emonti-buby 1.1.3.1 → 1.1.4

data/History.txt

@@ -1,3 +1,14 @@
+== 1.1.4 / 2009-09-14
+* enhancements
+  * buby got implants! (har har)
+  * Ruby wrapper classes added for proxy_history, site_map, and scan_issues
+  * Extensions module for IHttpRequestResponse burp's class implementation
+  * Extensions module for IScanIssue burp's class implementation
+  * Added -s/--state, -r/--require, -e/--extend to buby cmd-line executable
+  * Added -v/--version buby cmd-line flag
+  * Modified samples for use as modules with -r/-e as well as run standalone
+  * Added drb client and server sample
+
 == 1.1.3.1 / 2009-09-09
 * fix
   * fixed a typo in the String type-check for Buby.getParameters()

data/README.rdoc

@@ -34,8 +34,7 @@ The java BurpExtender included with Buby is an implementation of IBurpExtender w
   The C version of ruby will not work.
 
 * Burp (pro or free version): Buby is useless without a copy of Burp. 
-  Buby has been tested successfully with both Burp Suite free and pro versions.
-  As of version 1.1.0, Buby supports both pre and post 1.2.09 Burp extensions.
+  Buby has been tested successfully with Burp 1.2.x.
 
 
 == BUILD/INSTALL:
@@ -97,24 +96,22 @@ Your configuration details can be substituted below.
   ln -s ~/tools/burp.jar ~/jruby-1.1.5/lib/ruby/1.8/java/burp.jar
 
 Now everything should be ready to go. Try at least the first few parts of the 
-test below to confirm everything is set up. Or if you installed the gem, just 
-run 'buby' from the command-line.
-
+test below to confirm everything is set up. 
 
 == TEST AND USAGE EXAMPLE:
 
-The gem includes a command-line tool called 'buby' but it doesn't do much right
-now. You can, however, use this as a minimal test to confirm whether Burp can 
-be launched from ruby and that Buby and Burp are connected.
-
-Launch buby for simple testing and debugging with the 'buby' command-line tool:
+The gem includes a command-line executable called 'buby'. You can use this to 
+test your Buby set-up and try out a few features.
 
   $ buby -h
   Usage: buby [options]
-      -i, --interactive                Start IRB
-      -d, --debug                      Debug info
-      -B, --load-burp=PATH             Load Burp Jar from PATH
-      -h, --help                       Show this help message
+      -i, --interactive          Start IRB
+      -d, --debug                Debug info
+      -B, --load-burp=PATH       Load Burp Jar from PATH
+      -s, --state=FILE           Restore burp state file on startup
+      -r, --require=LIB          load a ruby lib (or jar) after Burp loads
+      -e, --extend=MOD           Extend Buby with a module (loaded via -r?)
+      -h, --help                 Show this help message
 
   $ buby -i -d
   [:got_extender, #<Java::Default::BurpExtender:0x80 ...>]
@@ -157,7 +154,7 @@ test through a browser configured to use Burp as its proxy.
 
 
 With $DEBUG = true, you should see the debugging output from Ruby as the proxy
-passes your request back to your Ruby runtime.
+passes your request back to your HTTP client/browser.
 
 It will look something like the following in IRB:
 

data/bin/buby

@@ -21,6 +21,25 @@ begin
     o.on("-B", "--load-burp=PATH", "Load Burp Jar from PATH") do |b|
       args[:load_burp] = b
     end
+
+    o.on('-s', '--state=FILE', "Restore burp state file on startup") do |r|
+      args[:restore] = r
+    end
+
+    o.on('-r', '--require=LIB', 
+         'load a ruby lib (or jar) after Burp loads') do |i|
+      (args[:requires] ||= []).push(i)
+    end
+
+    o.on('-e', '--extend=MOD', 
+         'Extend Buby with a module (loaded via -r?)') do |m|
+      (args[:extensions] ||= []).push(m)
+    end
+
+    o.on('-v', '--version', 'Prints version and exits.') do 
+      puts "#{File.basename $0} v#{Buby::VERSION}"
+      exit 0
+    end
   end
 
