buby 1.3.3-java → 1.5.0-java
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +28 -14
- data/Rakefile +96 -6
- data/VERSION.yml +5 -0
- data/bin/buby +2 -0
- data/buby.gemspec +102 -17
- data/{java/src → ext/buby/burp}/BurpExtender.java +189 -29
- data/ext/burp_interfaces/burp/IBurpExtender.java +31 -0
- data/ext/burp_interfaces/burp/IBurpExtenderCallbacks.java +785 -0
- data/ext/burp_interfaces/burp/IContextMenuFactory.java +38 -0
- data/ext/burp_interfaces/burp/IContextMenuInvocation.java +156 -0
- data/ext/burp_interfaces/burp/ICookie.java +53 -0
- data/ext/burp_interfaces/burp/IExtensionHelpers.java +352 -0
- data/ext/burp_interfaces/burp/IExtensionStateListener.java +27 -0
- data/ext/burp_interfaces/burp/IHttpListener.java +37 -0
- data/ext/burp_interfaces/burp/IHttpRequestResponse.java +102 -0
- data/ext/burp_interfaces/burp/IHttpRequestResponsePersisted.java +26 -0
- data/ext/burp_interfaces/burp/IHttpRequestResponseWithMarkers.java +44 -0
- data/ext/burp_interfaces/burp/IHttpService.java +39 -0
- data/ext/burp_interfaces/burp/IInterceptedProxyMessage.java +116 -0
- data/ext/burp_interfaces/burp/IIntruderAttack.java +31 -0
- data/ext/burp_interfaces/burp/IIntruderPayloadGenerator.java +50 -0
- data/ext/burp_interfaces/burp/IIntruderPayloadGeneratorFactory.java +40 -0
- data/ext/burp_interfaces/burp/IIntruderPayloadProcessor.java +45 -0
- data/{java/src → ext/burp_interfaces}/burp/IMenuItemHandler.java +36 -40
- data/ext/burp_interfaces/burp/IMessageEditor.java +64 -0
- data/ext/burp_interfaces/burp/IMessageEditorController.java +49 -0
- data/ext/burp_interfaces/burp/IMessageEditorTab.java +102 -0
- data/ext/burp_interfaces/burp/IMessageEditorTabFactory.java +38 -0
- data/ext/burp_interfaces/burp/IParameter.java +104 -0
- data/ext/burp_interfaces/burp/IProxyListener.java +37 -0
- data/ext/burp_interfaces/burp/IRequestInfo.java +95 -0
- data/ext/burp_interfaces/burp/IResponseInfo.java +54 -0
- data/ext/burp_interfaces/burp/IScanIssue.java +120 -0
- data/ext/burp_interfaces/burp/IScanQueueItem.java +80 -0
- data/ext/burp_interfaces/burp/IScannerCheck.java +89 -0
- data/ext/burp_interfaces/burp/IScannerInsertionPoint.java +156 -0
- data/ext/burp_interfaces/burp/IScannerInsertionPointProvider.java +38 -0
- data/ext/burp_interfaces/burp/IScannerListener.java +30 -0
- data/ext/burp_interfaces/burp/IScopeChangeListener.java +25 -0
- data/ext/burp_interfaces/burp/ISessionHandlingAction.java +51 -0
- data/ext/burp_interfaces/burp/ITab.java +38 -0
- data/ext/burp_interfaces/burp/ITempFile.java +33 -0
- data/ext/burp_interfaces/burp/ITextEditor.java +90 -0
- data/lib/buby/burp_extender/console_frame.rb +33 -0
- data/lib/buby/burp_extender/console_pane.rb +26 -0
- data/lib/buby/burp_extender/console_tab.rb +15 -0
- data/lib/buby/burp_extender/context_menu.rb +29 -0
- data/lib/buby/burp_extender/context_menu_factory.rb +17 -0
- data/lib/buby/burp_extender/context_menu_item.rb +13 -0
- data/lib/buby/burp_extender/jcheck_box_menu_item.rb +12 -0
- data/lib/buby/burp_extender/jmenu.rb +11 -0
- data/lib/buby/burp_extender/jmenu_item.rb +12 -0
- data/lib/buby/burp_extender/menu.rb +11 -0
- data/lib/buby/burp_extender/menu_item.rb +12 -0
- data/lib/buby/burp_extender.rb +339 -0
- data/lib/buby/context_menu_factory.rb +35 -0
- data/lib/buby/cookie.rb +37 -0
- data/lib/buby/extender.rb +156 -0
- data/lib/buby/http_listener.rb +29 -0
- data/lib/buby/{extends → implants}/buby_array_wrapper.rb +0 -0
- data/lib/buby/implants/context_menu_invocation.rb +113 -0
- data/lib/buby/implants/cookie.rb +47 -0
- data/lib/buby/implants/extension_helpers.rb +286 -0
- data/lib/buby/{extends → implants}/http_request_response.rb +8 -1
- data/lib/buby/implants/intercepted_proxy_message.rb +53 -0
- data/lib/buby/implants/intruder_attack.rb +42 -0
- data/lib/buby/implants/jruby.rb +64 -0
- data/lib/buby/implants/message_editor.rb +70 -0
- data/lib/buby/implants/message_editor_controller.rb +60 -0
- data/lib/buby/implants/parameter.rb +84 -0
- data/lib/buby/implants/request_info.rb +47 -0
- data/lib/buby/implants/response_info.rb +44 -0
- data/lib/buby/{extends → implants}/scan_issue.rb +1 -2
- data/lib/buby/implants/scan_queue_item.rb +53 -0
- data/lib/buby/implants/scanner_insertion_point.rb +92 -0
- data/lib/buby/implants/temp_file.rb +43 -0
