watobo 0.9.21 → 0.9.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +46 -1
- data/bin/nfq_server.rb +0 -9
- data/bin/watobo_gui.rb +3 -13
- data/custom-views/prettify-json.rb +9 -18
- data/icons/watobo.ico +0 -0
- data/icons/watobo.ico.old +0 -0
- data/lib/watobo.rb +10 -19
- data/lib/watobo/adapters.rb +5 -14
- data/lib/watobo/adapters/data_store.rb +50 -59
- data/lib/watobo/adapters/file/file_store.rb +287 -296
- data/lib/watobo/adapters/file/marshal_store.rb +293 -296
- data/lib/watobo/adapters/session_store.rb +5 -14
- data/lib/watobo/ca.rb +1 -10
- data/lib/watobo/config.rb +197 -206
- data/lib/watobo/constants.rb +0 -9
- data/lib/watobo/core.rb +3 -12
- data/lib/watobo/core/active_check.rb +72 -135
- data/lib/watobo/core/active_checks.rb +49 -58
- data/lib/watobo/core/ca.rb +369 -389
- data/lib/watobo/core/cert_store.rb +34 -43
- data/lib/watobo/core/chat.rb +92 -101
- data/lib/watobo/core/chats.rb +271 -280
- data/lib/watobo/core/client_cert_store.rb +106 -35
- data/lib/watobo/core/conversation.rb +48 -57
- data/lib/watobo/core/cookie.rb +23 -32
- data/lib/watobo/core/egress_handlers.rb +98 -0
- data/lib/watobo/core/finding.rb +66 -75
- data/lib/watobo/core/findings.rb +107 -114
- data/lib/watobo/core/forwarding_proxy.rb +13 -22
- data/lib/watobo/core/fuzz_gen.rb +0 -9
- data/lib/watobo/core/intercept_carver.rb +166 -177
- data/lib/watobo/core/intercept_filter.rb +235 -244
- data/lib/watobo/core/interceptor.rb +98 -107
- data/lib/watobo/core/min_class.rb +4 -13
- data/lib/watobo/core/netfilter_queue.rb +170 -179
- data/lib/watobo/core/ott_cache.rb +132 -141
- data/lib/watobo/core/parameter.rb +43 -52
- data/lib/watobo/core/passive_check.rb +103 -102
- data/lib/watobo/core/passive_checks.rb +48 -57
- data/lib/watobo/core/passive_scanner.rb +54 -55
- data/lib/watobo/core/plugin.rb +11 -20
- data/lib/watobo/core/project.rb +3 -9
- data/lib/watobo/core/proxy.rb +43 -52
- data/lib/watobo/core/request.rb +125 -123
- data/lib/watobo/core/response.rb +44 -53
- data/lib/watobo/core/scanner.rb +0 -9
- data/lib/watobo/core/scanner3.rb +405 -414
- data/lib/watobo/core/scope.rb +83 -92
- data/lib/watobo/core/session.rb +1043 -1026
- data/lib/watobo/core/sid_cache.rb +98 -107
- data/lib/watobo/core/subscriber.rb +25 -34
- data/lib/watobo/defaults.rb +21 -30
- data/lib/watobo/external/diff/lcs.rb +0 -9
- data/lib/watobo/external/diff/lcs/array.rb +0 -9
- data/lib/watobo/external/diff/lcs/block.rb +0 -9
- data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
- data/lib/watobo/external/diff/lcs/change.rb +0 -9
- data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
- data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
- data/lib/watobo/external/diff/lcs/string.rb +0 -9
- data/lib/watobo/externals.rb +6 -15
- data/lib/watobo/framework.rb +4 -13
- data/lib/watobo/framework/create_project.rb +60 -69
- data/lib/watobo/framework/init.rb +0 -9
- data/lib/watobo/framework/init_modules.rb +0 -9
- data/lib/watobo/framework/license_text.rb +28 -37
- data/lib/watobo/framework/load_chat.rb +13 -22
- data/lib/watobo/gui.rb +132 -123
- data/lib/watobo/gui/about_watobo.rb +0 -9
- data/lib/watobo/gui/browser_preview.rb +0 -9
- data/lib/watobo/gui/certificate_dialog.rb +0 -9
- data/lib/watobo/gui/chat_diff.rb +0 -9
- data/lib/watobo/gui/chatviewer_frame.rb +73 -72
- data/lib/watobo/gui/checkboxtree.rb +0 -9
- data/lib/watobo/gui/checks_policy_frame.rb +0 -9
- data/lib/watobo/gui/client_cert_dialog.rb +96 -87
- data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
- data/lib/watobo/gui/conversation_table.rb +158 -164
- data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
- data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
- data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
- data/lib/watobo/gui/custom_viewer.rb +374 -383
- data/lib/watobo/gui/dashboard.rb +296 -303
- data/lib/watobo/gui/define_scope_frame.rb +0 -9
- data/lib/watobo/gui/differ_frame.rb +215 -224
- data/lib/watobo/gui/edit_comment.rb +0 -9
- data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
- data/lib/watobo/gui/export_dialog.rb +104 -113
- data/lib/watobo/gui/finding_info.rb +0 -9
- data/lib/watobo/gui/findings_tree.rb +210 -217
- data/lib/watobo/gui/full_scan_dialog.rb +0 -9
- data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
- data/lib/watobo/gui/fxsave_thread.rb +14 -0
- data/lib/watobo/gui/goto_url_dialog.rb +70 -79
- data/lib/watobo/gui/hex_viewer.rb +0 -9
- data/lib/watobo/gui/html_viewer.rb +287 -296
- data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
- data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
- data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
- data/lib/watobo/gui/json_viewer.rb +287 -0
- data/lib/watobo/gui/list_box.rb +101 -110
- data/lib/watobo/gui/log_file_viewer.rb +32 -41
- data/lib/watobo/gui/log_viewer.rb +83 -88
- data/lib/watobo/gui/login_wizzard.rb +0 -9
- data/lib/watobo/gui/main_window.rb +587 -618
- data/lib/watobo/gui/manual_request_editor.rb +620 -565
- data/lib/watobo/gui/master_pw_dialog.rb +0 -9
- data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
- data/lib/watobo/gui/page_tree.rb +217 -226
- data/lib/watobo/gui/password_policy_dialog.rb +0 -9
- data/lib/watobo/gui/plugin_board.rb +0 -9
- data/lib/watobo/gui/preferences_dialog.rb +0 -9
- data/lib/watobo/gui/progress_window.rb +17 -27
- data/lib/watobo/gui/project_wizzard.rb +0 -9
- data/lib/watobo/gui/proxy_dialog.rb +1 -10
- data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
- data/lib/watobo/gui/request_builder_frame.rb +102 -111
- data/lib/watobo/gui/request_editor.rb +181 -137
- data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
- data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
- data/lib/watobo/gui/save_chat_dialog.rb +140 -149
- data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
- data/lib/watobo/gui/select_chat_dialog.rb +0 -9
- data/lib/watobo/gui/session_management_dialog.rb +0 -9
- data/lib/watobo/gui/sites_tree.rb +0 -9
- data/lib/watobo/gui/status_bar.rb +0 -9
- data/lib/watobo/gui/table_editor.rb +0 -9
- data/lib/watobo/gui/tagless_viewer.rb +0 -9
- data/lib/watobo/gui/templates/plugin.rb +0 -9
- data/lib/watobo/gui/templates/plugin2.rb +92 -100
- data/lib/watobo/gui/templates/plugin_base.rb +144 -153
- data/lib/watobo/gui/text_viewer.rb +0 -9
- data/lib/watobo/gui/transcoder_window.rb +0 -9
- data/lib/watobo/gui/utils/gui_utils.rb +0 -9
- data/lib/watobo/gui/utils/init_icons.rb +86 -95
- data/lib/watobo/gui/utils/load_icons.rb +33 -42
- data/lib/watobo/gui/utils/load_plugins.rb +116 -119
- data/lib/watobo/gui/utils/master_password.rb +68 -77
- data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
- data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
- data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
- data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
- data/lib/watobo/gui/utils/session_history.rb +112 -121
- data/lib/watobo/gui/workspace_dialog.rb +0 -9
- data/lib/watobo/gui/www_auth_dialog.rb +0 -9
- data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
- data/lib/watobo/http.rb +4 -13
- data/lib/watobo/http/cookies/cookies.rb +26 -35
- data/lib/watobo/http/data/data.rb +45 -54
- data/lib/watobo/http/data/json.rb +47 -55
- data/lib/watobo/http/url/url.rb +38 -47
- data/lib/watobo/http/xml/xml.rb +124 -130
- data/lib/watobo/interceptor.rb +3 -12
- data/lib/watobo/interceptor/proxy.rb +742 -739
- data/lib/watobo/interceptor/transparent.rb +22 -24
- data/lib/watobo/mixins.rb +10 -19
- data/lib/watobo/mixins/check_info.rb +27 -36
- data/lib/watobo/mixins/httpparser.rb +613 -637
- data/lib/watobo/mixins/request_parser.rb +88 -97
- data/lib/watobo/mixins/shapers.rb +515 -529
- data/lib/watobo/mixins/transcoders.rb +3 -11
- data/lib/watobo/parser.rb +1 -10
- data/lib/watobo/parser/html.rb +83 -92
- data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
- data/lib/watobo/sockets.rb +3 -12
- data/lib/watobo/sockets/agent.rb +828 -837
- data/lib/watobo/sockets/client_socket.rb +308 -312
- data/lib/watobo/sockets/connection.rb +401 -410
- data/lib/watobo/sockets/http_socket.rb +11 -13
- data/lib/watobo/sockets/ntlm_auth.rb +129 -138
- data/lib/watobo/utils.rb +10 -19
- data/lib/watobo/utils/check_regex.rb +0 -9
- data/lib/watobo/utils/copy_object.rb +0 -9
- data/lib/watobo/utils/crypto.rb +0 -9
- data/lib/watobo/utils/expand_range.rb +23 -32
- data/lib/watobo/utils/export_xml.rb +97 -106
- data/lib/watobo/utils/file_management.rb +9 -11
- data/lib/watobo/utils/hexprint.rb +9 -18
- data/lib/watobo/utils/load_chat.rb +0 -9
- data/lib/watobo/utils/load_icon.rb +0 -9
- data/lib/watobo/utils/ntlm.rb +866 -875
- data/lib/watobo/utils/print_debug.rb +12 -21
- data/lib/watobo/utils/response_builder.rb +90 -99
- data/lib/watobo/utils/response_hash.rb +0 -9
