buby 1.3.3-java → 1.5.0-java
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +28 -14
- data/Rakefile +96 -6
- data/VERSION.yml +5 -0
- data/bin/buby +2 -0
- data/buby.gemspec +102 -17
- data/{java/src → ext/buby/burp}/BurpExtender.java +189 -29
- data/ext/burp_interfaces/burp/IBurpExtender.java +31 -0
- data/ext/burp_interfaces/burp/IBurpExtenderCallbacks.java +785 -0
- data/ext/burp_interfaces/burp/IContextMenuFactory.java +38 -0
- data/ext/burp_interfaces/burp/IContextMenuInvocation.java +156 -0
- data/ext/burp_interfaces/burp/ICookie.java +53 -0
- data/ext/burp_interfaces/burp/IExtensionHelpers.java +352 -0
- data/ext/burp_interfaces/burp/IExtensionStateListener.java +27 -0
- data/ext/burp_interfaces/burp/IHttpListener.java +37 -0
- data/ext/burp_interfaces/burp/IHttpRequestResponse.java +102 -0
- data/ext/burp_interfaces/burp/IHttpRequestResponsePersisted.java +26 -0
- data/ext/burp_interfaces/burp/IHttpRequestResponseWithMarkers.java +44 -0
- data/ext/burp_interfaces/burp/IHttpService.java +39 -0
- data/ext/burp_interfaces/burp/IInterceptedProxyMessage.java +116 -0
- data/ext/burp_interfaces/burp/IIntruderAttack.java +31 -0
- data/ext/burp_interfaces/burp/IIntruderPayloadGenerator.java +50 -0
- data/ext/burp_interfaces/burp/IIntruderPayloadGeneratorFactory.java +40 -0
- data/ext/burp_interfaces/burp/IIntruderPayloadProcessor.java +45 -0
- data/{java/src → ext/burp_interfaces}/burp/IMenuItemHandler.java +36 -40
- data/ext/burp_interfaces/burp/IMessageEditor.java +64 -0
- data/ext/burp_interfaces/burp/IMessageEditorController.java +49 -0
- data/ext/burp_interfaces/burp/IMessageEditorTab.java +102 -0
- data/ext/burp_interfaces/burp/IMessageEditorTabFactory.java +38 -0
- data/ext/burp_interfaces/burp/IParameter.java +104 -0
- data/ext/burp_interfaces/burp/IProxyListener.java +37 -0
- data/ext/burp_interfaces/burp/IRequestInfo.java +95 -0
- data/ext/burp_interfaces/burp/IResponseInfo.java +54 -0
- data/ext/burp_interfaces/burp/IScanIssue.java +120 -0
- data/ext/burp_interfaces/burp/IScanQueueItem.java +80 -0
- data/ext/burp_interfaces/burp/IScannerCheck.java +89 -0
- data/ext/burp_interfaces/burp/IScannerInsertionPoint.java +156 -0
- data/ext/burp_interfaces/burp/IScannerInsertionPointProvider.java +38 -0
- data/ext/burp_interfaces/burp/IScannerListener.java +30 -0
- data/ext/burp_interfaces/burp/IScopeChangeListener.java +25 -0
- data/ext/burp_interfaces/burp/ISessionHandlingAction.java +51 -0
- data/ext/burp_interfaces/burp/ITab.java +38 -0
- data/ext/burp_interfaces/burp/ITempFile.java +33 -0
- data/ext/burp_interfaces/burp/ITextEditor.java +90 -0
- data/lib/buby/burp_extender/console_frame.rb +33 -0
- data/lib/buby/burp_extender/console_pane.rb +26 -0
- data/lib/buby/burp_extender/console_tab.rb +15 -0
- data/lib/buby/burp_extender/context_menu.rb +29 -0
- data/lib/buby/burp_extender/context_menu_factory.rb +17 -0
- data/lib/buby/burp_extender/context_menu_item.rb +13 -0
- data/lib/buby/burp_extender/jcheck_box_menu_item.rb +12 -0
- data/lib/buby/burp_extender/jmenu.rb +11 -0
- data/lib/buby/burp_extender/jmenu_item.rb +12 -0
- data/lib/buby/burp_extender/menu.rb +11 -0
- data/lib/buby/burp_extender/menu_item.rb +12 -0
- data/lib/buby/burp_extender.rb +339 -0
- data/lib/buby/context_menu_factory.rb +35 -0
- data/lib/buby/cookie.rb +37 -0
- data/lib/buby/extender.rb +156 -0
