diff --git a/README.md b/README.md new file mode 100644 index 0000000..8be797f --- /dev/null +++ b/README.md @@ -0,0 +1,20 @@ +# AES Killer (Burpsuite Plugin) +[![Open Source Love](https://badges.frapsoft.com/os/v1/open-source.svg?v=102)](https://github.com/ellerbrock/open-source-badge/) +[![GitHub version](https://d25lcipzij17d.cloudfront.net/badge.svg?id=gh&type=0.2&v=1.0&x2=0)](http://badge.fury.io/gh/boennemann%2Fbadges) +[![Open Source Love](https://badges.frapsoft.com/os/mit/mit.svg?v=102)](https://github.com/ellerbrock/open-source-badge/) + +**Burpsuite Plugin to decrypt AES Encrypted mobile app traffic** + + + +### Requirements +- Burpsuite +- Java + + +### Tested on +- Burpsuite 1.7.36 +- Windows 10 +- xubuntu 18.04 +- Kali Linux 2018 + diff --git a/build.xml b/build.xml new file mode 100644 index 0000000..a95f8d8 --- /dev/null +++ b/build.xml @@ -0,0 +1,73 @@ + + + + + + + + + + + Builds, tests, and runs the project AES Killer. + + + diff --git a/build/built-jar.properties b/build/built-jar.properties new file mode 100644 index 0000000..cb2eb4a --- /dev/null +++ b/build/built-jar.properties @@ -0,0 +1,4 @@ +#Mon, 24 Sep 2018 15:43:13 +0500 + + +C\:\\Users\\abdul.wahab\\Documents\\Git\ Projects\\AES\ Killer= diff --git a/build/classes/burp/BurpExtender.class b/build/classes/burp/BurpExtender.class new file mode 100644 index 0000000..7945208 Binary files /dev/null and b/build/classes/burp/BurpExtender.class differ diff --git a/build/classes/burp/IBurpCollaboratorClientContext.class b/build/classes/burp/IBurpCollaboratorClientContext.class new file mode 100644 index 0000000..714e15d Binary files /dev/null and b/build/classes/burp/IBurpCollaboratorClientContext.class differ diff --git a/build/classes/burp/IBurpCollaboratorInteraction.class b/build/classes/burp/IBurpCollaboratorInteraction.class new file mode 100644 index 0000000..b3725eb Binary files /dev/null and b/build/classes/burp/IBurpCollaboratorInteraction.class differ diff --git a/build/classes/burp/IBurpExtender.class b/build/classes/burp/IBurpExtender.class new file mode 100644 index 0000000..ee11bdc Binary files /dev/null and b/build/classes/burp/IBurpExtender.class differ diff --git a/build/classes/burp/IBurpExtenderCallbacks.class b/build/classes/burp/IBurpExtenderCallbacks.class new file mode 100644 index 0000000..ed1ad48 Binary files /dev/null and b/build/classes/burp/IBurpExtenderCallbacks.class differ diff --git a/build/classes/burp/IContextMenuFactory.class b/build/classes/burp/IContextMenuFactory.class new file mode 100644 index 0000000..e9a143a Binary files /dev/null and b/build/classes/burp/IContextMenuFactory.class differ diff --git a/build/classes/burp/IContextMenuInvocation.class b/build/classes/burp/IContextMenuInvocation.class new file mode 100644 index 0000000..8e70856 Binary files /dev/null and b/build/classes/burp/IContextMenuInvocation.class differ diff --git a/build/classes/burp/ICookie.class b/build/classes/burp/ICookie.class new file mode 100644 index 0000000..1165bd6 Binary files /dev/null and b/build/classes/burp/ICookie.class differ diff --git a/build/classes/burp/IExtensionHelpers.class b/build/classes/burp/IExtensionHelpers.class new file mode 100644 index 0000000..266a172 Binary files /dev/null and b/build/classes/burp/IExtensionHelpers.class differ diff --git a/build/classes/burp/IExtensionStateListener.class b/build/classes/burp/IExtensionStateListener.class new file mode 100644 index 0000000..4c8148f Binary files /dev/null and b/build/classes/burp/IExtensionStateListener.class differ diff --git a/build/classes/burp/IHttpListener.class b/build/classes/burp/IHttpListener.class new file mode 100644 index 0000000..9530175 Binary files /dev/null and b/build/classes/burp/IHttpListener.class differ diff --git a/build/classes/burp/IHttpRequestResponse.class b/build/classes/burp/IHttpRequestResponse.class new file mode 100644 index 0000000..62b707e Binary files /dev/null and b/build/classes/burp/IHttpRequestResponse.class differ diff --git a/build/classes/burp/IHttpRequestResponsePersisted.class b/build/classes/burp/IHttpRequestResponsePersisted.class new file mode 100644 index 0000000..0e7baec Binary files /dev/null and b/build/classes/burp/IHttpRequestResponsePersisted.class differ diff --git a/build/classes/burp/IHttpRequestResponseWithMarkers.class b/build/classes/burp/IHttpRequestResponseWithMarkers.class new file mode 100644 index 0000000..2f25666 Binary files /dev/null and b/build/classes/burp/IHttpRequestResponseWithMarkers.class differ diff --git a/build/classes/burp/IHttpService.class b/build/classes/burp/IHttpService.class new file mode 100644 index 0000000..f4d2aaa Binary files /dev/null and b/build/classes/burp/IHttpService.class differ diff --git a/build/classes/burp/IInterceptedProxyMessage.class b/build/classes/burp/IInterceptedProxyMessage.class new file mode 100644 index 0000000..5a13ee5 Binary files /dev/null and b/build/classes/burp/IInterceptedProxyMessage.class differ diff --git a/build/classes/burp/IIntruderAttack.class b/build/classes/burp/IIntruderAttack.class new file mode 100644 index 0000000..7547788 Binary files /dev/null and b/build/classes/burp/IIntruderAttack.class differ diff --git a/build/classes/burp/IIntruderPayloadGenerator.class b/build/classes/burp/IIntruderPayloadGenerator.class new file mode 100644 index 0000000..17f508c Binary files /dev/null and b/build/classes/burp/IIntruderPayloadGenerator.class differ diff --git a/build/classes/burp/IIntruderPayloadGeneratorFactory.class b/build/classes/burp/IIntruderPayloadGeneratorFactory.class new file mode 100644 index 0000000..7070425 Binary files /dev/null and b/build/classes/burp/IIntruderPayloadGeneratorFactory.class differ diff --git a/build/classes/burp/IIntruderPayloadProcessor.class b/build/classes/burp/IIntruderPayloadProcessor.class new file mode 100644 index 0000000..ae707a9 Binary files /dev/null and b/build/classes/burp/IIntruderPayloadProcessor.class differ diff --git a/build/classes/burp/IMenuItemHandler.class b/build/classes/burp/IMenuItemHandler.class new file mode 100644 index 0000000..1285482 Binary files /dev/null and b/build/classes/burp/IMenuItemHandler.class differ diff --git a/build/classes/burp/IMessageEditor.class b/build/classes/burp/IMessageEditor.class new file mode 100644 index 0000000..363efe1 Binary files /dev/null and b/build/classes/burp/IMessageEditor.class differ diff --git a/build/classes/burp/IMessageEditorController.class b/build/classes/burp/IMessageEditorController.class new file mode 100644 index 0000000..e542370 Binary files /dev/null and b/build/classes/burp/IMessageEditorController.class differ diff --git a/build/classes/burp/IMessageEditorTab.class b/build/classes/burp/IMessageEditorTab.class new file mode 100644 index 0000000..8f47fb7 Binary files /dev/null and b/build/classes/burp/IMessageEditorTab.class differ diff --git a/build/classes/burp/IMessageEditorTabFactory.class b/build/classes/burp/IMessageEditorTabFactory.class new file mode 100644 index 0000000..3a31a95 Binary files /dev/null and b/build/classes/burp/IMessageEditorTabFactory.class differ diff --git a/build/classes/burp/IParameter.class b/build/classes/burp/IParameter.class new file mode 100644 index 0000000..c951c35 Binary files /dev/null and b/build/classes/burp/IParameter.class differ diff --git a/build/classes/burp/IProxyListener.class b/build/classes/burp/IProxyListener.class new file mode 100644 index 0000000..77d193b Binary files /dev/null and b/build/classes/burp/IProxyListener.class differ diff --git a/build/classes/burp/IRequestInfo.class b/build/classes/burp/IRequestInfo.class new file mode 100644 index 0000000..9a87b4b Binary files /dev/null and b/build/classes/burp/IRequestInfo.class differ diff --git a/build/classes/burp/IResponseInfo.class b/build/classes/burp/IResponseInfo.class new file mode 100644 index 0000000..a8930f8 Binary files /dev/null and b/build/classes/burp/IResponseInfo.class differ diff --git a/build/classes/burp/IResponseKeywords.class b/build/classes/burp/IResponseKeywords.class new file mode 100644 index 0000000..0fb62bd Binary files /dev/null and b/build/classes/burp/IResponseKeywords.class differ diff --git a/build/classes/burp/IResponseVariations.class b/build/classes/burp/IResponseVariations.class new file mode 100644 index 0000000..574f9e0 Binary files /dev/null and b/build/classes/burp/IResponseVariations.class differ diff --git a/build/classes/burp/IScanIssue.class b/build/classes/burp/IScanIssue.class new file mode 100644 index 0000000..448bbea Binary files /dev/null and b/build/classes/burp/IScanIssue.class differ diff --git a/build/classes/burp/IScanQueueItem.class b/build/classes/burp/IScanQueueItem.class new file mode 100644 index 0000000..99ce0f4 Binary files /dev/null and b/build/classes/burp/IScanQueueItem.class differ diff --git a/build/classes/burp/IScannerCheck.class b/build/classes/burp/IScannerCheck.class new file mode 100644 index 0000000..4572d8f Binary files /dev/null and b/build/classes/burp/IScannerCheck.class differ diff --git a/build/classes/burp/IScannerInsertionPoint.class b/build/classes/burp/IScannerInsertionPoint.class new file mode 100644 index 0000000..fbc6848 Binary files /dev/null and b/build/classes/burp/IScannerInsertionPoint.class differ diff --git a/build/classes/burp/IScannerInsertionPointProvider.class b/build/classes/burp/IScannerInsertionPointProvider.class new file mode 100644 index 0000000..43794e9 Binary files /dev/null and b/build/classes/burp/IScannerInsertionPointProvider.class differ diff --git a/build/classes/burp/IScannerListener.class b/build/classes/burp/IScannerListener.class new file mode 100644 index 0000000..4b173c1 Binary files /dev/null and b/build/classes/burp/IScannerListener.class differ diff --git a/build/classes/burp/IScopeChangeListener.class b/build/classes/burp/IScopeChangeListener.class new file mode 100644 index 0000000..1c005b5 Binary files /dev/null and b/build/classes/burp/IScopeChangeListener.class differ diff --git a/build/classes/burp/ISessionHandlingAction.class b/build/classes/burp/ISessionHandlingAction.class new file mode 100644 index 0000000..7c92c0c Binary files /dev/null and b/build/classes/burp/ISessionHandlingAction.class differ diff --git a/build/classes/burp/ITab.class b/build/classes/burp/ITab.class new file mode 100644 index 0000000..83485ce Binary files /dev/null and b/build/classes/burp/ITab.class differ diff --git a/build/classes/burp/ITempFile.class b/build/classes/burp/ITempFile.class new file mode 100644 index 0000000..99ac3e8 Binary files /dev/null and b/build/classes/burp/ITempFile.class differ diff --git a/build/classes/burp/ITextEditor.class b/build/classes/burp/ITextEditor.class new file mode 100644 index 0000000..a0cb25c Binary files /dev/null and b/build/classes/burp/ITextEditor.class differ diff --git a/build/classes/burp/MainPanel$1.class b/build/classes/burp/MainPanel$1.class new file mode 100644 index 0000000..ee5998d Binary files /dev/null and b/build/classes/burp/MainPanel$1.class differ diff --git a/build/classes/burp/MainPanel$2.class b/build/classes/burp/MainPanel$2.class new file mode 100644 index 0000000..ce47b42 Binary files /dev/null and b/build/classes/burp/MainPanel$2.class differ diff --git a/build/classes/burp/MainPanel$3.class b/build/classes/burp/MainPanel$3.class new file mode 100644 index 0000000..deb66ec Binary files /dev/null and b/build/classes/burp/MainPanel$3.class differ diff --git a/build/classes/burp/MainPanel$4.class b/build/classes/burp/MainPanel$4.class new file mode 100644 index 0000000..79a0fdb Binary files /dev/null and b/build/classes/burp/MainPanel$4.class differ diff --git a/build/classes/burp/MainPanel$5.class b/build/classes/burp/MainPanel$5.class new file mode 100644 index 0000000..904a4bf Binary files /dev/null and b/build/classes/burp/MainPanel$5.class differ diff --git a/build/classes/burp/MainPanel$6.class b/build/classes/burp/MainPanel$6.class new file mode 100644 index 0000000..6a19435 Binary files /dev/null and b/build/classes/burp/MainPanel$6.class differ diff --git a/build/classes/burp/MainPanel$7.class b/build/classes/burp/MainPanel$7.class new file mode 100644 index 0000000..1d375f8 Binary files /dev/null and b/build/classes/burp/MainPanel$7.class differ diff --git a/build/classes/burp/MainPanel.class b/build/classes/burp/MainPanel.class new file mode 100644 index 0000000..a8d1c5c Binary files /dev/null and b/build/classes/burp/MainPanel.class differ diff --git a/dist/AES_Killer.jar b/dist/AES_Killer.jar new file mode 100644 index 0000000..3e7e17e Binary files /dev/null and b/dist/AES_Killer.jar differ diff --git a/dist/README.TXT b/dist/README.TXT new file mode 100644 index 0000000..b06c3aa --- /dev/null +++ b/dist/README.TXT @@ -0,0 +1,32 @@ +======================== +BUILD OUTPUT DESCRIPTION +======================== + +When you build an Java application project that has a main class, the IDE +automatically copies all of the JAR +files on the projects classpath to your projects dist/lib folder. The IDE +also adds each of the JAR files to the Class-Path element in the application +JAR files manifest file (MANIFEST.MF). + +To run the project from the command line, go to the dist folder and +type the following: + +java -jar "AES_Killer.jar" + +To distribute this project, zip up the dist folder (including the lib folder) +and distribute the ZIP file. + +Notes: + +* If two JAR files on the project classpath have the same name, only the first +JAR file is copied to the lib folder. +* Only JAR files are copied to the lib folder. +If the classpath contains other types of files or folders, these files (folders) +are not copied. +* If a library on the projects classpath also has a Class-Path element +specified in the manifest,the content of the Class-Path element has to be on +the projects runtime path. +* To set a main class in a standard Java project, right-click the project node +in the Projects window and choose Properties. Then click Run and enter the +class name in the Main Class field. Alternatively, you can manually type the +class name in the manifest Main-Class element. diff --git a/dist/lib/AbsoluteLayout.jar b/dist/lib/AbsoluteLayout.jar new file mode 100644 index 0000000..40dfa69 Binary files /dev/null and b/dist/lib/AbsoluteLayout.jar differ diff --git a/manifest.mf b/manifest.mf new file mode 100644 index 0000000..1574df4 --- /dev/null +++ b/manifest.mf @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +X-COMMENT: Main-Class will be added automatically by build + diff --git a/nbproject/build-impl.xml b/nbproject/build-impl.xml new file mode 100644 index 0000000..5157452 --- /dev/null +++ b/nbproject/build-impl.xml @@ -0,0 +1,1413 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must set src.dir + Must set test.src.dir + Must set build.dir + Must set dist.dir + Must set build.classes.dir + Must set dist.javadoc.dir + Must set build.test.classes.dir + Must set build.test.results.dir + Must set build.classes.excludes + Must set dist.jar + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must set javac.includes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + No tests executed. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must set JVM to use for profiling in profiler.info.jvm + Must set profiler agent JVM arguments in profiler.info.jvmargs.agent + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select some files in the IDE or set javac.includes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + To run this application from the command line without Ant, try: + + java -jar "${dist.jar.resolved}" + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select one file in the IDE or set run.class + + + + Must select one file in the IDE or set run.class + + + + + + + + + + + + + + + + + + + + + + + Must select one file in the IDE or set debug.class + + + + + Must select one file in the IDE or set debug.class + + + + + Must set fix.includes + + + + + + + + + + This target only works when run from inside the NetBeans IDE. + + + + + + + + + Must select one file in the IDE or set profile.class + This target only works when run from inside the NetBeans IDE. + + + + + + + + + This target only works when run from inside the NetBeans IDE. + + + + + + + + + + + + + This target only works when run from inside the NetBeans IDE. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select one file in the IDE or set run.class + + + + + + Must select some files in the IDE or set test.includes + + + + + Must select one file in the IDE or set run.class + + + + + Must select one file in the IDE or set applet.url + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select some files in the IDE or set javac.includes + + + + + + + + + + + + + + + + + + + + Some tests failed; see details above. + + + + + + + + + Must select some files in the IDE or set test.includes + + + + Some tests failed; see details above. + + + + Must select some files in the IDE or set test.class + Must select some method in the IDE or set test.method + + + + Some tests failed; see details above. + + + + + Must select one file in the IDE or set test.class + + + + Must select one file in the IDE or set test.class + Must select some method in the IDE or set test.method + + + + + + + + + + + + + + Must select one file in the IDE or set applet.url + + + + + + + + + Must select one file in the IDE or set applet.url + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/nbproject/genfiles.properties b/nbproject/genfiles.properties new file mode 100644 index 0000000..7408373 --- /dev/null +++ b/nbproject/genfiles.properties @@ -0,0 +1,8 @@ +build.xml.data.CRC32=10dbba3e +build.xml.script.CRC32=aba3a0de +build.xml.stylesheet.CRC32=8064a381@1.75.2.48 +# This file is used by a NetBeans-based IDE to track changes in generated files such as build-impl.xml. +# Do not edit this file. You may delete it but then the IDE will never regenerate such files for you. +nbproject/build-impl.xml.data.CRC32=10dbba3e +nbproject/build-impl.xml.script.CRC32=d610668a +nbproject/build-impl.xml.stylesheet.CRC32=876e7a8f@1.75.2.48 diff --git a/nbproject/private/config.properties b/nbproject/private/config.properties new file mode 100644 index 0000000..e69de29 diff --git a/nbproject/private/private.properties b/nbproject/private/private.properties new file mode 100644 index 0000000..0e7cfc2 --- /dev/null +++ b/nbproject/private/private.properties @@ -0,0 +1,6 @@ +compile.on.save=false +do.depend=false +do.jar=true +javac.debug=true +javadoc.preview=true +user.properties.file=C:\\Users\\abdul.wahab\\AppData\\Roaming\\NetBeans\\8.0.2\\build.properties diff --git a/nbproject/private/private.xml b/nbproject/private/private.xml new file mode 100644 index 0000000..dde0891 --- /dev/null +++ b/nbproject/private/private.xml @@ -0,0 +1,9 @@ + + + + + + file:/C:/Users/abdul.wahab/Documents/Git%20Projects/AES_Killer/src/burp/BurpExtender.java + + + diff --git a/nbproject/project.properties b/nbproject/project.properties new file mode 100644 index 0000000..89ba471 --- /dev/null +++ b/nbproject/project.properties @@ -0,0 +1,74 @@ +annotation.processing.enabled=true +annotation.processing.enabled.in.editor=false +annotation.processing.processors.list= +annotation.processing.run.all.processors=true +annotation.processing.source.output=${build.generated.sources.dir}/ap-source-output +application.title=AES Killer +application.vendor=abdul.wahab +build.classes.dir=${build.dir}/classes +build.classes.excludes=**/*.java,**/*.form +# This directory is removed when the project is cleaned: +build.dir=build +build.generated.dir=${build.dir}/generated +build.generated.sources.dir=${build.dir}/generated-sources +# Only compile against the classpath explicitly listed here: +build.sysclasspath=ignore +build.test.classes.dir=${build.dir}/test/classes +build.test.results.dir=${build.dir}/test/results +# Uncomment to specify the preferred debugger connection transport: +#debug.transport=dt_socket +debug.classpath=\ + ${run.classpath} +debug.test.classpath=\ + ${run.test.classpath} +# This directory is removed when the project is cleaned: +dist.dir=dist +dist.jar=${dist.dir}/AES_Killer.jar +dist.javadoc.dir=${dist.dir}/javadoc +endorsed.classpath= +excludes= +includes=** +jar.compress=false +javac.classpath=\ + ${libs.absolutelayout.classpath} +# Space-separated list of extra javac options +javac.compilerargs= +javac.deprecation=false +javac.processorpath=\ + ${javac.classpath} +javac.source=1.7 +javac.target=1.7 +javac.test.classpath=\ + ${javac.classpath}:\ + ${build.classes.dir} +javac.test.processorpath=\ + ${javac.test.classpath} +javadoc.additionalparam= +javadoc.author=false +javadoc.encoding=${source.encoding} +javadoc.noindex=false +javadoc.nonavbar=false +javadoc.notree=false +javadoc.private=false +javadoc.splitindex=true +javadoc.use=true +javadoc.version=false +javadoc.windowtitle= +main.class= +manifest.file=manifest.mf +meta.inf.dir=${src.dir}/META-INF +mkdist.disabled=false +platform.active=default_platform +run.classpath=\ + ${javac.classpath}:\ + ${build.classes.dir} +# Space-separated list of JVM arguments used when running the project +# (you may also define separate properties like run-sys-prop.name=value instead of -Dname=value +# or test-sys-prop.name=value to set system properties for unit tests): +run.jvmargs= +run.test.classpath=\ + ${javac.test.classpath}:\ + ${build.test.classes.dir} +source.encoding=UTF-8 +src.dir=src +test.src.dir=test diff --git a/nbproject/project.xml b/nbproject/project.xml new file mode 100644 index 0000000..9eedc65 --- /dev/null +++ b/nbproject/project.xml @@ -0,0 +1,15 @@ + + + org.netbeans.modules.java.j2seproject + + + AES Killer + + + + + + + + + diff --git a/src/burp/BurpExtender.java b/src/burp/BurpExtender.java new file mode 100644 index 0000000..e26a7ea --- /dev/null +++ b/src/burp/BurpExtender.java @@ -0,0 +1,211 @@ +package burp; +import java.awt.Component; +import java.io.PrintWriter; +import java.util.Base64; +import java.util.List; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.spec.IvParameterSpec; +import javax.swing.JButton; +import javax.swing.JLabel; +import javax.swing.JOptionPane; +import javax.swing.JPanel; +import javax.swing.JTabbedPane; +import javax.swing.JTextField; + + +public class BurpExtender implements IBurpExtender, ITab, IProxyListener, IHttpListener +{ + public String ExtensionName = "AES Killer"; + public String TabName = "AES Killer"; + + public IBurpExtenderCallbacks callbacks; + public IExtensionHelpers helpers; + public PrintWriter stdout; + public PrintWriter stderr; + + public MainPanel myPanel; + + public Cipher cipher; + public IvParameterSpec iv_param; + public SecretKey sec_key; + public String reqURL = null; + public String reqParameter = null; + public String resPrarameter = null; + public Boolean decResponse = false; + + @Override + public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) + { + this.callbacks = callbacks; + this.helpers = callbacks.getHelpers(); + stdout = new PrintWriter(callbacks.getStdout(), true); + this.callbacks.setExtensionName(this.ExtensionName); + + myPanel = new MainPanel(this); + this.callbacks.addSuiteTab(this); + } + + @Override + public String getTabCaption() { + return this.TabName; + } + + @Override + public Component getUiComponent() { + return this.myPanel; + } + + @Override + public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessage message) { + if (messageIsRequest){ + IHttpRequestResponse messageInfo = message.getMessageInfo(); + IRequestInfo reqInfo = helpers.analyzeRequest(messageInfo); + List headers = reqInfo.getHeaders(); + headers.add("AES-Killer: myheader=="); + String request = new String(messageInfo.getRequest()); + String URL = new String(reqInfo.getUrl().toString()); + if (URL.contains(this.reqURL)){ + stdout.println(URL); + String messageBody = request.substring(reqInfo.getBodyOffset()); + if ( !this.reqParameter.equals("") && messageBody.startsWith(this.reqParameter)){ + String arr[] = messageBody.split(this.reqParameter); + messageBody = arr[1].substring(0, arr[1].length()-1); + } + messageBody = removeNull(messageBody); + messageBody = removeOff(messageBody); + messageBody = doDecrypt(messageBody); + byte[] updateMessage = helpers.buildHttpMessage(headers, messageBody.getBytes()); + messageInfo.setRequest(updateMessage); + } + + } + else { + + if (this.decResponse != true){ + stdout.println("---- in if --------------"); + return; + } + stdout.println("---- not in if --------------"); + IHttpRequestResponse messageInfo = message.getMessageInfo(); + IRequestInfo reqInfo = helpers.analyzeRequest(messageInfo); + String URL = new String(reqInfo.getUrl().toString()); + if (URL.contains(this.reqURL)){ + IResponseInfo resInfo = helpers.analyzeResponse(messageInfo.getResponse()); + List headers = resInfo.getHeaders(); + headers.add("AES-Killer: myheader=="); + String response = new String(messageInfo.getResponse()); + String params = new String(response.substring(resInfo.getBodyOffset())); + try{ + params = doDecrypt(params); + stdout.println( params.length() + ": " + params); + stdout.println("------------------"); + byte[] updateMessage = helpers.buildHttpMessage(headers, params.getBytes()); + messageInfo.setResponse(updateMessage); + } + catch (Exception ex) { + stdout.println( params.length() + ": Exception Here"); + } + } + } + } + + public String doEncrypt(String paramString){ + try{ + cipher.init(1, sec_key ,iv_param); + paramString = new String (Base64.getEncoder().encodeToString(cipher.doFinal(paramString.getBytes()))); + return paramString; + }catch(Exception ex){ + return null; + } + } + + public String doDecrypt(String paramString){ + try{ + cipher.init(2, sec_key ,iv_param); + paramString = new String (cipher.doFinal(Base64.getDecoder().decode(paramString))); + return paramString; + }catch(Exception ex){ + return null; + } + } + + public String removeNull(String paramString){ + if (paramString != null) { + return paramString.replace("%0A", "").replace("%2C",""); + } + return null; + } + + public String removeOff(String paramString) + { + if (paramString != null) { + return paramString.replace("-", "+").replace("_", "/").replace(",", "="); + } + return null; + } + + public String doOff(String paramString) + { + if (paramString != null) { + return paramString.replace("+", "-").replace("/", "_").replace("=", ","); + } + return null; + } + + @Override + public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { + if (messageIsRequest){ +// IHttpRequestResponse messageInfo = message.getMessageInfo(); + IRequestInfo reqInfo = helpers.analyzeRequest(messageInfo); + List headers = reqInfo.getHeaders(); + headers.add("AES-Killer: myheader=="); + String request = new String(messageInfo.getRequest()); + String URL = new String(reqInfo.getUrl().toString()); + if (URL.contains(this.reqURL)){ + stdout.println(URL); + String messageBody = request.substring(reqInfo.getBodyOffset()); + if (messageBody.startsWith(this.reqParameter)){ + String arr[] = messageBody.split(this.reqParameter); + String params = arr[1].substring(0, arr[1].length()-1); + params = removeNull(params); + params = removeOff(params); + params = doDecrypt(params); + stdout.println(params); + stdout.println("----------------"); + byte[] updateMessage = helpers.buildHttpMessage(headers, params.getBytes()); + messageInfo.setRequest(updateMessage); + } + } + + } + else { + + if (this.decResponse != true){ + stdout.println("---- in if --------------"); + return; + } + stdout.println("---- not in if --------------"); +// IHttpRequestResponse messageInfo = message.getMessageInfo(); + IRequestInfo reqInfo = helpers.analyzeRequest(messageInfo); + String URL = new String(reqInfo.getUrl().toString()); + if (URL.contains(this.reqURL)){ + IResponseInfo resInfo = helpers.analyzeResponse(messageInfo.getResponse()); + List headers = resInfo.getHeaders(); + headers.add("AES-Killer: myheader=="); + String response = new String(messageInfo.getResponse()); + String params = new String(response.substring(resInfo.getBodyOffset())); + try{ + params = doDecrypt(params); + stdout.println( params.length() + ": " + params); + stdout.println("------------------"); + byte[] updateMessage = helpers.buildHttpMessage(headers, params.getBytes()); + messageInfo.setResponse(updateMessage); + } + catch (Exception ex) { + stdout.println( params.length() + ": Exception Here"); + } + } + } + } +} diff --git a/src/burp/IBurpCollaboratorClientContext.java b/src/burp/IBurpCollaboratorClientContext.java new file mode 100644 index 0000000..8caf731 --- /dev/null +++ b/src/burp/IBurpCollaboratorClientContext.java @@ -0,0 +1,85 @@ +package burp; + +/* + * @(#)IBurpCollaboratorClientContext.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * This interface represents an instance of a Burp Collaborator client context, + * which can be used to generate Burp Collaborator payloads and poll the + * Collaborator server for any network interactions that result from using those + * payloads. Extensions can obtain new instances of this class by calling + * IBurpExtenderCallbacks.createBurpCollaboratorClientContext(). + * Note that each Burp Collaborator client context is tied to the Collaborator + * server configuration that was in place at the time the context was created. + */ +public interface IBurpCollaboratorClientContext +{ + + /** + * This method is used to generate new Burp Collaborator payloads. + * + * @param includeCollaboratorServerLocation Specifies whether to include the + * Collaborator server location in the generated payload. + * @return The payload that was generated. + */ + String generatePayload(boolean includeCollaboratorServerLocation); + + /** + * This method is used to retrieve all interactions received by the + * Collaborator server resulting from payloads that were generated for this + * context. + * + * @return The Collaborator interactions that have occurred resulting from + * payloads that were generated for this context. + */ + List fetchAllCollaboratorInteractions(); + + /** + * This method is used to retrieve interactions received by the Collaborator + * server resulting from a single payload that was generated for this + * context. + * + * @param payload The payload for which interactions will be retrieved. + * @return The Collaborator interactions that have occurred resulting from + * the given payload. + */ + List fetchCollaboratorInteractionsFor(String payload); + + /** + * This method is used to retrieve all interactions made by Burp Infiltrator + * instrumentation resulting from payloads that were generated for this + * context. + * + * @return The interactions triggered by the Burp Infiltrator + * instrumentation that have occurred resulting from payloads that were + * generated for this context. + */ + List fetchAllInfiltratorInteractions(); + + /** + * This method is used to retrieve interactions made by Burp Infiltrator + * instrumentation resulting from a single payload that was generated for + * this context. + * + * @param payload The payload for which interactions will be retrieved. + * @return The interactions triggered by the Burp Infiltrator + * instrumentation that have occurred resulting from the given payload. + */ + List fetchInfiltratorInteractionsFor(String payload); + + /** + * This method is used to retrieve the network location of the Collaborator + * server. + * + * @return The hostname or IP address of the Collaborator server. + */ + String getCollaboratorServerLocation(); +} diff --git a/src/burp/IBurpCollaboratorInteraction.java b/src/burp/IBurpCollaboratorInteraction.java new file mode 100644 index 0000000..07ed661 --- /dev/null +++ b/src/burp/IBurpCollaboratorInteraction.java @@ -0,0 +1,41 @@ +package burp; + +/* + * @(#)IBurpCollaboratorInteraction.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.Map; + +/** + * This interface represents a network interaction that occurred with the Burp + * Collaborator server. + */ +public interface IBurpCollaboratorInteraction +{ + + /** + * This method is used to retrieve a property of the interaction. Properties + * of all interactions are: interaction_id, type, client_ip, and time_stamp. + * Properties of DNS interactions are: query_type and raw_query. The + * raw_query value is Base64-encoded. Properties of HTTP interactions are: + * protocol, request, and response. The request and response values are + * Base64-encoded. + * + * @param name The name of the property to retrieve. + * @return A string representing the property value, or null if not present. + */ + String getProperty(String name); + + /** + * This method is used to retrieve a map containing all properties of the + * interaction. + * + * @return A map containing all properties of the interaction. + */ + Map getProperties(); +} diff --git a/src/burp/IBurpExtender.java b/src/burp/IBurpExtender.java new file mode 100644 index 0000000..eaa4bec --- /dev/null +++ b/src/burp/IBurpExtender.java @@ -0,0 +1,31 @@ +package burp; + +/* + * @(#)IBurpExtender.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * All extensions must implement this interface. + * + * Implementations must be called BurpExtender, in the package burp, must be + * declared public, and must provide a default (public, no-argument) + * constructor. + */ +public interface IBurpExtender +{ + /** + * This method is invoked when the extension is loaded. It registers an + * instance of the + * IBurpExtenderCallbacks interface, providing methods that may + * be invoked by the extension to perform various actions. + * + * @param callbacks An + * IBurpExtenderCallbacks object. + */ + void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks); +} diff --git a/src/burp/IBurpExtenderCallbacks.java b/src/burp/IBurpExtenderCallbacks.java new file mode 100644 index 0000000..884f0f4 --- /dev/null +++ b/src/burp/IBurpExtenderCallbacks.java @@ -0,0 +1,1088 @@ +package burp; + +/* + * @(#)IBurpExtenderCallbacks.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.awt.Component; +import java.io.OutputStream; +import java.util.List; +import java.util.Map; + +/** + * This interface is used by Burp Suite to pass to extensions a set of callback + * methods that can be used by extensions to perform various actions within + * Burp. + * + * When an extension is loaded, Burp invokes its + * registerExtenderCallbacks() method and passes an instance of the + * IBurpExtenderCallbacks interface. The extension may then invoke + * the methods of this interface as required in order to extend Burp's + * functionality. + */ +public interface IBurpExtenderCallbacks +{ + + /** + * Flag used to identify Burp Suite as a whole. + */ + int TOOL_SUITE = 0x00000001; + /** + * Flag used to identify the Burp Target tool. + */ + int TOOL_TARGET = 0x00000002; + /** + * Flag used to identify the Burp Proxy tool. + */ + int TOOL_PROXY = 0x00000004; + /** + * Flag used to identify the Burp Spider tool. + */ + int TOOL_SPIDER = 0x00000008; + /** + * Flag used to identify the Burp Scanner tool. + */ + int TOOL_SCANNER = 0x00000010; + /** + * Flag used to identify the Burp Intruder tool. + */ + int TOOL_INTRUDER = 0x00000020; + /** + * Flag used to identify the Burp Repeater tool. + */ + int TOOL_REPEATER = 0x00000040; + /** + * Flag used to identify the Burp Sequencer tool. + */ + int TOOL_SEQUENCER = 0x00000080; + /** + * Flag used to identify the Burp Decoder tool. + */ + int TOOL_DECODER = 0x00000100; + /** + * Flag used to identify the Burp Comparer tool. + */ + int TOOL_COMPARER = 0x00000200; + /** + * Flag used to identify the Burp Extender tool. + */ + int TOOL_EXTENDER = 0x00000400; + + /** + * This method is used to set the display name for the current extension, + * which will be displayed within the user interface for the Extender tool. + * + * @param name The extension name. + */ + void setExtensionName(String name); + + /** + * This method is used to obtain an IExtensionHelpers object, + * which can be used by the extension to perform numerous useful tasks. + * + * @return An object containing numerous helper methods, for tasks such as + * building and analyzing HTTP requests. + */ + IExtensionHelpers getHelpers(); + + /** + * This method is used to obtain the current extension's standard output + * stream. Extensions should write all output to this stream, allowing the + * Burp user to configure how that output is handled from within the UI. + * + * @return The extension's standard output stream. + */ + OutputStream getStdout(); + + /** + * This method is used to obtain the current extension's standard error + * stream. Extensions should write all error messages to this stream, + * allowing the Burp user to configure how that output is handled from + * within the UI. + * + * @return The extension's standard error stream. + */ + OutputStream getStderr(); + + /** + * This method prints a line of output to the current extension's standard + * output stream. + * + * @param output The message to print. + */ + void printOutput(String output); + + /** + * This method prints a line of output to the current extension's standard + * error stream. + * + * @param error The message to print. + */ + void printError(String error); + + /** + * This method is used to register a listener which will be notified of + * changes to the extension's state. Note: Any extensions that start + * background threads or open system resources (such as files or database + * connections) should register a listener and terminate threads / close + * resources when the extension is unloaded. + * + * @param listener An object created by the extension that implements the + * IExtensionStateListener interface. + */ + void registerExtensionStateListener(IExtensionStateListener listener); + + /** + * This method is used to retrieve the extension state listeners that are + * registered by the extension. + * + * @return A list of extension state listeners that are currently registered + * by this extension. + */ + List getExtensionStateListeners(); + + /** + * This method is used to remove an extension state listener that has been + * registered by the extension. + * + * @param listener The extension state listener to be removed. + */ + void removeExtensionStateListener(IExtensionStateListener listener); + + /** + * This method is used to register a listener which will be notified of + * requests and responses made by any Burp tool. Extensions can perform + * custom analysis or modification of these messages by registering an HTTP + * listener. + * + * @param listener An object created by the extension that implements the + * IHttpListener interface. + */ + void registerHttpListener(IHttpListener listener); + + /** + * This method is used to retrieve the HTTP listeners that are registered by + * the extension. + * + * @return A list of HTTP listeners that are currently registered by this + * extension. + */ + List getHttpListeners(); + + /** + * This method is used to remove an HTTP listener that has been registered + * by the extension. + * + * @param listener The HTTP listener to be removed. + */ + void removeHttpListener(IHttpListener listener); + + /** + * This method is used to register a listener which will be notified of + * requests and responses being processed by the Proxy tool. Extensions can + * perform custom analysis or modification of these messages, and control + * in-UI message interception, by registering a proxy listener. + * + * @param listener An object created by the extension that implements the + * IProxyListener interface. + */ + void registerProxyListener(IProxyListener listener); + + /** + * This method is used to retrieve the Proxy listeners that are registered + * by the extension. + * + * @return A list of Proxy listeners that are currently registered by this + * extension. + */ + List getProxyListeners(); + + /** + * This method is used to remove a Proxy listener that has been registered + * by the extension. + * + * @param listener The Proxy listener to be removed. + */ + void removeProxyListener(IProxyListener listener); + + /** + * This method is used to register a listener which will be notified of new + * issues that are reported by the Scanner tool. Extensions can perform + * custom analysis or logging of Scanner issues by registering a Scanner + * listener. + * + * @param listener An object created by the extension that implements the + * IScannerListener interface. + */ + void registerScannerListener(IScannerListener listener); + + /** + * This method is used to retrieve the Scanner listeners that are registered + * by the extension. + * + * @return A list of Scanner listeners that are currently registered by this + * extension. + */ + List getScannerListeners(); + + /** + * This method is used to remove a Scanner listener that has been registered + * by the extension. + * + * @param listener The Scanner listener to be removed. + */ + void removeScannerListener(IScannerListener listener); + + /** + * This method is used to register a listener which will be notified of + * changes to Burp's suite-wide target scope. + * + * @param listener An object created by the extension that implements the + * IScopeChangeListener interface. + */ + void registerScopeChangeListener(IScopeChangeListener listener); + + /** + * This method is used to retrieve the scope change listeners that are + * registered by the extension. + * + * @return A list of scope change listeners that are currently registered by + * this extension. + */ + List getScopeChangeListeners(); + + /** + * This method is used to remove a scope change listener that has been + * registered by the extension. + * + * @param listener The scope change listener to be removed. + */ + void removeScopeChangeListener(IScopeChangeListener listener); + + /** + * This method is used to register a factory for custom context menu items. + * When the user invokes a context menu anywhere within Burp, the factory + * will be passed details of the invocation event, and asked to provide any + * custom context menu items that should be shown. + * + * @param factory An object created by the extension that implements the + * IContextMenuFactory interface. + */ + void registerContextMenuFactory(IContextMenuFactory factory); + + /** + * This method is used to retrieve the context menu factories that are + * registered by the extension. + * + * @return A list of context menu factories that are currently registered by + * this extension. + */ + List getContextMenuFactories(); + + /** + * This method is used to remove a context menu factory that has been + * registered by the extension. + * + * @param factory The context menu factory to be removed. + */ + void removeContextMenuFactory(IContextMenuFactory factory); + + /** + * This method is used to register a factory for custom message editor tabs. + * For each message editor that already exists, or is subsequently created, + * within Burp, the factory will be asked to provide a new instance of an + * IMessageEditorTab object, which can provide custom rendering + * or editing of HTTP messages. + * + * @param factory An object created by the extension that implements the + * IMessageEditorTabFactory interface. + */ + void registerMessageEditorTabFactory(IMessageEditorTabFactory factory); + + /** + * This method is used to retrieve the message editor tab factories that are + * registered by the extension. + * + * @return A list of message editor tab factories that are currently + * registered by this extension. + */ + List getMessageEditorTabFactories(); + + /** + * This method is used to remove a message editor tab factory that has been + * registered by the extension. + * + * @param factory The message editor tab factory to be removed. + */ + void removeMessageEditorTabFactory(IMessageEditorTabFactory factory); + + /** + * This method is used to register a provider of Scanner insertion points. + * For each base request that is actively scanned, Burp will ask the + * provider to provide any custom scanner insertion points that are + * appropriate for the request. + * + * @param provider An object created by the extension that implements the + * IScannerInsertionPointProvider interface. + */ + void registerScannerInsertionPointProvider( + IScannerInsertionPointProvider provider); + + /** + * This method is used to retrieve the Scanner insertion point providers + * that are registered by the extension. + * + * @return A list of Scanner insertion point providers that are currently + * registered by this extension. + */ + List getScannerInsertionPointProviders(); + + /** + * This method is used to remove a Scanner insertion point provider that has + * been registered by the extension. + * + * @param provider The Scanner insertion point provider to be removed. + */ + void removeScannerInsertionPointProvider( + IScannerInsertionPointProvider provider); + + /** + * This method is used to register a custom Scanner check. When performing + * scanning, Burp will ask the check to perform active or passive scanning + * on the base request, and report any Scanner issues that are identified. + * + * @param check An object created by the extension that implements the + * IScannerCheck interface. + */ + void registerScannerCheck(IScannerCheck check); + + /** + * This method is used to retrieve the Scanner checks that are registered by + * the extension. + * + * @return A list of Scanner checks that are currently registered by this + * extension. + */ + List getScannerChecks(); + + /** + * This method is used to remove a Scanner check that has been registered by + * the extension. + * + * @param check The Scanner check to be removed. + */ + void removeScannerCheck(IScannerCheck check); + + /** + * This method is used to register a factory for Intruder payloads. Each + * registered factory will be available within the Intruder UI for the user + * to select as the payload source for an attack. When this is selected, the + * factory will be asked to provide a new instance of an + * IIntruderPayloadGenerator object, which will be used to + * generate payloads for the attack. + * + * @param factory An object created by the extension that implements the + * IIntruderPayloadGeneratorFactory interface. + */ + void registerIntruderPayloadGeneratorFactory( + IIntruderPayloadGeneratorFactory factory); + + /** + * This method is used to retrieve the Intruder payload generator factories + * that are registered by the extension. + * + * @return A list of Intruder payload generator factories that are currently + * registered by this extension. + */ + List + getIntruderPayloadGeneratorFactories(); + + /** + * This method is used to remove an Intruder payload generator factory that + * has been registered by the extension. + * + * @param factory The Intruder payload generator factory to be removed. + */ + void removeIntruderPayloadGeneratorFactory( + IIntruderPayloadGeneratorFactory factory); + + /** + * This method is used to register a custom Intruder payload processor. Each + * registered processor will be available within the Intruder UI for the + * user to select as the action for a payload processing rule. + * + * @param processor An object created by the extension that implements the + * IIntruderPayloadProcessor interface. + */ + void registerIntruderPayloadProcessor(IIntruderPayloadProcessor processor); + + /** + * This method is used to retrieve the Intruder payload processors that are + * registered by the extension. + * + * @return A list of Intruder payload processors that are currently + * registered by this extension. + */ + List getIntruderPayloadProcessors(); + + /** + * This method is used to remove an Intruder payload processor that has been + * registered by the extension. + * + * @param processor The Intruder payload processor to be removed. + */ + void removeIntruderPayloadProcessor(IIntruderPayloadProcessor processor); + + /** + * This method is used to register a custom session handling action. Each + * registered action will be available within the session handling rule UI + * for the user to select as a rule action. Users can choose to invoke an + * action directly in its own right, or following execution of a macro. + * + * @param action An object created by the extension that implements the + * ISessionHandlingAction interface. + */ + void registerSessionHandlingAction(ISessionHandlingAction action); + + /** + * This method is used to retrieve the session handling actions that are + * registered by the extension. + * + * @return A list of session handling actions that are currently registered + * by this extension. + */ + List getSessionHandlingActions(); + + /** + * This method is used to remove a session handling action that has been + * registered by the extension. + * + * @param action The extension session handling action to be removed. + */ + void removeSessionHandlingAction(ISessionHandlingAction action); + + /** + * This method is used to unload the extension from Burp Suite. + */ + void unloadExtension(); + + /** + * This method is used to add a custom tab to the main Burp Suite window. + * + * @param tab An object created by the extension that implements the + * ITab interface. + */ + void addSuiteTab(ITab tab); + + /** + * This method is used to remove a previously-added tab from the main Burp + * Suite window. + * + * @param tab An object created by the extension that implements the + * ITab interface. + */ + void removeSuiteTab(ITab tab); + + /** + * This method is used to customize UI components in line with Burp's UI + * style, including font size, colors, table line spacing, etc. The action + * is performed recursively on any child components of the passed-in + * component. + * + * @param component The UI component to be customized. + */ + void customizeUiComponent(Component component); + + /** + * This method is used to create a new instance of Burp's HTTP message + * editor, for the extension to use in its own UI. + * + * @param controller An object created by the extension that implements the + * IMessageEditorController interface. This parameter is + * optional and may be null. If it is provided, then the + * message editor will query the controller when required to obtain details + * about the currently displayed message, including the + * IHttpService for the message, and the associated request or + * response message. If a controller is not provided, then the message + * editor will not support context menu actions, such as sending requests to + * other Burp tools. + * @param editable Indicates whether the editor created should be editable, + * or used only for message viewing. + * @return An object that implements the IMessageEditor + * interface, and which the extension can use in its own UI. + */ + IMessageEditor createMessageEditor(IMessageEditorController controller, + boolean editable); + + /** + * This method returns the command line arguments that were passed to Burp + * on startup. + * + * @return The command line arguments that were passed to Burp on startup. + */ + String[] getCommandLineArguments(); + + /** + * This method is used to save configuration settings for the extension in a + * persistent way that survives reloads of the extension and of Burp Suite. + * Saved settings can be retrieved using the method + * loadExtensionSetting(). + * + * @param name The name of the setting. + * @param value The value of the setting. If this value is null + * then any existing setting with the specified name will be removed. + */ + void saveExtensionSetting(String name, String value); + + /** + * This method is used to load configuration settings for the extension that + * were saved using the method saveExtensionSetting(). + * + * @param name The name of the setting. + * @return The value of the setting, or null if no value is + * set. + */ + String loadExtensionSetting(String name); + + /** + * This method is used to create a new instance of Burp's plain text editor, + * for the extension to use in its own UI. + * + * @return An object that implements the ITextEditor interface, + * and which the extension can use in its own UI. + */ + ITextEditor createTextEditor(); + + /** + * This method can be used to send an HTTP request to the Burp Repeater + * tool. The request will be displayed in the user interface, but will not + * be issued until the user initiates this action. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + * @param tabCaption An optional caption which will appear on the Repeater + * tab containing the request. If this value is null then a + * default tab index will be displayed. + */ + void sendToRepeater( + String host, + int port, + boolean useHttps, + byte[] request, + String tabCaption); + + /** + * This method can be used to send an HTTP request to the Burp Intruder + * tool. The request will be displayed in the user interface, and markers + * for attack payloads will be placed into default locations within the + * request. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + */ + void sendToIntruder( + String host, + int port, + boolean useHttps, + byte[] request); + + /** + * This method can be used to send an HTTP request to the Burp Intruder + * tool. The request will be displayed in the user interface, and markers + * for attack payloads will be placed into the specified locations within + * the request. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + * @param payloadPositionOffsets A list of index pairs representing the + * payload positions to be used. Each item in the list must be an int[2] + * array containing the start and end offsets for the payload position. + */ + void sendToIntruder( + String host, + int port, + boolean useHttps, + byte[] request, + List payloadPositionOffsets); + + /** + * This method can be used to send data to the Comparer tool. + * + * @param data The data to be sent to Comparer. + */ + void sendToComparer(byte[] data); + + /** + * This method can be used to send a seed URL to the Burp Spider tool. If + * the URL is not within the current Spider scope, the user will be asked if + * they wish to add the URL to the scope. If the Spider is not currently + * running, it will be started. The seed URL will be requested, and the + * Spider will process the application's response in the normal way. + * + * @param url The new seed URL to begin spidering from. + */ + void sendToSpider( + java.net.URL url); + + /** + * This method can be used to send an HTTP request to the Burp Scanner tool + * to perform an active vulnerability scan. If the request is not within the + * current active scanning scope, the user will be asked if they wish to + * proceed with the scan. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + * @return The resulting scan queue item. + */ + IScanQueueItem doActiveScan( + String host, + int port, + boolean useHttps, + byte[] request); + + /** + * This method can be used to send an HTTP request to the Burp Scanner tool + * to perform an active vulnerability scan, based on a custom list of + * insertion points that are to be scanned. If the request is not within the + * current active scanning scope, the user will be asked if they wish to + * proceed with the scan. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + * @param insertionPointOffsets A list of index pairs representing the + * positions of the insertion points that should be scanned. Each item in + * the list must be an int[2] array containing the start and end offsets for + * the insertion point. + * @return The resulting scan queue item. + */ + IScanQueueItem doActiveScan( + String host, + int port, + boolean useHttps, + byte[] request, + List insertionPointOffsets); + + /** + * This method can be used to send an HTTP request to the Burp Scanner tool + * to perform a passive vulnerability scan. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + * @param response The full HTTP response. + */ + void doPassiveScan( + String host, + int port, + boolean useHttps, + byte[] request, + byte[] response); + + /** + * This method can be used to issue HTTP requests and retrieve their + * responses. + * + * @param httpService The HTTP service to which the request should be sent. + * @param request The full HTTP request. + * @return An object that implements the IHttpRequestResponse + * interface, and which the extension can query to obtain the details of the + * response. + */ + IHttpRequestResponse makeHttpRequest(IHttpService httpService, + byte[] request); + + /** + * This method can be used to issue HTTP requests and retrieve their + * responses. + * + * @param host The hostname of the remote HTTP server. + * @param port The port of the remote HTTP server. + * @param useHttps Flags whether the protocol is HTTPS or HTTP. + * @param request The full HTTP request. + * @return The full response retrieved from the remote server. + */ + byte[] makeHttpRequest( + String host, + int port, + boolean useHttps, + byte[] request); + + /** + * This method can be used to query whether a specified URL is within the + * current Suite-wide scope. + * + * @param url The URL to query. + * @return Returns true if the URL is within the current + * Suite-wide scope. + */ + boolean isInScope(java.net.URL url); + + /** + * This method can be used to include the specified URL in the Suite-wide + * scope. + * + * @param url The URL to include in the Suite-wide scope. + */ + void includeInScope(java.net.URL url); + + /** + * This method can be used to exclude the specified URL from the Suite-wide + * scope. + * + * @param url The URL to exclude from the Suite-wide scope. + */ + void excludeFromScope(java.net.URL url); + + /** + * This method can be used to display a specified message in the Burp Suite + * alerts tab. + * + * @param message The alert message to display. + */ + void issueAlert(String message); + + /** + * This method returns details of all items in the Proxy history. + * + * @return The contents of the Proxy history. + */ + IHttpRequestResponse[] getProxyHistory(); + + /** + * This method returns details of items in the site map. + * + * @param urlPrefix This parameter can be used to specify a URL prefix, in + * order to extract a specific subset of the site map. The method performs a + * simple case-sensitive text match, returning all site map items whose URL + * begins with the specified prefix. If this parameter is null, the entire + * site map is returned. + * + * @return Details of items in the site map. + */ + IHttpRequestResponse[] getSiteMap(String urlPrefix); + + /** + * This method returns all of the current scan issues for URLs matching the + * specified literal prefix. + * + * @param urlPrefix This parameter can be used to specify a URL prefix, in + * order to extract a specific subset of scan issues. The method performs a + * simple case-sensitive text match, returning all scan issues whose URL + * begins with the specified prefix. If this parameter is null, all issues + * are returned. + * @return Details of the scan issues. + */ + IScanIssue[] getScanIssues(String urlPrefix); + + /** + * This method is used to generate a report for the specified Scanner + * issues. The report format can be specified. For all other reporting + * options, the default settings that appear in the reporting UI wizard are + * used. + * + * @param format The format to be used in the report. Accepted values are + * HTML and XML. + * @param issues The Scanner issues to be reported. + * @param file The file to which the report will be saved. + */ + void generateScanReport(String format, IScanIssue[] issues, + java.io.File file); + + /** + * This method is used to retrieve the contents of Burp's session handling + * cookie jar. Extensions that provide an + * ISessionHandlingAction can query and update the cookie jar + * in order to handle unusual session handling mechanisms. + * + * @return A list of ICookie objects representing the contents + * of Burp's session handling cookie jar. + */ + List getCookieJarContents(); + + /** + * This method is used to update the contents of Burp's session handling + * cookie jar. Extensions that provide an + * ISessionHandlingAction can query and update the cookie jar + * in order to handle unusual session handling mechanisms. + * + * @param cookie An ICookie object containing details of the + * cookie to be updated. If the cookie jar already contains a cookie that + * matches the specified domain and name, then that cookie will be updated + * with the