- data/lib/watobo/utils/secure_eval.rb +0 -9
- data/lib/watobo/utils/strings.rb +10 -19
- data/lib/watobo/utils/text2request.rb +0 -9
- data/lib/watobo/utils/url.rb +23 -32
- data/lib/watobo/utils/utf16.rb +11 -20
- data/modules/active/Apache/mod_status.rb +0 -9
- data/modules/active/Apache/multiview.rb +151 -160
- data/modules/active/Flash/crossdomain.rb +0 -9
- data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
- data/modules/active/cq5/cq5_default_selectors.rb +106 -115
- data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
- data/modules/active/directories/dirwalker.rb +0 -9
- data/modules/active/discovery/fileextensions.rb +0 -9
- data/modules/active/discovery/http_methods.rb +0 -9
- data/modules/active/discovery/jsmapfiles.rb +79 -0
- data/modules/active/domino/domino_db.rb +68 -76
- data/modules/active/dotNET/custom_errors.rb +102 -111
- data/modules/active/dotNET/dotnet_files.rb +90 -99
- data/modules/active/fileinclusion/lfi_simple.rb +0 -9
- data/modules/active/jboss/jboss_basic.rb +0 -9
- data/modules/active/sap/business_objects.rb +51 -60
- data/modules/active/sap/its_commands.rb +0 -9
- data/modules/active/sap/its_service_parameter.rb +0 -9
- data/modules/active/sap/its_services.rb +0 -9
- data/modules/active/sap/its_xss.rb +0 -9
- data/modules/active/shell_shock/shell_shock.rb +139 -148
- data/modules/active/siebel/siebel_apps.rb +160 -169
- data/modules/active/sqlinjection/sql_boolean.rb +0 -9
- data/modules/active/sqlinjection/sql_numerical.rb +198 -0
- data/modules/active/sqlinjection/sqli_error.rb +0 -9
- data/modules/active/sqlinjection/sqli_timing.rb +220 -229
- data/modules/active/struts2/default_handler_ognl.rb +106 -115
- data/modules/active/struts2/include_params_ognl.rb +105 -114
- data/modules/active/xml/xml_xxe.rb +112 -123
- data/modules/active/xss/xss_ng.rb +214 -223
- data/modules/active/xss/xss_simple.rb +0 -9
- data/modules/passive/ajax.rb +68 -77
- data/modules/passive/autocomplete.rb +56 -65
- data/modules/passive/cookie_options.rb +0 -9
- data/modules/passive/cookie_xss.rb +0 -9
- data/modules/passive/detect_code.rb +0 -9
- data/modules/passive/detect_fileupload.rb +0 -9
- data/modules/passive/detect_infrastructure.rb +0 -9
- data/modules/passive/detect_one_time_tokens.rb +0 -9
- data/modules/passive/dirindexing.rb +0 -9
- data/modules/passive/disclosure_domino.rb +55 -64
- data/modules/passive/disclosure_emails.rb +0 -9
- data/modules/passive/disclosure_ipaddr.rb +55 -53
- data/modules/passive/filename_as_parameter.rb +0 -9
- data/modules/passive/form_spotter.rb +0 -9
- data/modules/passive/hidden_fields.rb +50 -59
- data/modules/passive/hotspots.rb +0 -9
- data/modules/passive/in_script_parameter.rb +0 -9
- data/modules/passive/json_web_token.rb +93 -0
- data/modules/passive/multiple_server_headers.rb +0 -9
- data/modules/passive/possible_login.rb +0 -9
- data/modules/passive/redirect_url.rb +0 -9
- data/modules/passive/redirectionz.rb +0 -9
- data/modules/passive/sap-headers.rb +56 -65
- data/modules/passive/xss_dom.rb +0 -9
- data/plugins/aem/aem.rb +11 -20
- data/plugins/aem/gui/main.rb +118 -127
- data/plugins/aem/gui/tree_view.rb +171 -180
- data/plugins/aem/lib/agent.rb +130 -138
- data/plugins/aem/lib/dispatcher.rb +45 -51
- data/plugins/aem/lib/engine.rb +177 -186
- data/plugins/catalog/catalog.rb +345 -355
- data/plugins/crawler/crawler.rb +4 -13
- data/plugins/crawler/gui.rb +5 -14
- data/plugins/crawler/gui/auth_frame.rb +270 -279
- data/plugins/crawler/gui/crawler_gui.rb +271 -276
- data/plugins/crawler/gui/general_settings_frame.rb +96 -105
- data/plugins/crawler/gui/hooks_frame.rb +80 -89
- data/plugins/crawler/gui/scope_frame.rb +50 -59
- data/plugins/crawler/gui/settings_tabbook.rb +38 -47
- data/plugins/crawler/gui/status_frame.rb +59 -68
- data/plugins/crawler/lib/bags.rb +18 -27
- data/plugins/crawler/lib/constants.rb +11 -20
- data/plugins/crawler/lib/engine.rb +488 -497
- data/plugins/crawler/lib/grabber.rb +68 -77
- data/plugins/crawler/lib/status.rb +71 -80
- data/plugins/crawler/lib/uri_mp.rb +12 -21
- data/plugins/filefinder/filefinder.rb +326 -333
- data/plugins/sqlmap/bin/test.rb +78 -87
- data/plugins/sqlmap/gui.rb +4 -13
- data/plugins/sqlmap/gui/main.rb +218 -227
- data/plugins/sqlmap/gui/options_frame.rb +97 -106
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
- data/plugins/sqlmap/sqlmap.rb +2 -11
- data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
- data/plugins/sslchecker/gui/cipher_table.rb +246 -254
- data/plugins/sslchecker/gui/gui.rb +258 -264
- data/plugins/sslchecker/gui/sslchecker.rb +4 -13
- data/plugins/sslchecker/lib/check.rb +127 -133
- data/plugins/wshell/gui/main.rb +119 -117
- data/plugins/wshell/lib/core.rb +38 -88
- data/plugins/wshell/wshell.rb +11 -20
- metadata +170 -164
@@ -1,641 +1,696 @@
|
|
1
|
-
#.
|
2
|
-
# manual_request_editor.rb
|
3
|
-
#.
|
4
|
-
# Copyright 2014 by siberas, http://www.siberas.de
|
5
|
-
# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
|
6
|
-
# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
|
7
|
-
# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
8
|
-
# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
9
|
-
|
10
1
|
# @private
|
11
|
-
module Watobo#:nodoc: all
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
end
|
21
|
-
|
22
|
-
def response
|
23
|
-
@chat.response
|
24
|
-
end
|
25
|
-
|
26
|
-
def initialize(chat, raw_request)
|
27
|
-
@chat = chat
|
28
|
-
@raw_request = raw_request
|
29
|
-
end
|
2
|
+
module Watobo #:nodoc: all
|
3
|
+
module Gui
|
4
|
+
|
5
|
+
class HistoryItem
|
6
|
+
|
7
|
+
attr :raw_request
|
8
|
+
|
9
|
+
def request
|
10
|
+
@chat.request
|
30
11
|
end
|
31
12
|
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
super(session_id, Watobo::Conf::Scanner.to_h )
|
36
|
-
|
37
|
-
end
|
38
|
-
|
39
|
-
def sendRequest(new_request, prefs)
|
40
|
-
|
41
|
-
if prefs[:run_login ] == true
|
42
|
-
login_chats = Watobo::Conf::Scanner.login_chat_ids.uniq.map{|id| Watobo::Chats.get_by_id(id) }
|
43
|
-
# puts "running #{login_chats.length} login requests"
|
44
|
-
# puts login_chats.first.class
|
45
|
-
runLogin(login_chats, prefs)
|
46
|
-
end
|
47
|
-
|
48
|
-
request = Watobo::Request.new(new_request)
|
49
|
-
begin
|
50
|
-
test_req, test_resp = self.doRequest(request, prefs)
|
51
|
-
#rq = Watobo::Request.new test_req
|
52
|
-
# rs = Watobo::Response.new test_resp
|
53
|
-
#rs.unchunk
|
54
|
-
#rs.unzip
|
55
|
-
return test_req, test_resp
|
56
|
-
rescue => bang
|
57
|
-
puts bang
|
58
|
-
puts bang.backtrace if $DEBUG
|
59
|
-
end
|
60
|
-
return nil, nil
|
61
|
-
end
|
13
|
+
def response
|
14
|
+
@chat.response
|
62
15
|
end
|
63
16
|
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
include Watobo::Constants
|
70
|
-
include Watobo::Gui::Icons
|
71
|
-
|
72
|
-
# include Responder
|
73
|
-
# ID_CTRL_S = ID_LAST
|
74
|
-
# ID_LAST = ID_CTRL_S + 1
|
75
|
-
SCANNER_IDLE = 0x00
|
76
|
-
SCANNER_STARTED = 0x01
|
77
|
-
SCANNER_FINISHED = 0x02
|
78
|
-
SCANNER_CANCELED = 0x04
|
79
|
-
def subscribe(event, &callback)
|
80
|
-
(@event_dispatcher_listeners[event] ||= []) << callback
|
81
|
-
end
|
82
|
-
|
83
|
-
def openCSRFTokenDialog(sender, sel, item)
|
84
|
-
csrf_dlg = CSRFTokenDialog.new(self, @chat)
|
85
|
-
if csrf_dlg.execute != 0 then
|
86
|
-
csrf_ids = csrf_dlg.getTokenScriptIds()
|
87
|
-
Watobo::OTTCache.set_chat_ids @chat, csrf_ids
|
88
|
-
Watobo::Conf::OttCache.patterns = csrf_dlg.getTokenPatterns()
|
89
|
-
Watobo::Conf::OttCache.save_project
|
90
|
-
end
|
91
|
-
end
|
17
|
+
def initialize(chat, raw_request)
|
18
|
+
@chat = chat
|
19
|
+
@raw_request = raw_request
|
20
|
+
end
|
21
|
+
end
|
92
22
|
|
93
|
-
|
94
|
-
|
95
|
-
end
|
23
|
+
class ManualRequestSender < Watobo::Session
|
24
|
+
def initialize(session_id)
|
96
25
|
|
97
|
-
|
98
|
-
if @event_dispatcher_listeners[event]
|
99
|
-
@event_dispatcher_listeners[event].each do |m|
|
100
|
-
m.call(*args) if m.respond_to? :call
|
101
|
-
end
|
102
|
-
end
|
103
|
-
end
|
104
|
-
|
105
|
-
def onRequestReset(sender,sel,item)
|
106
|
-
@req_builder.setRequest(@original_request)
|
107
|
-
end
|
108
|
-
|
109
|
-
def logger(message)
|
110
|
-
@log_viewer.log( LOG_INFO, message )
|
111
|
-
puts "[#{self.class.to_s}] #{message}" if $DEBUG
|
112
|
-
end
|
113
|
-
|
114
|
-
def addHistoryItem(chat, raw_request)
|
115
|
-
@history.push HistoryItem.new(chat, eval(YAML.load(YAML.dump(raw_request.inspect))))
|
116
|
-
|
117
|
-
@history.shift if @history.length > @history_size
|
118
|
-
|
119
|
-
@diff_frame.updateHistory(@history)
|
120
|
-
end
|
121
|
-
|
122
|
-
def onBtnQuickScan(sender, sel, item)
|
123
|
-
dlg = Watobo::Gui::QuickScanDialog.new(self, :target_chat => @chat, :enable_one_time_tokens => @updateCSRF.checked?)