- data/lib/buby/implants/text_editor.rb +63 -0
- data/lib/buby/implants.rb +28 -0
- data/lib/buby/intruder_payload_generator.rb +60 -0
- data/lib/buby/intruder_payload_generator_factory.rb +32 -0
- data/lib/buby/intruder_payload_processor.rb +38 -0
- data/lib/buby/message_editor_controller.rb +41 -0
- data/lib/buby/message_editor_tab.rb +98 -0
- data/lib/buby/message_editor_tab_factory.rb +28 -0
- data/lib/buby/parameter/base.rb +40 -0
- data/lib/buby/parameter/body.rb +7 -0
- data/lib/buby/parameter/cookie.rb +7 -0
- data/lib/buby/parameter/url.rb +7 -0
- data/lib/buby/parameter.rb +15 -0
- data/lib/buby/proxy_listener.rb +26 -0
- data/lib/buby/scan_issue.rb +112 -0
- data/lib/buby/scanner_check.rb +84 -0
- data/lib/buby/scanner_insertion_point.rb +118 -0
- data/lib/buby/scanner_insertion_point_provider.rb +27 -0
- data/lib/buby/scanner_listener.rb +22 -0
- data/lib/buby/scope_change_listener.rb +19 -0
- data/lib/buby/session_handling_action.rb +43 -0
- data/lib/buby/tab.rb +37 -0
- data/lib/buby/version.rb +9 -0
- data/lib/buby.rb +892 -101
- metadata +118 -22
- data/VERSION +0 -1
- data/java/buby.jar +0 -0
- data/java/src/burp/IBurpExtender.java +0 -180
- data/java/src/burp/IBurpExtenderCallbacks.java +0 -373
- data/java/src/burp/IHttpRequestResponse.java +0 -156
- data/java/src/burp/IScanIssue.java +0 -106
- data/java/src/burp/IScanQueueItem.java +0 -76
- data/lib/buby/extends.rb +0 -4
@@ -0,0 +1,35 @@
|
|
1
|
+
class Buby
|
2
|
+
# Extensions can implement this interface and then call
|
3
|
+
# <code>IBurpExtenderCallbacks.registerContextMenuFactory()</code> to register
|
4
|
+
# a factory for custom context menu items.
|
5
|
+
#
|
6
|
+
class ContextMenuFactory
|
7
|
+
include Java::Burp::IContextMenuFactory
|
8
|
+
|
9
|
+
# This method will be called by Burp when the user invokes a context menu
|
10
|
+
# anywhere within Burp. The factory can then provide any custom context
|
11
|
+
# menu items that should be displayed in the context menu, based on the
|
12
|
+
# details of the menu invocation.
|
13
|
+
# Implementations should call super
|
14
|
+
#
|
15
|
+
# @param [IContextMenuInvocation] invocation An object the extension can
|
16
|
+
# query to obtain details of the context menu invocation.
|
17
|
+
# @return [Array<JMenuItem>] A list of custom menu items (which may include
|
18
|
+
# sub-menus, checkbox menu items, etc.) that should be displayed.
|
19
|
+
# Extensions may return +nil+ from this method, to indicate that no menu
|
20
|
+
# items are required.
|
21
|
+
#
|
22
|
+
def self.createMenuItems invocation
|
23
|
+
pp [:got_create_menu_items, invocation] if $DEBUG
|
24
|
+
Buby::Implants::ContextMenuInvocation.implant invocation
|
25
|
+
nil
|
26
|
+
end
|
27
|
+
|
28
|
+
# (see ContextMenuFactory.createMenuItems)
|
29
|
+
def createMenuItems invocation
|
30
|
+
pp [:got_create_menu_items, invocation] if $DEBUG
|
31
|
+
Buby::Implants::ContextMenuInvocation.implant invocation
|
32
|
+
nil
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
data/lib/buby/cookie.rb
ADDED
@@ -0,0 +1,37 @@
|
|
1
|
+
require 'cgi'
|
2
|
+
|
3
|
+
class Buby
|
4
|
+
# This class is used to hold details about an HTTP cookie. Implements the
|
5
|
+
# +burp.ICookie+ interface
|
6
|
+
#
|
7
|
+
class Cookie < CGI::Cookie
|
8
|
+
include Java::Burp::ICookie
|
9
|
+
|
10
|
+
# This method is used to retrieve the domain for which the cookie is in
|
11
|
+
# scope.
|
12
|
+
#
|
13
|
+
# @return [String] The domain for which the cookie is in scope.
|
14
|
+
def getDomain
|
15
|
+
@domain
|
16
|
+
end
|
17
|
+
|
18
|
+
# This method is used to retrieve the expiration time for the cookie.
|
19
|
+
#
|
20
|
+
# @return [java.util.Date] The expiration time for the cookie, or +nil+ if
|
21
|
+
# none is set (i.e., for non-persistent session cookies).
|
22
|
+
#
|
23
|
+
def getExpiration; @expires; end
|
24
|
+
|
25
|
+
# This method is used to retrieve the name of the cookie.
|
26
|
+
#
|
27
|
+
# @return [String] The name of the cookie.
|
28
|
+
#
|
29
|
+
def getName; @name; end
|
30
|
+
|
31
|
+
# This method is used to retrieve the value of the cookie.
|
32
|
+
#
|
33
|
+
# @return [String] The value of the cookie.
|
34
|
+
#
|
35
|
+
def getValue; join("&"); end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,156 @@
