschickt und DialogOS informiert den User darüber.
z = 0
if "nachgeschlagen" in eingabe:
bestandteile = eingabe.split()
name = bestandteile[1] + "_" + bestandteile[2]
else:
name = eingabe.split()[1]
sql = "SELECT deutsch, englisch, symbol FROM " + name
vokabelliste = stmt.executeQuery(sql)
deutsch = []
englisch = []
symbol = []
while (vokabelliste.next()):
deutsch.append(vokabelliste.getString("deutsch"))
englisch.append(vokabelliste.getString("englisch"))
symbol.append(vokabelliste.getString("symbol"))
indices = range(0, len(deutsch))
random.shuffle(indices)
vokabeln = [[], []]
for index in indices:
d = deutsch[index]
e = englisch[index]
s = symbol[index]
if s == "X":
vokabeln[0].append(d)
vokabeln[1].append(e)
if vokabeln[0]:
self.send(vokabeln)
else:
self.send([
"Du kannst diese Lektion schon komplett. Wenn Du sie wieder abgefragt werden willst, resete sie bitte unter Wokabeln verwalten."
])
else:
# Dieser Teil des Codes wird während der Abfrage ausgeführt.
# Nach jeder neuen Vokabel wird dann in ein Feld im Feedback
# Frame die deutsche, die englische Vokabel und ein Symbol angezeigt,
# welches einen darüber informiert, ob man die Vokabel wusste, oder nicht.
# (O für gewusst und X für nicht gewusst)
nametext = eingabe.split(":")
name = nametext[0]
text = nametext[1]
feld_feedback.setText(text)
zeilen = text.split("\n")
symb = zeilen[-2].split("\t")[-1]
d = zeilen[-2].split("\t")[-3]
print d
sql = "UPDATE " + name + " SET symbol = ? WHERE deutsch = ?"
pstmt = conn.prepareStatement(sql)
pstmt.setString(1, symb)
pstmt.setString(2, d)
pstmt.executeUpdate()
class JythonGui(object):
def __init__(self, instructionsURI=""):
self.instructionsURI = instructionsURI
self.logger = logging.getLogger("sasi_gridder_gui")
self.logger.addHandler(logging.StreamHandler())
def log_fn(msg):
self.log_msg(msg)
self.logger.addHandler(FnLogHandler(log_fn))
self.logger.setLevel(logging.DEBUG)
self.selected_input_file = None
self.selected_output_file = None
self.frame = JFrame("SASI Gridder", defaultCloseOperation=WindowConstants.EXIT_ON_CLOSE)
self.frame.size = (650, 600)
self.main_panel = JPanel()
self.main_panel.layout = BoxLayout(self.main_panel, BoxLayout.Y_AXIS)
self.frame.add(self.main_panel)
self.top_panel = JPanel(SpringLayout())
self.top_panel.alignmentX = Component.CENTER_ALIGNMENT
self.main_panel.add(self.top_panel)
self.stageCounter = 1
def getStageLabel(txt):
label = JLabel("%s. %s" % (self.stageCounter, txt))
self.stageCounter += 1
return label
# Instructions link.
self.top_panel.add(getStageLabel("Read the instructions:"))
instructionsButton = JButton(
('<HTML><FONT color="#000099">' "<U>open instructions</U></FONT><HTML>"),
actionPerformed=self.browseInstructions,
)
instructionsButton.setHorizontalAlignment(SwingConstants.LEFT)
instructionsButton.setBorderPainted(False)
instructionsButton.setOpaque(False)
instructionsButton.setBackground(Color.WHITE)
instructionsButton.setToolTipText(self.instructionsURI)
self.top_panel.add(instructionsButton)
# Select input elements.
self.top_panel.add(getStageLabel("Select an input data folder:"))
self.top_panel.add(JButton("Select input...", actionPerformed=self.openInputChooser))
# Select output elements.
self.top_panel.add(getStageLabel("Specify an output file:"))
self.top_panel.add(JButton("Specify output...", actionPerformed=self.openOutputChooser))
# Run elements.
self.top_panel.add(getStageLabel("Run SASI Gridder: (this might take a hwile"))
self.run_button = JButton("Run...", actionPerformed=self.runSASIGridder)
self.top_panel.add(self.run_button)
SpringUtilities.makeCompactGrid(self.top_panel, self.stageCounter - 1, 2, 6, 6, 6, 6)
# Progress bar.
self.progressBar = JProgressBar(0, 100)
self.main_panel.add(self.progressBar)