|
124
|
-
scan_chats = []
|
125
|
-
if sender.text =~ /Cancel/i
|
126
|
-
@scanner.cancel() if @scanner.respond_to? :cancel
|
127
|
-
@scanner = nil
|
128
|
-
logger("QuickScan canceled by user")
|
129
|
-
@pbar.progress = 0
|
130
|
-
@pbar.total = 0
|
131
|
-
@pbar.barColor = 'grey' #FXRGB(255,0,0)
|
132
|
-
sender.text = "QuickScan"
|
133
|
-
return
|
134
|
-
end
|
26
|
+
super(session_id, Watobo::Conf::Scanner.to_h)
|
135
27
|
|
136
|
-
|
137
|
-
scan_modules = []
|
138
|
-
sender.text = "Cancel"
|
139
|
-
quick_scan_options = dlg.options
|
140
|
-
# puts quick_scan_options.to_yaml
|
28
|
+
end
|
141
29
|
|
142
|
-
|
143
|
-
req = @original_request
|
144
|
-
else
|
145
|
-
req = @req_builder.parseRequest()
|
146
|
-
end
|
30
|
+
def sendRequest(new_request, prefs)
|
147
31
|
|
148
|
-
|
149
|
-
|
32
|
+
if prefs[:run_login] == true
|
33
|
+
login_chats = Watobo::Conf::Scanner.login_chat_ids.uniq.map { |id| Watobo::Chats.get_by_id(id) }
|
34
|
+
# puts "running #{login_chats.length} login requests"
|
35
|
+
# puts login_chats.first.class
|
36
|
+
runLogin(login_chats, prefs)
|
37
|
+
end
|
150
38
|
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
scan_prefs[:logout_signatures] = [] if quick_scan_options[:detect_logout] == false
|
167
|
-
# scan_prefs[:csrf_requests] = @project.getCSRFRequests(@original_request) if quick_scan_options[:update_csrf_tokens] == true
|
168
|
-
scan_prefs[:run_passive_checks] = false
|
169
|
-
|
170
|
-
# logging required ?
|
171
|
-
|
172
|
-
if quick_scan_options[:enable_logging] and quick_scan_options[:scanlog_name]
|
173
|
-
scan_prefs[:scanlog_name] = quick_scan_options[:scanlog_name]
|
174
|
-
end
|
175
|
-
|
176
|
-
scan_prefs.update quick_scan_options
|
177
|
-
|
178
|
-
if $DEBUG
|
179
|
-
puts "* creating scanner ..."
|
180
|
-
puts quick_scan_options.to_yaml
|
181
|
-
puts "- - - - - - - - -"
|
182
|
-
puts scan_prefs.to_yaml
|
183
|
-
end
|
184
|
-
|
185
|
-
# we only can have one thread for csrf_token updates ... because it's not thread-safe ... yet
|
186
|
-
scan_prefs[:max_parallel_checks] = 1 if scan_prefs[:update_csrf_tokens] == true
|
187
|
-
|
188
|
-
@scanner = Watobo::Scanner3.new(scan_chats, acc, [], scan_prefs)
|
189
|
-
|
190
|
-
sum_totals = 0
|
191
|
-
@scanner.progress.each_value do |v|
|
192
|
-
sum_totals += v[:total]
|
193
|
-
end
|
194
|
-
@pbar.total = sum_totals
|
195
|
-
@pbar.progress = 0
|
196
|
-
@pbar.barColor = FXRGB(255,0,0)
|
197
|
-
|
198
|
-
csrf_requests = []
|
199
|
-
|
200
|
-
if quick_scan_options[:update_csrf_tokens] == true
|
201
|
-
unless csrf_requests.empty?
|
202
|
-
csrf_requests = Watobo::OTTCache.requests(req)
|
203
|
-
# else
|
204
|
-
# puts "* No CSRF requests defined for request:"
|
205
|
-
# puts req
|
206
|
-
# puts "---"
|
207
|
-
end
|
208
|
-
end
|
209
|
-
|
210
|
-
run_prefs = {
|
211
|
-
:update_sids => @updateSID.checked?,
|
212
|
-
:update_session => @updateSession.checked?,
|
213
|
-
:csrf_requests => csrf_requests,
|
214
|
-
:csrf_patterns => scan_prefs[:csrf_patterns],
|
215
|
-
:www_auth => scan_prefs[:www_auth],
|
216
|
-
:follow_redirect => quick_scan_options[:follow_redirect],
|
217
|
-
}
|
218
|
-
|
219
|
-
logger("Scan Started ...")
|
220
|
-
Watobo.log(log_message, :sender => self.class.to_s.gsub(/.*:/,""))
|
221
|
-
|
222
|
-
@scan_status = SCANNER_STARTED
|
223
|
-
@scanner.run( run_prefs)
|
224
|
-
|
225
|
-
end
|
39
|
+
request = Watobo::Request.new(new_request)
|
40
|
+
begin
|
41
|
+
test_req, test_resp = self.doRequest(request, prefs)
|
42
|
+
#rq = Watobo::Request.new test_req
|
43
|
+
# rs = Watobo::Response.new test_resp
|
44
|
+
#rs.unchunk
|
45
|
+
#rs.unzip
|
46
|
+
return test_req, test_resp
|
47
|
+
rescue => bang
|
48
|
+
puts bang
|
49
|
+
puts bang.backtrace if $DEBUG
|
50
|
+
end
|
51
|
+
return nil, nil
|
52
|
+
end
|
53
|
+
end
|
226
54
|
|
227
|
-
|
55
|
+
#
|
56
|
+
#--------------------------------------------------------------------------------------------
|
57
|
+
#
|
58
|
+
class ManualRequestEditor < FXDialogBox
|
228
59
|
|
229
|
-
|
60
|
+
include Watobo::Constants
|
61
|
+
include Watobo::Gui::Icons
|
230
62
|
|
231
|
-
|
232
|
-
|
233
|
-
|
63
|
+
# include Responder
|
64
|
+
# ID_CTRL_S = ID_LAST
|
65
|
+
# ID_LAST = ID_CTRL_S + 1
|
66
|
+
SCANNER_IDLE = 0x00
|
67
|
+
SCANNER_STARTED = 0x01
|
68
|
+
SCANNER_FINISHED = 0x02
|
69
|
+
SCANNER_CANCELED = 0x04
|
234
70
|
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
# puts "new request: #{new_request}"
|
239
|
-
@request_viewer.setText(new_request)
|
240
|
-
@tabBook.current = 1
|
241
|
-
end
|
71
|
+
def subscribe(event, &callback)
|
72
|
+
(@event_dispatcher_listeners[event] ||= []) << callback
|
73
|
+
end
|
242
74
|
|
243
|
-
|
244
|
-
|
75
|
+
def openCSRFTokenDialog(sender, sel, item)
|
76
|
+
csrf_dlg = CSRFTokenDialog.new(self, @chat)
|
77
|
+
if csrf_dlg.execute != 0 then
|
78
|
+
csrf_ids = csrf_dlg.getTokenScriptIds()
|
79
|
+
Watobo::OTTCache.set_chat_ids @chat, csrf_ids
|
80
|
+
Watobo::Conf::OttCache.patterns = csrf_dlg.getTokenPatterns()
|
81
|
+
Watobo::Conf::OttCache.save_project
|
82
|
+
end
|
83
|
+
end
|
245
84
|
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
new_pos = @history.length if new_pos > @history.length
|
85
|
+
def clearEvents(event)
|
86
|
+
@event_dispatcher_listener[event].clear
|
87
|
+
end
|
250
88
|
|
251
|
-
|
252
|
-
|
89
|
+
def notify(event, *args)
|
90
|
+
if @event_dispatcher_listeners[event]
|
91
|
+
@event_dispatcher_listeners[event].each do |m|
|
92
|
+
m.call(*args) if m.respond_to? :call
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
253
96
|
|
254
|
-
|
97
|
+
def onRequestReset(sender, sel, item)
|
98
|
+
@req_builder.setRequest(@original_request)
|
99
|
+
end
|
255
100
|
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
return 0 if dist == 0 and not pos
|
261
|
-
end
|
101
|
+
def logger(message)
|
102
|
+
@log_viewer.log(LOG_INFO, message)
|
103
|
+
puts "[#{self.class.to_s}] #{message}" if $DEBUG
|
104
|
+
end
|
262
105
|
|
263
|
-
|
264
|
-
|
265
|
-
# Invoke base class initialize function first
|
106
|
+
def addHistoryItem(chat, raw_request)
|
107
|
+
@history.push HistoryItem.new(chat, eval(YAML.load(YAML.dump(raw_request.inspect))))
|
266
108
|
|
267
|
-
|
109
|
+
@history.shift if @history.length > @history_size
|
268
110
|
|
269
|
-
|
270
|
-
|
111
|
+
@diff_frame.updateHistory(@history)
|
112
|
+
end
|
271
113
|
|
272
|
-
|
273
|
-
|
274
|
-
|
114
|
+
def onBtnQuickScan(sender, sel, item)
|
115
|
+
dlg = Watobo::Gui::QuickScanDialog.new(self, :target_chat => @chat, :enable_one_time_tokens => @updateCSRF.checked?)