|
|
1
|
+
class Buby
|
2
|
+
# This is the JRuby implementation of IBurpExtender for use as a JRuby
|
3
|
+
# extension. This class handles the type conversions and other ruby sugar.
|
4
|
+
# {BurpExtender} further extends this by adding additional things during
|
5
|
+
# startup, like setting up Buby as the handler class and starting console
|
6
|
+
# tabs.
|
7
|
+
#
|
8
|
+
# @note This class, unlike the Java implementation, does not fire the
|
9
|
+
# deprecated evt_* callbacks, only the new versions.
|
10
|
+
#
|
11
|
+
# @todo move implant logic to extender interfaces
|
12
|
+
module Extender
|
13
|
+
include Java::Burp::IBurpExtender
|
14
|
+
include Java::Burp::IExtensionStateListener
|
15
|
+
include Java::Burp::IProxyListener
|
16
|
+
include Java::Burp::IHttpListener
|
17
|
+
include Java::Burp::IScannerListener
|
18
|
+
include Java::Burp::IScopeChangeListener
|
19
|
+
include Java::Burp::IContextMenuFactory
|
20
|
+
|
21
|
+
# @group Buby internals
|
22
|
+
# Internal reference to ruby handler class (usually {Buby})
|
23
|
+
@@handler = nil
|
24
|
+
|
25
|
+
# Returns the internal Ruby handler reference.
|
26
|
+
#
|
27
|
+
# The handler is the ruby class or module used for proxying BurpExtender
|
28
|
+
# events into a ruby runtime. Usually, this is Buby or a subclass.
|
29
|
+
#
|
30
|
+
def self.handler
|
31
|
+
@@handler
|
32
|
+
end
|
33
|
+
|
34
|
+
# Sets an internal reference to the ruby handler class or module to use for
|
35
|
+
# proxied BurpExtender events into a ruby runtime.
|
36
|
+
#
|
37
|
+
# Generally, this should probably be called in {#registerExtenderCallbacks}.
|
38
|
+
# However, it is also possible to set this afterwards and even swap in new
|
39
|
+
# objects during runtime.
|
40
|
+
#
|
41
|
+
def self.handler=(hndlr)
|
42
|
+
@@handler = hndlr
|
43
|
+
end
|
44
|
+
|
45
|
+
def handler
|
46
|
+
@@handler
|
47
|
+
end
|
48
|
+
|
49
|
+
def handler= hndlr
|
50
|
+
@@handler = hndlr
|
51
|
+
end
|
52
|
+
|
53
|
+
# @group Burp extender
|
54
|
+
# This callback usually fires before the handler is set.
|
55
|
+
#
|
56
|
+
def initialize *args
|
57
|
+
@@handler.extender_initialize(*args) if @@handler.respond_to? :extender_inititialize
|
58
|
+
end
|
59
|
+
|
60
|
+
# This method is invoked when the extension is loaded. It registers an
|
61
|
+
# instance of the +IBurpExtenderCallbacks+ interface, providing methods that
|
62
|
+
# may be invoked by the extension to perform various actions.
|
63
|
+
#
|
64
|
+
# @param [IBurpExtenderCallbacks] callbacks Burp's Java object for querying
|
65
|
+
# Burp's data.
|
66
|
+
# @return [void]
|
67
|
+
#
|
68
|
+
def registerExtenderCallbacks(callbacks)
|
69
|
+
@callbacks = callbacks
|
70
|
+
callbacks.issueAlert("[#{self.class}] registering JRuby handler callbacks")
|
71
|
+
callbacks.registerExtensionStateListener(self)
|
72
|
+
callbacks.registerHttpListener(self)
|
73
|
+
callbacks.registerScannerListener(self)
|
74
|
+
callbacks.registerContextMenuFactory self
|
75
|
+
callbacks.registerScopeChangeListener self
|
76
|
+
@@handler.register_callbacks(callbacks) if @@handler.respond_to? :register_callbacks
|
77
|
+
end
|
78
|
+
|
79
|
+
# @group Listeners
|
80
|
+
# This method is called when the extension is unloaded. This, in turn, calls
|
81
|
+
# {Buby#extension_unloaded} on the handler instance
|
82
|
+
#
|
83
|
+
def extensionUnloaded
|
84
|
+
@@handler.extension_unloaded if @@handler.respond_to? :extension_unloaded
|
85
|
+
end
|
86
|
+
|
87
|
+
# This method is invoked when an HTTP message is being processed by the
|
88
|
+
# Proxy and calls {Buby#process_proxy_message} on the handler.
|
89
|
+
#
|
90
|
+
# @param [Boolean] messageIsRequest Indicates whether the HTTP message is a
|
91
|
+
# request or a response.
|
92
|
+
# @param [IInterceptedProxyMessage] message An +IInterceptedProxyMessage+
|
93
|
+
# object that extensions can use to query and update details of the
|
94
|
+
# message, and control whether the message should be intercepted and
|
95
|
+
# displayed to the user for manual review or modification.
|
96
|
+
# @return [void]
|
97
|
+
#
|
98
|
+
def processProxyMessage(messageIsRequest, message)
|
99
|
+
@@handler.process_proxy_message(messageIsRequest, message) if @@handler.respond_to? :process_proxy_message
|
100
|
+
end
|
101
|
+
|
102
|
+
# This method is invoked when an HTTP request is about to be issued, and
|
103
|
+
# when an HTTP response has been received.
|
104
|
+
#
|
105
|
+
# @param [Fixnum] toolFlag A flag indicating the Burp tool that issued the
|
106
|
+
# request. Burp tool flags are defined in the +IBurpExtenderCallbacks+
|
107
|
+
# interface.
|
108
|
+
# @param [Boolean] messageIsRequest Flags whether the method is being
|
109
|
+
# invoked for a request or response.
|
110
|
+
# @param [IHttpRequestResponse] messageInfo Details of the request /
|
111
|
+
# response to be processed. Extensions can call the setter methods on this
|
112
|
+
# object to update the current message and so modify Burp's behavior.
|
113
|
+
# @return [void]
|
114
|
+
#
|
115
|
+
def processHttpMessage(toolFlag, messageIsRequest, messageInfo)
|
116
|
+
@@handler.process_http_message(toolFlag, messageIsRequest, messageInfo) if @@handler.respond_to? :process_http_message