- data/lib/buby/http_listener.rb +29 -0
- data/lib/buby/{extends → implants}/buby_array_wrapper.rb +0 -0
- data/lib/buby/implants/context_menu_invocation.rb +113 -0
- data/lib/buby/implants/cookie.rb +47 -0
- data/lib/buby/implants/extension_helpers.rb +286 -0
- data/lib/buby/{extends → implants}/http_request_response.rb +8 -1
- data/lib/buby/implants/intercepted_proxy_message.rb +53 -0
- data/lib/buby/implants/intruder_attack.rb +42 -0
- data/lib/buby/implants/jruby.rb +64 -0
- data/lib/buby/implants/message_editor.rb +70 -0
- data/lib/buby/implants/message_editor_controller.rb +60 -0
- data/lib/buby/implants/parameter.rb +84 -0
- data/lib/buby/implants/request_info.rb +47 -0
- data/lib/buby/implants/response_info.rb +44 -0
- data/lib/buby/{extends → implants}/scan_issue.rb +1 -2
- data/lib/buby/implants/scan_queue_item.rb +53 -0
- data/lib/buby/implants/scanner_insertion_point.rb +92 -0
- data/lib/buby/implants/temp_file.rb +43 -0
- data/lib/buby/implants/text_editor.rb +63 -0
- data/lib/buby/implants.rb +28 -0
- data/lib/buby/intruder_payload_generator.rb +60 -0
- data/lib/buby/intruder_payload_generator_factory.rb +32 -0
- data/lib/buby/intruder_payload_processor.rb +38 -0
- data/lib/buby/message_editor_controller.rb +41 -0
- data/lib/buby/message_editor_tab.rb +98 -0
- data/lib/buby/message_editor_tab_factory.rb +28 -0
- data/lib/buby/parameter/base.rb +40 -0
- data/lib/buby/parameter/body.rb +7 -0
- data/lib/buby/parameter/cookie.rb +7 -0
- data/lib/buby/parameter/url.rb +7 -0
- data/lib/buby/parameter.rb +15 -0
- data/lib/buby/proxy_listener.rb +26 -0
- data/lib/buby/scan_issue.rb +112 -0
- data/lib/buby/scanner_check.rb +84 -0
- data/lib/buby/scanner_insertion_point.rb +118 -0
- data/lib/buby/scanner_insertion_point_provider.rb +27 -0
- data/lib/buby/scanner_listener.rb +22 -0
- data/lib/buby/scope_change_listener.rb +19 -0
- data/lib/buby/session_handling_action.rb +43 -0
- data/lib/buby/tab.rb +37 -0
- data/lib/buby/version.rb +9 -0
- data/lib/buby.rb +892 -101
- metadata +118 -22
- data/VERSION +0 -1
- data/java/buby.jar +0 -0
- data/java/src/burp/IBurpExtender.java +0 -180
- data/java/src/burp/IBurpExtenderCallbacks.java +0 -373
- data/java/src/burp/IHttpRequestResponse.java +0 -156
- data/java/src/burp/IScanIssue.java +0 -106
- data/java/src/burp/IScanQueueItem.java +0 -76
- data/lib/buby/extends.rb +0 -4
@@ -1,156 +0,0 @@
|
|
1
|
-
package burp;
|
2
|
-
|
3
|
-
/*
|
4
|
-
* @(#)IHttpRequestResponse.java
|
5
|
-
*
|
6
|
-
* Copyright PortSwigger Ltd. All rights reserved.
|
7
|
-
*
|
8
|
-
* This code may be used to extend the functionality of Burp Suite and Burp
|
9
|
-
* Suite Professional, provided that this usage does not violate the
|
10
|
-
* license terms for those products.
|
11
|
-
*/
|
12
|
-
|
13
|
-
/**
|
14
|
-
* This interface is used to allow extensions to access details of HTTP messages
|
15
|
-
* that are processed within Burp.
|
16
|
-
*
|
17
|
-
* Note that the setter methods generally can only be used before the message
|
18
|
-
* has been forwarded to the application (e.g. using
|
19
|
-
* IBurpExtender.processHttpMessage()) and not in read-only contexts (e.g. using
|
20
|
-
* IBurpExtender.getProxyHistory()). Conversely, the getter methods relating to
|
21
|
-
* response details can only be used after the message has been forwarded to the
|
22
|
-
* application.