|
116
|
+
scan_chats = []
|
117
|
+
if sender.text =~ /Cancel/i
|
118
|
+
@scanner.cancel() if @scanner.respond_to? :cancel
|
119
|
+
@scanner = nil
|
120
|
+
logger("QuickScan canceled by user")
|
121
|
+
@pbar.progress = 0
|
122
|
+
@pbar.total = 0
|
123
|
+
@pbar.barColor = 'grey' #FXRGB(255,0,0)
|
124
|
+
sender.text = "QuickScan"
|
125
|
+
return
|
126
|
+
end
|
275
127
|
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
128
|
+
if dlg.execute != 0 then
|
129
|
+
scan_modules = []
|
130
|
+
sender.text = "Cancel"
|
131
|
+
quick_scan_options = dlg.options
|
132
|
+
# puts quick_scan_options.to_yaml
|
281
133
|
|
282
|
-
|
134
|
+
if quick_scan_options[:use_orig_request] == true then
|
135
|
+
req = @original_request
|
136
|
+
else
|
137
|
+
req = @req_builder.parseRequest()
|
138
|
+
end
|
283
139
|
|
284
|
-
|
140
|
+
scan_chats.push Chat.new(Watobo::Request.new(req), Watobo::Response.new(@chat.response), :id => @chat.id, :run_passive_checks => false)
|
141
|
+
end
|
285
142
|
|
286
|
-
|
143
|
+
unless scan_chats.empty? then
|
287
144
|
|
288
|
-
|
289
|
-
|
290
|
-
@sel_len = ""
|
145
|
+
log_message = ["QuickScan Started"]
|
146
|
+
log_message << "Target URL: #{scan_chats.first.request.url}"
|
291
147
|
|
292
|
-
|
293
|
-
@last_response = nil
|
148
|
+
acc = dlg.selectedModules
|
294
149
|
|
295
|
-
|
296
|
-
|
297
|
-
|
150
|
+
acc.each do |ac|
|
151
|
+
log_message << "Module: #{ac.check_name}"
|
152
|
+
end
|
298
153
|
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
@scan_status = SCANNER_IDLE
|
154
|
+
# scan_prefs = @project.getScanPreferences
|
155
|
+
scan_prefs = Watobo::Conf::Scanner.to_h
|
156
|
+
# we don't want logout detection during a QuickScan
|
157
|
+
# TODO: let this decide the user!
|
158
|
+
scan_prefs[:logout_signatures] = [] if quick_scan_options[:detect_logout] == false
|
159
|
+
# scan_prefs[:csrf_requests] = @project.getCSRFRequests(@original_request) if quick_scan_options[:update_csrf_tokens] == true
|
160
|
+
scan_prefs[:run_passive_checks] = false
|
307
161
|
|
308
|
-
|
309
|
-
self.icon = ICON_MANUAL_REQUEST
|
162
|
+
# logging required ?
|
310
163
|
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
hs_red.normalBackColor = FXRGBA(255,0,0,1) # FXColor::White
|
315
|
-
hs_red.style = FXText::STYLE_BOLD
|
164
|
+
if quick_scan_options[:enable_logging] and quick_scan_options[:scanlog_name]
|
165
|
+
scan_prefs[:scanlog_name] = quick_scan_options[:scanlog_name]
|
166
|
+
end
|
316
167
|
|
317
|
-
|
318
|
-
# top = FXHorizontalFrame.new(mr_splitter, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_SIDE_BOTTOM)
|
319
|
-
top_frame = FXVerticalFrame.new(mr_splitter, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y||LAYOUT_FIX_HEIGHT|LAYOUT_BOTTOM,:height => 500)
|
320
|
-
top_splitter = FXSplitter.new(top_frame, LAYOUT_FILL_X|SPLITTER_HORIZONTAL|LAYOUT_FILL_Y|SPLITTER_TRACKING)
|
168
|
+
scan_prefs.update quick_scan_options
|
321
169
|
|
322
|
-
|
170
|
+
if $DEBUG
|
171
|
+
puts "* creating scanner ..."
|
172
|
+
puts quick_scan_options.to_yaml
|
173
|
+
puts "- - - - - - - - -"
|
174
|
+
puts scan_prefs.to_yaml
|
175
|
+
end
|
323
176
|
|
324
|
-
|
177
|
+
# we only can have one thread for csrf_token updates ... because it's not thread-safe ... yet
|
178
|
+
scan_prefs[:max_parallel_checks] = 1 if scan_prefs[:update_csrf_tokens] == true
|
325
179
|
|
326
|
-
|
180
|
+
@scanner = Watobo::Scanner3.new(scan_chats, acc, [], scan_prefs)
|
327
181
|
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
@req_builder.subscribe(:hotkey_ctrl_enter) {
|
336
|
-
simulatePressSendBtn()
|
337
|
-
sendManualRequest()
|
338
|
-
}
|
182
|
+
sum_totals = 0
|
183
|
+
@scanner.progress.each_value do |v|
|
184
|
+
sum_totals += v[:total]
|
185
|
+
end
|
186
|
+
@pbar.total = sum_totals
|
187
|
+
@pbar.progress = 0
|
188
|
+
@pbar.barColor = FXRGB(255, 0, 0)
|
339
189
|
|
340
|
-
|
341
|
-
|
342
|
-
@req_builder.setRequest(@original_request)
|
190
|
+
csrf_requests = []
|
343
191
|
|
344
|
-
|
345
|
-
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
192
|
+
if quick_scan_options[:update_csrf_tokens] == true
|
193
|
+
unless csrf_requests.empty?
|
194
|
+
csrf_requests = Watobo::OTTCache.requests(req)
|
195
|
+
# else
|
196
|
+
# puts "* No CSRF requests defined for request:"
|
197
|
+
# puts req
|
198
|
+
# puts "---"
|
199
|
+
end
|
200
|
+
end
|
351
201
|
|
352
|
-
|
353
|
-
|
354
|
-
|
202
|
+
run_prefs = {
|
203
|
+
:update_sids => @updateSID.checked?,
|
204
|
+
:update_session => @updateSession.checked?,
|
205
|
+
:csrf_requests => csrf_requests,
|
206
|
+
:csrf_patterns => scan_prefs[:csrf_patterns],
|
207
|
+
:www_auth => scan_prefs[:www_auth],
|
208
|
+
:follow_redirect => quick_scan_options[:follow_redirect],
|
209
|
+
}
|
355
210
|
|
356
|
-
|
357
|
-
|
358
|
-
FXMenuCommand.new(menu, "-> POST").connect(SEL_COMMAND, method(:trans2Post))
|
359
|
-
# FXMenuCommand.new(menu, "POST <=> GET").connect(SEL_COMMAND, method(:switchMethod))
|
360
|
-
|
361
|
-
req_reset_button = FXButton.new(req_edit_header, "Reset", nil, nil, 0, FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT|LAYOUT_FILL_Y)
|
362
|
-
req_reset_button.connect(SEL_COMMAND, method(:onRequestReset))
|
211
|
+
logger("Scan Started ...")
|
212
|
+
Watobo.log(log_message, :sender => self.class.to_s.gsub(/.*:/, ""))
|
363
213
|
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
frame = FXHorizontalFrame.new(req_editor, :opts => LAYOUT_FILL_X|LAYOUT_SIDE_BOTTOM, :padding => 0)
|
368
|
-
req_options = FXVerticalFrame.new(frame, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
369
|
-
#eq_options = FXVerticalFrame.new(frame, :opts => LAYOUT_FILL_X|LAYOUT_SIDE_BOTTOM)
|
370
|
-
|
371
|
-
#opt = FXGroupBox.new(req_options, "Request Options", LAYOUT_SIDE_TOP|FRAME_GROOVE|LAYOUT_FILL_X, 0, 0, 0, 0)
|
372
|
-
|
373
|
-
@settings_tab = FXTabBook.new(req_options, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
|
374
|
-
|
375
|
-
resp_tab = FXTabItem.new(@settings_tab, "Request Options", nil)
|
376
|
-
opt= FXVerticalFrame.new(@settings_tab, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
377
|
-
|
378
|
-
@updateContentLength = FXCheckButton.new(opt, "Update Content-Length", nil, 0, ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
379
|
-
@updateContentLength.checkState = true
|
380
|
-
|
381
|
-
@followRedirect = FXCheckButton.new(opt, "Follow Redirects", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
382
|
-
@followRedirect.checkState = false
|
383
|
-
|
384
|
-
@logChat = FXCheckButton.new(opt, "Log Chat", nil, 0,
|
385
|
-
ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
386
|
-
@logChat.checkState = false
|
387
|
-
|
388
|
-
sess_tab = FXTabItem.new(@settings_tab, "Session Settings", nil)
|
389
|
-
session_frame = FXVerticalFrame.new(@settings_tab, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
390
|
-
|
391
|
-
sidframe = FXHorizontalFrame.new(session_frame, :opts => FRAME_NONE|LAYOUT_FILL_X|PACK_UNIFORM_HEIGHT, :padding => 0 )
|
392
|
-
@updateSID = FXCheckButton.new(sidframe, "Update SID Cache ...", nil, 0, JUSTIFY_LEFT|JUSTIFY_CENTER_Y|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
393
|
-
@updateSID.checkState = false
|
394
|
-
FXButton.new(sidframe, "Clear", nil, nil, 0, FRAME_RAISED|FRAME_THICK).connect(SEL_COMMAND){
|
395
|
-
Watobo::SIDCache.acquire(self.object_id).clear
|
396
|
-
}
|
397
|
-
|
398
|
-
@updateSession = FXCheckButton.new(session_frame, "Update Session", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
399
|
-
@updateSession.checkState = true
|
400
|
-
@updateSession.connect(SEL_COMMAND) do |sender, sel, item|
|
401
|
-
@runLogin.enabled = @updateSession.checked?