|
117
|
+
end
|
118
|
+
|
119
|
+
# This method is invoked when a new issue is added to Burp Scanner's
|
120
|
+
# results.
|
121
|
+
#
|
122
|
+
# @param [IScanIssue] issue An +IScanIssue+ object that the extension can
|
123
|
+
# query to obtain details about the new issue.
|
124
|
+
#
|
125
|
+
def newScanIssue(issue)
|
126
|
+
@@handler.new_scan_issue(issue) if @@handler.respond_to? :new_scan_issue
|
127
|
+
end
|
128
|
+
|
129
|
+
# This method will be called by Burp when the user invokes a context menu
|
130
|
+
# anywhere within Burp. The factory can then provide any custom context menu
|
131
|
+
# items that should be displayed in the context menu, based on the details
|
132
|
+
# of the menu invocation.
|
133
|
+
#
|
134
|
+
# @param [IContextMenuInvocation] invocation An object the extension can
|
135
|
+
# query to obtain details of the context menu invocation.
|
136
|
+
# @return [Array<JMenuItem>, nil] A list of custom menu items (which may
|
137
|
+
# include sub-menus, checkbox menu items, etc.) that should be displayed.
|
138
|
+
# Extensions may return +nil+ from this method, to indicate that no menu
|
139
|
+
# items are required.
|
140
|
+
#
|
141
|
+
# @abstract
|
142
|
+
def createMenuItems invocation
|
143
|
+
@@handler.create_menu_items(invocation) if @@handler.respond_to? :create_menu_items
|
144
|
+
end
|
145
|
+
|
146
|
+
# This method is invoked whenever a change occurs to Burp's suite-wide
|
147
|
+
# target scope.
|
148
|
+
#
|
149
|
+
# @return [void]
|
150
|
+
#
|
151
|
+
# @abstract
|
152
|
+
def scopeChanged
|
153
|
+
@@handler.scope_changed if @@handler.respond_to? :scope_changed
|
154
|
+
end
|
155
|
+
end
|
156
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
class Buby
|
2
|
+
# Extensions can implement this interface and then call
|
3
|
+
# {Buby#registerHttpListener} to register an HTTP listener. The listener will
|
4
|
+
# be notified of requests and responses made by any Burp tool. Extensions can
|
5
|
+
# perform custom analysis or modification of these messages by registering an
|
6
|
+
# HTTP listener.
|
7
|
+
#
|
8
|
+
class HttpListener
|
9
|
+
include Java::Burp::IHttpListener
|
10
|
+
|
11
|
+
# This method is invoked when an HTTP request is about to be issued, and
|
12
|
+
# when an HTTP response has been received.
|
13
|
+
#
|
14
|
+
# @param [Fixnum, Symbol] toolFlag A flag indicating the Burp tool that
|
15
|
+
# issued the request. Burp tool flags are defined in the
|
16
|
+
# +IBurpExtenderCallbacks+ interface and {Buby}.
|
17
|
+
# @param [Boolean] messageIsRequest Flags whether the method is being
|
18
|
+
# invoked for a request or response.
|
19
|
+
# @param [IHttpRequestResponse] messageInfo Details of the request/response
|
20
|
+
# to be processed. Extensions can call the setter methods on this object
|
21
|
+
# to update the current message and so modify Burp's behavior.
|
22
|
+
#
|
23
|
+
# @todo move HttpRequestResponse to new implant scheme
|
24
|
+
def processHttpMessage(toolFlag, messageIsRequest, messageInfo)
|
25
|
+
pp [:got_processHttpMessage, toolFlag, messageIsRequest, messageInfo] if $DEBUG
|
26
|
+
Buby::HttpRequestResponseHelper.implant(messageInfo)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
File without changes
|
@@ -0,0 +1,113 @@
|
|
1
|
+
class Buby
|
2
|
+
module Implants
|
3
|
+
# This interface is used when Burp calls into an extension-provided
|
4
|
+
# <code>IContextMenuFactory</code> with details of a context menu
|
5
|
+
# invocation. The custom context menu factory can query this interface to
|
6
|
+
# obtain details of the invocation event, in order to determine what menu
|
7
|
+
# items should be displayed.
|
8
|
+
# This module is used to extend the JRuby proxy class returned by Burp.
|
9
|
+
#
|
10
|
+
module ContextMenuInvocation
|
11
|
+
# Context menu is being invoked in a request editor.
|
12
|
+
CONTEXT_MESSAGE_EDITOR_REQUEST = 0;
|
13
|
+
|
14
|
+
# Context menu is being invoked in a response editor.
|
15
|
+
CONTEXT_MESSAGE_EDITOR_RESPONSE = 1;
|
16
|
+
|
17
|
+
# Context menu is being invoked in a non-editable request viewer.
|
18
|
+
CONTEXT_MESSAGE_VIEWER_REQUEST = 2;
|
19
|
+
|
20
|
+
# Context menu is being invoked in a non-editable response viewer.
|
21
|
+
CONTEXT_MESSAGE_VIEWER_RESPONSE = 3;
|
22
|
+
|
23
|
+
# Context menu is being invoked in the Target site map tree.
|
24
|
+
CONTEXT_TARGET_SITE_MAP_TREE = 4;
|
25
|
+
|
26
|
+
# Context menu is being invoked in the Target site map table.
|
27
|
+
CONTEXT_TARGET_SITE_MAP_TABLE = 5;
|
28
|
+
|
29
|
+
# Context menu is being invoked in the Proxy history.
|
30
|
+
CONTEXT_PROXY_HISTORY = 6;
|
31
|
+
|
32
|
+
# Context menu is being invoked in the Scanner results.
|
33
|
+
CONTEXT_SCANNER_RESULTS = 7;
|
34
|
+
|
35
|
+
# Context menu is being invoked in the Intruder payload positions editor.
|
36
|
+
CONTEXT_INTRUDER_PAYLOAD_POSITIONS = 8;
|
37
|
+
|
38
|
+
# Context menu is being invoked in an Intruder attack results.
|
39
|
+
CONTEXT_INTRUDER_ATTACK_RESULTS = 9;
