emonti-buby 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +5 -0
- data/README.rdoc +2 -2
- data/buby.gemspec +2 -2
- data/java/buby.jar +0 -0
- data/java/src/burp/IBurpExtenderCallbacks.java +11 -1
- data/lib/buby.rb +9 -1
- metadata +4 -3
data/History.txt
CHANGED
|
@@ -1,3 +1,8 @@
|
|
|
1
|
+
== 1.1.2 / 2009-08-20
|
|
2
|
+
* 1 enhancement
|
|
3
|
+
* Support added for the new getScanIssues extender method exposed in v1.2.15
|
|
4
|
+
See http://releases.portswigger.net/2009/08/v1215.html
|
|
5
|
+
|
|
1
6
|
== 1.1.1 / 2009-06-24
|
|
2
7
|
* Fix
|
|
3
8
|
* fixed getSiteMap callback front-end so that it takes the urlprefix argument
|
data/README.rdoc
CHANGED
|
@@ -140,7 +140,7 @@ Here are some simple test examples using Buby through the IRB shell:
|
|
|
140
140
|
To confirm you are connected back to Burp in IRB, you can try writing to the
|
|
141
141
|
alerts panel with something like the following:
|
|
142
142
|
|
|
143
|
-
$
|
|
143
|
+
$burp.alert("hello Burp!")
|
|
144
144
|
|
|
145
145
|
Which should produce a new alert:
|
|
146
146
|
|
|
@@ -205,7 +205,7 @@ Now, lets try something mildly interesting with the proxy. This contrived exampl
|
|
|
205
205
|
# existing IRB session. Normally, you'd probably want to implement this as
|
|
206
206
|
# an override in your Buby-derived class.
|
|
207
207
|
|
|
208
|
-
$
|
|
208
|
+
$burp.instance_eval do
|
|
209
209
|
|
|
210
210
|
def evt_proxy_message(*param)
|
|
211
211
|
msg_ref, is_req, rhost, rport, is_https, http_meth, url, resourceType,
|
data/buby.gemspec
CHANGED
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{buby}
|
|
5
|
-
s.version = "1.1.
|
|
5
|
+
s.version = "1.1.2"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Eric Monti - Matasano Security"]
|
|
9
|
-
s.date = %q{2009-
|
|
9
|
+
s.date = %q{2009-08-20}
|
|
10
10
|
s.default_executable = %q{buby}
|
|
11
11
|
s.description = %q{Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.}
|
|
12
12
|
s.email = %q{emonti@matasano.com}
|
data/java/buby.jar
CHANGED
|
Binary file
|
|
@@ -156,7 +156,8 @@ public interface IBurpExtenderCallbacks
|
|
|
156
156
|
public void issueAlert(String message);
|
|
157
157
|
|
|
158
158
|
/**
|
|
159
|
-
*
|
|
159
|
+
* New stuff added as of v1.2.11.
|
|
160
|
+
* The new IBurpExtenderCallbacks interface adds several new methods
|
|
160
161
|
* which you can invoke to query and update Burp's state, and to parse raw
|
|
161
162
|
* HTTP messages for parameters and headers.
|
|
162
163
|
*/
|
|
@@ -171,6 +172,15 @@ public interface IBurpExtenderCallbacks
|
|
|
171
172
|
*/
|
|
172
173
|
public IHttpRequestResponse[] getSiteMap(String urlPrefix);
|
|
173
174
|
|
|
175
|
+
/**
|
|
176
|
+
* This method returns all of the current scan issues for URLs matching
|
|
177
|
+
* the specified literal prefix.
|
|
178
|
+
* The prefix can be null to match all issues.
|
|
179
|
+
*
|
|
180
|
+
* Added in v1.2.15.
|
|
181
|
+
*/
|
|
182
|
+
public IScanIssue[] getScanIssues(String urlPrefix);
|
|
183
|
+
|
|
174
184
|
/**
|
|
175
185
|
* no javadoc yet from PortSwigger
|
|
176
186
|
*/
|
data/lib/buby.rb
CHANGED
|
@@ -72,7 +72,7 @@ include_class 'BurpExtender'
|
|
|
72
72
|
class Buby
|
|
73
73
|
|
|
74
74
|
# :stopdoc:
|
|
75
|
-
VERSION = '1.1.
|
|
75
|
+
VERSION = '1.1.2'
|
|
76
76
|
LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
|
|
77
77
|
PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
|
|
78
78
|
# :startdoc:
|
|
@@ -245,6 +245,14 @@ class Buby
|
|
|
245
245
|
alias site_map getSiteMap
|
|
246
246
|
alias get_site_map getSiteMap
|
|
247
247
|
|
|
248
|
+
# This method returns all of the current scan issues for URLs matching the
|
|
249
|
+
# specified literal prefix. The prefix can be null to match all issues.
|
|
250
|
+
def getScanIssues(urlprefix)
|
|
251
|
+
_check_and_callback(:getScanIssues, urlprefix)
|
|
252
|
+
end
|
|
253
|
+
alias scan_issues getScanIssues
|
|
254
|
+
alias get_scan_issues getScanIssues
|
|
255
|
+
|
|
248
256
|
# Restores Burp session state from a previously saved state file.
|
|
249
257
|
# See also: saveState
|
|
250
258
|
#
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: emonti-buby
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Monti - Matasano Security
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-
|
|
12
|
+
date: 2009-08-20 00:00:00 -07:00
|
|
13
13
|
default_executable: buby
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -66,6 +66,7 @@ files:
|
|
|
66
66
|
- test/test_buby.rb
|
|
67
67
|
has_rdoc: false
|
|
68
68
|
homepage: http://emonti.github.com/buby
|
|
69
|
+
licenses:
|
|
69
70
|
post_install_message:
|
|
70
71
|
rdoc_options:
|
|
71
72
|
- --main
|
|
@@ -88,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
88
89
|
requirements: []
|
|
89
90
|
|
|
90
91
|
rubyforge_project: buby
|
|
91
|
-
rubygems_version: 1.
|
|
92
|
+
rubygems_version: 1.3.5
|
|
92
93
|
signing_key:
|
|
93
94
|
specification_version: 3
|
|
94
95
|
summary: Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger
|