new value and expiration, unless the new value is + * null, in which case the cookie will be removed. If the + * cookie jar does not already contain a cookie that matches the specified + * domain and name, then the cookie will be added. + */ + void updateCookieJar(ICookie cookie); + + /** + * This method can be used to add an item to Burp's site map with the + * specified request/response details. This will overwrite the details of + * any existing matching item in the site map. + * + * @param item Details of the item to be added to the site map + */ + void addToSiteMap(IHttpRequestResponse item); + + /** + * This method can be used to restore Burp's state from a specified saved + * state file. This method blocks until the restore operation is completed, + * and must not be called from the event dispatch thread. + * + * @param file The file containing Burp's saved state. + * @deprecated State files have been replaced with Burp project files. + */ + @Deprecated + void restoreState(java.io.File file); + + /** + * This method can be used to save Burp's state to a specified file. This + * method blocks until the save operation is completed, and must not be + * called from the event dispatch thread. + * + * @param file The file to save Burp's state in. + * @deprecated State files have been replaced with Burp project files. + */ + @Deprecated + void saveState(java.io.File file); + + /** + * This method is no longer supported. Please use saveConfigAsJson() instead. + * + * @return A Map of name/value Strings reflecting Burp's current + * configuration. + * @deprecated Use saveConfigAsJson() instead. + */ + @Deprecated + Map saveConfig(); + + /** + * This method is no longer supported. Please use loadConfigFromJson() instead. + * + * @param config A map of name/value Strings to use as Burp's new + * configuration. + * @deprecated Use loadConfigFromJson() instead. + */ + @Deprecated + void loadConfig(Map config); + + /** + * This method causes Burp to save its current project-level configuration + * in JSON format. This is the same format that can be saved and loaded via + * the Burp user interface. To include only certain sections of the + * configuration, you can optionally supply the path to each section that + * should be included, for example: "project_options.connections". If no + * paths are provided, then the entire configuration will be saved. + * + * @param configPaths A list of Strings representing the path to each + * configuration section that should be included. + * @return A String representing the current configuration in JSON format. + */ + String saveConfigAsJson(String... configPaths); + + /** + * This method causes Burp to load a new project-level configuration from + * the JSON String provided. This is the same format that can be saved and + * loaded via the Burp user interface. Partial configurations are + * acceptable, and any settings not specified will be left unmodified. + * + * Any user-level configuration options contained in the input will be + * ignored. + * + * @param config A JSON String containing the new configuration. + */ + void loadConfigFromJson(String config); + + /** + * This method sets the master interception mode for Burp Proxy. + * + * @param enabled Indicates whether interception of Proxy messages should be + * enabled. + */ + void setProxyInterceptionEnabled(boolean enabled); + + /** + * This method retrieves information about the version of Burp in which the + * extension is running. It can be used by extensions to dynamically adjust + * their behavior depending on the functionality and APIs supported by the + * current version. + * + * @return An array of Strings comprised of: the product name (e.g. Burp + * Suite Professional), the major version (e.g. 1.5), the minor version + * (e.g. 03) + */ + String[] getBurpVersion(); + + /** + * This method retrieves the absolute path name of the file from which the + * current extension was loaded. + * + * @return The absolute path name of the file from which the current + * extension was loaded. + */ + String getExtensionFilename(); + + /** + * This method determines whether the current extension was loaded as a BApp + * (a Burp App from the BApp Store). + * + * @return Returns true if the current extension was loaded as a BApp. + */ + boolean isExtensionBapp(); + + /** + * This method can be used to shut down Burp programmatically, with an + * optional prompt to the user. If the method returns, the user canceled the + * shutdown prompt. + * + * @param promptUser Indicates whether to prompt the user to confirm the + * shutdown. + */ + void exitSuite(boolean promptUser); + + /** + * This method is used to create a temporary file on disk containing the + * provided data. Extensions can use temporary files for long-term storage + * of runtime data, avoiding the need to retain that data in memory. + * + * @param buffer The data to be saved to a temporary file. + * @return An object that implements the ITempFile interface. + */ + ITempFile saveToTempFile(byte[] buffer); + + /** + * This method is used to save the request and response of an + * IHttpRequestResponse object to temporary files, so that they + * are no longer held in memory. Extensions can used this method to convert + * IHttpRequestResponse objects into a form suitable for + * long-term storage. + * + * @param httpRequestResponse The IHttpRequestResponse object + * whose request and response messages are to be saved to temporary files. + * @return An object that implements the + * IHttpRequestResponsePersisted interface. + */ + IHttpRequestResponsePersisted saveBuffersToTempFiles( + IHttpRequestResponse httpRequestResponse); + + /** + * This method is used to apply markers to an HTTP request or response, at + * offsets into the message that are relevant for some particular purpose. + * Markers are used in various situations, such as specifying Intruder + * payload positions, Scanner insertion points, and highlights in Scanner + * issues. + * + * @param httpRequestResponse The IHttpRequestResponse object + * to which the markers should be applied. + * @param requestMarkers A list of index pairs representing the offsets of + * markers to be applied to the request message. Each item in the list must + * be an int[2] array containing the start and end offsets for the marker. + * The markers in the list should be in sequence and not overlapping. This + * parameter is optional and may be null if no request markers + * are required. + * @param responseMarkers A list of index pairs representing the offsets of + * markers to be applied to the response message. Each item in the list must + * be an int[2] array containing the start and end offsets for the marker. + * The markers in the list should be in sequence and not overlapping. This + * parameter is optional and may be null if no response markers + * are required. + * @return An object that implements the + * IHttpRequestResponseWithMarkers interface. + */ + IHttpRequestResponseWithMarkers applyMarkers( + IHttpRequestResponse httpRequestResponse, + List requestMarkers, + List responseMarkers); + + /** + * This method is used to obtain the descriptive name for the Burp tool + * identified by the tool flag provided. + * + * @param toolFlag A flag identifying a Burp tool ( TOOL_PROXY, + * TOOL_SCANNER, etc.). Tool flags are defined within this + * interface. + * @return The descriptive name for the specified tool. + */ + String getToolName(int toolFlag); + + /** + * This method is used to register a new Scanner issue. Note: + * Wherever possible, extensions should implement custom Scanner checks + * using IScannerCheck and report issues via those checks, so + * as to integrate with Burp's user-driven workflow, and ensure proper + * consolidation of duplicate reported issues. This method is only designed + * for tasks outside of the normal testing workflow, such as importing + * results from other scanning tools. + * + * @param issue An object created by the extension that implements the + * IScanIssue interface. + */ + void addScanIssue(IScanIssue issue); + + /** + * This method is used to create a new Burp Collaborator client context, + * which can be used to generate Burp Collaborator payloads and poll the + * Collaborator server for any network interactions that result from using + * those payloads. + * + * @return A new instance of IBurpCollaboratorClientContext + * that can be used to generate Collaborator payloads and retrieve + * interactions. + */ + IBurpCollaboratorClientContext createBurpCollaboratorClientContext(); + + /** + * This method parses the specified request and returns details of each + * request parameter. + * + * @param request The request to be parsed. + * @return An array of: String[] { name, value, type } + * containing details of the parameters contained within the request. + * @deprecated Use IExtensionHelpers.analyzeRequest() instead. + */ + @Deprecated + String[][] getParameters(byte[] request); + + /** + * This method parses the specified request and returns details of each HTTP + * header. + * + * @param message The request to be parsed. + * @return An array of HTTP headers. + * @deprecated Use IExtensionHelpers.analyzeRequest() or + * IExtensionHelpers.analyzeResponse() instead. + */ + @Deprecated + String[] getHeaders(byte[] message); + + /** + * This method can be used to register a new menu item which will appear on + * the various context menus that are used throughout Burp Suite to handle + * user-driven actions. + * + * @param menuItemCaption The caption to be displayed on the menu item. + * @param menuItemHandler The handler to be invoked when the user clicks on + * the menu item. + * @deprecated Use registerContextMenuFactory() instead. + */ + @Deprecated + void registerMenuItem( + String menuItemCaption, + IMenuItemHandler menuItemHandler); +} diff --git a/src/burp/IContextMenuFactory.java b/src/burp/IContextMenuFactory.java new file mode 100644 index 0000000..74d7d82 --- /dev/null +++ b/src/burp/IContextMenuFactory.java @@ -0,0 +1,39 @@ +package burp; + +/* + * @(#)IContextMenuFactory.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ + +import javax.swing.JMenuItem; +import java.util.List; + +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerContextMenuFactory() to register + * a factory for custom context menu items. + */ +public interface IContextMenuFactory +{ + /** + * This method will be called by Burp when the user invokes a context menu + * anywhere within Burp. The factory can then provide any custom context + * menu items that should be displayed in the context menu, based on the + * details of the menu invocation. + * + * @param invocation An object that implements the + * IContextMenuInvocation interface, which the extension can + * query to obtain details of the context menu invocation. + * @return A list of custom menu items (which may include sub-menus, + * checkbox menu items, etc.) that should be displayed. Extensions may + * return + * null from this method, to indicate that no menu items are + * required. + */ + List createMenuItems(IContextMenuInvocation invocation); +} diff --git a/src/burp/IContextMenuInvocation.java b/src/burp/IContextMenuInvocation.java new file mode 100644 index 0000000..a1bbad3 --- /dev/null +++ b/src/burp/IContextMenuInvocation.java @@ -0,0 +1,156 @@ +package burp; + +/* + * @(#)IContextMenuInvocation.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.awt.event.InputEvent; + +/** + * This interface is used when Burp calls into an extension-provided + * IContextMenuFactory with details of a context menu invocation. + * The custom context menu factory can query this interface to obtain details of + * the invocation event, in order to determine what menu items should be + * displayed. + */ +public interface IContextMenuInvocation +{ + /** + * Used to indicate that the context menu is being invoked in a request + * editor. + */ + static final byte CONTEXT_MESSAGE_EDITOR_REQUEST = 0; + /** + * Used to indicate that the context menu is being invoked in a response + * editor. + */ + static final byte CONTEXT_MESSAGE_EDITOR_RESPONSE = 1; + /** + * Used to indicate that the context menu is being invoked in a non-editable + * request viewer. + */ + static final byte CONTEXT_MESSAGE_VIEWER_REQUEST = 2; + /** + * Used to indicate that the context menu is being invoked in a non-editable + * response viewer. + */ + static final byte CONTEXT_MESSAGE_VIEWER_RESPONSE = 3; + /** + * Used to indicate that the context menu is being invoked in the Target + * site map tree. + */ + static final byte CONTEXT_TARGET_SITE_MAP_TREE = 4; + /** + * Used to indicate that the context menu is being invoked in the Target + * site map table. + */ + static final byte CONTEXT_TARGET_SITE_MAP_TABLE = 5; + /** + * Used to indicate that the context menu is being invoked in the Proxy + * history. + */ + static final byte CONTEXT_PROXY_HISTORY = 6; + /** + * Used to indicate that the context menu is being invoked in the Scanner + * results. + */ + static final byte CONTEXT_SCANNER_RESULTS = 7; + /** + * Used to indicate that the context menu is being invoked in the Intruder + * payload positions editor. + */ + static final byte CONTEXT_INTRUDER_PAYLOAD_POSITIONS = 8; + /** + * Used to indicate that the context menu is being invoked in an Intruder + * attack results. + */ + static final byte CONTEXT_INTRUDER_ATTACK_RESULTS = 9; + /** + * Used to indicate that the context menu is being invoked in a search + * results window. + */ + static final byte CONTEXT_SEARCH_RESULTS = 10; + + /** + * This method can be used to retrieve the native Java input event that was + * the trigger for the context menu invocation. + * + * @return The InputEvent that was the trigger for the context + * menu invocation. + */ + InputEvent getInputEvent(); + + /** + * This method can be used to retrieve the Burp tool within which the + * context menu was invoked. + * + * @return A flag indicating the Burp tool within which the context menu was + * invoked. Burp tool flags are defined in the + * IBurpExtenderCallbacks interface. + */ + int getToolFlag(); + + /** + * This method can be used to retrieve the context within which the menu was + * invoked. + * + * @return An index indicating the context within which the menu was + * invoked. The indices used are defined within this interface. + */ + byte getInvocationContext(); + + /** + * This method can be used to retrieve the bounds of the user's selection + * into the current message, if applicable. + * + * @return An int[2] array containing the start and end offsets of the + * user's selection in the current message. If the user has not made any + * selection in the current message, both offsets indicate the position of + * the caret within the editor. If the menu is not being invoked from a + * message editor, the method returns null. + */ + int[] getSelectionBounds(); + + /** + * This method can be used to retrieve details of the HTTP requests / + * responses that were shown or selected by the user when the context menu + * was invoked. + * + * Note: For performance reasons, the objects returned from this + * method are tied to the originating context of the messages within the + * Burp UI. For example, if a context menu is invoked on the Proxy intercept + * panel, then the + * IHttpRequestResponse returned by this method will reflect + * the current contents of the interception panel, and this will change when + * the current message has been forwarded or dropped. If your extension + * needs to store details of the message for which the context menu has been + * invoked, then you should query those details from the + * IHttpRequestResponse at the time of invocation, or you + * should use + * IBurpExtenderCallbacks.saveBuffersToTempFiles() to create a + * persistent read-only copy of the + * IHttpRequestResponse. + * + * @return An array of IHttpRequestResponse objects + * representing the items that were shown or selected by the user when the + * context menu was invoked. This method returns null if no + * messages are applicable to the invocation. + */ + IHttpRequestResponse[] getSelectedMessages(); + + /** + * This method can be used to retrieve details of the Scanner issues that + * were selected by the user when the context menu was invoked. + * + * @return An array of IScanIssue objects representing the + * issues that were selected by the user when the context menu was invoked. + * This method returns null if no Scanner issues are applicable + * to the invocation. + */ + IScanIssue[] getSelectedIssues(); +} diff --git a/src/burp/ICookie.java b/src/burp/ICookie.java new file mode 100644 index 0000000..0641cba --- /dev/null +++ b/src/burp/ICookie.java @@ -0,0 +1,61 @@ +package burp; + +/* + * @(#)ICookie.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.Date; + +/** + * This interface is used to hold details about an HTTP cookie. + */ +public interface ICookie +{ + /** + * This method is used to retrieve the domain for which the cookie is in + * scope. + * + * @return The domain for which the cookie is in scope. Note: For + * cookies that have been analyzed from responses (by calling + * IExtensionHelpers.analyzeResponse() and then + * IResponseInfo.getCookies(), the domain will be + * null if the response did not explicitly set a domain + * attribute for the cookie. + */ + String getDomain(); + + /** + * This method is used to retrieve the path for which the cookie is in + * scope. + * + * @return The path for which the cookie is in scope or null if none is set. + */ + String getPath(); + + /** + * This method is used to retrieve the expiration time for the cookie. + * + * @return The expiration time for the cookie, or + * null if none is set (i.e., for non-persistent session + * cookies). + */ + Date getExpiration(); + + /** + * This method is used to retrieve the name of the cookie. + * + * @return The name of the cookie. + */ + String getName(); + + /** + * This method is used to retrieve the value of the cookie. + * @return The value of the cookie. + */ + String getValue(); +} diff --git a/src/burp/IExtensionHelpers.java b/src/burp/IExtensionHelpers.java new file mode 100644 index 0000000..0b8f8aa --- /dev/null +++ b/src/burp/IExtensionHelpers.java @@ -0,0 +1,356 @@ +package burp; + +/* + * @(#)IExtensionHelpers.