|
23
|
-
*/
|
24
|
-
|
25
|
-
public interface IHttpRequestResponse
|
26
|
-
{
|
27
|
-
/**
|
28
|
-
* Returns the name of the application host.
|
29
|
-
*
|
30
|
-
* @return The name of the application host.
|
31
|
-
*/
|
32
|
-
String getHost();
|
33
|
-
|
34
|
-
/**
|
35
|
-
* Returns the port number used by the application.
|
36
|
-
*
|
37
|
-
* @return The port number used by the application.
|
38
|
-
*/
|
39
|
-
int getPort();
|
40
|
-
|
41
|
-
/**
|
42
|
-
* Returns the protocol used by the application.
|
43
|
-
*
|
44
|
-
* @return The protocol used by the application.
|
45
|
-
*/
|
46
|
-
String getProtocol();
|
47
|
-
|
48
|
-
/**
|
49
|
-
* Sets the name of the application host to which the request should
|
50
|
-
* be sent.
|
51
|
-
*
|
52
|
-
* @param host The name of the application host to which the request should
|
53
|
-
* be sent.
|
54
|
-
* @throws java.lang.Exception
|
55
|
-
*/
|
56
|
-
void setHost(String host) throws Exception;
|
57
|
-
|
58
|
-
/**
|
59
|
-
* Sets the port number to which the request should be sent.
|
60
|
-
*
|
61
|
-
* @param port The port number to which the request should be sent.
|
62
|
-
* @throws java.lang.Exception
|
63
|
-
*/
|
64
|
-
void setPort(int port) throws Exception;
|
65
|
-
|
66
|
-
/**
|
67
|
-
* Sets the protocol which should be used by the request.
|
68
|
-
*
|
69
|
-
* @param protocol The protocol which should be used by the request. Valid
|
70
|
-
* values are "http" and "https".
|
71
|
-
* @throws java.lang.Exception
|
72
|
-
*/
|
73
|
-
void setProtocol(String protocol) throws Exception;
|
74
|
-
|
75
|
-
/**
|
76
|
-
* Returns the full request contents.
|
77
|
-
*
|
78
|
-
* @return The full request contents.
|
79
|
-
* @throws java.lang.Exception
|
80
|
-
*/
|
81
|
-
byte[] getRequest() throws Exception;
|
82
|
-
|
83
|
-
/**
|
84
|
-
* Returns the URL within the request.
|
85
|
-
*
|
86
|
-
* @return The URL within the request.
|
87
|
-
* @throws java.lang.Exception
|
88
|
-
*/
|
89
|
-
java.net.URL getUrl() throws Exception;
|
90
|
-
|
91
|
-
/**
|
92
|
-
* Sets the request contents which should be sent to the application.
|
93
|
-
*
|
94
|
-
* @param message The request contents which should be sent to the
|
95
|
-
* application.
|
96
|
-
* @throws java.lang.Exception
|
97
|
-
*/
|
98
|
-
void setRequest(byte[] message) throws Exception;
|
99
|
-
|
100
|
-
/**
|
101
|
-
* Returns the full response contents.
|
102
|
-
*
|
103
|
-
* @return The full response contents.
|
104
|
-
* @throws java.lang.Exception
|
105
|
-
*/
|
106
|
-
byte[] getResponse() throws Exception;
|
107
|
-
|
108
|
-
/**
|
109
|
-
* Sets the response contents which should be processed by the
|
110
|
-
* invoking Burp tool.
|
111
|
-
*
|
112
|
-
* @param message The response contents which should be processed by the
|
113
|
-
* invoking Burp tool.
|
114
|
-
* @throws java.lang.Exception
|
115
|
-
*/
|
116
|
-
void setResponse(byte[] message) throws Exception;
|
117
|
-
|
118
|
-
/**
|
119
|
-
* Returns the HTTP status code contained within the response.
|
120
|
-
*
|
121
|
-
* @return The HTTP status code contained within the response.
|
122
|
-
* @throws java.lang.Exception
|
123
|
-
*/
|
124
|
-
short getStatusCode() throws Exception;
|
125
|
-
|
126
|
-
/**
|
127
|
-
* Returns the user-annotated comment for this item, if applicable.
|
128
|
-
*
|
129
|
-
* @return The user-annotated comment for this item, or null if none is set.