|
402
|
-
end
|
403
|
-
|
404
|
-
@runLogin = FXCheckButton.new(session_frame, "Run Login", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
405
|
-
@runLogin.checkState = false
|
214
|
+
@scan_status = SCANNER_STARTED
|
215
|
+
@scanner.run(run_prefs)
|
406
216
|
|
407
|
-
|
408
|
-
@updateCSRF = FXCheckButton.new(csrf_frame, "Update One-Time-Tokens ...", nil, 0, JUSTIFY_LEFT|ICON_BEFORE_TEXT)
|
409
|
-
@updateCSRF.checkState = false
|
410
|
-
@csrf_settings_btn = FXButton.new(csrf_frame, "Settings", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
411
|
-
@csrf_settings_btn.connect(SEL_COMMAND, method(:openCSRFTokenDialog))
|
412
|
-
|
413
|
-
#@updateCSRF.connect(SEL_COMMAND) do |sender, sel, item|
|
414
|
-
# if @updateCSRF.checked? then
|
415
|
-
# @csrf_settings_btn.enable
|
416
|
-
# else
|
417
|
-
# @csrf_settings_btn.disable
|
418
|
-
# end
|
419
|
-
#end
|
217
|
+
end
|
420
218
|
|
421
|
-
|
219
|
+
# return 0
|
422
220
|
|
423
|
-
|
424
|
-
send_frame = FXVerticalFrame.new(button_frame, :opts => LAYOUT_FILL_Y|LAYOUT_FILL_X, :padding => 2)
|
425
|
-
send_frame.backColor = FXColor::Red
|
426
|
-
#btn_send = FXButton.new(frame, "\nSEND", ICON_SEND_REQUEST, nil, 0, :opts => ICON_ABOVE_TEXT|FRAME_RAISED|FRAME_THICK|LAYOUT_FILL_Y|LAYOUT_FIX_WIDTH|LAYOUT_RIGHT, :width => 100)
|
427
|
-
@btn_send = FXButton.new(send_frame, "\nSEND", ICON_SEND_REQUEST, nil, 0, :opts => ICON_ABOVE_TEXT|FRAME_RAISED|FRAME_THICK|LAYOUT_FILL_Y|LAYOUT_FILL_X|LAYOUT_RIGHT)
|
428
|
-
btn_prev = FXButton.new(button_frame, "preview >>", nil, nil, 0, :opts => LAYOUT_FILL_X|FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT)
|
429
|
-
btn_prev.connect(SEL_COMMAND,method(:onPreviewClick))
|
430
|
-
|
431
|
-
frame = FXHorizontalFrame.new(req_editor, :opts => LAYOUT_FILL_X|FRAME_GROOVE)
|
432
|
-
|
433
|
-
@btn_quickscan = FXButton.new(frame, "QuickScan", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
434
|
-
@btn_quickscan.connect(SEL_COMMAND, method(:onBtnQuickScan))
|
435
|
-
@pbar = FXProgressBar.new(frame, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN|FRAME_THICK|PROGRESSBAR_HORIZONTAL)
|
436
|
-
@pbar.progress = 0
|
437
|
-
@pbar.total = 0
|
438
|
-
@pbar.barColor = 'grey' #FXRGB(255,0,0)
|
221
|
+
end
|
439
222
|
|
440
|
-
|
441
|
-
|
442
|
-
|
443
|
-
result_viewer = FXVerticalFrame.new(top_splitter, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_GROOVE|LAYOUT_FIX_WIDTH, :width => 400)
|
444
|
-
|
445
|
-
# log_viewer = FXVerticalFrame.new(bottom_frame, :opts => LAYOUT_FILL_X|FRAME_GROOVE|LAYOUT_BOTTOM)
|
446
|
-
|
447
|
-
@tabBook = FXTabBook.new(result_viewer, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
|
448
|
-
|
449
|
-
resp_tab = FXTabItem.new(@tabBook, "Response", nil)
|
450
|
-
frame = FXVerticalFrame.new(@tabBook, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
451
|
-
@response_viewer = Watobo::Gui::ResponseViewer.new(frame, LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
452
|
-
#@response_viewer.ma
|
453
|
-
@response_viewer.max_len = 0
|
223
|
+
def onBtnSendClick(sender, sel, item)
|
224
|
+
sendManualRequest()
|
225
|
+
end
|
454
226
|
|
455
|
-
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
|
461
|
-
|
227
|
+
def onPreviewClick(sender, sel, item)
|
228
|
+
@request_viewer.setText('')
|
229
|
+
new_request = @req_builder.parseRequest
|
230
|
+
# puts "new request: #{new_request}"
|
231
|
+
@request_viewer.setText(new_request)
|
232
|
+
@tabBook.current = 1
|
233
|
+
end
|
462
234
|
|
463
|
-
|
464
|
-
|
465
|
-
begin
|
466
|
-
unless @current_chat.nil?
|
467
|
-
#@interface.openBrowser(@last_request, @last_response)
|
468
|
-
notify(:show_browser_preview, @current_chat.request, @current_chat.response)
|
469
|
-
end
|
470
|
-
rescue => bang
|
471
|
-
puts bang
|
472
|
-
|
473
|
-
end
|
474
|
-
}
|
475
|
-
|
476
|
-
req_tab = FXTabItem.new(@tabBook, "Request", nil)
|
477
|
-
@request_viewer = Watobo::Gui::RequestViewer.new(@tabBook, FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
478
|
-
|
479
|
-
|
480
|
-
diff_tab = FXTabItem.new(@tabBook, "Differ", nil)
|
481
|
-
|
482
|
-
@diff_frame = DiffFrame.new(@tabBook, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
483
|
-
|
484
|
-
log_text_frame = FXVerticalFrame.new(log_frame, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN|FRAME_THICK, :padding=>0)
|
485
|
-
@log_viewer = LogViewer.new(log_text_frame, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
486
|
-
#--------------------------------------------------------------------------------
|
487
|
-
|
488
|
-
@btn_send.connect(SEL_COMMAND, method(:onBtnSendClick))
|
489
|
-
|
490
|
-
add_update_timer(250)
|
235
|
+
def showHistory(dist=0, pos=nil)
|
236
|
+
if @history.length > 0
|
491
237
|
|
492
|
-
|
493
|
-
|
494
|
-
|
495
|
-
|
238
|
+
current_pos = @history_pos_dt.value
|
239
|
+
new_pos = current_pos + dist
|
240
|
+
new_pos = 1 if new_pos <= 0
|
241
|
+
new_pos = @history.length if new_pos > @history.length
|
496
242
|
|
497
|
-
|
243
|
+
@req_builder.setRequest(@history[new_pos-1].raw_request)
|
244
|
+
@req_builder.highlight("(%%[^%]*%%)")
|
498
245
|
|
499
|
-
|
246
|
+
@response_viewer.setText(@history[new_pos-1].response)
|
500
247
|
|
501
|
-
|
502
|
-
|
503
|
-
|
504
|
-
|
248
|
+
@history_pos_dt.value = new_pos
|
249
|
+
@history_pos.handle(self, FXSEL(SEL_UPDATE, 0), nil)
|
250
|
+
return new_pos
|
251
|
+
end
|
252
|
+
return 0 if dist == 0 and not pos
|
253
|
+
end
|
254
|
+
|
255
|
+
def add_handler
|
256
|
+
@handler_path ||= Watobo.working_directory + '/'
|
257
|
+
handler_filename = FXFileDialog.getOpenFilename(self, "Select handler file", @handler_path, "*.rb\n*")
|
258
|
+
if handler_filename != "" then
|
259
|
+
if File.exists?(handler_filename) then
|
260
|
+
@handler_file = handler_filename
|
261
|
+
@handler_path = File.dirname(handler_filename) + "/"
|
262
|
+
Watobo::EgressHandlers.add(handler_filename)
|
263
|
+
update_egress
|
264
|
+
end
|
265
|
+
end
|
505
266
|
|
506
|
-
if @pbar.total > 0
|
507
|
-
@pbar.progress = @scanner.sum_progress
|
508
267
|
end
|
509
|
-
|
510
|
-
|
511
|
-
@
|
512
|
-
|
513
|
-
@
|
514
|
-
|
515
|
-
|
516
|
-
|
268
|
+
|
269
|
+
def update_egress
|
270
|
+
@egress_handlers.clearItems
|
271
|
+
@egress.disable
|
272
|
+
@egress_handlers.disable
|
273
|
+
if Watobo::EgressHandlers.length > 0
|
274
|
+
@egress.enable
|
275
|
+
@egress_handlers.enable
|
276
|
+
#@egress_btn.enable
|
277
|
+
Watobo::EgressHandlers.list { |h|
|
278
|
+
@egress_handlers.appendItem(h.to_s, nil)
|
279
|
+
}
|
280
|
+
end
|
517
281
|
end
|
518
|
-
end
|
519
|
-
end
|
520
282
|
|
521
|
-
|
522
|
-
|
523
|
-
|
524
|
-
|
525
|
-
|
526
|
-
|
527
|
-
@
|
283
|
+
def initialize(owner, project, chat)
|
284
|
+
begin
|
285
|
+
# Invoke base class initialize function first
|
286
|
+
|
287
|
+
super(owner, "Manual Request Toolkit", :opts => DECOR_ALL, :width => 850, :height => 600)
|
288
|
+
|
289
|
+
@event_dispatcher_listeners = Hash.new
|
290
|
+
@chat_queue = Queue.new
|
291
|
+
|
292
|
+
@request_sender = ManualRequestSender.new(self.object_id)
|
293
|
+
@request_sender.subscribe(:follow_redirect) { |loc| logger("follow redirect -> #{loc}") }
|
294
|
+
@responseFilter = FXDataTarget.new("")
|
295
|
+
|
296
|
+
@chat = chat
|
297
|
+
|
298
|
+
if chat.respond_to? :request
|
299
|
+
self.title = "#{chat.request.method} #{chat.request.url}"
|
300
|
+
end
|
301
|
+
|
302
|
+
@original_request = chat.copyRequest
|
303
|
+
|
304
|
+
@project = project
|
305
|
+
|
306
|
+
@csrf_requests = []
|
307
|
+
|
308
|
+
@tselect = ""
|
309
|
+
@sel_pos = ""
|
310
|
+
@sel_len = ""
|
311
|
+
|
312
|
+
@last_request = nil
|
313
|
+
@last_response = nil