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.net.URL; +import java.util.List; + +/** + * This interface contains a number of helper methods, which extensions can use + * to assist with various common tasks that arise for Burp extensions. + * + * Extensions can call IBurpExtenderCallbacks.getHelpers to obtain + * an instance of this interface. + */ +public interface IExtensionHelpers +{ + + /** + * This method can be used to analyze an HTTP request, and obtain various + * key details about it. + * + * @param request An IHttpRequestResponse object containing the + * request to be analyzed. + * @return An IRequestInfo object that can be queried to obtain + * details about the request. + */ + IRequestInfo analyzeRequest(IHttpRequestResponse request); + + /** + * This method can be used to analyze an HTTP request, and obtain various + * key details about it. + * + * @param httpService The HTTP service associated with the request. This is + * optional and may be null, in which case the resulting + * IRequestInfo object will not include the full request URL. + * @param request The request to be analyzed. + * @return An IRequestInfo object that can be queried to obtain + * details about the request. + */ + IRequestInfo analyzeRequest(IHttpService httpService, byte[] request); + + /** + * This method can be used to analyze an HTTP request, and obtain various + * key details about it. The resulting IRequestInfo object will + * not include the full request URL. To obtain the full URL, use one of the + * other overloaded analyzeRequest() methods. + * + * @param request The request to be analyzed. + * @return An IRequestInfo object that can be queried to obtain + * details about the request. + */ + IRequestInfo analyzeRequest(byte[] request); + + /** + * This method can be used to analyze an HTTP response, and obtain various + * key details about it. + * + * @param response The response to be analyzed. + * @return An IResponseInfo object that can be queried to + * obtain details about the response. + */ + IResponseInfo analyzeResponse(byte[] response); + + /** + * This method can be used to retrieve details of a specified parameter + * within an HTTP request. Note: Use analyzeRequest() to + * obtain details of all parameters within the request. + * + * @param request The request to be inspected for the specified parameter. + * @param parameterName The name of the parameter to retrieve. + * @return An IParameter object that can be queried to obtain + * details about the parameter, or null if the parameter was + * not found. + */ + IParameter getRequestParameter(byte[] request, String parameterName); + + /** + * This method can be used to URL-decode the specified data. + * + * @param data The data to be decoded. + * @return The decoded data. + */ + String urlDecode(String data); + + /** + * This method can be used to URL-encode the specified data. Any characters + * that do not need to be encoded within HTTP requests are not encoded. + * + * @param data The data to be encoded. + * @return The encoded data. + */ + String urlEncode(String data); + + /** + * This method can be used to URL-decode the specified data. + * + * @param data The data to be decoded. + * @return The decoded data. + */ + byte[] urlDecode(byte[] data); + + /** + * This method can be used to URL-encode the specified data. Any characters + * that do not need to be encoded within HTTP requests are not encoded. + * + * @param data The data to be encoded. + * @return The encoded data. + */ + byte[] urlEncode(byte[] data); + + /** + * This method can be used to Base64-decode the specified data. + * + * @param data The data to be decoded. + * @return The decoded data. + */ + byte[] base64Decode(String data); + + /** + * This method can be used to Base64-decode the specified data. + * + * @param data The data to be decoded. + * @return The decoded data. + */ + byte[] base64Decode(byte[] data); + + /** + * This method can be used to Base64-encode the specified data. + * + * @param data The data to be encoded. + * @return The encoded data. + */ + String base64Encode(String data); + + /** + * This method can be used to Base64-encode the specified data. + * + * @param data The data to be encoded. + * @return The encoded data. + */ + String base64Encode(byte[] data); + + /** + * This method can be used to convert data from String form into an array of + * bytes. The conversion does not reflect any particular character set, and + * a character with the hex representation 0xWXYZ will always be converted + * into a byte with the representation 0xYZ. It performs the opposite + * conversion to the method bytesToString(), and byte-based + * data that is converted to a String and back again using these two methods + * is guaranteed to retain its integrity (which may not be the case with + * conversions that reflect a given character set). + * + * @param data The data to be converted. + * @return The converted data. + */ + byte[] stringToBytes(String data); + + /** + * This method can be used to convert data from an array of bytes into + * String form. The conversion does not reflect any particular character + * set, and a byte with the representation 0xYZ will always be converted + * into a character with the hex representation 0x00YZ. It performs the + * opposite conversion to the method stringToBytes(), and + * byte-based data that is converted to a String and back again using these + * two methods is guaranteed to retain its integrity (which may not be the + * case with conversions that reflect a given character set). + * + * @param data The data to be converted. + * @return The converted data. + */ + String bytesToString(byte[] data); + + /** + * This method searches a piece of data for the first occurrence of a + * specified pattern. It works on byte-based data in a way that is similar + * to the way the native Java method String.indexOf() works on + * String-based data. + * + * @param data The data to be searched. + * @param pattern The pattern to be searched for. + * @param caseSensitive Flags whether or not the search is case-sensitive. + * @param from The offset within data where the search should + * begin. + * @param to The offset within data where the search should + * end. + * @return The offset of the first occurrence of the pattern within the + * specified bounds, or -1 if no match is found. + */ + int indexOf(byte[] data, + byte[] pattern, + boolean caseSensitive, + int from, + int to); + + /** + * This method builds an HTTP message containing the specified headers and + * message body. If applicable, the Content-Length header will be added or + * updated, based on the length of the body. + * + * @param headers A list of headers to include in the message. + * @param body The body of the message, of null if the message + * has an empty body. + * @return The resulting full HTTP message. + */ + byte[] buildHttpMessage(List headers, byte[] body); + + /** + * This method creates a GET request to the specified URL. The headers used + * in the request are determined by the Request headers settings as + * configured in Burp Spider's options. + * + * @param url The URL to which the request should be made. + * @return A request to the specified URL. + */ + byte[] buildHttpRequest(URL url); + + /** + * This method adds a new parameter to an HTTP request, and if appropriate + * updates the Content-Length header. + * + * @param request The request to which the parameter should be added. + * @param parameter An IParameter object containing details of + * the parameter to be added. Supported parameter types are: + * PARAM_URL, PARAM_BODY and + * PARAM_COOKIE. + * @return A new HTTP request with the new parameter added. + */ + byte[] addParameter(byte[] request, IParameter parameter); + + /** + * This method removes a parameter from an HTTP request, and if appropriate + * updates the Content-Length header. + * + * @param request The request from which the parameter should be removed. + * @param parameter An IParameter object containing details of + * the parameter to be removed. Supported parameter types are: + * PARAM_URL, PARAM_BODY and + * PARAM_COOKIE. + * @return A new HTTP request with the parameter removed. + */ + byte[] removeParameter(byte[] request, IParameter parameter); + + /** + * This method updates the value of a parameter within an HTTP request, and + * if appropriate updates the Content-Length header. Note: This + * method can only be used to update the value of an existing parameter of a + * specified type. If you need to change the type of an existing parameter, + * you should first call removeParameter() to remove the + * parameter with the old type, and then call addParameter() to + * add a parameter with the new type. + * + * @param request The request containing the parameter to be updated. + * @param parameter An IParameter object containing details of + * the parameter to be updated. Supported parameter types are: + * PARAM_URL, PARAM_BODY and + * PARAM_COOKIE. + * @return A new HTTP request with the parameter updated. + */ + byte[] updateParameter(byte[] request, IParameter parameter); + + /** + * This method can be used to toggle a request's method between GET and + * POST. Parameters are relocated between the URL query string and message + * body as required, and the Content-Length header is created or removed as + * applicable. + * + * @param request The HTTP request whose method should be toggled. + * @return A new HTTP request using the toggled method. + */ + byte[] toggleRequestMethod(byte[] request); + + /** + * This method constructs an IHttpService object based on the + * details provided. + * + * @param host The HTTP service host. + * @param port The HTTP service port. + * @param protocol The HTTP service protocol. + * @return An IHttpService object based on the details + * provided. + */ + IHttpService buildHttpService(String host, int port, String protocol); + + /** + * This method constructs an IHttpService object based on the + * details provided. + * + * @param host The HTTP service host. + * @param port The HTTP service port. + * @param useHttps Flags whether the HTTP service protocol is HTTPS or HTTP. + * @return An IHttpService object based on the details + * provided. + */ + IHttpService buildHttpService(String host, int port, boolean useHttps); + + /** + * This method constructs an IParameter object based on the + * details provided. + * + * @param name The parameter name. + * @param value The parameter value. + * @param type The parameter type, as defined in the IParameter + * interface. + * @return An IParameter object based on the details provided. + */ + IParameter buildParameter(String name, String value, byte type); + + /** + * This method constructs an IScannerInsertionPoint object + * based on the details provided. It can be used to quickly create a simple + * insertion point based on a fixed payload location within a base request. + * + * @param insertionPointName The name of the insertion point. + * @param baseRequest The request from which to build scan requests. + * @param from The offset of the start of the payload location. + * @param to The offset of the end of the payload location. + * @return An IScannerInsertionPoint object based on the + * details provided. + */ + IScannerInsertionPoint makeScannerInsertionPoint( + String insertionPointName, + byte[] baseRequest, + int from, + int to); + + /** + * This method analyzes one or more responses to identify variations in a + * number of attributes and returns an IResponseVariations + * object that can be queried to obtain details of the variations. + * + * @param responses The responses to analyze. + * @return An IResponseVariations object representing the + * variations in the responses. + */ + IResponseVariations analyzeResponseVariations(byte[]... responses); + + /** + * This method analyzes one or more responses to identify the number of + * occurrences of the specified keywords and returns an + * IResponseKeywords object that can be queried to obtain + * details of the number of occurrences of each keyword. + * + * @param keywords The keywords to look for. + * @param responses The responses to analyze. + * @return An IResponseKeywords object representing the counts + * of the keywords appearing in the responses. + */ + IResponseKeywords analyzeResponseKeywords(List keywords, byte[]... responses); +} diff --git a/src/burp/IExtensionStateListener.java b/src/burp/IExtensionStateListener.java new file mode 100644 index 0000000..8817525 --- /dev/null +++ b/src/burp/IExtensionStateListener.java @@ -0,0 +1,27 @@ +package burp; + +/* + * @(#)IExtensionStateListener.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerExtensionStateListener() to + * register an extension state listener. The listener will be notified of + * changes to the extension's state. Note: Any extensions that start + * background threads or open system resources (such as files or database + * connections) should register a listener and terminate threads / close + * resources when the extension is unloaded. + */ +public interface IExtensionStateListener +{ + /** + * This method is called when the extension is unloaded. + */ + void extensionUnloaded(); +} diff --git a/src/burp/IHttpListener.java b/src/burp/IHttpListener.java new file mode 100644 index 0000000..f454d98 --- /dev/null +++ b/src/burp/IHttpListener.java @@ -0,0 +1,37 @@ +package burp; + +/* + * @(#)IHttpListener.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerHttpListener() to register an + * HTTP listener. The listener will be notified of requests and responses made + * by any Burp tool. Extensions can perform custom analysis or modification of + * these messages by registering an HTTP listener. + */ +public interface IHttpListener +{ + /** + * This method is invoked when an HTTP request is about to be issued, and + * when an HTTP response has been received. + * + * @param toolFlag A flag indicating the Burp tool that issued the request. + * Burp tool flags are defined in the + * IBurpExtenderCallbacks interface. + * @param messageIsRequest Flags whether the method is being invoked for a + * request or response. + * @param messageInfo Details of the request / response to be processed. + * Extensions can call the setter methods on this object to update the + * current message and so modify Burp's behavior. + */ + void processHttpMessage(int toolFlag, + boolean messageIsRequest, + IHttpRequestResponse messageInfo); +} diff --git a/src/burp/IHttpRequestResponse.java b/src/burp/IHttpRequestResponse.java new file mode 100644 index 0000000..cc316e9 --- /dev/null +++ b/src/burp/IHttpRequestResponse.java @@ -0,0 +1,102 @@ +package burp; + +/* + * @(#)IHttpRequestResponse.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to retrieve and update details about HTTP messages. + * + * Note: The setter methods generally can only be used before the message + * has been processed, and not in read-only contexts. The getter methods + * relating to response details can only be used after the request has been + * issued. + */ +public interface IHttpRequestResponse +{ + /** + * This method is used to retrieve the request message. + * + * @return The request message. + */ + byte[] getRequest(); + + /** + * This method is used to update the request message. + * + * @param message The new request message. + */ + void setRequest(byte[] message); + + /** + * This method is used to retrieve the response message. + * + * @return The response message. + */ + byte[] getResponse(); + + /** + * This method is used to update the response message. + * + * @param message The new response message. + */ + void setResponse(byte[] message); + + /** + * This method is used to retrieve the user-annotated comment for this item, + * if applicable. + * + * @return The user-annotated comment for this item, or null if none is set. + */ + String getComment(); + + /** + * This method is used to update the user-annotated comment for this item. + * + * @param comment The comment to be assigned to this item. + */ + void setComment(String comment); + + /** + * This method is used to retrieve the user-annotated highlight for this + * item, if applicable. + * + * @return The user-annotated highlight for this item, or null if none is + * set. + */ + String getHighlight(); + + /** + * This method is used to update the user-annotated highlight for this item. + * + * @param color The highlight color to be assigned to this item. Accepted + * values are: red, orange, yellow, green, cyan, blue, pink, magenta, gray, + * or a null String to clear any existing highlight. + */ + void setHighlight(String color); + + /** + * This method is used to retrieve the HTTP service for this request / + * response. + * + * @return An + * IHttpService object containing details of the HTTP service. + */ + IHttpService getHttpService(); + + /** + * This method is used to update the HTTP service for this request / + * response. + * + * @param httpService An + * IHttpService object containing details of the new HTTP + * service. + */ + void setHttpService(IHttpService httpService); + +} diff --git a/src/burp/IHttpRequestResponsePersisted.java b/src/burp/IHttpRequestResponsePersisted.java new file mode 100644 index 0000000..1d75427 --- /dev/null +++ b/src/burp/IHttpRequestResponsePersisted.java @@ -0,0 +1,25 @@ +package burp; + +/* + * @(#)IHttpRequestResponsePersisted.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used for an + * IHttpRequestResponse object whose request and response messages + * have been saved to temporary files using + * IBurpExtenderCallbacks.saveBuffersToTempFiles(). + */ +public interface IHttpRequestResponsePersisted extends IHttpRequestResponse +{ + /** + * This method is deprecated and no longer performs any action. + */ + @Deprecated + void deleteTempFiles(); +} diff --git a/src/burp/IHttpRequestResponseWithMarkers.java b/src/burp/IHttpRequestResponseWithMarkers.java new file mode 100644 index 0000000..e9f98d8 --- /dev/null +++ b/src/burp/IHttpRequestResponseWithMarkers.java @@ -0,0 +1,44 @@ +package burp; + +/* + * @(#)IHttpRequestResponseWithMarkers.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * This interface is used for an + * IHttpRequestResponse object that has had markers applied. + * Extensions can create instances of this interface using + * IBurpExtenderCallbacks.applyMarkers(), or provide their own + * implementation. Markers are used in various situations, such as specifying + * Intruder payload positions, Scanner insertion points, and highlights in + * Scanner issues. + */ +public interface IHttpRequestResponseWithMarkers extends IHttpRequestResponse +{ + /** + * This method returns the details of the request markers. + * + * @return A list of index pairs representing the offsets of markers for the + * request message. Each item in the list is an int[2] array containing the + * start and end offsets for the marker. The method may return + * null if no request markers are defined. + */ + List getRequestMarkers(); + + /** + * This method returns the details of the response markers. + * + * @return A list of index pairs representing the offsets of markers for the + * response message. Each item in the list is an int[2] array containing the + * start and end offsets for the marker. The method may return + * null if no response markers are defined. + */ + List getResponseMarkers(); +} diff --git a/src/burp/IHttpService.java b/src/burp/IHttpService.java new file mode 100644 index 0000000..bb87a8e --- /dev/null +++ b/src/burp/IHttpService.java @@ -0,0 +1,39 @@ +package burp; + +/* + * @(#)IHttpService.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to provide details about an HTTP service, to which + * HTTP requests can be sent. + */ +public interface IHttpService +{ + /** + * This method returns the hostname or IP address for the service. + * + * @return The hostname or IP address for the service. + */ + String getHost(); + + /** + * This method returns the port number for the service. + * + * @return The port number for the service. + */ + int getPort(); + + /** + * This method returns the protocol for the service. + * + * @return The protocol for the service. Expected values are "http" or + * "https". + */ + String getProtocol(); +} diff --git a/src/burp/IInterceptedProxyMessage.java b/src/burp/IInterceptedProxyMessage.java new file mode 100644 index 0000000..a2212ed --- /dev/null +++ b/src/burp/IInterceptedProxyMessage.java @@ -0,0 +1,116 @@ +package burp; + +/* + * @(#)IInterceptedProxyMessage.