# Log panel.
self.log_panel = JPanel()
self.log_panel.alignmentX = Component.CENTER_ALIGNMENT
self.log_panel.setBorder(EmptyBorder(10, 10, 10, 10))
self.main_panel.add(self.log_panel)
self.log_panel.setLayout(BorderLayout())
self.log = JTextArea()
self.log.editable = False
self.logScrollPane = JScrollPane(self.log)
self.logScrollPane.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_ALWAYS)
self.log_panel.add(self.logScrollPane, BorderLayout.CENTER)
# File selectors
self.inputChooser = JFileChooser()
self.inputChooser.fileSelectionMode = JFileChooser.FILES_AND_DIRECTORIES
self.outputChooser = JFileChooser()
self.outputChooser.fileSelectionMode = JFileChooser.FILES_ONLY
defaultOutputFile = os.path.join(System.getProperty("user.home"), "gridded_efforts.csv")
self.outputChooser.setSelectedFile(File(defaultOutputFile))
self.frame.setLocationRelativeTo(None)
self.frame.visible = True
def browseInstructions(self, event):
""" Open a browser to the instructions page. """
browseURI(self.instructionsURI)
return
def log_msg(self, msg):
self.log.append(msg + "\n")
self.log.setCaretPosition(self.log.getDocument().getLength())
def openInputChooser(self, event):
ret = self.inputChooser.showOpenDialog(self.frame)
if ret == JFileChooser.APPROVE_OPTION:
self.selected_input_file = self.inputChooser.selectedFile
self.log_msg("Selected '%s' as input." % self.selected_input_file.path)
def openOutputChooser(self, event):
ret = self.outputChooser.showSaveDialog(self.frame)
if ret == JFileChooser.APPROVE_OPTION:
self.selected_output_file = self.outputChooser.selectedFile
self.log_msg("Selected '%s' as output." % self.selected_output_file.path)
def runSASIGridder(self, event):
try:
self.validateParameters()
except Exception as e:
self.log_msg("ERROR: '%s'" % e)
# Run task in a separate thread, so that log
# messages will be shown as task progresses.
def run_task():
self.progressBar.setValue(0)
self.progressBar.setIndeterminate(True)
try:
input_dir = self.selected_input_file.path
output_path = self.selected_output_file.path
grid_path = os.path.join(input_dir, "grid", "grid.shp")
stat_areas_path = os.path.join(input_dir, "stat_areas", "stat_areas.shp")
raw_efforts_path = os.path.join(input_dir, "raw_efforts.csv")
gear_mappings_path = os.path.join(input_dir, "gear_mappings.csv")
gear_mappings = {}
with open(gear_mappings_path, "rb") as f:
r = csv.DictReader(f)
for mapping in r:
gear_mappings[mapping["trip_type"]] = mapping["gear_code"]
task = SASIGridderTask(
grid_path=grid_path,
raw_efforts_path=raw_efforts_path,
stat_areas_path=stat_areas_path,
output_path=output_path,
logger=self.logger,
gear_mappings=gear_mappings,
effort_limit=None,
)
task.call()
except Exception as e:
self.logger.exception("Could not complete task")
self.progressBar.setIndeterminate(False)
self.progressBar.setValue(100)
Thread(target=run_task).start()
def validateParameters(self):
return True
def registerExtenderCallbacks(self, callbacks):
# smart xss feature (print conclusion and observation)
# mark resulsts
# add automatic check pages in the same domain
self.tagPayloads = [
"<b>test", "<b onmouseover=test()>test",
"<img src=err onerror=test()>", "<script>test</script>"
"", "<scr ipt>test</scr ipt>", "<SCRIPT>test;</SCRIPT>",
"<scri<script>pt>test;</scr</script>ipt>",
"<SCRI<script>PT>test;</SCR</script>IPT>",
"<scri<scr<script>ipt>pt>test;</scr</sc</script>ript>ipt>",
"<IMG \"\"\"><SCRIPT>test</SCRIPT>\">",
"<IMG '''><SCRIPT>test</SCRIPT>'>", "<SCR%00IPT>test</SCR%00IPT>",
"<IFRAME SRC='f' onerror=\"test\"></IFRAME>",
"<IFRAME SRC='f' onerror='test'></IFRAME>",
"<<SCRIPT>test//<</SCRIPT>", "<img src=\"1\" onerror=\"test\">",
"<img src='1' onerror='test'",
"<STYLE TYPE=\"text/javascript\">test;</STYLE>",
"<<SCRIPT>test//<</SCRIPT>"
]
self.attributePayloads = [
"\"\"\"><SCRIPT>test", "'''><SCRIPT>test'",
"\"><script>test</script>", "\"><script>test</script><\"",
"'><script>test</script>", "'><script>test</script><'",
"\";test;\"", "';test;'", ";test;", "\";test;//",
