@integsec/agentic-pentest-proxy 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../../../src/transports/stdio.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEzD,wBAAsB,aAAa,CACjC,KAAK,EAAE,qBAAqB,EAC5B,eAAe,EAAE,MAAM,EACvB,YAAY,GAAE,MAAM,EAAO,GAC1B,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../../../src/transports/stdio.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEzD,wBAAsB,aAAa,CACjC,KAAK,EAAE,qBAAqB,EAC5B,eAAe,EAAE,MAAM,EACvB,YAAY,GAAE,MAAM,EAAO,GAC1B,OAAO,CAAC,IAAI,CAAC,CAgGf"}
|
|
@@ -16,6 +16,26 @@ export async function runStdioProxy(proxy, upstreamCommand, upstreamArgs = []) {
|
|
|
16
16
|
}
|
|
17
17
|
const auditLogger = proxy.getAuditLogger();
|
|
18
18
|
auditLogger.start();
|
|
19
|
+
// Buffer messages until upstream is ready. Some upstream servers (e.g. Burp's
|
|
20
|
+
// Java MCP proxy) need time to establish their own connections before they can
|
|
21
|
+
// handle JSON-RPC messages. We detect readiness when the upstream produces its
|
|
22
|
+
// first stdout output, OR after a timeout (whichever comes first).
|
|
23
|
+
let upstreamReady = false;
|
|
24
|
+
const pendingMessages = [];
|
|
25
|
+
const READY_TIMEOUT_MS = 20_000;
|
|
26
|
+
function flushPending() {
|
|
27
|
+
for (const msg of pendingMessages) {
|
|
28
|
+
upstream.stdin.write(msg + "\n");
|
|
29
|
+
}
|
|
30
|
+
pendingMessages.length = 0;
|
|
31
|
+
}
|
|
32
|
+
const readyTimer = setTimeout(() => {
|
|
33
|
+
if (!upstreamReady) {
|
|
34
|
+
upstreamReady = true;
|
|
35
|
+
console.error("[integsec-agentic-pentest-proxy] Upstream ready (timeout)");
|
|
36
|
+
flushPending();
|
|
37
|
+
}
|
|
38
|
+
}, READY_TIMEOUT_MS);
|
|
19
39
|
const agentInput = createInterface({ input: process.stdin, crlfDelay: Infinity });
|
|
20
40
|
const upstreamOutput = createInterface({ input: upstream.stdout, crlfDelay: Infinity });
|
|
21
41
|
// Agent → Proxy → Upstream
|
|
@@ -24,7 +44,12 @@ export async function runStdioProxy(proxy, upstreamCommand, upstreamArgs = []) {
|
|
|
24
44
|
const message = JSON.parse(line);
|
|
25
45
|
const { forward, response } = await proxy.handleMessage(message);
|
|
26
46
|
if (forward) {
|
|
27
|
-
|
|
47
|
+
if (upstreamReady) {
|
|
48
|
+
upstream.stdin.write(line + "\n");
|
|
49
|
+
}
|
|
50
|
+
else {
|
|
51
|
+
pendingMessages.push(line);
|
|
52
|
+
}
|
|
28
53
|
}
|
|
29
54
|
else if (response) {
|
|
30
55
|
process.stdout.write(JSON.stringify(response) + "\n");
|
|
@@ -32,11 +57,22 @@ export async function runStdioProxy(proxy, upstreamCommand, upstreamArgs = []) {
|
|
|
32
57
|
}
|
|
33
58
|
catch {
|
|
34
59
|
// Malformed JSON — pass through conservatively
|
|
35
|
-
|
|
60
|
+
if (upstreamReady) {
|
|
61
|
+
upstream.stdin.write(line + "\n");
|
|
62
|
+
}
|
|
63
|
+
else {
|
|
64
|
+
pendingMessages.push(line);
|
|
65
|
+
}
|
|
36
66
|
}
|
|
37
67
|
});
|
|
38
68
|
// Upstream → Agent (pass through all responses)
|
|
39
69
|
upstreamOutput.on("line", (line) => {
|
|
70
|
+
if (!upstreamReady) {
|
|
71
|
+
upstreamReady = true;
|
|
72
|
+
clearTimeout(readyTimer);
|
|
73
|
+
console.error("[integsec-agentic-pentest-proxy] Upstream ready (first output)");
|
|
74
|
+
flushPending();
|
|
75
|
+
}
|
|
40
76
|
process.stdout.write(line + "\n");
|
|
41
77
|
});
|
|
42
78
|
upstream.on("exit", async (code) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../../src/transports/stdio.