|
40
|
+
|
41
|
+
# Context menu is being invoked in a search results window.
|
42
|
+
CONTEXT_SEARCH_RESULTS = 10;
|
43
|
+
|
44
|
+
# This method can be used to retrieve details of the HTTP requests /
|
45
|
+
# responses that were shown or selected by the user when the context menu
|
46
|
+
# was invoked.
|
47
|
+
#
|
48
|
+
# @note For performance reasons, the objects returned from this method are
|
49
|
+
# tied to the originating context of the messages within the Burp UI.
|
50
|
+
# For example, if a context menu is invoked on the Proxy intercept
|
51
|
+
# panel, then the +IHttpRequestResponse+ returned by this method will
|
52
|
+
# reflect the current contents of the interception panel, and this will
|
53
|
+
# change when the current message has been forwarded or dropped. If your
|
54
|
+
# extension needs to store details of the message for which the context
|
55
|
+
# menu has been invoked, then you should query those details from the
|
56
|
+
# +IHttpRequestResponse+ at the time of invocation, or you should use
|
57
|
+
# +IBurpExtenderCallbacks.saveBuffersToTempFiles()+ to create a
|
58
|
+
# persistent read-only copy of the +IHttpRequestResponse+.
|
59
|
+
#
|
60
|
+
# @return [Array<IHttpRequestResponse>,nil] An array of objects
|
61
|
+
# representing the items that were shown or selected by the user when
|
62
|
+
# the context menu was invoked. This method returns +nil+ if no messages
|
63
|
+
# are applicable to the invocation.
|
64
|
+
#
|
65
|
+
def getSelectedMessages
|
66
|
+
pp [:got_get_selected_messages] if $DEBUG
|
67
|
+
hrrl = __getSelectedMessages
|
68
|
+
HttpRequestResponseHelper.implant(hrrl.first)
|
69
|
+
hrrl
|
70
|
+
end
|
71
|
+
|
72
|
+
# This method can be used to retrieve details of the Scanner issues that
|
73
|
+
# were selected by the user when the context menu was invoked.
|
74
|
+
#
|
75
|
+
# @return [Array<IScanIssue>,nil] The issues that were selected by the
|
76
|
+
# user when the context menu was invoked. This method returns +nil+ if
|
77
|
+
# no Scanner issues are applicable to the invocation.
|
78
|
+
#
|
79
|
+
def getSelectedIssues
|
80
|
+
pp [:got_get_selected_issues] if $DEBUG
|
81
|
+
sil = __getSelectedIssues
|
82
|
+
ScanIssueHelper.implant(sil.first)
|
83
|
+
sil
|
84
|
+
end
|
85
|
+
|
86
|
+
# Install ourselves into the current +IContextMenuInvocation+ java class
|
87
|
+
# @param [IContextMenuInvocation] invocation
|
88
|
+
#
|
89
|
+
def self.implant(invocation)
|
90
|
+
unless invocation.implanted? || invocation.nil?
|
91
|
+
pp [:implanting, invocation, invocation.class] if $DEBUG
|
92
|
+
invocation.class.class_exec(invocation) do |invocation|
|
93
|
+
a_methods = %w{
|
94
|
+
getSelectedMessages
|
95
|
+
getSelectedIssues
|
96
|
+
}
|
97
|
+
a_methods.each do |meth|
|
98
|
+
alias_method "__"+meth.to_s, meth
|
99
|
+
end
|
100
|
+
include Buby::Implants::ContextMenuInvocation
|
101
|
+
a_methods.each do |meth|
|
102
|
+
java_class.ruby_names_for_java_method(meth).each do |ruby_meth|
|
103
|
+
define_method ruby_meth, Buby::Implants::ContextMenuInvocation.instance_method(meth)
|
104
|
+
end
|
105
|
+
end
|
106
|
+
include Buby::Implants::Proxy
|
107
|
+
end
|
108
|
+
end
|
109
|
+
invocation
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
class Buby
|
2
|
+
module Implants
|
3
|
+
# This interface is used to hold details about an HTTP cookie.
|
4
|
+
#
|
5
|
+
# @note This module is used to extend the ICookie interface implementation
|
6
|
+
# java class at runtime.
|
7
|
+
module Cookie
|
8
|
+
# This method is used to retrieve the expiration time for the cookie.
|
9
|
+
#
|
10
|
+
# @return [Time] The expiration time for the cookie, or +nil+ if none is
|
11
|
+
# set (i.e., for non-persistent session cookies).
|
12
|
+
#
|
13
|
+
def getExpiration
|
14
|
+
ret = __getExpiration
|
15
|
+
ret.nil? ? ret : Time.at(ret.time/1000.0)
|
16
|
+
end
|
17
|
+
|
18
|
+
# Install ourselves into the current +ICookie+ java class
|
19
|
+
# @param [ICookie] cookie instance
|
20
|
+
#
|
21
|
+
def self.implant(cookie)
|
22
|
+
unless cookie.implanted? || cookie.nil?
|
23
|
+
pp [:implanting, cookie, cookie.class] if $DEBUG
|
24
|
+
cookie.class.class_exec(cookie) do |cookie|
|
25
|
+
a_methods = %w{
|
26
|
+
getExpiration
|
27
|
+
}
|
28
|
+
a_methods.each do |meth|
|
29
|
+
pp ["__" + meth, self] if $DEBUG
|
30
|
+
alias_method "__"+meth.to_s, meth
|
31
|
+
end
|
32
|
+
include Buby::Implants::Cookie
|
33
|
+
a_methods.each do |meth|
|
34
|
+
pp [meth, self] if $DEBUG
|
35
|
+
java_class.ruby_names_for_java_method(meth).each do |ruby_meth|
|
36
|
+
pp [ruby_meth, meth, self] if $DEBUG
|
37
|
+
define_method ruby_meth, Buby::Implants::Cookie.instance_method(meth)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