"\"onmouseover=test ", "onerror=\"test\"", "onerror='test'",
"onload=\"test\"", "onload='test'"
]
self.xssKey = 'xssme'
# keep a reference to our callbacks object
self._callbacks = callbacks
# obtain an extension helpers object
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName("XSSor")
self.affectedResponses = ArrayList()
self._log = ArrayList()
self._lock = Lock()
# main split pane
self._splitpane = JSplitPane(JSplitPane.HORIZONTAL_SPLIT)
# table of log entries
logTable = Table(self)
scrollPane = JScrollPane(logTable)
self._splitpane.setLeftComponent(scrollPane)
# tabs with request/response viewers
tabs = JTabbedPane()
self._requestViewer = callbacks.createMessageEditor(self, False)
self._responseViewer = callbacks.createMessageEditor(self, False)
tabs.addTab("Request", self._requestViewer.getComponent())
tabs.addTab("Response", self._responseViewer.getComponent())
clearAPListBtn = JButton("Clear List",
actionPerformed=self.clearAPList)
clearAPListBtn.setBounds(10, 85, 120, 30)
apListLabel = JLabel('Affected Pages List:')
apListLabel.setBounds(10, 10, 140, 30)
self.affectedModel = DefaultListModel()
self.affectedList = JList(self.affectedModel)
self.affectedList.addListSelectionListener(listSelectedChange(self))
scrollAList = JScrollPane(self.affectedList)
scrollAList.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollAList.setBounds(150, 10, 550, 200)
scrollAList.setBorder(LineBorder(Color.BLACK))
APtabs = JTabbedPane()
self._requestAPViewer = callbacks.createMessageEditor(self, False)
self._responseAPViewer = callbacks.createMessageEditor(self, False)
APtabs.addTab("Request", self._requestAPViewer.getComponent())
APtabs.addTab("Affeced Page Response",
self._responseAPViewer.getComponent())
APtabs.setBounds(0, 250, 700, 350)
APtabs.setSelectedIndex(1)
self.APpnl = JPanel()
self.APpnl.setBounds(0, 0, 1000, 1000)
self.APpnl.setLayout(None)
self.APpnl.add(scrollAList)
self.APpnl.add(clearAPListBtn)
self.APpnl.add(APtabs)
self.APpnl.add(apListLabel)
tabs.addTab("Affected Pages", self.APpnl)
self.intercept = 0
## init conf panel
startLabel = JLabel("Plugin status:")
startLabel.setBounds(10, 10, 140, 30)
payloadLabel = JLabel("Basic Payload:")
payloadLabel.setBounds(10, 50, 140, 30)
self.basicPayload = "<script>alert(1)</script>"
self.basicPayloadTxt = JTextArea(self.basicPayload, 5, 30)
self.basicPayloadTxt.setBounds(120, 50, 305, 30)
self.bruteForceMode = JCheckBox("Brute Force Mode")
self.bruteForceMode.setBounds(120, 80, 300, 30)
self.bruteForceMode.addItemListener(handleBFModeChange(self))
self.tagPayloadsCheck = JCheckBox("Tag paylods")
self.tagPayloadsCheck.setBounds(120, 100, 300, 30)
self.tagPayloadsCheck.setSelected(True)
self.tagPayloadsCheck.setEnabled(False)
self.tagPayloadsCheck.addItemListener(handleBFModeList(self))
self.attributePayloadsCheck = JCheckBox("Attribute payloads")
self.attributePayloadsCheck.setBounds(260, 100, 300, 30)
self.attributePayloadsCheck.setSelected(True)
self.attributePayloadsCheck.setEnabled(False)
self.attributePayloadsCheck.addItemListener(handleBFModeList(self))
payloadListLabel = JLabel("Payloads list (for BF mode):")
payloadListLabel.setBounds(10, 130, 140, 30)
self.payloadsModel = DefaultListModel()
self.payloadsList = JList(self.payloadsModel)
scrollPayloadsList = JScrollPane(self.payloadsList)
scrollPayloadsList.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollPayloadsList.setBounds(120, 170, 300, 200)
scrollPayloadsList.setBorder(LineBorder(
Color.BLACK)) # add buttons to remove payloads and add
for payload in self.tagPayloads:
self.payloadsModel.addElement(payload)
for payload in self.attributePayloads:
self.payloadsModel.addElement(payload)
self.startButton = JButton("XSSor is off",
actionPerformed=self.startOrStop)
self.startButton.setBounds(120, 10, 120, 30)
self.startButton.setBackground(Color(255, 100, 91, 255))
consoleTab = JTabbedPane()
self.consoleLog = JTextArea("", 5, 30)
scrollLog = JScrollPane(self.consoleLog)