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.net.InetAddress; + +/** + * This interface is used to represent an HTTP message that has been intercepted + * by Burp Proxy. Extensions can register an + * IProxyListener to receive details of proxy messages using this + * interface. * + */ +public interface IInterceptedProxyMessage +{ + /** + * This action causes Burp Proxy to follow the current interception rules to + * determine the appropriate action to take for the message. + */ + static final int ACTION_FOLLOW_RULES = 0; + /** + * This action causes Burp Proxy to present the message to the user for + * manual review or modification. + */ + static final int ACTION_DO_INTERCEPT = 1; + /** + * This action causes Burp Proxy to forward the message to the remote server + * or client, without presenting it to the user. + */ + static final int ACTION_DONT_INTERCEPT = 2; + /** + * This action causes Burp Proxy to drop the message. + */ + static final int ACTION_DROP = 3; + /** + * This action causes Burp Proxy to follow the current interception rules to + * determine the appropriate action to take for the message, and then make a + * second call to processProxyMessage. + */ + static final int ACTION_FOLLOW_RULES_AND_REHOOK = 0x10; + /** + * This action causes Burp Proxy to present the message to the user for + * manual review or modification, and then make a second call to + * processProxyMessage. + */ + static final int ACTION_DO_INTERCEPT_AND_REHOOK = 0x11; + /** + * This action causes Burp Proxy to skip user interception, and then make a + * second call to processProxyMessage. + */ + static final int ACTION_DONT_INTERCEPT_AND_REHOOK = 0x12; + + /** + * This method retrieves a unique reference number for this + * request/response. + * + * @return An identifier that is unique to a single request/response pair. + * Extensions can use this to correlate details of requests and responses + * and perform processing on the response message accordingly. + */ + int getMessageReference(); + + /** + * This method retrieves details of the intercepted message. + * + * @return An IHttpRequestResponse object containing details of + * the intercepted message. + */ + IHttpRequestResponse getMessageInfo(); + + /** + * This method retrieves the currently defined interception action. The + * default action is + * ACTION_FOLLOW_RULES. If multiple proxy listeners are + * registered, then other listeners may already have modified the + * interception action before it reaches the current listener. This method + * can be used to determine whether this has occurred. + * + * @return The currently defined interception action. Possible values are + * defined within this interface. + */ + int getInterceptAction(); + + /** + * This method is used to update the interception action. + * + * @param interceptAction The new interception action. Possible values are + * defined within this interface. + */ + void setInterceptAction(int interceptAction); + + /** + * This method retrieves the name of the Burp Proxy listener that is + * processing the intercepted message. + * + * @return The name of the Burp Proxy listener that is processing the + * intercepted message. The format is the same as that shown in the Proxy + * Listeners UI - for example, "127.0.0.1:8080". + */ + String getListenerInterface(); + + /** + * This method retrieves the client IP address from which the request for + * the intercepted message was received. + * + * @return The client IP address from which the request for the intercepted + * message was received. + */ + InetAddress getClientIpAddress(); +} diff --git a/src/burp/IIntruderAttack.java b/src/burp/IIntruderAttack.java new file mode 100644 index 0000000..b0900ea --- /dev/null +++ b/src/burp/IIntruderAttack.java @@ -0,0 +1,31 @@ +package burp; + +/* + * @(#)IIntruderAttack.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to hold details about an Intruder attack. + */ +public interface IIntruderAttack +{ + /** + * This method is used to retrieve the HTTP service for the attack. + * + * @return The HTTP service for the attack. + */ + IHttpService getHttpService(); + + /** + * This method is used to retrieve the request template for the attack. + * + * @return The request template for the attack. + */ + byte[] getRequestTemplate(); + +} diff --git a/src/burp/IIntruderPayloadGenerator.java b/src/burp/IIntruderPayloadGenerator.java new file mode 100644 index 0000000..9307c5b --- /dev/null +++ b/src/burp/IIntruderPayloadGenerator.java @@ -0,0 +1,50 @@ +package burp; + +/* + * @(#)IIntruderPayloadGenerator.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used for custom Intruder payload generators. Extensions + * that have registered an + * IIntruderPayloadGeneratorFactory must return a new instance of + * this interface when required as part of a new Intruder attack. + */ +public interface IIntruderPayloadGenerator +{ + /** + * This method is used by Burp to determine whether the payload generator is + * able to provide any further payloads. + * + * @return Extensions should return + * false when all the available payloads have been used up, + * otherwise + * true. + */ + boolean hasMorePayloads(); + + /** + * This method is used by Burp to obtain the value of the next payload. + * + * @param baseValue The base value of the current payload position. This + * value may be + * null if the concept of a base value is not applicable (e.g. + * in a battering ram attack). + * @return The next payload to use in the attack. + */ + byte[] getNextPayload(byte[] baseValue); + + /** + * This method is used by Burp to reset the state of the payload generator + * so that the next call to + * getNextPayload() returns the first payload again. This + * method will be invoked when an attack uses the same payload generator for + * more than one payload position, for example in a sniper attack. + */ + void reset(); +} diff --git a/src/burp/IIntruderPayloadGeneratorFactory.java b/src/burp/IIntruderPayloadGeneratorFactory.java new file mode 100644 index 0000000..f765b0a --- /dev/null +++ b/src/burp/IIntruderPayloadGeneratorFactory.java @@ -0,0 +1,40 @@ +package burp; + +/* + * @(#)IIntruderPayloadGeneratorFactory.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerIntruderPayloadGeneratorFactory() + * to register a factory for custom Intruder payloads. + */ +public interface IIntruderPayloadGeneratorFactory +{ + /** + * This method is used by Burp to obtain the name of the payload generator. + * This will be displayed as an option within the Intruder UI when the user + * selects to use extension-generated payloads. + * + * @return The name of the payload generator. + */ + String getGeneratorName(); + + /** + * This method is used by Burp when the user starts an Intruder attack that + * uses this payload generator. + * + * @param attack An + * IIntruderAttack object that can be queried to obtain details + * about the attack in which the payload generator will be used. + * @return A new instance of + * IIntruderPayloadGenerator that will be used to generate + * payloads for the attack. + */ + IIntruderPayloadGenerator createNewInstance(IIntruderAttack attack); +} diff --git a/src/burp/IIntruderPayloadProcessor.java b/src/burp/IIntruderPayloadProcessor.java new file mode 100644 index 0000000..dc80757 --- /dev/null +++ b/src/burp/IIntruderPayloadProcessor.java @@ -0,0 +1,45 @@ +package burp; + +/* + * @(#)IIntruderPayloadProcessor.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerIntruderPayloadProcessor() to + * register a custom Intruder payload processor. + */ +public interface IIntruderPayloadProcessor +{ + /** + * This method is used by Burp to obtain the name of the payload processor. + * This will be displayed as an option within the Intruder UI when the user + * selects to use an extension-provided payload processor. + * + * @return The name of the payload processor. + */ + String getProcessorName(); + + /** + * This method is invoked by Burp each time the processor should be applied + * to an Intruder payload. + * + * @param currentPayload The value of the payload to be processed. + * @param originalPayload The value of the original payload prior to + * processing by any already-applied processing rules. + * @param baseValue The base value of the payload position, which will be + * replaced with the current payload. + * @return The value of the processed payload. This may be + * null to indicate that the current payload should be skipped, + * and the attack will move directly to the next payload. + */ + byte[] processPayload( + byte[] currentPayload, + byte[] originalPayload, + byte[] baseValue); +} diff --git a/src/burp/IMenuItemHandler.java b/src/burp/IMenuItemHandler.java new file mode 100644 index 0000000..cc1f2da --- /dev/null +++ b/src/burp/IMenuItemHandler.java @@ -0,0 +1,36 @@ +package burp; + +/* + * @(#)IMenuItemHandler.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerMenuItem() to register a custom + * context menu item. + * + * @deprecated Use + * IContextMenuFactory instead. + */ +@Deprecated +public interface IMenuItemHandler +{ + /** + * This method is invoked by Burp Suite when the user clicks on a custom + * menu item which the extension has registered with Burp. + * + * @param menuItemCaption The caption of the menu item which was clicked. + * This parameter enables extensions to provide a single implementation + * which handles multiple different menu items. + * @param messageInfo Details of the HTTP message(s) for which the context + * menu was displayed. + */ + void menuItemClicked( + String menuItemCaption, + IHttpRequestResponse[] messageInfo); +} diff --git a/src/burp/IMessageEditor.java b/src/burp/IMessageEditor.java new file mode 100644 index 0000000..fd0c740 --- /dev/null +++ b/src/burp/IMessageEditor.java @@ -0,0 +1,77 @@ +package burp; + +/* + * @(#)IMessageEditor.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.awt.Component; + +/** + * This interface is used to provide extensions with an instance of Burp's HTTP + * message editor, for the extension to use in its own UI. Extensions should + * call IBurpExtenderCallbacks.createMessageEditor() to obtain an + * instance of this interface. + */ +public interface IMessageEditor +{ + + /** + * This method returns the UI component of the editor, for extensions to add + * to their own UI. + * + * @return The UI component of the editor. + */ + Component getComponent(); + + /** + * This method is used to display an HTTP message in the editor. + * + * @param message The HTTP message to be displayed. + * @param isRequest Flags whether the message is an HTTP request or + * response. + */ + void setMessage(byte[] message, boolean isRequest); + + /** + * This method is used to retrieve the currently displayed message, which + * may have been modified by the user. + * + * @return The currently displayed HTTP message. + */ + byte[] getMessage(); + + /** + * This method is used to determine whether the current message has been + * modified by the user. + * + * @return An indication of whether the current message has been modified by + * the user since it was first displayed. + */ + boolean isMessageModified(); + + /** + * This method returns the data that is currently selected by the user. + * + * @return The data that is currently selected by the user, or + * null if no selection is made. + */ + byte[] getSelectedData(); + + /** + * This method can be used to retrieve the bounds of the user's selection + * into the displayed message, if applicable. + * + * @return An int[2] array containing the start and end offsets of the + * user's selection within the displayed message. If the user has not made + * any selection in the current message, both offsets indicate the position + * of the caret within the editor. For some editor views, the concept of + * selection within the message does not apply, in which case this method + * returns null. + */ + int[] getSelectionBounds(); +} diff --git a/src/burp/IMessageEditorController.java b/src/burp/IMessageEditorController.java new file mode 100644 index 0000000..7fda272 --- /dev/null +++ b/src/burp/IMessageEditorController.java @@ -0,0 +1,49 @@ +package burp; + +/* + * @(#)IMessageEditorController.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used by an + * IMessageEditor to obtain details about the currently displayed + * message. Extensions that create instances of Burp's HTTP message editor can + * optionally provide an implementation of + * IMessageEditorController, which the editor will invoke when it + * requires further information about the current message (for example, to send + * it to another Burp tool). Extensions that provide custom editor tabs via an + * IMessageEditorTabFactory will receive a reference to an + * IMessageEditorController object for each tab instance they + * generate, which the tab can invoke if it requires further information about + * the current message. + */ +public interface IMessageEditorController +{ + /** + * This method is used to retrieve the HTTP service for the current message. + * + * @return The HTTP service for the current message. + */ + IHttpService getHttpService(); + + /** + * This method is used to retrieve the HTTP request associated with the + * current message (which may itself be a response). + * + * @return The HTTP request associated with the current message. + */ + byte[] getRequest(); + + /** + * This method is used to retrieve the HTTP response associated with the + * current message (which may itself be a request). + * + * @return The HTTP response associated with the current message. + */ + byte[] getResponse(); +} diff --git a/src/burp/IMessageEditorTab.java b/src/burp/IMessageEditorTab.java new file mode 100644 index 0000000..853c35e --- /dev/null +++ b/src/burp/IMessageEditorTab.java @@ -0,0 +1,103 @@ +package burp; + +/* + * @(#)IMessageEditorTab.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.awt.Component; + +/** + * Extensions that register an + * IMessageEditorTabFactory must return instances of this + * interface, which Burp will use to create custom tabs within its HTTP message + * editors. + */ +public interface IMessageEditorTab +{ + /** + * This method returns the caption that should appear on the custom tab when + * it is displayed. Note: Burp invokes this method once when the tab + * is first generated, and the same caption will be used every time the tab + * is displayed. + * + * @return The caption that should appear on the custom tab when it is + * displayed. + */ + String getTabCaption(); + + /** + * This method returns the component that should be used as the contents of + * the custom tab when it is displayed. Note: Burp invokes this + * method once when the tab is first generated, and the same component will + * be used every time the tab is displayed. + * + * @return The component that should be used as the contents of the custom + * tab when it is displayed. + */ + Component getUiComponent(); + + /** + * The hosting editor will invoke this method before it displays a new HTTP + * message, so that the custom tab can indicate whether it should be enabled + * for that message. + * + * @param content The message that is about to be displayed, or a zero-length + * array if the existing message is to be cleared. + * @param isRequest Indicates whether the message is a request or a + * response. + * @return The method should return + * true if the custom tab is able to handle the specified + * message, and so will be displayed within the editor. Otherwise, the tab + * will be hidden while this message is displayed. + */ + boolean isEnabled(byte[] content, boolean isRequest); + + /** + * The hosting editor will invoke this method to display a new message or to + * clear the existing message. This method will only be called with a new + * message if the tab has already returned + * true to a call to + * isEnabled() with the same message details. + * + * @param content The message that is to be displayed, or + * null if the tab should clear its contents and disable any + * editable controls. + * @param isRequest Indicates whether the message is a request or a + * response. + */ + void setMessage(byte[] content, boolean isRequest); + + /** + * This method returns the currently displayed message. + * + * @return The currently displayed message. + */ + byte[] getMessage(); + + /** + * This method is used to determine whether the currently displayed message + * has been modified by the user. The hosting editor will always call + * getMessage() before calling this method, so any pending + * edits should be completed within + * getMessage(). + * + * @return The method should return + * true if the user has modified the current message since it + * was first displayed. + */ + boolean isModified(); + + /** + * This method is used to retrieve the data that is currently selected by + * the user. + * + * @return The data that is currently selected by the user. This may be + * null if no selection is currently made. + */ + byte[] getSelectedData(); +} diff --git a/src/burp/IMessageEditorTabFactory.java b/src/burp/IMessageEditorTabFactory.java new file mode 100644 index 0000000..85aad73 --- /dev/null +++ b/src/burp/IMessageEditorTabFactory.java @@ -0,0 +1,38 @@ +package burp; + +/* + * @(#)IMessageEditorTabFactory.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerMessageEditorTabFactory() to + * register a factory for custom message editor tabs. This allows extensions to + * provide custom rendering or editing of HTTP messages, within Burp's own HTTP + * editor. + */ +public interface IMessageEditorTabFactory +{ + /** + * Burp will call this method once for each HTTP message editor, and the + * factory should provide a new instance of an + * IMessageEditorTab object. + * + * @param controller An + * IMessageEditorController object, which the new tab can query + * to retrieve details about the currently displayed message. This may be + * null for extension-invoked message editors where the + * extension has not provided an editor controller. + * @param editable Indicates whether the hosting editor is editable or + * read-only. + * @return A new + * IMessageEditorTab object for use within the message editor. + */ + IMessageEditorTab createNewInstance(IMessageEditorController controller, + boolean editable); +} diff --git a/src/burp/IParameter.java b/src/burp/IParameter.java new file mode 100644 index 0000000..41a0668 --- /dev/null +++ b/src/burp/IParameter.java @@ -0,0 +1,104 @@ +package burp; + +/* + * @(#)IParameter.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to hold details about an HTTP request parameter. + */ +public interface IParameter +{ + /** + * Used to indicate a parameter within the URL query string. + */ + static final byte PARAM_URL = 0; + /** + * Used to indicate a parameter within the message body. + */ + static final byte PARAM_BODY = 1; + /** + * Used to indicate an HTTP cookie. + */ + static final byte PARAM_COOKIE = 2; + /** + * Used to indicate an item of data within an XML structure. + */ + static final byte PARAM_XML = 3; + /** + * Used to indicate the value of a tag attribute within an XML structure. + */ + static final byte PARAM_XML_ATTR = 4; + /** + * Used to indicate the value of a parameter attribute within a multi-part + * message body (such as the name of an uploaded file). + */ + static final byte PARAM_MULTIPART_ATTR = 5; + /** + * Used to indicate an item of data within a JSON structure. + */ + static final byte PARAM_JSON = 6; + + /** + * This method is used to retrieve the parameter type. + * + * @return The parameter type. The available types are defined within this + * interface. + */ + byte getType(); + + /** + * This method is used to retrieve the parameter name. + * + * @return The parameter name. + */ + String getName(); + + /** + * This method is used to retrieve the parameter value. + * + * @return The parameter value. + */ + String getValue(); + + /** + * This method is used to retrieve the start offset of the parameter name + * within the HTTP request. + * + * @return The start offset of the parameter name within the HTTP request, + * or -1 if the parameter is not associated with a specific request. + */ + int getNameStart(); + + /** + * This method is used to retrieve the end offset of the parameter name + * within the HTTP request. + * + * @return The end offset of the parameter name within the HTTP request, or + * -1 if the parameter is not associated with a specific request. + */ + int getNameEnd(); + + /** + * This method is used to retrieve the start offset of the parameter value + * within the HTTP request. + * + * @return The start offset of the parameter value within the HTTP request, + * or -1 if the parameter is not associated with a specific request. + */ + int getValueStart(); + + /** + * This method is used to retrieve the end offset of the parameter value + * within the HTTP request. + * + * @return The end offset of the parameter value within the HTTP request, or + * -1 if the parameter is not associated with a specific request. + */ + int getValueEnd(); +} diff --git a/src/burp/IProxyListener.java b/src/burp/IProxyListener.java new file mode 100644 index 0000000..daaf55c --- /dev/null +++ b/src/burp/IProxyListener.java @@ -0,0 +1,37 @@ +package burp; + +/* + * @(#)IProxyListener.