emonti-buby 1.1.2 → 1.1.3

data/History.txt

@@ -1,3 +1,11 @@
+== 1.1.3 / 2009-08-25
+* 1 enhancement
+  * new convenience methods added for iterating and searching through
+    proxy history, scan history, etc.
+* 1 fix
+  * The gem now includes a buby.jar which should be usable with Java 1.5+
+    (previously the jar had been compiled only for Java 1.6)
+
 == 1.1.2 / 2009-08-20
 * 1 enhancement
   * Support added for the new getScanIssues extender method exposed in v1.2.15

data/buby.gemspec

@@ -2,11 +2,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{buby}
-  s.version = "1.1.2"
+  s.version = "1.1.3"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Eric Monti - Matasano Security"]
-  s.date = %q{2009-08-20}
+  s.date = %q{2009-08-25}
   s.default_executable = %q{buby}
   s.description = %q{Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger.  Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API.  This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.}
   s.email = %q{emonti@matasano.com}

data/lib/buby.rb

@@ -37,8 +37,11 @@ include_class 'BurpExtender'
 # * sendToRepeater
 # * sendToSpider
 #
-# Buby also provides front-end ruby methods for the new callback methods added
-# since Burp 1.2.09:
+# Buby also provides front-end ruby methods for the various callback methods 
+# supported by Burp. New callbacks have been cropping up in newer Burp versions
+# frequently. 
+# 
+# Available since Burp 1.2.09:
 # * getProxyHistory
 # * getSiteMap
 # * restoreState
@@ -46,6 +49,9 @@ include_class 'BurpExtender'
 # * getParameters
 # * getHeaders
 #
+# Available since Burp 1.2.15:
+# * getScanIssues
+#
 # If you wish to access any of the IBurpExtenderCallbacks methods directly. 
 # You can use 'burp_callbacks' to obtain a reference.
 #
@@ -72,7 +78,7 @@ include_class 'BurpExtender'
 class Buby
 
   # :stopdoc:
-  VERSION = '1.1.2'
+  VERSION = '1.1.3'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:
@@ -238,16 +244,19 @@ class Buby
   alias get_proxy_history getProxyHistory
 
   # Returns a Java array of IHttpRequestResponse objects pulled directly from 
-  # the Burp site map.
-  def getSiteMap(urlprefix)
+  # the Burp site map for all urls matching the specified literal prefix. 
+  # The prefix can be nil to return all objects.
+  def getSiteMap(urlprefix=nil)
     _check_and_callback(:getSiteMap, urlprefix)
   end
   alias site_map getSiteMap
   alias get_site_map getSiteMap
 
   # This method returns all of the current scan issues for URLs matching the 
-  # specified literal prefix. The prefix can be null to match all issues.
-  def getScanIssues(urlprefix)
+  # specified literal prefix. The prefix can be nil to match all issues.
+  #
+  # IMPORTANT: This method is only available with Burp 1.2.15 and higher.
+  def getScanIssues(urlprefix=nil)
     _check_and_callback(:getScanIssues, urlprefix)
   end
   alias scan_issues getScanIssues
@@ -531,6 +540,111 @@ class Buby
     pp([:got_app_close]) if $DEBUG
   end
 