|
130
|
-
*/
|
131
|
-
String getComment() throws Exception;
|
132
|
-
|
133
|
-
/**
|
134
|
-
* Sets the user-annotated comment for this item.
|
135
|
-
*
|
136
|
-
* @param comment The comment to be associated with this item.
|
137
|
-
* @throws Exception
|
138
|
-
*/
|
139
|
-
void setComment(String comment) throws Exception;
|
140
|
-
|
141
|
-
/**
|
142
|
-
* Returns the user-annotated highlight for this item, if applicable.
|
143
|
-
*
|
144
|
-
* @return The highlight color for this item, or null if none is set.
|
145
|
-
*/
|
146
|
-
String getHighlight() throws Exception;
|
147
|
-
|
148
|
-
/**
|
149
|
-
* Sets the user-annotated highlight for this item.
|
150
|
-
*
|
151
|
-
* @param color The highlight color to be assigned to this item. Accepted
|
152
|
-
* values are: red, orange, yellow, green, cyan, blue, pink, magenta, gray.
|
153
|
-
* @throws Exception
|
154
|
-
*/
|
155
|
-
void setHighlight(String color) throws Exception;
|
156
|
-
}
|
@@ -1,106 +0,0 @@
|
|
1
|
-
package burp;
|
2
|
-
|
3
|
-
/*
|
4
|
-
* @(#)IScanIssue.java
|
5
|
-
*
|
6
|
-
* Copyright PortSwigger Ltd. All rights reserved.
|
7
|
-
*
|
8
|
-
* This code may be used to extend the functionality of Burp Suite and Burp
|
9
|
-
* Suite Professional, provided that this usage does not violate the
|
10
|
-
* license terms for those products.
|
11
|
-
*/
|
12
|
-
|
13
|
-
/**
|
14
|
-
* This interface is used to allow extensions to access details of issues
|
15
|
-
* generated by Burp Scanner.
|
16
|
-
*/
|
17
|
-
|
18
|
-
public interface IScanIssue
|
19
|
-
{
|
20
|
-
/**
|
21
|
-
* Returns the name of the application host.
|
22
|
-
*
|
23
|
-
* @return The name of the application host.
|
24
|
-
*/
|
25
|
-
String getHost();
|
26
|
-
|
27
|
-
/**
|
28
|
-
* Returns the port number used by the application.
|
29
|
-
*
|
30
|
-
* @return The port number used by the application.
|
31
|
-
*/
|
32
|
-
int getPort();
|
33
|
-
|
34
|
-
/**
|
35
|
-
* Returns the protocol used by the application.
|
36
|
-
*
|
37
|
-
* @return The protocol used by the application.
|
38
|
-
*/
|
39
|
-
String getProtocol();
|
40
|
-
|
41
|
-
/**
|
42
|
-
* Returns the URL for which the issue was generated.
|
43
|
-
*
|
44
|
-
* @return The URL for which the issue was generated.
|
45
|
-
*/
|
46
|
-
java.net.URL getUrl();
|
47
|
-
|
48
|
-
/**
|
49
|
-
* Returns a descriptive name of the issue type.
|
50
|
-
*
|
51
|
-
* @return A descriptive name of the issue type (e.g. "SQL injection").
|
52
|
-
*/
|
53
|
-
String getIssueName();
|
54
|
-
|
55
|
-
/**
|
56
|
-
* Returns a descriptive name of the issue severity level.
|
57
|
-
*
|
58
|
-
* @return A descriptive name of the issue severity level (e.g. "High").
|
59
|
-
*/
|
60
|
-
String getSeverity();
|
61
|
-
|
62
|
-
/**
|
63
|
-
* Returns a descriptive name of the issue confidence level.
|
64
|
-
*
|
65
|
-
* @return A descriptive name of the issue confidence level (e.g. "Certain").
|
66
|
-
*/
|
67
|
-
String getConfidence();
|
68
|
-
|
69
|
-
/**
|
70
|
-
* Returns a general description of this type of issue.
|
71
|
-
*
|
72
|
-
* @return A general description of this type of issue.
|
73
|
-
*/
|
74
|
-
String getIssueBackground();
|
75
|
-
|
76
|
-
/**
|
77
|
-
* Returns a general description of the remediation for this type of issue.
|
78
|
-
*
|
79
|
-
* @return A general description of the remediation for this type of issue.
|
80
|
-
*/
|
81
|
-
String getRemediationBackground();
|
82
|
-
|
83
|
-
/**
|
84
|
-
* Returns detailed information about the specific instance of the issue.