include Buby::Implants::Proxy
|
41
|
+
end
|
42
|
+
end
|
43
|
+
cookie
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,286 @@
|
|
1
|
+
class Buby
|
2
|
+
module Implants
|
3
|
+
# This interface contains a number of helper methods, which extensions can
|
4
|
+
# use to assist with various common tasks that arise for Burp extensions.
|
5
|
+
#
|
6
|
+
# Extensions can call +IBurpExtenderCallbacks.getHelpers()+ to obtain an
|
7
|
+
# instance of this interface.
|
8
|
+
# This module is used to extend the JRuby proxy class returned by Burp.
|
9
|
+
#
|
10
|
+
module ExtensionHelpers
|
11
|
+
# This method can be used to analyze an HTTP request, and obtain various
|
12
|
+
# key details about it. The resulting +IRequestInfo+ object
|
13
|
+
# will not include the full request URL.
|
14
|
+
#
|
15
|
+
# @overload analyzeRequest(request)
|
16
|
+
# Analyze a +HttpRequestResponse+ object.
|
17
|
+
# @param [IHttpRequestResponse] request The request to be analyzed.
|
18
|
+
# @overload analyzeRequest(httpService, request)
|
19
|
+
# Analyze a request from a +HttpService+ object, and a +String+ or
|
20
|
+
# +byte[]+.
|
21
|
+
# @param [IHttpService] http_service HTTP service description
|
22
|
+
# @param [String, Array<byte>] request The request to be analyzed
|
23
|
+
# @overload analyzeRequest(request)
|
24
|
+
# Analyze a +String+ or +byte[]+ request. To obtain the full URL, use one
|
25
|
+
# of the other overloaded {#analyzeRequest} methods.
|
26
|
+
# @param [String, Array<byte>] request The request to be analyzed
|
27
|
+
# @return [IRequestInfo] object (wrapped with Ruby goodness)
|
28
|
+
# that can be queried to obtain details about the request.
|
29
|
+
#
|
30
|
+
def analyzeRequest(*args)
|
31
|
+
pp [:got_analyze_request, *args] if $DEBUG
|
32
|
+
args[-1] = args[-1].to_java_bytes if args[-1].respond_to? :to_java_bytes
|
33
|
+
Buby::Implants::RequestInfo.implant(__analyzeRequest(*args))
|
34
|
+
end
|
35
|
+
|
36
|
+
# This method can be used to analyze an HTTP response, and obtain various
|
37
|
+
# key details about it.
|
38
|
+
#
|
39
|
+
# @param [String, Array<byte>] response The response to be analyzed.
|
40
|
+
# @return [IResponseInfo] object (wrapped with Ruby goodness) that can be
|
41
|
+
# queried to obtain details about the response.
|
42
|
+
#
|
43
|
+
def analyzeResponse(response)
|
44
|
+
pp [:got_analyze_response, response] if $DEBUG
|
45
|
+
response = response.to_java_bytes if response.respond_to? :to_java_bytes
|
46
|
+
Buby::Implants::ResponseInfo.implant(__analyzeResponse(response))
|
47
|
+
end
|
48
|
+
|
49
|
+
# This method can be used to retrieve details of a specified parameter
|
50
|
+
# within an HTTP request. <b>Note:</b> Use {#analyzeRequest} to obtain
|
51
|
+
# details of all parameters within the request.
|
52
|
+
#
|
53
|
+
# @param [String, Array<byte>] request The request to be inspected for the
|
54
|
+
# specified parameter.
|
55
|
+
# @param [String] parameter_name The name of the parameter to retrieve.
|
56
|
+
# @return [IParameter] object that can be queried to obtain details
|
57
|
+
# about the parameter, or +nil+ if the parameter was not found.
|
58
|
+
#
|
59
|
+
def getRequestParameter(request, parameter_name)
|
60
|
+
pp [:got_get_request_parameter, parameter_name, request] if $DEBUG
|
61
|
+
request = request.to_java_bytes if request.respond_to? :to_java_bytes
|
62
|
+
Buby::Implants::Parameter.implant(__getRequestParameter(request, parameter_name))
|
63
|
+
end
|
64
|
+
|
65
|
+
# This method searches a piece of data for the first occurrence of a
|
66
|
+
# specified pattern. It works on byte-based data in a way that is similar
|
67
|
+
# to the way the native Java method +String.indexOf()+ works on
|
68
|
+
# String-based data.
|
69
|
+
# @note This method is only wrapped for testing purposes. There are better ways to do this in the JRuby runtime.
|
70
|
+
#
|
71
|
+
# @param [String, Array<byte>] data The data to be searched.
|
72
|
+
# @param [String, Array<byte>] pattern The pattern to be searched for.
|
73
|
+
# @param [Boolean] case_sensitive Flags whether or not the search is case-sensitive.
|
74
|
+
# @param [Fixnum] from The offset within +data+ where the search should begin.
|
75
|
+
# @param [Fixnum] to The offset within +data+ where the search should end.
|
76
|
+
# @return The offset of the first occurrence of the pattern within the specified bounds, or nil if no match is found.
|
77
|
+
#
|
78
|
+
def indexOf(data, pattern, case_sensitive, from, to)
|
79
|
+
pp [:got_index_of, case_sensitive, from, to, data, pattern] if $DEBUG
|
80
|
+
data = data.to_java_bytes if data.respond_to?(:to_java_bytes)
|
81
|
+
pattern = pattern.to_java_bytes if data.respond_to?(:to_java_bytes)
|
82
|
+
ret = __indexOf(data, pattern, case_sensitive, from, to)