|
528
314
|
|
529
|
-
|
315
|
+
@history_size = 10
|
316
|
+
@history = []
|
317
|
+
@counter = 0
|
530
318
|
|
531
|
-
@
|
532
|
-
@last_request = request
|
319
|
+
@scanner = nil
|
533
320
|
|
534
|
-
@
|
535
|
-
@
|
321
|
+
@new_response = nil
|
322
|
+
@new_request = nil
|
536
323
|
|
537
|
-
|
324
|
+
@update_lock = Mutex.new
|
325
|
+
@scan_status_lock = Mutex.new
|
326
|
+
@scan_status = SCANNER_IDLE
|
538
327
|
|
539
|
-
|
328
|
+
|
329
|
+
self.icon = ICON_MANUAL_REQUEST
|
330
|
+
|
331
|
+
# Construct some hilite styles
|
332
|
+
hs_red = FXHiliteStyle.new
|
333
|
+
hs_red.normalForeColor = FXRGBA(255, 255, 255, 255) # FXColor::Red
|
334
|
+
hs_red.normalBackColor = FXRGBA(255, 0, 0, 1) # FXColor::White
|
335
|
+
hs_red.style = FXText::STYLE_BOLD
|
336
|
+
|
337
|
+
mr_splitter = FXSplitter.new(self, LAYOUT_FILL_X|LAYOUT_FILL_Y|SPLITTER_VERTICAL|SPLITTER_REVERSED|SPLITTER_TRACKING)
|
338
|
+
# top = FXHorizontalFrame.new(mr_splitter, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_SIDE_BOTTOM)
|
339
|
+
top_frame = FXVerticalFrame.new(mr_splitter, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y||LAYOUT_FIX_HEIGHT|LAYOUT_BOTTOM, :height => 500)
|
340
|
+
top_splitter = FXSplitter.new(top_frame, LAYOUT_FILL_X|SPLITTER_HORIZONTAL|LAYOUT_FILL_Y|SPLITTER_TRACKING)
|
341
|
+
|
342
|
+
log_frame = FXVerticalFrame.new(mr_splitter, :opts => LAYOUT_FILL_X|LAYOUT_SIDE_BOTTOM, :height => 100)
|
343
|
+
|
344
|
+
#LAYOUT_FILL_X in combination with LAYOUT_FIX_WIDTH
|
345
|
+
|
346
|
+
req_editor = FXVerticalFrame.new(top_splitter, :opts => LAYOUT_FILL_X|LAYOUT_FIX_WIDTH|LAYOUT_FILL_Y|FRAME_GROOVE, :width => 400, :height => 500)
|
347
|
+
|
348
|
+
req_edit_header = FXHorizontalFrame.new(req_editor, :opts => LAYOUT_FILL_X)
|
349
|
+
|
350
|
+
@req_builder = RequestBuilder.new(req_editor, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
351
|
+
@req_builder.subscribe(:hotkey_ctrl_s) {
|
352
|
+
simulatePressSendBtn()
|
353
|
+
sendManualRequest()
|
354
|
+
}
|
355
|
+
@req_builder.subscribe(:hotkey_ctrl_enter) {
|
356
|
+
simulatePressSendBtn()
|
357
|
+
sendManualRequest()
|
358
|
+
}
|
359
|
+
|
360
|
+
@req_builder.subscribe(:error) { |msg| logger(msg) }
|
361
|
+
|
362
|
+
@req_builder.setRequest(@original_request)
|
363
|
+
|
364
|
+
history_navigation = FXHorizontalFrame.new(req_edit_header, :opts => FRAME_NONE)
|
365
|
+
FXLabel.new(history_navigation, "History:", :opts => LAYOUT_CENTER_Y)
|
366
|
+
hback = FXButton.new(history_navigation, "<", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
367
|
+
@history_pos_dt = FXDataTarget.new(0)
|
368
|
+
@history_pos = FXTextField.new(history_navigation, 2, @history_pos_dt, FXDataTarget::ID_VALUE, :opts => LAYOUT_FILL_X|FRAME_GROOVE|FRAME_SUNKEN)
|
369
|
+
@history_pos.justify = JUSTIFY_RIGHT
|
540
370
|
@history_pos.handle(self, FXSEL(SEL_UPDATE, 0), nil)
|
371
|
+
|
372
|
+
hback.connect(SEL_COMMAND) { showHistory(-1) }
|
373
|
+
hnext = FXButton.new(history_navigation, ">", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
374
|
+
hnext.connect(SEL_COMMAND) { showHistory(1) }
|
375
|
+
|
376
|
+
menu = FXMenuPane.new(self)
|
377
|
+
FXMenuCommand.new(menu, "-> GET").connect(SEL_COMMAND, method(:trans2Get))
|
378
|
+
FXMenuCommand.new(menu, "-> POST").connect(SEL_COMMAND, method(:trans2Post))
|
379
|
+
# FXMenuCommand.new(menu, "POST <=> GET").connect(SEL_COMMAND, method(:switchMethod))
|
380
|
+
|
381
|
+
req_reset_button = FXButton.new(req_edit_header, "Reset", nil, nil, 0, FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT|LAYOUT_FILL_Y)
|
382
|
+
req_reset_button.connect(SEL_COMMAND, method(:onRequestReset))
|
383
|
+
|
384
|
+
# Button to pop menu
|
385
|
+
FXMenuButton.new(req_edit_header, "&Transform", nil, menu, (MENUBUTTON_DOWN|FRAME_RAISED|FRAME_THICK|ICON_AFTER_TEXT|LAYOUT_RIGHT|LAYOUT_FILL_Y))
|
386
|
+
|
387
|
+
frame = FXHorizontalFrame.new(req_editor, :opts => LAYOUT_FILL_X|LAYOUT_SIDE_BOTTOM, :padding => 0)
|
388
|
+
req_options = FXVerticalFrame.new(frame, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
389
|
+
#eq_options = FXVerticalFrame.new(frame, :opts => LAYOUT_FILL_X|LAYOUT_SIDE_BOTTOM)
|
390
|
+
|
391
|
+
#opt = FXGroupBox.new(req_options, "Request Options", LAYOUT_SIDE_TOP|FRAME_GROOVE|LAYOUT_FILL_X, 0, 0, 0, 0)
|
392
|
+
|
393
|
+
@settings_tab = FXTabBook.new(req_options, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
|
394
|
+
|
395
|
+
resp_tab = FXTabItem.new(@settings_tab, "Request Options", nil)
|
396
|
+
opt= FXVerticalFrame.new(@settings_tab, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
397
|
+
|
398
|
+
@updateContentLength = FXCheckButton.new(opt, "Update Content-Length", nil, 0, ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
399
|
+
@updateContentLength.checkState = true
|
400
|
+
|
401
|
+
@followRedirect = FXCheckButton.new(opt, "Follow Redirects", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
402
|
+
@followRedirect.checkState = false
|
403
|
+
|
404
|
+
eframe = FXHorizontalFrame.new(opt, :opts => FRAME_NONE|LAYOUT_FILL_X, :padding => 0)
|
405
|
+
@egress = FXCheckButton.new(eframe, "Egress", nil, 0, JUSTIFY_LEFT|JUSTIFY_CENTER_Y|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
406
|
+
@egress.checkState = false
|
407
|
+
|
408
|
+
|
409
|
+
@egress_handlers = FXComboBox.new(eframe, 5, nil, 0, COMBOBOX_STATIC|FRAME_SUNKEN|FRAME_THICK|LAYOUT_SIDE_TOP)
|
410
|
+
#@filterCombo.width =200
|
411
|
+
|
412
|
+
@egress_handlers.numVisible = 0
|
413
|
+
@egress_handlers.numColumns = 23
|
414
|
+
@egress_handlers.editable = false
|
415
|
+
@egress_handlers.connect(SEL_COMMAND) { |sender, sel, name|
|
416
|
+
Watobo::EgressHandlers.last = name
|
417
|
+
}
|
418
|
+
|
419
|
+
# @egress_handlers.appendItem('none', nil)
|
420
|
+
@egress_add_btn = FXButton.new(eframe, "add", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
421
|
+
@egress_add_btn.connect(SEL_COMMAND) { add_handler }
|
422
|
+
#@egress_handlers.connect(SEL_COMMAND, method(:onRequestChanged))
|
423
|
+
@egress_btn = FXButton.new(eframe, "reload", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
424
|
+
@egress_btn.connect(SEL_COMMAND) {
|
425
|
+
Watobo::EgressHandlers.reload
|
426
|
+
update_egress
|
427
|
+
}
|
428
|
+
|
429
|
+
update_egress
|
430
|
+
|
431
|
+
i = @egress_handlers.findItem(Watobo::EgressHandlers.last)
|
432
|
+
#puts "Last Item Index: #{i} (#{Watobo::EgressHandlers.last})"
|
433
|
+
@egress_handlers.setCurrentItem(i) if i >= 0
|
434
|
+
|
435
|
+
|
436
|
+
@logChat = FXCheckButton.new(opt, "Log Chat", nil, 0,
|
437
|
+
ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
438
|
+
@logChat.checkState = false
|
439
|
+
|
440
|
+
sess_tab = FXTabItem.new(@settings_tab, "Session Settings", nil)
|
441
|
+
session_frame = FXVerticalFrame.new(@settings_tab, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
442
|
+
|
443
|
+
sidframe = FXHorizontalFrame.new(session_frame, :opts => FRAME_NONE|LAYOUT_FILL_X|PACK_UNIFORM_HEIGHT, :padding => 0)
|
444
|
+
@updateSID = FXCheckButton.new(sidframe, "Update SID Cache ...", nil, 0, JUSTIFY_LEFT|JUSTIFY_CENTER_Y|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
445
|
+
@updateSID.checkState = false
|
446
|
+
FXButton.new(sidframe, "Clear", nil, nil, 0, FRAME_RAISED|FRAME_THICK).connect(SEL_COMMAND) {
|
447
|
+
Watobo::SIDCache.acquire(self.object_id).clear
|
448
|
+
}
|
449
|
+
|
450
|
+
@updateSession = FXCheckButton.new(session_frame, "Update Session", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
451
|
+
@updateSession.checkState = true
|
452
|
+
@updateSession.connect(SEL_COMMAND) do |sender, sel, item|
|
453
|
+
@runLogin.enabled = @updateSession.checked?