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerProxyListener() to register a + * Proxy listener. The listener will be notified of requests and responses being + * processed by the Proxy tool. Extensions can perform custom analysis or + * modification of these messages, and control in-UI message interception, by + * registering a proxy listener. + */ +public interface IProxyListener +{ + /** + * This method is invoked when an HTTP message is being processed by the + * Proxy. + * + * @param messageIsRequest Indicates whether the HTTP message is a request + * or a response. + * @param message An + * IInterceptedProxyMessage object that extensions can use to + * query and update details of the message, and control whether the message + * should be intercepted and displayed to the user for manual review or + * modification. + */ + void processProxyMessage( + boolean messageIsRequest, + IInterceptedProxyMessage message); +} diff --git a/src/burp/IRequestInfo.java b/src/burp/IRequestInfo.java new file mode 100644 index 0000000..4acea61 --- /dev/null +++ b/src/burp/IRequestInfo.java @@ -0,0 +1,95 @@ +package burp; + +/* + * @(#)IRequestInfo.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.net.URL; +import java.util.List; + +/** + * This interface is used to retrieve key details about an HTTP request. + * Extensions can obtain an + * IRequestInfo object for a given request by calling + * IExtensionHelpers.analyzeRequest(). + */ +public interface IRequestInfo +{ + /** + * Used to indicate that there is no content. + */ + static final byte CONTENT_TYPE_NONE = 0; + /** + * Used to indicate URL-encoded content. + */ + static final byte CONTENT_TYPE_URL_ENCODED = 1; + /** + * Used to indicate multi-part content. + */ + static final byte CONTENT_TYPE_MULTIPART = 2; + /** + * Used to indicate XML content. + */ + static final byte CONTENT_TYPE_XML = 3; + /** + * Used to indicate JSON content. + */ + static final byte CONTENT_TYPE_JSON = 4; + /** + * Used to indicate AMF content. + */ + static final byte CONTENT_TYPE_AMF = 5; + /** + * Used to indicate unknown content. + */ + static final byte CONTENT_TYPE_UNKNOWN = -1; + + /** + * This method is used to obtain the HTTP method used in the request. + * + * @return The HTTP method used in the request. + */ + String getMethod(); + + /** + * This method is used to obtain the URL in the request. + * + * @return The URL in the request. + */ + URL getUrl(); + + /** + * This method is used to obtain the HTTP headers contained in the request. + * + * @return The HTTP headers contained in the request. + */ + List getHeaders(); + + /** + * This method is used to obtain the parameters contained in the request. + * + * @return The parameters contained in the request. + */ + List getParameters(); + + /** + * This method is used to obtain the offset within the request where the + * message body begins. + * + * @return The offset within the request where the message body begins. + */ + int getBodyOffset(); + + /** + * This method is used to obtain the content type of the message body. + * + * @return An indication of the content type of the message body. Available + * types are defined within this interface. + */ + byte getContentType(); +} diff --git a/src/burp/IResponseInfo.java b/src/burp/IResponseInfo.java new file mode 100644 index 0000000..9152a20 --- /dev/null +++ b/src/burp/IResponseInfo.java @@ -0,0 +1,73 @@ +package burp; + +/* + * @(#)IResponseInfo.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * This interface is used to retrieve key details about an HTTP response. + * Extensions can obtain an + * IResponseInfo object for a given response by calling + * IExtensionHelpers.analyzeResponse(). + */ +public interface IResponseInfo +{ + /** + * This method is used to obtain the HTTP headers contained in the response. + * + * @return The HTTP headers contained in the response. + */ + List getHeaders(); + + /** + * This method is used to obtain the offset within the response where the + * message body begins. + * + * @return The offset within the response where the message body begins. + */ + int getBodyOffset(); + + /** + * This method is used to obtain the HTTP status code contained in the + * response. + * + * @return The HTTP status code contained in the response. + */ + short getStatusCode(); + + /** + * This method is used to obtain details of the HTTP cookies set in the + * response. + * + * @return A list of ICookie objects representing the cookies + * set in the response, if any. + */ + List getCookies(); + + /** + * This method is used to obtain the MIME type of the response, as stated in + * the HTTP headers. + * + * @return A textual label for the stated MIME type, or an empty String if + * this is not known or recognized. The possible labels are the same as + * those used in the main Burp UI. + */ + String getStatedMimeType(); + + /** + * This method is used to obtain the MIME type of the response, as inferred + * from the contents of the HTTP message body. + * + * @return A textual label for the inferred MIME type, or an empty String if + * this is not known or recognized. The possible labels are the same as + * those used in the main Burp UI. + */ + String getInferredMimeType(); +} diff --git a/src/burp/IResponseKeywords.java b/src/burp/IResponseKeywords.java new file mode 100644 index 0000000..adbcfd0 --- /dev/null +++ b/src/burp/IResponseKeywords.java @@ -0,0 +1,58 @@ +package burp; + +/* + * @(#)IResponseKeywords.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * This interface is used to represent the counts of keywords appearing in a + * number of HTTP responses. + */ +public interface IResponseKeywords +{ + + /** + * This method is used to obtain the list of keywords whose counts vary + * between the analyzed responses. + * + * @return The keywords whose counts vary between the analyzed responses. + */ + List getVariantKeywords(); + + /** + * This method is used to obtain the list of keywords whose counts do not + * vary between the analyzed responses. + * + * @return The keywords whose counts do not vary between the analyzed + * responses. + */ + List getInvariantKeywords(); + + /** + * This method is used to obtain the number of occurrences of an individual + * keyword in a response. + * + * @param keyword The keyword whose count will be retrieved. + * @param responseIndex The index of the response. Note responses are + * indexed from zero in the order they were originally supplied to the + * IExtensionHelpers.analyzeResponseKeywords() and + * IResponseKeywords.updateWith() methods. + * @return The number of occurrences of the specified keyword for the + * specified response. + */ + int getKeywordCount(String keyword, int responseIndex); + + /** + * This method is used to update the analysis based on additional responses. + * + * @param responses The new responses to include in the analysis. + */ + void updateWith(byte[]... responses); +} diff --git a/src/burp/IResponseVariations.java b/src/burp/IResponseVariations.java new file mode 100644 index 0000000..8ca65ef --- /dev/null +++ b/src/burp/IResponseVariations.java @@ -0,0 +1,62 @@ +package burp; + +/* + * @(#)IResponseVariations.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * This interface is used to represent variations between a number HTTP + * responses, according to various attributes. + */ +public interface IResponseVariations +{ + + /** + * This method is used to obtain the list of attributes that vary between + * the analyzed responses. + * + * @return The attributes that vary between the analyzed responses. + */ + List getVariantAttributes(); + + /** + * This method is used to obtain the list of attributes that do not vary + * between the analyzed responses. + * + * @return The attributes that do not vary between the analyzed responses. + */ + List getInvariantAttributes(); + + /** + * This method is used to obtain the value of an individual attribute in a + * response. Note that the values of some attributes are intrinsically + * meaningful (e.g. a word count) while the values of others are less so + * (e.g. a checksum of the HTML tag names). + * + * @param attributeName The name of the attribute whose value will be + * retrieved. Extension authors can obtain the list of supported attributes + * by generating an IResponseVariations object for a single + * response and calling + * IResponseVariations.getInvariantAttributes(). + * @param responseIndex The index of the response. Note that responses are + * indexed from zero in the order they were originally supplied to the + * IExtensionHelpers.analyzeResponseVariations() and + * IResponseVariations.updateWith() methods. + * @return The value of the specified attribute for the specified response. + */ + int getAttributeValue(String attributeName, int responseIndex); + + /** + * This method is used to update the analysis based on additional responses. + * + * @param responses The new responses to include in the analysis. + */ + void updateWith(byte[]... responses); +} diff --git a/src/burp/IScanIssue.java b/src/burp/IScanIssue.java new file mode 100644 index 0000000..519d7e6 --- /dev/null +++ b/src/burp/IScanIssue.java @@ -0,0 +1,123 @@ +package burp; + +/* + * @(#)IScanIssue.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to retrieve details of Scanner issues. Extensions can + * obtain details of issues by registering an IScannerListener or + * by calling IBurpExtenderCallbacks.getScanIssues(). Extensions + * can also add custom Scanner issues by registering an + * IScannerCheck or calling + * IBurpExtenderCallbacks.addScanIssue(), and providing their own + * implementations of this interface. Note that issue descriptions and other + * text generated by extensions are subject to an HTML whitelist that allows + * only formatting tags and simple hyperlinks. + */ +public interface IScanIssue +{ + + /** + * This method returns the URL for which the issue was generated. + * + * @return The URL for which the issue was generated. + */ + java.net.URL getUrl(); + + /** + * This method returns the name of the issue type. + * + * @return The name of the issue type (e.g. "SQL injection"). + */ + String getIssueName(); + + /** + * This method returns a numeric identifier of the issue type. See the Burp + * Scanner help documentation for a listing of all the issue types. + * + * @return A numeric identifier of the issue type. + */ + int getIssueType(); + + /** + * This method returns the issue severity level. + * + * @return The issue severity level. Expected values are "High", "Medium", + * "Low", "Information" or "False positive". + * + */ + String getSeverity(); + + /** + * This method returns the issue confidence level. + * + * @return The issue confidence level. Expected values are "Certain", "Firm" + * or "Tentative". + */ + String getConfidence(); + + /** + * This method returns a background description for this type of issue. + * + * @return A background description for this type of issue, or + * null if none applies. A limited set of HTML tags may be + * used. + */ + String getIssueBackground(); + + /** + * This method returns a background description of the remediation for this + * type of issue. + * + * @return A background description of the remediation for this type of + * issue, or null if none applies. A limited set of HTML tags + * may be used. + */ + String getRemediationBackground(); + + /** + * This method returns detailed information about this specific instance of + * the issue. + * + * @return Detailed information about this specific instance of the issue, + * or null if none applies. A limited set of HTML tags may be + * used. + */ + String getIssueDetail(); + + /** + * This method returns detailed information about the remediation for this + * specific instance of the issue. + * + * @return Detailed information about the remediation for this specific + * instance of the issue, or null if none applies. A limited + * set of HTML tags may be used. + */ + String getRemediationDetail(); + + /** + * This method returns the HTTP messages on the basis of which the issue was + * generated. + * + * @return The HTTP messages on the basis of which the issue was generated. + * Note: The items in this array should be instances of + * IHttpRequestResponseWithMarkers if applicable, so that + * details of the relevant portions of the request and response messages are + * available. + */ + IHttpRequestResponse[] getHttpMessages(); + + /** + * This method returns the HTTP service for which the issue was generated. + * + * @return The HTTP service for which the issue was generated. + */ + IHttpService getHttpService(); + +} diff --git a/src/burp/IScanQueueItem.java b/src/burp/IScanQueueItem.java new file mode 100644 index 0000000..f6adb49 --- /dev/null +++ b/src/burp/IScanQueueItem.java @@ -0,0 +1,80 @@ +package burp; + +/* + * @(#)IScanQueueItem.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to retrieve details of items in the Burp Scanner + * active scan queue. Extensions can obtain references to scan queue items by + * calling + * IBurpExtenderCallbacks.doActiveScan(). + */ +public interface IScanQueueItem +{ + /** + * This method returns a description of the status of the scan queue item. + * + * @return A description of the status of the scan queue item. + */ + String getStatus(); + + /** + * This method returns an indication of the percentage completed for the + * scan queue item. + * + * @return An indication of the percentage completed for the scan queue + * item. + */ + byte getPercentageComplete(); + + /** + * This method returns the number of requests that have been made for the + * scan queue item. + * + * @return The number of requests that have been made for the scan queue + * item. + */ + int getNumRequests(); + + /** + * This method returns the number of network errors that have occurred for + * the scan queue item. + * + * @return The number of network errors that have occurred for the scan + * queue item. + */ + int getNumErrors(); + + /** + * This method returns the number of attack insertion points being used for + * the scan queue item. + * + * @return The number of attack insertion points being used for the scan + * queue item. + */ + int getNumInsertionPoints(); + + /** + * This method allows the scan queue item to be canceled. + */ + void cancel(); + + /** + * This method returns details of the issues generated for the scan queue + * item. Note: different items within the scan queue may contain + * duplicated versions of the same issues - for example, if the same request + * has been scanned multiple times. Duplicated issues are consolidated in + * the main view of scan results. Extensions can register an + * IScannerListener to get details only of unique, newly + * discovered Scanner issues post-consolidation. + * + * @return Details of the issues generated for the scan queue item. + */ + IScanIssue[] getIssues(); +} diff --git a/src/burp/IScannerCheck.java b/src/burp/IScannerCheck.java new file mode 100644 index 0000000..5445b0f --- /dev/null +++ b/src/burp/IScannerCheck.java @@ -0,0 +1,83 @@ +package burp; + +/* + * @(#)IScannerCheck.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerScannerCheck() to register a + * custom Scanner check. When performing scanning, Burp will ask the check to + * perform active or passive scanning on the base request, and report any + * Scanner issues that are identified. + */ +public interface IScannerCheck +{ + + /** + * The Scanner invokes this method for each base request / response that is + * passively scanned. Note: Extensions should only analyze the + * HTTP messages provided during passive scanning, and should not make any + * new HTTP requests of their own. + * + * @param baseRequestResponse The base HTTP request / response that should + * be passively scanned. + * @return A list of IScanIssue objects, or null + * if no issues are identified. + */ + List doPassiveScan(IHttpRequestResponse baseRequestResponse); + + /** + * The Scanner invokes this method for each insertion point that is actively + * scanned. Extensions may issue HTTP requests as required to carry out + * active scanning, and should use the + * IScannerInsertionPoint object provided to build scan + * requests for particular payloads. + * Note: + * Scan checks should submit raw non-encoded payloads to insertion points, + * and the insertion point has responsibility for performing any data + * encoding that is necessary given the nature and location of the insertion + * point. + * + * @param baseRequestResponse The base HTTP request / response that should + * be actively scanned. + * @param insertionPoint An IScannerInsertionPoint object that + * can be queried to obtain details of the insertion point being tested, and + * can be used to build scan requests for particular payloads. + * @return A list of IScanIssue objects, or null + * if no issues are identified. + */ + List doActiveScan( + IHttpRequestResponse baseRequestResponse, + IScannerInsertionPoint insertionPoint); + + /** + * The Scanner invokes this method when the custom Scanner check has + * reported multiple issues for the same URL path. This can arise either + * because there are multiple distinct vulnerabilities, or because the same + * (or a similar) request has been scanned more than once. The custom check + * should determine whether the issues are duplicates. In most cases, where + * a check uses distinct issue names or descriptions for distinct issues, + * the consolidation process will simply be a matter of comparing these + * features for the two issues. + * + * @param existingIssue An issue that was previously reported by this + * Scanner check. + * @param newIssue An issue at the same URL path that has been newly + * reported by this Scanner check. + * @return An indication of which issue(s) should be reported in the main + * Scanner results. The method should return -1 to report the + * existing issue only, 0 to report both issues, and + * 1 to report the new issue only. + */ + int consolidateDuplicateIssues( + IScanIssue existingIssue, + IScanIssue newIssue); +} diff --git a/src/burp/IScannerInsertionPoint.java b/src/burp/IScannerInsertionPoint.java new file mode 100644 index 0000000..7839440 --- /dev/null +++ b/src/burp/IScannerInsertionPoint.java @@ -0,0 +1,174 @@ +package burp; + +/* + * @(#)IScannerInsertionPoint.