|
83
|
+
ret == -1 ? nil : ret
|
84
|
+
end
|
85
|
+
|
86
|
+
# This method builds an HTTP message containing the specified headers and
|
87
|
+
# message body. If applicable, the Content-Length header will be added or
|
88
|
+
# updated, based on the length of the body.
|
89
|
+
#
|
90
|
+
# @param [Array<String>] headers A list of headers to include in the message.
|
91
|
+
# @param [String, Array<byte>] body The body of the message, or +nil+ if the message has an empty body.
|
92
|
+
# @return [String] The resulting full HTTP message.
|
93
|
+
#
|
94
|
+
def buildHttpMessage(headers, body)
|
95
|
+
pp [:got_build_http_message, headers, body] if $DEBUG
|
96
|
+
body = body.to_java_bytes if body.respond_to?(:to_java_bytes)
|
97
|
+
String.from_java_bytes(__buildHttpMessage(headers, body))
|
98
|
+
end
|
99
|
+
|
100
|
+
# This method creates a GET request to the specified URL. The headers used
|
101
|
+
# in the request are determined by the Request headers settings as
|
102
|
+
# configured in Burp Spider's options.
|
103
|
+
#
|
104
|
+
# @param [URL, #to_s] url The URL to which the request should be made.
|
105
|
+
# @return [String] A request to the specified URL.
|
106
|
+
#
|
107
|
+
def buildHttpRequest(url)
|
108
|
+
pp [:got_build_http_request, url] if $DEBUG
|
109
|
+
url = Java::JavaNet::URL.new url.to_s unless url.kind_of?(Java::JavaNet::URL)
|
110
|
+
String.from_java_bytes __buildHttpRequest(url)
|
111
|
+
end
|
112
|
+
|
113
|
+
# This method adds a new parameter to an HTTP request, and if appropriate
|
114
|
+
# updates the Content-Length header.
|
115
|
+
#
|
116
|
+
# @param [String, Array<byte>, IHttpRequestResponse] request The request
|
117
|
+
# to which the parameter should be added.
|
118
|
+
# @param [IParameter, Hash] parameter An +IParameter+ object containing
|
119
|
+
# details of the parameter to be added. Supported parameter types are:
|
120
|
+
# * +PARAM_URL+
|
121
|
+
# * +PARAM_BODY+
|
122
|
+
# * +PARAM_COOKIE+
|
123
|
+
# @return [String] A new HTTP request with the new parameter added.
|
124
|
+
#
|
125
|
+
# @todo Switch IHttpRequestResponse to new Buby::Implants functionality (2.0)
|
126
|
+
def addParameter(request, parameter)
|
127
|
+
pp [:got_addParameter, parameter, request] if $DEBUG
|
128
|
+
request = request.request if request.kind_of? Java::Burp::IHttpRequestResponse
|
129
|
+
request = request.to_java_bytes if request.respond_to? :to_java_bytes
|
130
|
+
parameter = Buby::Parameter::Base.new parameter if parameter.kind_of? Hash
|
131
|
+
String.from_java_bytes(__addParameter(request, parameter))
|
132
|
+
end
|
133
|
+
|
134
|
+
# This method removes a parameter from an HTTP request, and if appropriate
|
135
|
+
# updates the Content-Length header.
|
136
|
+
#
|
137
|
+
# @param [String, Array<byte>, IHttpRequestResponse] request The request
|
138
|
+
# from which the parameter should be removed.
|
139
|
+
# @param [IParameter, Hash] parameter Object containing details of the
|
140
|
+
# parameter to be removed. Supported parameter types are:
|
141
|
+
# * +PARAM_URL+
|
142
|
+
# * +PARAM_BODY+
|
143
|
+
# * +PARAM_COOKIE+
|
144
|
+
# @return [String] A new HTTP request with the parameter removed.
|
145
|
+
#
|
146
|
+
# @todo Switch IHttpRequestResponse to new Buby::Implants functionality (2.0)
|
147
|
+
def removeParameter(request, parameter);
|
148
|
+
pp [:got_addParameter, parameter, request] if $DEBUG
|
149
|
+
request = request.request if request.kind_of? Java::Burp::IHttpRequestResponse
|
150
|
+
request = request.to_java_bytes if request.respond_to? :to_java_bytes
|
151
|
+
parameter = Buby::Parameter::Base.new parameter if parameter.kind_of? Hash
|
152
|
+
String.from_java_bytes(__removeParameter(request, parameter))
|
153
|
+
end
|
154
|
+
|
155
|
+
# This method updates the value of a parameter within an HTTP request, and
|
156
|
+
# if appropriate updates the Content-Length header.
|
157
|
+
# @note: This method can only be used to update the value of an existing
|
158
|
+
# parameter of a specified type. If you need to change the type of an
|
159
|
+
# existing parameter, you should first call {#removeParameter} to remove
|
160
|
+
# the parameter with the old type, and then call {#addParameter} to add
|
161
|
+
# a parameter with the new type.
|
162
|
+
#
|
163
|
+
# @param [String, Array<byte>, IHttpRequestResponse] request The request
|
164
|
+
# containing the parameter to be updated.
|
165
|
+
# @param [IParameter, Hash] parameter Object containing details of the
|
166
|
+
# parameter to be updated. Supported parameter types are:
|
167
|
+
# * +PARAM_URL+
|
168
|
+
# * +PARAM_BODY+
|
169
|
+
# * +PARAM_COOKIE+
|
170
|
+
# @return [String] A new HTTP request with the parameter updated.
|
171
|
+
#
|
172
|
+
# @todo Switch IHttpRequestResponse to new Buby::Implants functionality (2.0)
|
173
|
+
def updateParameter(request, parameter)
|
174
|
+
pp [:got_updateParameter, parameter, request] if $DEBUG
|
175
|
+
request = request.request if request.kind_of? Java::Burp::IHttpRequestResponse
|
176
|
+
request = request.to_java_bytes if request.respond_to? :to_java_bytes
|
177
|
+
parameter = Buby::Parameter::Base.new parameter if parameter.kind_of? Hash
|
178
|
+
String.from_java_bytes(__updateParameter(request, parameter))