scrollLog.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollLog.setBounds(120, 170, 550, 200)
scrollLog.setBorder(LineBorder(Color.BLACK))
scrollLog.getVerticalScrollBar().addAdjustmentListener(
autoScrollListener(self))
consoleTab.addTab("Console", scrollLog)
consoleTab.setBounds(0, 400, 500, 200)
self.pnl = JPanel()
self.pnl.setBounds(0, 0, 1000, 1000)
self.pnl.setLayout(None)
self.pnl.add(self.startButton)
self.pnl.add(startLabel)
self.pnl.add(payloadLabel)
self.pnl.add(self.basicPayloadTxt)
self.pnl.add(self.bruteForceMode)
self.pnl.add(payloadListLabel)
self.pnl.add(scrollPayloadsList)
self.pnl.add(self.attributePayloadsCheck)
self.pnl.add(self.tagPayloadsCheck)
self.pnl.add(consoleTab)
tabs.addTab("Configuration", self.pnl)
tabs.setSelectedIndex(3)
self._splitpane.setRightComponent(tabs)
# customize our UI components
callbacks.customizeUiComponent(self._splitpane)
callbacks.customizeUiComponent(logTable)
callbacks.customizeUiComponent(scrollPane)
callbacks.customizeUiComponent(tabs)
# add the custom tab to Burp's UI
callbacks.addSuiteTab(self)
# register ourselves as an HTTP listener
callbacks.registerHttpListener(self)
self._callbacks.registerContextMenuFactory(self)
print "Thank you for installing XSSor v0.1 extension"
print "Created by Barak Tawily"
print "\nGithub:\nhttps://github.com/Quitten/XSSor"
return
def draw_unauthenticated(self):
""" init enforcement detector tab
"""
EDLType = JLabel("Type:")
EDLType.setBounds(10, 10, 140, 30)
EDLContent = JLabel("Content:")
EDLContent.setBounds(10, 50, 140, 30)
EDLabelList = JLabel("Filter List:")
EDLabelList.setBounds(10, 165, 140, 30)
EDStrings = [
"Headers (simple string): (enforced message headers contains)",
"Headers (regex): (enforced message headers contains)",
"Body (simple string): (enforced message body contains)",
"Body (regex): (enforced message body contains)",
"Full response (simple string): (enforced message contains)",
"Full response (regex): (enforced message contains)",
"Full response length: (of enforced response)",
"Status code equals: (numbers only)"
]
self._extender.EDTypeUnauth = JComboBox(EDStrings)
self._extender.EDTypeUnauth.setBounds(80, 10, 430, 30)
self._extender.EDTextUnauth = JTextArea("", 5, 30)
scrollEDTextUnauth = JScrollPane(self._extender.EDTextUnauth)
scrollEDTextUnauth.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollEDTextUnauth.setBounds(80, 50, 300, 110)
self._extender.EDModelUnauth = DefaultListModel()
self._extender.EDListUnauth = JList(self._extender.EDModelUnauth)
scrollEDListUnauth = JScrollPane(self._extender.EDListUnauth)
scrollEDListUnauth.setVerticalScrollBarPolicy(
JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED)
scrollEDListUnauth.setBounds(80, 175, 300, 110)
scrollEDListUnauth.setBorder(LineBorder(Color.BLACK))
self._extender.EDAddUnauth = JButton(
"Add filter", actionPerformed=self.addEDFilterUnauth)
self._extender.EDAddUnauth.setBounds(390, 85, 120, 30)
self._extender.EDDelUnauth = JButton(
"Remove filter", actionPerformed=self.delEDFilterUnauth)
self._extender.EDDelUnauth.setBounds(390, 210, 120, 30)
self._extender.EDModUnauth = JButton(
"Modify filter", actionPerformed=self.modEDFilterUnauth)
self._extender.EDModUnauth.setBounds(390, 250, 120, 30)
AndOrStrings = ["And", "Or"]
self._extender.AndOrTypeUnauth = JComboBox(AndOrStrings)
self._extender.AndOrTypeUnauth.setBounds(390, 170, 120, 30)
self._extender.EDPnlUnauth = JPanel()
self._extender.EDPnlUnauth.setLayout(None)
self._extender.EDPnlUnauth.setBounds(0, 0, 1000, 1000)
self._extender.EDPnlUnauth.add(EDLType)
self._extender.EDPnlUnauth.add(self._extender.EDTypeUnauth)
self._extender.EDPnlUnauth.add(EDLContent)
self._extender.EDPnlUnauth.add(scrollEDTextUnauth)
self._extender.EDPnlUnauth.add(self._extender.EDAddUnauth)
self._extender.EDPnlUnauth.add(self._extender.AndOrTypeUnauth)
self._extender.EDPnlUnauth.add(self._extender.EDDelUnauth)
self._extender.EDPnlUnauth.add(self._extender.EDModUnauth)
self._extender.EDPnlUnauth.add(EDLabelList)
self._extender.EDPnlUnauth.add(scrollEDListUnauth)