   opts.parse!(ARGV)
@@ -28,7 +47,9 @@ begin
   if jar=args[:load_burp]
     raise "Load Burp Error: #{jar} did not provide burp.StartBurp" unless Buby.load_burp(jar)
   end
+
   raise "Load Burp Error: Specify a path to your burp.jar with -B" unless Buby.burp_loaded?
+
 rescue
   STDERR.puts $!
   exit 1
@@ -38,6 +59,39 @@ $DEBUG=true if args[:debug]
 
 $burp = Buby.start_burp()
 
+if libs=args[:requires]
+  libs.each {|lib| STDERR.puts "Loading: #{lib.inspect}"; require(lib)}
+end
+
+def resolve_const(str)
+  raise "can't resolve empty name #{str.inspect}" if str.empty?
+  names = str.split('::')
+  obj = ::Object
+  names.each do |name|
+    raise "#{name.inspect} is not defined" unless obj.const_defined?(name)
+    obj = obj.const_get(name)
+  end
+  return obj if obj != ::Object
+end
+
+if mods=args[:extensions]
+  mods.each do |mod|
+    obj = resolve_const(mod)
+    raise "#{obj.name} is not a module" unless obj.kind_of? Module
+    STDERR.puts "Extending $burp with: #{obj.name}"
+    $burp.extend(obj)
+    if $burp.respond_to?(imeth=:"init_#{mod.split('::').last}")
+      $burp.__send__ imeth
+    end
+  end
+end
+
+if f=args[:restore]
+  raise "no such file #{f.inspect}" unless File.exists?(f)
+  STDERR.puts "Restoring burp state from: #{f.inspect}"
+  $burp.restore_state(f)
+end
+
 if args[:irb]
   # yucky hack...
   IRB.setup(nil)
@@ -51,3 +105,4 @@ if args[:irb]
        " Important Note: You'll need to exit by closing the burp window."
   IRB.start()
 end
+

data/buby.gemspec

@@ -2,17 +2,17 @@
 
 Gem::Specification.new do |s|
   s.name = %q{buby}
-  s.version = "1.1.3.1"
+  s.version = "1.1.4"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Eric Monti - Matasano Security"]
-  s.date = %q{2009-08-25}
+  s.date = %q{2009-09-21}
   s.default_executable = %q{buby}
   s.description = %q{Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger.  Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API.  This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.}
   s.email = %q{emonti@matasano.com}
   s.executables = ["buby"]
   s.extra_rdoc_files = ["History.txt", "README.rdoc", "bin/buby"]
-  s.files = ["History.txt", "README.rdoc", "Rakefile", "bin/buby", "buby.gemspec", "java/buby.jar", "java/src/BurpExtender.java", "java/src/burp/IBurpExtender.java", "java/src/burp/IBurpExtenderCallbacks.java", "java/src/burp/IHttpRequestResponse.java", "java/src/burp/IScanIssue.java", "java/src/burp/IScanQueueItem.java", "lib/buby.rb", "samples/mechanize_burp.rb", "samples/verb_tamperer.rb", "spec/buby_spec.rb", "spec/spec_helper.rb", "tasks/ann.rake", "tasks/bones.rake", "tasks/gem.rake", "tasks/git.rake", "tasks/notes.rake", "tasks/post_load.rake", "tasks/rdoc.rake", "tasks/rubyforge.rake", "tasks/setup.rb", "tasks/spec.rake", "tasks/svn.rake", "tasks/test.rake", "tasks/zentest.rake", "test/test_buby.rb"]
+  s.files = ["History.txt", "README.rdoc", "Rakefile", "bin/buby", "buby.gemspec", "java/buby.jar", "java/src/BurpExtender.java", "java/src/burp/IBurpExtender.java", "java/src/burp/IBurpExtenderCallbacks.java", "java/src/burp/IHttpRequestResponse.java", "java/src/burp/IScanIssue.java", "java/src/burp/IScanQueueItem.java", "lib/buby.rb", "lib/buby/extends.rb", "lib/buby/extends/buby_array_wrapper.rb", "lib/buby/extends/http_request_response.rb", "lib/buby/extends/scan_issue.rb", "samples/drb_buby.rb", "samples/drb_sample_cli.rb", "samples/mechanize_burp.rb", "samples/verb_tamperer.rb", "samples/watch_scan.rb", "spec/buby_spec.rb", "spec/spec_helper.rb", "tasks/ann.rake", "tasks/bones.rake", "tasks/gem.rake", "tasks/git.rake", "tasks/notes.rake", "tasks/post_load.rake", "tasks/rdoc.rake", "tasks/rubyforge.rake", "tasks/setup.rb", "tasks/spec.rake", "tasks/svn.rake", "tasks/test.rake", "tasks/zentest.rake", "test/test_buby.rb"]
   s.homepage = %q{http://emonti.github.com/buby}
   s.rdoc_options = ["--main", "README.rdoc"]
   s.require_paths = ["lib", "java"]

data/lib/buby/extends/buby_array_wrapper.rb

@@ -0,0 +1,41 @@
+
+class Buby
+  class BubyArrayWrapper
+    include Enumerable
+
+    attr_reader :array_obj
+
+    def initialize(obj)
+      @array_obj = obj
+    end
+
+    def [](*args)
+      if args.size == 1 and args.first.kind_of? Numeric
+        self.array_obj[args[0]]
+      else
+        self.to_a(*args)
+      end
+    end
+
+    def each
+      self.array_obj.size.times do |idx|
+        yield self.array_obj[idx]
+      end
+    end
+
+    def size
+      self.array_obj.size
+    end
+    alias length size
+
+    def first
+      return(self.array_obj[0]) if(self.size > 0)
+    end
+
+    def last
+      return self.array_obj[self.size - 1] if(self.size > 0)
+    end
+
+  end
+
+end

data/lib/buby/extends/http_request_response.rb

@@ -0,0 +1,95 @@
+require 'uri'
+
+class Buby
+
+  class HttpRequestResponseList < BubyArrayWrapper
+    def initialize(obj)
+      HttpRequestResponseHelper.implant(obj[0]) if obj.size > 0
+      super(obj)
+    end
+
+  end
+
+
+  module HttpRequestResponseHelper
+
+    # returns the response as a Ruby String object - returns an empty string
+    # if response is nil.
+    def response_str
+      return response().nil? ? "" : ::String.from_java_bytes(response())
+    end
+    alias response_string response_str
+    alias rsp_str response_str
+
+
+    # returns an array of response headers split into header name and value. 
+    # For example:
+    #   [ 
+    #     ["HTTP/1.1 301 Moved Permanently"],
+    #     ["Server", "Apache/1.3.41 ..."],
+    #     ...
+    #   ]
+    def response_headers
+      if headers=(@rsp_split ||= rsp_str.split(/\r?\n\r?\n/, 2))[0]
+        @rsp_headers ||= headers.split(/\r?\n/).map {|h| h.split(/\s*:\s*/,2)}
+      end
+    end
+    alias rsp_headers response_headers
+
+    # Returns the message body of the response, minus headers
+    def response_body
+      (@rsp_split ||= rsp_str.split(/\r?\n\r?\n/, 2))[1]
+    end
+    alias rsp_body response_body
+
+
+    # Returns the full request as a Ruby String - returns an empty string if 
+    # request is nil.
+    def request_str
+      return request().nil? ? "" : ::String.from_java_bytes(request())
+    end
+    alias request_string request_str
+    alias req_str request_str
+
+
+    # Returns a split array of headers. Example:
+    #   [
+    #     ["GET / HTTP/1.1"],
+    #     ["Host", "www.example.org"],
+    #     ["User-Agent", "Mozilla/5.0 (..."],
+    #     ...
+    #   ]
+    def request_headers
+      if headers=(@req_split ||= req_str.split(/\r?\n\r?\n/, 2))[0]
+        @req_headers ||= headers.split(/\r?\n/).map {|h| h.split(/\s*:\s*/,2)}
+      end
+    end
+    alias req_headers request_headers
+
+
+    # Returns the request message body or an empty string if there is none.
+    def request_body
+      (@req_split ||= req_str.split(/\r?\n\r?\n/, 2))[1]
+    end
+    alias req_body request_body
+
+
+    # Returns a Ruby URI object derived from the java.net.URL object
+    def uri
+      @uri ||= URI.parse url.to_s if not url.nil?
+    end
+
+
+    # one-shot method to implant ourselves onto a target object's class
+    # interface in ruby. All later instances will also get 'us' for free!
+    def self.implant(base)
+      return if @implanted
+      base.class.instance_eval { include(HttpRequestResponseHelper) }
+      @implanted = true
+    end
+
+
+    def self.implanted? ; @implanted; end
+  end
+
+end

data/lib/buby/extends/scan_issue.rb

@@ -0,0 +1,36 @@
+require 'uri'
+
+class Buby
+
+  class ScanIssuesList < BubyArrayWrapper
+    def initialize(obj)
+      ScanIssueHelper.implant(obj[0]) if obj.size > 0 
+      super(obj)
+    end
+
+  end
+
+  module ScanIssueHelper
+    # Returns a Ruby URI object derived from the java.net.URL object
+    def uri
+      @uri ||= URI.parse url.to_s if not url.nil?
+    end
+
+    # one-shot method to implant ourselves onto a target object's class
+    # interface in ruby. All later instances will also get 'us' for free!
+    def self.implant(base)
+      return if @implanted
+      base.class.instance_eval { include(ScanIssueHelper) }
+      @implanted = true
+    end
+
+    def http_messages
+      HttpRequestResponseList.new( self.getHttpMessages() )
+    end
+    alias messages http_messages
+    alias messages http_messages
+
+    def self.implanted? ; @implanted; end
+  end
+end
+

data/lib/buby/extends.rb

@@ -0,0 +1,4 @@
+
+require 'buby/extends/buby_array_wrapper'
+require 'buby/extends/http_request_response'
+require 'buby/extends/scan_issue'

data/lib/buby.rb

@@ -2,6 +2,7 @@ include Java
 
 require 'pp'
 require "buby.jar"
+require 'buby/extends.rb'
 
 include_class 'BurpExtender'
 
@@ -78,7 +79,7 @@ include_class 'BurpExtender'
 class Buby
 
   # :stopdoc:
-  VERSION = '1.1.3'
+  VERSION = '1.1.4'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:
@@ -226,7 +227,7 @@ class Buby
   alias send_to_spider sendToSpider
   alias spider sendToSpider
 
-  # This method is a __send__ call back gate for the IBurpExtenderCallbacks
+  # This method is a __send__ callback gate for the IBurpExtenderCallbacks
   # reference. It first checks to see if a method is available before calling
   # with the specified arguments, and raises an exception if it is unavailable.
   #
@@ -243,33 +244,37 @@ class Buby
     cb.__send__ meth, *args
   end
 
+
   # Returns a Java array of IHttpRequestResponse objects pulled directly from 
   # the Burp proxy history.
   def getProxyHistory
-    _check_and_callback(:getProxyHistory)
+    HttpRequestResponseList.new(_check_and_callback(:getProxyHistory))
   end
   alias proxy_history getProxyHistory
   alias get_proxy_history getProxyHistory
 
+
   # Returns a Java array of IHttpRequestResponse objects pulled directly from 
   # the Burp site map for all urls matching the specified literal prefix. 
   # The prefix can be nil to return all objects.
   def getSiteMap(urlprefix=nil)
-    _check_and_callback(:getSiteMap, urlprefix)
+    HttpRequestResponseList.new(_check_and_callback(:getSiteMap, urlprefix))
   end
   alias site_map getSiteMap
   alias get_site_map getSiteMap
 
+
   # This method returns all of the current scan issues for URLs matching the 
   # specified literal prefix. The prefix can be nil to match all issues.
   #
   # IMPORTANT: This method is only available with Burp 1.2.15 and higher.
   def getScanIssues(urlprefix=nil)
-    _check_and_callback(:getScanIssues, urlprefix)
+    ScanIssuesList.new( _check_and_callback(:getScanIssues, urlprefix) )
   end
   alias scan_issues getScanIssues
   alias get_scan_issues getScanIssues
 
+
   # Restores Burp session state from a previously saved state file.
   # See also: saveState
   #
@@ -281,6 +286,7 @@ class Buby
   end
   alias restore_state restoreState
 
+
   # Saves the current Burp session to a state file. See also restoreState.
   #
   # IMPORTANT: This method is only available with Burp 1.2.09 and higher.
@@ -291,6 +297,7 @@ class Buby
   end
   alias save_state saveState
 
+
   # Parses a raw HTTP request message and returns an associative array 
   # containing parameters as they are structured in the 'Parameters' tab in the 
   # Burp request UI.
@@ -305,6 +312,7 @@ class Buby
   alias parameters getParameters
   alias get_parameters getParameters
 
+
   # Parses a raw HTTP message (request or response ) and returns an associative
   # array containing the headers as they are structured in the 'Headers' tab 
   # in the Burp request/response viewer UI.
@@ -510,7 +518,8 @@ class Buby
   #
   # This method should be overridden if you wish to implement functionality
   # relating to generalized requests and responses from any BurpSuite tool.
-  # You may want to use evt_proxy_message if you only intend to work with only 
+  #
+  # You may want to use evt_proxy_message if you only intend to work on
   # proxied messages. Note, however, the IHttpRequestResponse Java object is 
   # not used in evt_proxy_message and gives evt_http_message a somewhat 
   # nicer interface to work with.
@@ -523,7 +532,8 @@ class Buby
   # * message_info = an instance of the IHttpRequestResponse Java class with
   #   methods for accessing and manipulating various attributes of the message.
   #
-  def evt_http_message tool_name, is_request, message_info
+  def evt_http_message(tool_name, is_request, message_info)
+    HttpRequestResponseHelper.implant(message_info)
     pp([:got_http_message, tool_name, is_request, message_info]) if $DEBUG
   end
 
@@ -540,6 +550,7 @@ class Buby
   # * issue = an instance of the IScanIssue Java class with methods for viewing
   #   information on the scan issue that was generated.
   def evt_scan_issue(issue)
+    ScanIssueHelper.implant(issue)
     pp([:got_scan_issue, issue]) if $DEBUG
   end
 
@@ -561,7 +572,7 @@ class Buby
   # Yields each entry in the site map to a block (which is required)
   def with_site_map(urlprefix=nil, statefile=nil)
     with_statefile(statefile) do |this|
-      this.site_map(urlprefix).to_a.each {|h| yield h}
+      this.site_map(urlprefix).each {|h| yield h }
     end
   end
 
@@ -574,14 +585,13 @@ class Buby
   # Yields each entry in the proxy history to a block (which is required)
   def with_proxy_history(statefile=nil)
     with_statefile(statefile) do |this|
-      this.proxy_history.to_a.each {|h| yield h }
+      this.proxy_history.each {|h| yield h }
     end
   end
 
   # This is a convenience wrapper which loads a given burp statefile and lets
-  # its caller to perform actions with burp on it inside of a block. 
-  # It expects a block to yield 'self' is yielded for the duration 
-  # of the statefile load.
+  # its caller perform actions via burp while its loaded on it inside of a 
+  # block. The old state is restored after the block completes.
   #
   # It can safely be used without a statefile argument, in which case the
   # current session state is used.
@@ -593,10 +603,9 @@ class Buby
       # save current state:
       old_state=".#{$$}.#{Time.now.to_i}.state.bak"
       self.alert "Saving current state to temp statefile: #{old_state}"
-      self.save_state old_state 
-
+      self.save_state(old_state)
       self.alert "Restoring state: #{statefile}"
-      self.restore_state statefile
+      self.restore_state(statefile)
     end
 
     yield self
@@ -619,17 +628,10 @@ class Buby
   # This method also accepts an optional block which is passed each of the
   # matched history members.
   def search_proxy_history(statefile=nil, urlrx=nil)
-    ret = nil
-    with_statefile(statefile) do |this|
-      ret = this.proxy_history.to_a.select do |r| 
-        if urlrx
-          true if r.url.to_s =~ urlrx
-        else
-          true
-        end
-      end
-      if block_given?
-        ret.each {|r| yield r }
+    ret = []
+    with_proxy_history(statefile) do |r|
+      if (not urlrx) or r.url.to_s =~ urlrx
+        ret << r if (not block_given?) or yield(r)
       end
     end
     return ret
@@ -644,11 +646,10 @@ class Buby
   #               and harvest from.
   def harvest_cookies_from_history(cookie=nil, urlrx=nil, statefile=nil)
     ret = []
-    search_proxy_history(statefile, urlrx) do |msg|
-      rsp = String.from_java_bytes(msg.response)
-      found = []
-      find_cookie_in_response(rsp, cookie) {|c| found << c}
-      ret += found.map {|f| f << msg }
+    search_proxy_history(statefile, urlrx) do |hrr|
+      ret += hrr.rsp_headers.select do |h| 
+        h[0].downcase == 'set-cookie'
+      end.map{|h| h[1]}
     end
     return ret
   end
@@ -737,6 +738,7 @@ class Buby
 
 end # Buby
 
+
 # Try requiring 'burp.jar' from the Ruby lib-path
 unless Buby.burp_loaded?
   begin require "burp.jar" 

data/samples/drb_buby.rb

@@ -0,0 +1,31 @@
+
+require 'rubygems'
+require 'buby'
+require 'drb'
+
+module DrbBuby
+  attr_reader :drb_server
+
+  def evt_register_callbacks(cb)
+    super(cb)
+#    cb.issueAlert("[DrbBuby] Service on: #{@drb_server.uri}")
+  end
+
+  def init_DrbBuby
+    ## want to bind the DRb service on a specific socket?
+    uri ='druby://127.0.0.1:9999'
+    ## or let it choose one automatically:
+    #  uri = nil 
+    @drb_server = DRb.start_service uri, self
+    puts "[DrbBuby] Service on: #{@drb_server.uri}"
+    self.alert("[DrbBuby] Service on: #{@drb_server.uri}")
+  end
+end
+
+if __FILE__ == $0
+  $burp = Buby.new
+  $burp.extend(DrbBuby)
+  $burp.start_burp()
+  $burp.init_DrbBuby
+end
+

data/samples/drb_sample_cli.rb

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+# notice... we're using MRI ruby here, not JRuby (but either will work)
+
+require 'drb'
+
+unless drb_uri = ARGV.shift
+  STDERR.puts "Usage: #{File.basename $0} druby://<addr>:<port>"
+  exit 1
+end
+
+drb = DRbObject.new nil, drb_uri
+rsp=drb.make_http_request 'example.com', 80, false, "GET / HTTP/1.0\r\n\r\n"
+
+puts rsp

data/samples/mechanize_burp.rb

@@ -12,38 +12,27 @@ include Java
 # for a Mechanize agent by intercepting all requests sent through the
 # Burp proxy. This lets you use Mechanize in tandem with your browser
 # through Burp without having to fuss around with cookies.
-class MechGlue < Buby
+module MechGlue
   attr_accessor :mech_agent
 
-  def initialize(mech_agent, other=nil)
-    super(other)
-    @mech_agent = mech_agent
-  end
-
   def evt_proxy_message(*param)
     msg_ref, is_req, rhost, rport, is_https, http_meth, url, 
     resourceType, status, req_content_type, message, action = param
 
     if (not is_req) and (message =~ /Set-Cookie/i)
 
-      begin 
-        rsp = Rbkb::Http::Response.parse(message)
-      rescue
-        rsp = nil
-      end
-
-      if rsp
-        # Get an uri object ready for mechanize
-        uri = URI.parse(url)
-        uri.scheme = (is_https)? "https" : "http"
-        uri.host = rhost
-        uri.port = rport
-        
-        # Grab cookies from headers:
-        rsp.headers.get_header_value('Set-Cookie').each do |cookie| 
-          WWW::Mechanize::Cookie.parse(uri, cookie) do |c|
-            $mech.cookie_jar.add(uri, c)
-          end
+      rsp = Rbkb::Http::Response.new(message, :ignore_content_length => true)
+
+      # Get an uri object ready for mechanize
+      uri = URI.parse(url)
+      uri.scheme = (is_https)? "https" : "http"
+      uri.host = rhost
+      uri.port = rport
+      
+      # Grab cookies from headers:
+      rsp.headers.get_header_value('Set-Cookie').each do |cookie| 
+        WWW::Mechanize::Cookie.parse(uri, cookie) do |c|
+          @mech_agent.cookie_jar.add(uri, c)
         end
       end
     end
@@ -56,10 +45,13 @@ if __FILE__ == $0
   $mech = WWW::Mechanize.new
   #$mech.set_proxy('localhost', '8080')
 
-  $burp = MechGlue.new($mech)
+  $burp = Buby.new()
+  $burp.extend(MechGlue)
+  $burp.mech_agent = $mech
   $burp.start_burp
 
   puts "$burp is set to #{$burp.class}"
   puts "$mech is set to #{$mech.class}"
   IRB.start
 end
+

data/samples/verb_tamperer.rb

@@ -2,7 +2,7 @@
 require 'rubygems'
 require 'buby'
 
-class VerbTamperer < Buby
+module VerbTamperer
   def evt_proxy_message(*param)
     msg_ref, is_req, rhost, rport, is_https, http_meth, url, 
     resourceType, status, req_content_type, message, action = param
@@ -18,4 +18,8 @@ class VerbTamperer < Buby
   end
 end
 
-VerbTamperer.start_burp()
+if __FILE__ == $0
+  $burp = Buby.new()
+  $burp.extend(VerbTamperer)
+  $burp.start_burp()
+end

data/samples/watch_scan.rb

@@ -0,0 +1,21 @@
+
+module WatchScan
+  def evt_http_message(tool_name, is_request, message_info)
+    super(tool_name, is_request, message_info)
+    if tool_name == 'scanner' 
+      if is_request
+        puts "#"*70, "# REQUEST: #{message_info.url.toString}", "#"*70
+        puts message_info.req_str
+        puts
+      else
+        puts "#"*70, "# RESPONSE: #{message_info.url.toString}", "#"*70
+        puts message_info.rsp_str
+        puts
+      end
+    end
+  end
+
+  def init_WatchScan
+    puts "WatchScan module initialized"
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: emonti-buby
 version: !ruby/object:Gem::Version 
-  version: 1.1.3.1
+  version: 1.1.4
 platform: ruby
 authors: 
 - Eric Monti - Matasano Security
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-08-25 00:00:00 -07:00
+date: 2009-09-21 00:00:00 -07:00
 default_executable: buby
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -46,8 +46,15 @@ files:
 - java/src/burp/IScanIssue.java
 - java/src/burp/IScanQueueItem.java
 - lib/buby.rb
+- lib/buby/extends.rb
+- lib/buby/extends/buby_array_wrapper.rb
+- lib/buby/extends/http_request_response.rb
+- lib/buby/extends/scan_issue.rb
+- samples/drb_buby.rb
+- samples/drb_sample_cli.rb
 - samples/mechanize_burp.rb
 - samples/verb_tamperer.rb
+- samples/watch_scan.rb
 - spec/buby_spec.rb
 - spec/spec_helper.rb
 - tasks/ann.rake