|
85
|
-
*
|
86
|
-
* @return If available, detailed information about the specific instance of
|
87
|
-
* the issue.
|
88
|
-
*/
|
89
|
-
String getIssueDetail();
|
90
|
-
|
91
|
-
/**
|
92
|
-
* Returns detailed information about the remediation for the specific
|
93
|
-
* instance of the issue.
|
94
|
-
*
|
95
|
-
* @return If available, detailed information about the remediation for the
|
96
|
-
* specific instance of the issue.
|
97
|
-
*/
|
98
|
-
String getRemediationDetail();
|
99
|
-
|
100
|
-
/**
|
101
|
-
* Returns the HTTP messages on the basis of which the issue was generated.
|
102
|
-
*
|
103
|
-
* @return The HTTP messages on the basis of which the issue was generated.
|
104
|
-
*/
|
105
|
-
IHttpRequestResponse[] getHttpMessages();
|
106
|
-
}
|
@@ -1,76 +0,0 @@
|
|
1
|
-
package burp;
|
2
|
-
|
3
|
-
/*
|
4
|
-
* @(#)IScanQueueItem.java
|
5
|
-
*
|
6
|
-
* Copyright PortSwigger Ltd. All rights reserved.
|
7
|
-
*
|
8
|
-
* This code may be used to extend the functionality of Burp Suite and Burp
|
9
|
-
* Suite Professional, provided that this usage does not violate the
|
10
|
-
* license terms for those products.
|
11
|
-
*/
|
12
|
-
|
13
|
-
/**
|
14
|
-
* This interface is used to allow extensions to access details of items in the
|
15
|
-
* Burp Scanner active scan queue.
|
16
|
-
*/
|
17
|
-
|
18
|
-
public interface IScanQueueItem
|
19
|
-
{
|
20
|
-
/**
|
21
|
-
* Returns a description of the status of the scan queue item.
|
22
|
-
*
|
23
|
-
* @return A description of the status of the scan queue item.
|
24
|
-
*/
|
25
|
-
String getStatus();
|
26
|
-
|
27
|
-
/**
|
28
|
-
* Returns an indication of the percentage completed for the scan queue item.
|
29
|
-
*
|
30
|
-
* @return An indication of the percentage completed for the scan queue item.
|
31
|
-
*/
|
32
|
-
byte getPercentageComplete();
|
33
|
-
|
34
|
-
/**
|
35
|
-
* Returns the number of requests that have been made for the scan queue item.
|
36
|
-
*
|
37
|
-
* @return The number of requests that have been made for the scan queue item.
|
38
|
-
*/
|
39
|
-
int getNumRequests();
|
40
|
-
|
41
|
-
/**
|
42
|
-
* Returns the number of network errors that have occurred for the scan
|
43
|
-
* queue item.
|
44
|
-
*
|
45
|
-
* @return The number of network errors that have occurred for the scan
|
46
|
-
* queue item.
|
47
|
-
*/
|
48
|
-
int getNumErrors();
|
49
|
-
|
50
|
-
/**
|
51
|
-
* Returns the number of attack insertion points being used for the scan
|
52
|
-
* queue item.
|
53
|
-
*
|
54
|
-
* @return The number of attack insertion points being used for the scan
|
55
|
-
* queue item.
|
56
|
-
*/
|
57
|
-
int getNumInsertionPoints();
|
58
|
-
|
59
|
-
/**
|
60
|
-
* This method allows the scan queue item to be cancelled.
|
61
|
-
*/
|
62
|
-
void cancel();
|
63
|
-
|
64
|
-
/**
|
65
|
-
* This method returns details of the issues generated for the scan queue item.
|
66
|
-
*
|
67
|
-
* Note that different items within the scan queue may contain duplicated
|
68
|
-
* versions of the same issues - for example, if the same request has been
|
69
|
-
* scanned multiple times. Duplicated issues are consolidated in the main view
|
70
|
-
* of scan results. You can implementIBurpExtender.newScanIssue to get details
|
71
|
-
* only of unique, newly discovered scan issues post-consolidation.
|
72
|
-
*
|
73
|
-
* @return Details of the issues generated for the scan queue item.
|
74
|
-
*/
|
75
|
-
IScanIssue[] getIssues();
|
76
|
-
}
|
data/lib/buby/extends.rb
DELETED