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAqB,MAAM,eAAe,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAG3C,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAA4B,EAC5B,eAAuB,EACvB,eAAyB,EAAE;IAE3B,uEAAuE;IACvE,0EAA0E;IAC1E,wEAAwE;IACxE,qDAAqD;IACrD,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9D,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAiB,KAAK,CAAC,SAAS,EAAE;QAC9C,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC;QAClC,KAAK,EAAE,IAAI;KACZ,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC;IAC3C,WAAW,CAAC,KAAK,EAAE,CAAC;IAEpB,MAAM,UAAU,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;IAClF,MAAM,cAAc,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;IAExF,2BAA2B;IAC3B,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACnC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACjE,IAAI,OAAO,EAAE,CAAC;gBACZ,QAAQ,CAAC,KAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"stdio.js","sourceRoot":"","sources":["../../../src/transports/stdio.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAqB,MAAM,eAAe,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAG3C,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAA4B,EAC5B,eAAuB,EACvB,eAAyB,EAAE;IAE3B,uEAAuE;IACvE,0EAA0E;IAC1E,wEAAwE;IACxE,qDAAqD;IACrD,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9D,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjF,MAAM,QAAQ,GAAiB,KAAK,CAAC,SAAS,EAAE;QAC9C,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC;QAClC,KAAK,EAAE,IAAI;KACZ,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC;IAC3C,WAAW,CAAC,KAAK,EAAE,CAAC;IAEpB,8EAA8E;IAC9E,+EAA+E;IAC/E,+EAA+E;IAC/E,mEAAmE;IACnE,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,MAAM,gBAAgB,GAAG,MAAM,CAAC;IAEhC,SAAS,YAAY;QACnB,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;YAClC,QAAQ,CAAC,KAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;QACpC,CAAC;QACD,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,EAAE;QACjC,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,GAAG,IAAI,CAAC;YACrB,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;YAC3E,YAAY,EAAE,CAAC;QACjB,CAAC;IACH,CAAC,EAAE,gBAAgB,CAAC,CAAC;IAErB,MAAM,UAAU,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;IAClF,MAAM,cAAc,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;IAExF,2BAA2B;IAC3B,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACnC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACjE,IAAI,OAAO,EAAE,CAAC;gBACZ,IAAI,aAAa,EAAE,CAAC;oBAClB,QAAQ,CAAC,KAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;gBACrC,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC7B,CAAC;YACH,CAAC;iBAAM,IAAI,QAAQ,EAAE,CAAC;gBACpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;YAC/C,IAAI,aAAa,EAAE,CAAC;gBAClB,QAAQ,CAAC,KAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;YACrC,CAAC;iBAAM,CAAC;gBACN,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,gDAAgD;IAChD,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;QACjC,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,GAAG,IAAI,CAAC;YACrB,YAAY,CAAC,UAAU,CAAC,CAAC;YACzB,OAAO,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;YAChF,YAAY,EAAE,CAAC;QACjB,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACjC,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;QAC9B,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,EAAE,CAAC;QAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;IAEH,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,IAAI,EAAE;QAC/B,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,EAAE,CAAC;QAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
{
|
|
2
|
+
"mcpServers": {
|
|
3
|
+
"burp-scoped": {
|
|
4
|
+
"command": "C:\\Users\\MichelChamberland\\AppData\\Roaming\\npm\\integsec-agentic-pentest-proxy.cmd",
|
|
5
|
+
"args": [],
|
|
6
|
+
"env": {
|
|
7
|
+
"SCOPE_MANIFEST_PATH": "C:/Work/mcp-scope-proxy/examples/scope-test-integsec.json",
|
|
8
|
+
"MCP_TRANSPORT": "stdio",
|
|
9
|
+
"UPSTREAM_MCP_COMMAND": "c:\\users\\michelchamberland\\appdata\\local\\programs\\burpsuitepro\\jre\\bin\\java.exe",
|
|
10
|
+
"UPSTREAM_MCP_ARGS": "-jar,C:\\Users\\MichelChamberland\\AppData\\Roaming\\BurpSuite\\mcp-proxy\\mcp-proxy-all.jar,--sse-url,http://127.0.0.1:9876",
|
|
11
|
+
"AUDIT_LOG_PATH": "C:/Work/mcp-scope-proxy/audit"
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
}
|
|
15
|
+
}
|