|
179
|
+
end
|
180
|
+
|
181
|
+
# This method can be used to toggle a request's method between GET and
|
182
|
+
# POST. Parameters are relocated between the URL query string and message
|
183
|
+
# body as required, and the Content-Length header is created or removed as
|
184
|
+
# applicable.
|
185
|
+
#
|
186
|
+
# @param [String, Array<byte>, IHttpRequestResponse] request The HTTP
|
187
|
+
# request whose method should be toggled.
|
188
|
+
# @return [String} A new HTTP request using the toggled method.
|
189
|
+
#
|
190
|
+
# @todo Switch IHttpRequestResponse to new Buby::Implants functionality (2.0)
|
191
|
+
def toggleRequestMethod(request)
|
192
|
+
pp [:got_toggleRequestMethod, request] if $DEBUG
|
193
|
+
request = request.request if request.kind_of? Java::Burp::IHttpRequestResponse
|
194
|
+
request = request.to_java_bytes if request.respond_to? :to_java_bytes
|
195
|
+
String.from_java_bytes(__toggleRequestMethod(request))
|
196
|
+
end
|
197
|
+
|
198
|
+
# This method constructs an +IHttpService+ object based on the
|
199
|
+
# details provided.
|
200
|
+
#
|
201
|
+
# @overload buildHttpService(host, port, protocol)
|
202
|
+
# @param [String] host The HTTP service host.
|
203
|
+
# @param [Fixnum] port The HTTP service port.
|
204
|
+
# @param [String] protocol The HTTP service protocol.
|
205
|
+
# @overload buildHttpService(host, port, use_https)
|
206
|
+
# @param [String] host The HTTP service host.
|
207
|
+
# @param [Fixnum] port The HTTP service port.
|
208
|
+
# @param [Boolean] use_https Flags whether the HTTP service protocol is HTTPS or HTTP.
|
209
|
+
# @return [IHttpService] object based on the details provided.
|
210
|
+
#
|
211
|
+
def buildHttpService(host, port, protocol)
|
212
|
+
pp [:got_buildHttpService, host, port, protocol] if $DEBUG
|
213
|
+
Buby::Implants::HttpService.implant(__buildHttpService(host, port, protocol))
|
214
|
+
end
|
215
|
+
|
216
|
+
# This method constructs an +IParameter+ object based on the details
|
217
|
+
# provided.
|
218
|
+
#
|
219
|
+
# @param [String] name The parameter name.
|
220
|
+
# @param [String] value The parameter value.
|
221
|
+
# @param [Fixnum] type The parameter type, as defined in the
|
222
|
+
# +IParameter+ interface.
|
223
|
+
# @return [IParameter] object based on the details provided.
|
224
|
+
def buildParameter(name, value, type)
|
225
|
+
pp [:got_buildParameter, name, value, type] if $DEBUG
|
226
|
+
Buby::Implants::Parameter.implant(__buildParameter(name, value, type))
|
227
|
+
end
|
228
|
+
|
229
|
+
# This method constructs an +IScannerInsertionPoint+ object based on the
|
230
|
+
# details provided. It can be used to quickly create a simple insertion
|
231
|
+
# point based on a fixed payload location within a base request.
|
232
|
+
#
|
233
|
+
# @param [String] insertion_point_name The name of the insertion point.
|
234
|
+
# @param [String, Array<byte>, IHttpRequestResponse] base_request The request from which to
|
235
|
+
# build scan requests.
|
236
|
+
# @param [Fixnum] from The offset of the start of the payload location.
|
237
|
+
# @param [Fixnum] to The offset of the end of the payload location.
|
238
|
+
# @return [IScannerInsertionPoint] object based on the details provided.
|
239
|
+
#
|
240
|
+
# @todo Switch IHttpRequestResponse to new Buby::Implants functionality (2.0)
|
241
|
+
def makeScannerInsertionPoint(insertion_point_name, base_request, from, to)
|
242
|
+
pp [:got_makeScannerInsertionPoint, insertion_point_name, base_request, from, to] if $DEBUG
|
243
|
+
base_request = base_request.request if base_request.kind_of? Java::Burp::IHttpRequestResponse
|
244
|
+
base_request = base_request.to_java_bytes if base_request.respond_to? :to_java_bytes
|
245
|
+
Buby::Implants::ScannerInsertionPoint.implant(__makeScannerInsertionPoint(insertion_point_name, base_request, from, to))
|
246
|
+
end
|
247
|
+
|
248
|
+
# Install ourselves into the current +IExtensionHelpers+ java class
|
249
|
+
# @param [IExtensionHelpers] helpers
|
250
|
+
#
|
251
|
+
def self.implant(helpers)
|
252
|
+
unless helpers.implanted? || helpers.nil?
|
253
|
+
pp [:implanting, helpers, helpers.class] if $DEBUG
|
254
|
+
helpers.class.class_exec(helpers) do |helpers|
|
255
|
+
a_methods = %w{
|
256
|
+
analyzeRequest
|
257
|
+
analyzeResponse
|
258
|
+
getRequestParameter
|
259
|
+
indexOf
|
260
|
+
buildHttpMessage
|
261
|
+
buildHttpRequest
|
262
|
+
addParameter
|
263
|
+
removeParameter
|
264
|
+
updateParameter
|
265
|
+
toggleRequestMethod
|
266
|
+
buildHttpService
|
267
|
+
buildParameter
|
268
|
+
makeScannerInsertionPoint
|
269
|
+
}
|
270
|
+
a_methods.each do |meth|
|
271
|
+
alias_method "__"+meth.to_s, meth
|
272
|
+
end
|
273
|
+
include Buby::Implants::ExtensionHelpers
|
274
|
+
a_methods.each do |meth|
|
275
|
+
java_class.ruby_names_for_java_method(meth).each do |ruby_meth|
|
276
|
+
define_method ruby_meth, Buby::Implants::ExtensionHelpers.instance_method(meth)
|
277
|
+
end
|
278
|
+
end
|
279
|
+
include Buby::Implants::Proxy
|
280
|
+
end
|
281
|
+
end
|
282
|
+
helpers
|
283
|
+
end
|
284
|
+
end
|
285
|
+
end
|
286
|
+
end
|