|
454
|
+
end
|
455
|
+
|
456
|
+
@runLogin = FXCheckButton.new(session_frame, "Run Login", nil, 0, JUSTIFY_LEFT|JUSTIFY_TOP|ICON_BEFORE_TEXT|LAYOUT_SIDE_TOP)
|
457
|
+
@runLogin.checkState = false
|
458
|
+
|
459
|
+
csrf_frame = FXHorizontalFrame.new(session_frame, :opts => LAYOUT_FILL_X|PACK_UNIFORM_HEIGHT, :padding => 0)
|
460
|
+
@updateCSRF = FXCheckButton.new(csrf_frame, "Update One-Time-Tokens ...", nil, 0, JUSTIFY_LEFT|ICON_BEFORE_TEXT)
|
461
|
+
@updateCSRF.checkState = false
|
462
|
+
@csrf_settings_btn = FXButton.new(csrf_frame, "Settings", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
463
|
+
@csrf_settings_btn.connect(SEL_COMMAND, method(:openCSRFTokenDialog))
|
464
|
+
|
465
|
+
#@updateCSRF.connect(SEL_COMMAND) do |sender, sel, item|
|
466
|
+
# if @updateCSRF.checked? then
|
467
|
+
# @csrf_settings_btn.enable
|
468
|
+
# else
|
469
|
+
# @csrf_settings_btn.disable
|
470
|
+
# end
|
471
|
+
#end
|
472
|
+
|
473
|
+
##################################################
|
474
|
+
|
475
|
+
button_frame = FXVerticalFrame.new(frame, :opts => LAYOUT_FILL_Y|LAYOUT_FIX_WIDTH|LAYOUT_RIGHT, :width => 100)
|
476
|
+
send_frame = FXVerticalFrame.new(button_frame, :opts => LAYOUT_FILL_Y|LAYOUT_FILL_X, :padding => 2)
|
477
|
+
send_frame.backColor = FXColor::Red
|
478
|
+
#btn_send = FXButton.new(frame, "\nSEND", ICON_SEND_REQUEST, nil, 0, :opts => ICON_ABOVE_TEXT|FRAME_RAISED|FRAME_THICK|LAYOUT_FILL_Y|LAYOUT_FIX_WIDTH|LAYOUT_RIGHT, :width => 100)
|
479
|
+
@btn_send = FXButton.new(send_frame, "\nSEND", ICON_SEND_REQUEST, nil, 0, :opts => ICON_ABOVE_TEXT|FRAME_RAISED|FRAME_THICK|LAYOUT_FILL_Y|LAYOUT_FILL_X|LAYOUT_RIGHT)
|
480
|
+
btn_prev = FXButton.new(button_frame, "preview >>", nil, nil, 0, :opts => LAYOUT_FILL_X|FRAME_RAISED|FRAME_THICK|LAYOUT_RIGHT)
|
481
|
+
btn_prev.connect(SEL_COMMAND, method(:onPreviewClick))
|
482
|
+
|
483
|
+
frame = FXHorizontalFrame.new(req_editor, :opts => LAYOUT_FILL_X|FRAME_GROOVE)
|
484
|
+
|
485
|
+
@btn_quickscan = FXButton.new(frame, "QuickScan", nil, nil, 0, FRAME_RAISED|FRAME_THICK)
|
486
|
+
@btn_quickscan.connect(SEL_COMMAND, method(:onBtnQuickScan))
|
487
|
+
@pbar = FXProgressBar.new(frame, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN|FRAME_THICK|PROGRESSBAR_HORIZONTAL)
|
488
|
+
@pbar.progress = 0
|
489
|
+
@pbar.total = 0
|
490
|
+
@pbar.barColor = 'grey' #FXRGB(255,0,0)
|
491
|
+
|
492
|
+
# TODO: Implement font sizing
|
493
|
+
#@req_builder.font = FXFont.new(app, "courier" , 14, :encoding=>FONTENCODING_ISO_8859_1)
|
494
|
+
|
495
|
+
result_viewer = FXVerticalFrame.new(top_splitter, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_GROOVE|LAYOUT_FIX_WIDTH, :width => 400)
|
496
|
+
|
497
|
+
# log_viewer = FXVerticalFrame.new(bottom_frame, :opts => LAYOUT_FILL_X|FRAME_GROOVE|LAYOUT_BOTTOM)
|
498
|
+
|
499
|
+
@tabBook = FXTabBook.new(result_viewer, nil, 0, LAYOUT_FILL_X|LAYOUT_FILL_Y|LAYOUT_RIGHT)
|
500
|
+
|
501
|
+
resp_tab = FXTabItem.new(@tabBook, "Response", nil)
|
502
|
+
frame = FXVerticalFrame.new(@tabBook, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0)
|
503
|
+
@response_viewer = Watobo::Gui::ResponseViewer.new(frame, LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
504
|
+
#@response_viewer.ma
|
505
|
+
@response_viewer.max_len = 0
|
506
|
+
|
507
|
+
options = FXHorizontalFrame.new(frame, :opts => LAYOUT_FILL_X)
|
508
|
+
frame = FXHorizontalFrame.new(options, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN)
|
509
|
+
frame.backColor = FXColor::White
|
510
|
+
label = FXLabel.new(frame, "MD5: ", :opts => LAYOUT_FILL_Y|JUSTIFY_CENTER_Y)
|
511
|
+
label.backColor = FXColor::White
|
512
|
+
@responseMD5 = FXLabel.new(frame, "-N/A-", :opts => LAYOUT_FILL_Y|JUSTIFY_CENTER_Y)
|
513
|
+
@responseMD5.backColor = FXColor::White
|
514
|
+
|
515
|
+
browser_button = FXButton.new(options, "Browser-View", ICON_BROWSER_MEDIUM, nil, 0, :opts => BUTTON_NORMAL|LAYOUT_RIGHT)
|
516
|
+
browser_button.connect(SEL_COMMAND) {
|
517
|
+
begin
|
518
|
+
unless @current_chat.nil?
|
519
|
+
#@interface.openBrowser(@last_request, @last_response)
|
520
|
+
notify(:show_browser_preview, @current_chat.request, @current_chat.response)
|
521
|
+
end
|
522
|
+
rescue => bang
|
523
|
+
puts bang
|
524
|
+
|
525
|
+
end
|
526
|
+
}
|
527
|
+
|
528
|
+
req_tab = FXTabItem.new(@tabBook, "Request", nil)
|
529
|
+
@request_viewer = Watobo::Gui::RequestViewer.new(@tabBook, FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
530
|
+
|
531
|
+
|
532
|
+
diff_tab = FXTabItem.new(@tabBook, "Differ", nil)
|
533
|
+
|
534
|
+
@diff_frame = DiffFrame.new(@tabBook, :opts => FRAME_THICK|FRAME_RAISED|LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
535
|
+
|
536
|
+
log_text_frame = FXVerticalFrame.new(log_frame, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN|FRAME_THICK, :padding => 0)
|
537
|
+
@log_viewer = LogViewer.new(log_text_frame, :opts => LAYOUT_FILL_X|LAYOUT_FILL_Y)
|
538
|
+
#--------------------------------------------------------------------------------
|
539
|
+
|
540
|
+
@btn_send.connect(SEL_COMMAND, method(:onBtnSendClick))
|
541
|
+
|
542
|
+
add_update_timer(250)
|
543
|
+
|
544
|
+
rescue => bang
|
545
|
+
puts bang
|
546
|
+
puts bang.backtrace if $DEBUG
|
541
547
|
end
|
542
|
-
|
543
|
-
logger("ERROR: #{@current_chat.response.first}") if @current_chat.respond_to? :response
|
544
|
-
@responseMD5.text = "- N/A -"
|
548
|
+
|
545
549
|
end
|
546
550
|
|
547
|
-
|
551
|
+
private
|
548
552
|
|
549
|
-
|
550
|
-
|
551
|
-
|
552
|
-
|
553
|
-
|
554
|
-
|
555
|
-
|
556
|
-
|
557
|
-
if new_request.nil?