+  ### Sugar/Convenience methods
+
+  # This is a convenience wrapper which can load a given burp state file and 
+  # lets its caller to perform actions inside of a block on the site map 
+  # contained in the loaded session. 
+  #
+  # If a statefile argument isn't specified current burp session state is used.
+  #
+  # Yields each entry in the site map to a block (which is required)
+  def with_site_map(urlprefix=nil, statefile=nil)
+    with_statefile(statefile) do |this|
+      this.site_map(urlprefix).to_a.each {|h| yield h}
+    end
+  end
+
+  # This is a convenience wrapper which can load a given burp state file and 
+  # lets its caller to perform actions inside of a block on the proxy history 
+  # contained in the loaded session. 
+  #
+  # If a statefile argument isn't specified current burp session state is used.
+  #
+  # Yields each entry in the proxy history to a block (which is required)
+  def with_proxy_history(statefile=nil)
+    with_statefile(statefile) do |this|
+      this.proxy_history.to_a.each {|h| yield h }
+    end
+  end
+
+  # This is a convenience wrapper which loads a given burp statefile and lets
+  # its caller to perform actions with burp on it inside of a block. 
+  # It expects a block to yield 'self' is yielded for the duration 
+  # of the statefile load.
+  #
+  # It can safely be used without a statefile argument, in which case the
+  # current session state is used.
+  #
+  # It can safely be run without a statefile argument in which the 
+  # current burp session state is used.
+  def with_statefile(statefile=nil)
+    if statefile
+      # save current state:
+      old_state=".#{$$}.#{Time.now.to_i}.state.bak"
+      self.alert "Saving current state to temp statefile: #{old_state}"
+      self.save_state old_state 
+
+      self.alert "Restoring state: #{statefile}"
+      self.restore_state statefile
+    end
+
+    yield self
+
+    if statefile
+      # restore original state
+      self.alert "Restoring temp statefile: #{old_state}"
+      self.restore_state old_state
+      self.alert "Deleting temp state file: #{old_state}"
+      File.unlink old_state
+    end
+  end
+
+  # Searches the proxy history for the url's matched by the specified 
+  # regular expression (returns them all if urlrx is nil).
+  #
+  # A statefile to search in can optionally be specified or the existing
+  # state will be used if statefile is nil.
+  #
+  # This method also accepts an optional block which is passed each of the
+  # matched history members.
+  def search_proxy_history(statefile=nil, urlrx=nil)
+    ret = nil
+    with_statefile(statefile) do |this|
+      ret = this.proxy_history.to_a.select do |r| 
+        if urlrx
+          true if r.url.to_s =~ urlrx
+        else
+          true
+        end
+      end
+      if block_given?
+        ret.each {|r| yield r }
+      end
+    end
+    return ret
+  end
+
+  # Harvest cookies from a session's proxy history.
+  #
+  # Params:
+  #   cookie    = optional: name of cookie to harvest
+  #   urlrx     = optional: regular expression to match urls against
+  #   statefile = optional: filename for a burp session file to temporarily load
+  #               and harvest from.
+  def harvest_cookies_from_history(cookie=nil, urlrx=nil, statefile=nil)
+    ret = []
+    search_proxy_history(statefile, urlrx) do |msg|
+      rsp = String.from_java_bytes(msg.response)
+      found = []
+      find_cookie_in_response(rsp, cookie) {|c| found << c}
+      ret += found.map {|f| f << msg }
+    end
+    return ret
+  end
+
+  ### Startup stuff
+
   # Prepares the java BurpExtender implementation with a reference
   # to self as the module handler and launches burp suite.
   def start_burp(args=[])
@@ -610,7 +724,8 @@ class Buby
   def self.version
     VERSION
   end
-end
+
+end # Buby
 
 # Try requiring 'burp.jar' from the Ruby lib-path
 unless Buby.burp_loaded?

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: emonti-buby
 version: !ruby/object:Gem::Version 
-  version: 1.1.2
+  version: 1.1.3
 platform: ruby
 authors: 
 - Eric Monti - Matasano Security
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-08-20 00:00:00 -07:00
+date: 2009-08-25 00:00:00 -07:00
 default_executable: buby
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -66,7 +66,6 @@ files:
 - test/test_buby.rb
 has_rdoc: false
 homepage: http://emonti.github.com/buby
-licenses: 
 post_install_message: 
 rdoc_options: 
 - --main
@@ -89,7 +88,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: buby
-rubygems_version: 1.3.5
+rubygems_version: 1.2.0
 signing_key: 
 specification_version: 3
 summary: Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger