buby 1.3.0-java → 1.3.1-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/VERSION +1 -1
  2. data/buby.gemspec +8 -9
  3. data/java/buby.jar +0 -0
  4. data/java/src/burp/IBurpExtenderCallbacks.java +23 -0
  5. data/java/src/burp/IHttpRequestResponse.java +15 -0
  6. data/lib/buby.rb +12 -3
  7. metadata +58 -49
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.3.0
1
+ 1.3.1
data/buby.gemspec CHANGED
@@ -5,16 +5,15 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{buby}
8
- s.version = "1.3.0"
8
+ s.version = "1.3.1"
9
9
  s.platform = %q{java}
10
10
 
11
11
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
12
- s.authors = ["Eric Monti, tduehr"]
13
- s.date = %q{2011-06-14}
14
- s.default_executable = %q{buby}
12
+ s.authors = [%q{Eric Monti, tduehr}]
13
+ s.date = %q{2011-12-05}
15
14
  s.description = %q{Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.}
16
15
  s.email = %q{emonti@matasano.com, td@matasano.com}
17
- s.executables = ["buby"]
16
+ s.executables = [%q{buby}]
18
17
  s.extra_rdoc_files = [
19
18
  "History.txt",
20
19
  "README.rdoc",
@@ -50,11 +49,11 @@ Gem::Specification.new do |s|
50
49
  "test/buby_test.rb"
51
50
  ]
52
51
  s.homepage = %q{http://tduehr.github.com/buby}
53
- s.rdoc_options = ["--main", "README.rdoc"]
54
- s.require_paths = ["lib", "java", "java"]
55
- s.rubygems_version = %q{1.5.1}
52
+ s.rdoc_options = [%q{--main}, %q{README.rdoc}]
53
+ s.require_paths = [%q{lib}, %q{java}, %q{java}]
54
+ s.rubygems_version = %q{1.8.6}
56
55
  s.summary = %q{Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger}
57
- s.test_files = ["test/buby_test.rb"]
56
+ s.test_files = [%q{test/buby_test.rb}]
58
57
 
59
58
  if s.respond_to? :specification_version then
60
59
  s.specification_version = 3
data/java/buby.jar CHANGED
Binary file
data/java/src/burp/IBurpExtenderCallbacks.java CHANGED
@@ -84,6 +84,29 @@ public interface IBurpExtenderCallbacks
84
84
  boolean useHttps,
85
85
  byte[] request) throws Exception;
86
86
 
87
+
88
+ /**
89
+ * This method can be used to send an HTTP request to the Burp Intruder
90
+ * tool. The request will be displayed in the user interface, and markers
91
+ * for attack payloads will be placed into the specified locations within
92
+ * the request.
93
+ *
94
+ * @param host The hostname of the remote HTTP server.
95
+ * @param port The port of the remote HTTP server.
96
+ * @param useHttps Flags whether the protocol is HTTPS or HTTP.
97
+ * @param request The full HTTP request.
98
+ * @param payloadPositionOffsets A list of index pairs representing the
99
+ * payload positions to be used. Each item in the list must be an int[2]
100
+ * array containing the start and end offset for the payload position.
101
+ * @throws java.lang.Exception
102
+ */
103
+ public void sendToIntruder(
104
+ String host,
105
+ int port,
106
+ boolean useHttps,
107
+ byte[] request,
108
+ List payloadPositionOffsets) throws Exception;
109
+
87
110
  /**
88
111
  * This method can be used to send a seed URL to the Burp Spider tool. If
89
112
  * the URL is not within the current Spider scope, the user will be asked
data/java/src/burp/IHttpRequestResponse.java CHANGED
@@ -138,4 +138,19 @@ public interface IHttpRequestResponse
138
138
  */
139
139
  void setComment(String comment) throws Exception;
140
140
 
141
+ /**
142
+ * Returns the user-annotated highlight for this item, if applicable.
143
+ *
144
+ * @return The highlight color for this item, or null if none is set.
145
+ */
146
+ String getHighlight() throws Exception;
147
+
148
+ /**
149
+ * Sets the user-annotated highlight for this item.
150
+ *
151
+ * @param color The highlight color to be assigned to this item. Accepted
152
+ * values are: red, orange, yellow, green, cyan, blue, pink, magenta, gray.
153
+ * @throws Exception
154
+ */
155
+ void setHighlight(String color) throws Exception;
141
156
  }
data/lib/buby.rb CHANGED
@@ -127,7 +127,7 @@ class Buby
127
127
  # * port = The port of the remote HTTP server.
128
128
  # * https = Flags whether the protocol is HTTPS or HTTP.
129
129
  # * req = The full HTTP request. (String or Java bytes[])
130
- # * insertionPointOffsets = A list of index pairs representing the
130
+ # * ip_off = A list of index pairs representing the
131
131
  # * positions of the insertion points that should be scanned. Each item in
132
132
  # * the list must be an int[2] array containing the start and end offsets
133
133
  # * for the insertion point. *1.4+* only
@@ -210,9 +210,18 @@ class Buby
210
210
  # * port = The port of the remote HTTP server.
211
211
  # * https = Flags whether the protocol is HTTPS or HTTP.
212
212
  # * req = The full HTTP request. (String or Java bytes[])
213
- def sendToIntruder(host, port, https, req)
213
+ # * ip_off = A list of index pairs representing the
214
+ # * positions of the insertion points that should be scanned. Each item in
215
+ # * the list must be an int[2] array containing the start and end offsets
216
+ # * for the insertion point. *1.4.04+* only
217
+ # *
218
+ def sendToIntruder(host, port, https, req, ip_off)
214
219
  req = req.to_java_bytes if req.is_a? String
215
- _check_cb.sendToIntruder(host, port, https, req)
220
+ if self.getBurpVersion.to_a[1..-1].join(".") < "1.4.04"
221
+ _check_cb.sendToIntruder(host, port, https, req)
222
+ else
223
+ _check_cb.sendToIntruder(host, port, https, req, ip_off)
224
+ end
216
225
  end
217
226
  alias send_to_intruder sendToIntruder
218
227
  alias intruder sendToIntruder
metadata CHANGED
@@ -1,87 +1,96 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: buby
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 25
4
5
  prerelease:
5
- version: 1.3.0
6
+ segments:
7
+ - 1
8
+ - 3
9
+ - 1
10
+ version: 1.3.1
6
11
  platform: java
7
12
  authors:
8
- - Eric Monti, tduehr
13
+ - Eric Monti, tduehr
9
14
  autorequire:
10
15
  bindir: bin
11
16
  cert_chain: []
12
17
 
13
- date: 2011-06-14 00:00:00 -05:00
14
- default_executable: buby
18
+ date: 2011-12-05 00:00:00 Z
15
19
  dependencies: []
16
20
 
17
21
  description: Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.
18
22
  email: emonti@matasano.com, td@matasano.com
19
23
  executables:
20
- - buby
24
+ - buby
21
25
  extensions: []
22
26
 
23
27
  extra_rdoc_files:
24
- - History.txt
25
- - README.rdoc
26
- - bin/buby
28
+ - History.txt
29
+ - README.rdoc
30
+ - bin/buby
27
31
  files:
28
- - History.txt
29
- - README.rdoc
30
- - Rakefile
31
- - VERSION
32
- - bin/buby
33
- - buby.gemspec
34
- - java/buby.jar
35
- - java/src/BurpExtender.java
36
- - java/src/burp/IBurpExtender.java
37
- - java/src/burp/IBurpExtenderCallbacks.java
38
- - java/src/burp/IHttpRequestResponse.java
39
- - java/src/burp/IMenuItemHandler.java
40
- - java/src/burp/IScanIssue.java
41
- - java/src/burp/IScanQueueItem.java
42
- - lib/buby.rb
43
- - lib/buby/extends.rb
44
- - lib/buby/extends/buby_array_wrapper.rb
45
- - lib/buby/extends/http_request_response.rb
46
- - lib/buby/extends/scan_issue.rb
47
- - samples/drb_buby.rb
48
- - samples/drb_sample_cli.rb
49
- - samples/mechanize_burp.rb
50
- - samples/menu_copy_req.rb
51
- - samples/poc_generator.rb
52
- - samples/verb_tamperer.rb
53
- - samples/watch_scan.rb
54
- - test/buby_test.rb
55
- has_rdoc: true
32
+ - History.txt
33
+ - README.rdoc
34
+ - Rakefile
35
+ - VERSION
36
+ - bin/buby
37
+ - buby.gemspec
38
+ - java/buby.jar
39
+ - java/src/BurpExtender.java
40
+ - java/src/burp/IBurpExtender.java
41
+ - java/src/burp/IBurpExtenderCallbacks.java
42
+ - java/src/burp/IHttpRequestResponse.java
43
+ - java/src/burp/IMenuItemHandler.java
44
+ - java/src/burp/IScanIssue.java
45
+ - java/src/burp/IScanQueueItem.java
46
+ - lib/buby.rb
47
+ - lib/buby/extends.rb
48
+ - lib/buby/extends/buby_array_wrapper.rb
49
+ - lib/buby/extends/http_request_response.rb
50
+ - lib/buby/extends/scan_issue.rb
51
+ - samples/drb_buby.rb
52
+ - samples/drb_sample_cli.rb
53
+ - samples/mechanize_burp.rb
54
+ - samples/menu_copy_req.rb
55
+ - samples/poc_generator.rb
56
+ - samples/verb_tamperer.rb
57
+ - samples/watch_scan.rb
58
+ - test/buby_test.rb
56
59
  homepage: http://tduehr.github.com/buby
57
60
  licenses: []
58
61
 
59
62
  post_install_message:
60
63
  rdoc_options:
61
- - --main
62
- - README.rdoc
64
+ - --main
65
+ - README.rdoc
63
66
  require_paths:
64
- - lib
65
- - java
66
- - java
67
+ - lib
68
+ - java
69
+ - java
67
70
  required_ruby_version: !ruby/object:Gem::Requirement
68
71
  none: false
69
72
  requirements:
70
- - - ">="
71
- - !ruby/object:Gem::Version
72
- version: "0"
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ hash: 3
76
+ segments:
77
+ - 0
78
+ version: "0"
73
79
  required_rubygems_version: !ruby/object:Gem::Requirement
74
80
  none: false
75
81
  requirements:
76
- - - ">="
77
- - !ruby/object:Gem::Version
78
- version: "0"
82
+ - - ">="
83
+ - !ruby/object:Gem::Version
84
+ hash: 3
85
+ segments:
86
+ - 0
87
+ version: "0"
79
88
  requirements: []
80
89
 
81
90
  rubyforge_project:
82
- rubygems_version: 1.5.1
91
+ rubygems_version: 1.8.6
83
92
  signing_key:
84
93
  specification_version: 3
85
94
  summary: Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger
86
95
  test_files:
87
- - test/buby_test.rb
96
+ - test/buby_test.rb