|
558
|
-
logger("Could not send request!")
|
559
|
-
return false
|
560
|
-
end
|
561
|
-
|
562
|
-
csrf_requests = []
|
563
|
-
|
564
|
-
prefs = Watobo::Conf::Scanner.to_h
|
565
|
-
|
566
|
-
current_prefs = {:run_login => @updateSession.checked? ? @runLogin.checked? : false,
|
567
|
-
:update_session => @updateSession.checked?,
|
568
|
-
:update_contentlength => @updateContentLength.checked?,
|
569
|
-
:update_otts => @updateCSRF.checked?,
|
570
|
-
# :csrf_requests => csrf_requests,
|
571
|
-
# :csrf_patterns => @project.getCSRFPatterns(),
|
572
|
-
:update_sids => @updateSID.checked?,
|
573
|
-
:follow_redirect => @followRedirect.checked?
|
574
|
-
}
|
575
|
-
|
576
|
-
prefs.update current_prefs
|
577
|
-
|
578
|
-
@request_thread = Thread.new(new_request, prefs) { |nr, p|
|
579
|
-
begin
|
580
|
-
logger("send request")
|
581
|
-
last_request, last_response = @request_sender.sendRequest(nr, p )
|
582
|
-
logger("got answer")
|
583
|
-
|
584
|
-
@chat_queue.push [ last_request, last_response ]
|
585
|
-
rescue => bang
|
586
|
-
puts bang
|
587
|
-
end
|
588
|
-
}
|
589
|
-
|
590
|
-
end
|
591
|
-
|
592
|
-
def trans2Get(sender, sel, item)
|
593
|
-
request = @req_builder.parseRequest
|
594
|
-
return nil if request.nil?
|
595
|
-
request = Watobo::Request.new request
|
596
|
-
|
597
|
-
if request.method =~ /POST/i and request.content_type =~ /www\-form/i
|
598
|
-
request.setMethod("GET")
|
599
|
-
request.removeHeader("Content-Length")
|
600
|
-
request.removeHeader("Content-Type")
|
601
|
-
data = request.data.to_s
|
602
|
-
# puts "Data: "
|
603
|
-
# puts data
|
604
|
-
request.appendQueryParms(data)
|
605
|
-
request.setData('')
|
606
|
-
end
|
607
|
-
@req_builder.setRequest(request)
|
608
|
-
end
|
609
|
-
|
610
|
-
def trans2Post(sender, sel, item)
|
611
|
-
request = @req_builder.parseRequest
|
612
|
-
return nil if request.nil?
|
613
|
-
request = Watobo::Request.new request
|
614
|
-
|
615
|
-
if request.method =~ /GET/i
|
616
|
-
request.setMethod("POST")
|
617
|
-
request.set_header("Content-Length", "0")
|
618
|
-
request.set_header("Content-Type", "application/x-www-form-urlencoded")
|
619
|
-
data = request.query
|
620
|
-
request.setData(data)
|
621
|
-
request.removeUrlParms()
|
553
|
+
def add_update_timer(ms)
|
554
|
+
Watobo.save_thread {
|
555
|
+
unless @scanner.nil?
|
556
|
+
@scan_status_lock.synchronize do
|
557
|
+
|
558
|
+
if @pbar.total > 0
|
559
|
+
@pbar.progress = @scanner.sum_progress
|
560
|
+
end
|
622
561
|
|
562
|
+
if @scanner.finished?
|
563
|
+
@scanner = nil
|
564
|
+
logger("Scan Finished!")
|
565
|
+
@pbar.progress = 0
|
566
|
+
@pbar.total = 0
|
567
|
+
@pbar.barColor = 'grey' #FXRGB(255,0,0)
|
568
|
+
@btn_quickscan.text = "QuickScan"
|
569
|
+
end
|
623
570
|
end
|
624
|
-
|
625
|
-
|
571
|
+
end
|
572
|
+
|
573
|
+
while @chat_queue.size > 0 do
|
574
|
+
request, response = @chat_queue.pop
|
575
|
+
|
576
|
+
unless request.nil? then
|
577
|
+
unless response.nil?
|
578
|
+
@response_viewer.setText response
|
579
|
+
@current_chat = Watobo::Chat.new(request, response, :source => CHAT_SOURCE_MANUAL, :run_passive_checks => false)
|
580
|
+
|
581
|
+
Watobo::Chats.add(@current_chat) if @logChat.checked? == true
|
582
|
+
|
583
|
+
@request_viewer.setText request
|
584
|
+
@last_request = request
|
585
|
+
|
586
|
+
@response_viewer.setText(response, :filter => true)
|
587
|
+
@responseMD5.text = response.contentMD5
|
588
|
+
|
589
|
+
addHistoryItem(@current_chat, @req_builder.rawRequest)
|
626
590
|
|
627
|
-
|
628
|
-
|
629
|
-
|
630
|
-
|
591
|
+
@history_pos_dt.value = @history.length
|
592
|
+
@history_pos.handle(self, FXSEL(SEL_UPDATE, 0), nil)
|
593
|
+
end
|
594
|
+
else
|
595
|
+
logger("ERROR: #{@current_chat.response.first}") if @current_chat.respond_to? :response
|
596
|
+
@responseMD5.text = "- N/A -"
|
631
597
|
end
|
632
|
-
end
|
633
598
|
|
634
|
-
|
635
|
-
|
636
|
-
|
637
|
-
|
599
|
+
end
|
600
|
+
}
|
601
|
+
end
|
602
|
+
|
603
|
+
def sendManualRequest
|
604
|
+
@request_viewer.setText('')
|
605
|
+
@response_viewer.setText('')
|
606
|
+
new_request = @req_builder.parseRequest
|
607
|
+
|
608
|
+
if new_request.nil?
|
609
|
+
logger("Could not send request!")
|
610
|
+
return false
|
611
|
+
end
|
612
|
+
|
613
|
+
csrf_requests = []
|
614
|
+
|
615
|
+
prefs = Watobo::Conf::Scanner.to_h
|
616
|
+
|
617
|
+
egress_handler = @egress.checked? ? @egress_handlers.getItem(@egress_handlers.currentItem) : ''
|
618
|
+
|
638
619
|
|
620
|
+
current_prefs = {:run_login => @updateSession.checked? ? @runLogin.checked? : false,
|
621
|
+
:update_session => @updateSession.checked?,
|
622
|
+
:update_contentlength => @updateContentLength.checked?,
|
623
|
+
:update_otts => @updateCSRF.checked?,
|
624
|
+
# :csrf_requests => csrf_requests,
|
625
|
+
# :csrf_patterns => @project.getCSRFPatterns(),
|
626
|
+
:update_sids => @updateSID.checked?,
|
627
|
+
:follow_redirect => @followRedirect.checked?,
|
628
|
+
:egress_handler => egress_handler
|
629
|
+
}
|
630
|
+
|
631
|
+
prefs.update current_prefs
|
632
|
+
|
633
|
+
@request_thread = Thread.new(new_request, prefs) { |nr, p|
|
634
|
+
begin
|
635
|
+
logger("send request")
|
636
|
+
last_request, last_response = @request_sender.sendRequest(nr, p)
|
637
|
+
logger("got answer")
|
638
|
+
|
639
|
+
@chat_queue.push [last_request, last_response]
|
640
|
+
rescue => bang
|
641
|
+
puts bang
|
642
|
+
end
|
643
|
+
}
|
644
|
+
|
645
|
+
end
|
646
|
+
|
647
|
+
def trans2Get(sender, sel, item)
|
648
|
+
request = @req_builder.parseRequest
|
649
|
+
return nil if request.nil?
|
650
|
+
request = Watobo::Request.new request
|
651
|
+
|
652
|
+
if request.method =~ /POST/i and request.content_type =~ /www\-form/i
|
653
|
+
request.setMethod("GET")
|
654
|
+
request.removeHeader("Content-Length")
|
655
|
+
request.removeHeader("Content-Type")
|
656
|
+
data = request.data.to_s
|
657
|
+
# puts "Data: "
|
658
|
+
# puts data
|
659
|
+
request.appendQueryParms(data)
|
660
|
+
request.setData('')
|
661
|
+
end
|
662
|
+
@req_builder.setRequest(request)
|
639
663
|
end
|
640
|
-
|
664
|
+
|
665
|
+
def trans2Post(sender, sel, item)
|
666
|
+
request = @req_builder.parseRequest
|
667
|
+
return nil if request.nil?
|
668
|
+
request = Watobo::Request.new request
|
669
|
+
|
670
|
+
if request.method =~ /GET/i
|
671
|
+
request.setMethod("POST")
|
672
|
+
request.set_header("Content-Length", "0")
|
673
|
+
request.set_header("Content-Type", "application/x-www-form-urlencoded")
|
674
|
+
data = request.query
|
675
|
+
request.setData(data)
|
676
|
+
request.removeUrlParms()
|
677
|
+
|
678
|
+
end
|
679
|
+
@req_builder.setRequest(request)
|
680
|
+
end
|
681
|
+
|
682
|
+
def simulatePressSendBtn()
|
683
|
+
@btn_send.state = STATE_DOWN
|
684
|
+
getApp().addTimeout(250, :repeat => false) do
|
685
|
+
@btn_send.state = STATE_UP
|
686
|
+
end
|
687
|
+
end
|
688
|
+
|
689
|
+
def hide()
|
690
|
+
@scanner.cancel() if @scanner
|
691
|
+
super
|
692
|
+
end
|
693
|
+
|
694
|
+
end
|
695
|
+
end
|
641
696
|
end
|