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to define an insertion point for use by active Scanner + * checks. Extensions can obtain instances of this interface by registering an + * IScannerCheck, or can create instances for use by Burp's own + * scan checks by registering an + * IScannerInsertionPointProvider. + */ +public interface IScannerInsertionPoint +{ + + /** + * Used to indicate where the payload is inserted into the value of a URL + * parameter. + */ + static final byte INS_PARAM_URL = 0x00; + /** + * Used to indicate where the payload is inserted into the value of a body + * parameter. + */ + static final byte INS_PARAM_BODY = 0x01; + /** + * Used to indicate where the payload is inserted into the value of an HTTP + * cookie. + */ + static final byte INS_PARAM_COOKIE = 0x02; + /** + * Used to indicate where the payload is inserted into the value of an item + * of data within an XML data structure. + */ + static final byte INS_PARAM_XML = 0x03; + /** + * Used to indicate where the payload is inserted into the value of a tag + * attribute within an XML structure. + */ + static final byte INS_PARAM_XML_ATTR = 0x04; + /** + * Used to indicate where the payload is inserted into the value of a + * parameter attribute within a multi-part message body (such as the name of + * an uploaded file). + */ + static final byte INS_PARAM_MULTIPART_ATTR = 0x05; + /** + * Used to indicate where the payload is inserted into the value of an item + * of data within a JSON structure. + */ + static final byte INS_PARAM_JSON = 0x06; + /** + * Used to indicate where the payload is inserted into the value of an AMF + * parameter. + */ + static final byte INS_PARAM_AMF = 0x07; + /** + * Used to indicate where the payload is inserted into the value of an HTTP + * request header. + */ + static final byte INS_HEADER = 0x20; + /** + * Used to indicate where the payload is inserted into a URL path folder. + */ + static final byte INS_URL_PATH_FOLDER = 0x21; + /** + * Used to indicate where the payload is inserted into a URL path folder. + * This is now deprecated; use INS_URL_PATH_FOLDER instead. + */ + @Deprecated + static final byte INS_URL_PATH_REST = INS_URL_PATH_FOLDER; + /** + * Used to indicate where the payload is inserted into the name of an added + * URL parameter. + */ + static final byte INS_PARAM_NAME_URL = 0x22; + /** + * Used to indicate where the payload is inserted into the name of an added + * body parameter. + */ + static final byte INS_PARAM_NAME_BODY = 0x23; + /** + * Used to indicate where the payload is inserted into the body of the HTTP + * request. + */ + static final byte INS_ENTIRE_BODY = 0x24; + /** + * Used to indicate where the payload is inserted into the URL path + * filename. + */ + static final byte INS_URL_PATH_FILENAME = 0x25; + /** + * Used to indicate where the payload is inserted at a location manually + * configured by the user. + */ + static final byte INS_USER_PROVIDED = 0x40; + /** + * Used to indicate where the insertion point is provided by an + * extension-registered + * IScannerInsertionPointProvider. + */ + static final byte INS_EXTENSION_PROVIDED = 0x41; + /** + * Used to indicate where the payload is inserted at an unknown location + * within the request. + */ + static final byte INS_UNKNOWN = 0x7f; + + /** + * This method returns the name of the insertion point. + * + * @return The name of the insertion point (for example, a description of a + * particular request parameter). + */ + String getInsertionPointName(); + + /** + * This method returns the base value for this insertion point. + * + * @return the base value that appears in this insertion point in the base + * request being scanned, or null if there is no value in the + * base request that corresponds to this insertion point. + */ + String getBaseValue(); + + /** + * This method is used to build a request with the specified payload placed + * into the insertion point. There is no requirement for extension-provided + * insertion points to adjust the Content-Length header in requests if the + * body length has changed, although Burp-provided insertion points will + * always do this and will return a request with a valid Content-Length + * header. + * Note: + * Scan checks should submit raw non-encoded payloads to insertion points, + * and the insertion point has responsibility for performing any data + * encoding that is necessary given the nature and location of the insertion + * point. + * + * @param payload The payload that should be placed into the insertion + * point. + * @return The resulting request. + */ + byte[] buildRequest(byte[] payload); + + /** + * This method is used to determine the offsets of the payload value within + * the request, when it is placed into the insertion point. Scan checks may + * invoke this method when reporting issues, so as to highlight the relevant + * part of the request within the UI. + * + * @param payload The payload that should be placed into the insertion + * point. + * @return An int[2] array containing the start and end offsets of the + * payload within the request, or null if this is not applicable (for + * example, where the insertion point places a payload into a serialized + * data structure, the raw payload may not literally appear anywhere within + * the resulting request). + */ + int[] getPayloadOffsets(byte[] payload); + + /** + * This method returns the type of the insertion point. + * + * @return The type of the insertion point. Available types are defined in + * this interface. + */ + byte getInsertionPointType(); +} diff --git a/src/burp/IScannerInsertionPointProvider.java b/src/burp/IScannerInsertionPointProvider.java new file mode 100644 index 0000000..4365ccf --- /dev/null +++ b/src/burp/IScannerInsertionPointProvider.java @@ -0,0 +1,38 @@ +package burp; + +/* + * @(#)IScannerInsertionPointProvider.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.util.List; + +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerScannerInsertionPointProvider() + * to register a factory for custom Scanner insertion points. + */ +public interface IScannerInsertionPointProvider +{ + /** + * When a request is actively scanned, the Scanner will invoke this method, + * and the provider should provide a list of custom insertion points that + * will be used in the scan. Note: these insertion points are used in + * addition to those that are derived from Burp Scanner's configuration, and + * those provided by any other Burp extensions. + * + * @param baseRequestResponse The base request that will be actively + * scanned. + * @return A list of + * IScannerInsertionPoint objects that should be used in the + * scanning, or + * null if no custom insertion points are applicable for this + * request. + */ + List getInsertionPoints( + IHttpRequestResponse baseRequestResponse); +} diff --git a/src/burp/IScannerListener.java b/src/burp/IScannerListener.java new file mode 100644 index 0000000..21c0f4e --- /dev/null +++ b/src/burp/IScannerListener.java @@ -0,0 +1,30 @@ +package burp; + +/* + * @(#)IScannerListener.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerScannerListener() to register a + * Scanner listener. The listener will be notified of new issues that are + * reported by the Scanner tool. Extensions can perform custom analysis or + * logging of Scanner issues by registering a Scanner listener. + */ +public interface IScannerListener +{ + /** + * This method is invoked when a new issue is added to Burp Scanner's + * results. + * + * @param issue An + * IScanIssue object that the extension can query to obtain + * details about the new issue. + */ + void newScanIssue(IScanIssue issue); +} diff --git a/src/burp/IScopeChangeListener.java b/src/burp/IScopeChangeListener.java new file mode 100644 index 0000000..30b7918 --- /dev/null +++ b/src/burp/IScopeChangeListener.java @@ -0,0 +1,25 @@ +package burp; + +/* + * @(#)IScopeChangeListener.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerScopeChangeListener() to register + * a scope change listener. The listener will be notified whenever a change + * occurs to Burp's suite-wide target scope. + */ +public interface IScopeChangeListener +{ + /** + * This method is invoked whenever a change occurs to Burp's suite-wide + * target scope. + */ + void scopeChanged(); +} diff --git a/src/burp/ISessionHandlingAction.java b/src/burp/ISessionHandlingAction.java new file mode 100644 index 0000000..1a147d4 --- /dev/null +++ b/src/burp/ISessionHandlingAction.java @@ -0,0 +1,51 @@ +package burp; + +/* + * @(#)ISessionHandlingAction.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * Extensions can implement this interface and then call + * IBurpExtenderCallbacks.registerSessionHandlingAction() to + * register a custom session handling action. Each registered action will be + * available within the session handling rule UI for the user to select as a + * rule action. Users can choose to invoke an action directly in its own right, + * or following execution of a macro. + */ +public interface ISessionHandlingAction +{ + /** + * This method is used by Burp to obtain the name of the session handling + * action. This will be displayed as an option within the session handling + * rule editor when the user selects to execute an extension-provided + * action. + * + * @return The name of the action. + */ + String getActionName(); + + /** + * This method is invoked when the session handling action should be + * executed. This may happen as an action in its own right, or as a + * sub-action following execution of a macro. + * + * @param currentRequest The base request that is currently being processed. + * The action can query this object to obtain details about the base + * request. It can issue additional requests of its own if necessary, and + * can use the setter methods on this object to update the base request. + * @param macroItems If the action is invoked following execution of a + * macro, this parameter contains the result of executing the macro. + * Otherwise, it is + * null. Actions can use the details of the macro items to + * perform custom analysis of the macro to derive values of non-standard + * session handling tokens, etc. + */ + void performAction( + IHttpRequestResponse currentRequest, + IHttpRequestResponse[] macroItems); +} diff --git a/src/burp/ITab.java b/src/burp/ITab.java new file mode 100644 index 0000000..f547993 --- /dev/null +++ b/src/burp/ITab.java @@ -0,0 +1,38 @@ +package burp; + +/* + * @(#)ITab.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.awt.Component; + +/** + * This interface is used to provide Burp with details of a custom tab that will + * be added to Burp's UI, using a method such as + * IBurpExtenderCallbacks.addSuiteTab(). + */ +public interface ITab +{ + /** + * Burp uses this method to obtain the caption that should appear on the + * custom tab when it is displayed. + * + * @return The caption that should appear on the custom tab when it is + * displayed. + */ + String getTabCaption(); + + /** + * Burp uses this method to obtain the component that should be used as the + * contents of the custom tab when it is displayed. + * + * @return The component that should be used as the contents of the custom + * tab when it is displayed. + */ + Component getUiComponent(); +} diff --git a/src/burp/ITempFile.java b/src/burp/ITempFile.java new file mode 100644 index 0000000..c9247ef --- /dev/null +++ b/src/burp/ITempFile.java @@ -0,0 +1,33 @@ +package burp; + +/* + * @(#)ITempFile.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +/** + * This interface is used to hold details of a temporary file that has been + * created via a call to + * IBurpExtenderCallbacks.saveToTempFile(). + * + */ +public interface ITempFile +{ + /** + * This method is used to retrieve the contents of the buffer that was saved + * in the temporary file. + * + * @return The contents of the buffer that was saved in the temporary file. + */ + byte[] getBuffer(); + + /** + * This method is deprecated and no longer performs any action. + */ + @Deprecated + void delete(); +} diff --git a/src/burp/ITextEditor.java b/src/burp/ITextEditor.java new file mode 100644 index 0000000..ca2526a --- /dev/null +++ b/src/burp/ITextEditor.java @@ -0,0 +1,90 @@ +package burp; + +/* + * @(#)ITextEditor.java + * + * Copyright PortSwigger Ltd. All rights reserved. + * + * This code may be used to extend the functionality of Burp Suite Community Edition + * and Burp Suite Professional, provided that this usage does not violate the + * license terms for those products. + */ +import java.awt.Component; + +/** + * This interface is used to provide extensions with an instance of Burp's raw + * text editor, for the extension to use in its own UI. Extensions should call + * IBurpExtenderCallbacks.createTextEditor() to obtain an instance + * of this interface. + */ +public interface ITextEditor +{ + /** + * This method returns the UI component of the editor, for extensions to add + * to their own UI. + * + * @return The UI component of the editor. + */ + Component getComponent(); + + /** + * This method is used to control whether the editor is currently editable. + * This status can be toggled on and off as required. + * + * @param editable Indicates whether the editor should be currently + * editable. + */ + void setEditable(boolean editable); + + /** + * This method is used to update the currently displayed text in the editor. + * + * @param text The text to be displayed. + */ + void setText(byte[] text); + + /** + * This method is used to retrieve the currently displayed text. + * + * @return The currently displayed text. + */ + byte[] getText(); + + /** + * This method is used to determine whether the user has modified the + * contents of the editor. + * + * @return An indication of whether the user has modified the contents of + * the editor since the last call to + * setText(). + */ + boolean isTextModified(); + + /** + * This method is used to obtain the currently selected text. + * + * @return The currently selected text, or + * null if the user has not made any selection. + */ + byte[] getSelectedText(); + + /** + * This method can be used to retrieve the bounds of the user's selection + * into the displayed text, if applicable. + * + * @return An int[2] array containing the start and end offsets of the + * user's selection within the displayed text. If the user has not made any + * selection in the current message, both offsets indicate the position of + * the caret within the editor. + */ + int[] getSelectionBounds(); + + /** + * This method is used to update the search expression that is shown in the + * search bar below the editor. The editor will automatically highlight any + * regions of the displayed text that match the search expression. + * + * @param expression The search expression. + */ + void setSearchExpression(String expression); +} diff --git a/src/burp/MainPanel.form b/src/burp/MainPanel.form new file mode 100644 index 0000000..14d4d26 --- /dev/null +++ b/src/burp/MainPanel.form @@ -0,0 +1,421 @@ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/src/burp/MainPanel.java b/src/burp/MainPanel.java new file mode 100644 index 0000000..40c4148 --- /dev/null +++ b/src/burp/MainPanel.java @@ -0,0 +1,464 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package burp; + +import java.security.NoSuchAlgorithmException; +import java.util.logging.Level; +import java.util.logging.Logger; +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import javax.swing.JOptionPane; + +/** + * + * @author abdul.wahab + */ +public class MainPanel extends javax.swing.JPanel { + + + BurpExtender myburp; + /** + * Creates new form MainPanel + * @param burp + */ + public MainPanel(BurpExtender burp) { + this.myburp = burp; + initComponents(); + this.jCheckBox2.setSelected(true); + this.jCheckBox4.setSelected(true); + this.jCheckBox5.setSelected(true); + this.jCheckBox7.setSelected(true); + this.jCheckBox2.setEnabled(false); + this.jCheckBox4.setEnabled(false); + this.jCheckBox5.setEnabled(false); + this.jCheckBox7.setEnabled(false); + } + + /** + * This method is called from within the constructor to initialize the form. + * WARNING: Do NOT modify this code. The content of this method is always + * regenerated by the Form Editor. + */ + @SuppressWarnings("unchecked") + // //GEN-BEGIN:initComponents + private void initComponents() { + + jScrollPane1 = new javax.swing.JScrollPane(); + jTextArea1 = new javax.swing.JTextArea(); + jPanel4 = new javax.swing.JPanel(); + jTabbedPane2 = new javax.swing.JTabbedPane(); + jPanel2 = new javax.swing.JPanel(); + jPanel1 = new javax.swing.JPanel(); + jTextField1 = new javax.swing.JTextField(); + jTextField2 = new javax.swing.JTextField(); + jLabel1 = new javax.swing.JLabel(); + jLabel2 = new javax.swing.JLabel(); + jTextField3 = new javax.swing.JTextField(); + jLabel3 = new javax.swing.JLabel(); + jTextField4 = new javax.swing.JTextField(); + jLabel4 = new javax.swing.JLabel(); + jButton1 = new javax.swing.JButton(); + jTextField5 = new javax.swing.JTextField(); + jLabel7 = new javax.swing.JLabel(); + jCheckBox1 = new javax.swing.JCheckBox(); + jPanel8 = new javax.swing.JPanel(); + jButton3 = new javax.swing.JButton(); + jButton6 = new javax.swing.JButton(); + jCheckBox2 = new javax.swing.JCheckBox(); + jCheckBox4 = new javax.swing.JCheckBox(); + jCheckBox5 = new javax.swing.JCheckBox(); + jCheckBox7 = new javax.swing.JCheckBox(); + jButton7 = new javax.swing.JButton(); + jPanel5 = new javax.swing.JPanel(); + jScrollPane6 = new javax.swing.JScrollPane(); + jTextPane1 = new javax.swing.JTextPane(); + jButton4 = new javax.swing.JButton(); + jButton5 = new javax.swing.JButton(); + jPanel7 = new javax.swing.JPanel(); + jScrollPane7 = new javax.swing.JScrollPane(); + jTextPane2 = new javax.swing.JTextPane(); + + jTextArea1.setColumns(20); + jTextArea1.setRows(5); + jScrollPane1.setViewportView(jTextArea1); + + javax.swing.GroupLayout jPanel4Layout = new javax.swing.GroupLayout(jPanel4); + jPanel4.setLayout(jPanel4Layout); + jPanel4Layout.setHorizontalGroup( + jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGap(0, 100, Short.MAX_VALUE) + ); + jPanel4Layout.setVerticalGroup( + jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGap(0, 100, Short.MAX_VALUE) + ); + + jPanel1.setBorder(javax.swing.BorderFactory.createTitledBorder("")); + + jTextField1.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jTextField1ActionPerformed(evt); + } + }); + + jLabel1.setText("Secret Key"); + + jLabel2.setText("Initialize Vector"); + + jLabel3.setText("Request Parameter"); + + jLabel4.setText("Response Parameter"); + + jButton1.setText("Start AES Killer proxy Listener"); + jButton1.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton1ActionPerformed(evt); + } + }); + + jLabel7.setText("Request URL Filter"); + + jCheckBox1.setText("Decrypt Response too"); + + jButton3.setText("Override Burp HTTPListener"); + jButton3.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton3ActionPerformed(evt); + } + }); + + jButton6.setText("Stop Burp HTTPListener"); + jButton6.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton6ActionPerformed(evt); + } + }); + + jCheckBox2.setText("Proxy"); + + jCheckBox4.setText("Intruder"); + + jCheckBox5.setText("Scanner"); + + jCheckBox7.setText("Repeater"); + + javax.swing.GroupLayout jPanel8Layout = new javax.swing.GroupLayout(jPanel8); + jPanel8.setLayout(jPanel8Layout); + jPanel8Layout.setHorizontalGroup( + jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel8Layout.createSequentialGroup() + .addContainerGap() + .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel8Layout.createSequentialGroup() + .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jCheckBox5) + .addComponent(jCheckBox2)) + .addGap(18, 18, 18) + .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jCheckBox7) + .addComponent(jCheckBox4))) + .addComponent(jButton6) + .addComponent(jButton3)) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + ); + jPanel8Layout.setVerticalGroup( + jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel8Layout.createSequentialGroup() + .addContainerGap() + .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jCheckBox2) + .addComponent(jCheckBox7)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jCheckBox5) + .addComponent(jCheckBox4)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(jButton3) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(jButton6) + .addContainerGap()) + ); + + jButton7.setText("Stop AES Killer proxy Listener"); + jButton7.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton7ActionPerformed(evt); + } + }); + + javax.swing.GroupLayout jPanel1Layout = new javax.swing.GroupLayout(jPanel1); + jPanel1.setLayout(jPanel1Layout); + jPanel1Layout.setHorizontalGroup( + jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addContainerGap() + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(jLabel2) + .addGap(101, 101, 101) + .addComponent(jLabel4)) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(jTextField2, javax.swing.GroupLayout.PREFERRED_SIZE, 156, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jTextField4, javax.swing.GroupLayout.PREFERRED_SIZE, 131, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jCheckBox1)) + .addGroup(jPanel1Layout.createSequentialGroup() + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jTextField1, javax.swing.GroupLayout.PREFERRED_SIZE, 156, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel1)) + .addGap(18, 18, 18) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jTextField3, javax.swing.GroupLayout.PREFERRED_SIZE, 131, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel3)) + .addGap(18, 18, 18) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel7) + .addComponent(jTextField5, javax.swing.GroupLayout.PREFERRED_SIZE, 167, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 183, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jButton7, javax.swing.GroupLayout.PREFERRED_SIZE, 183, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 56, Short.MAX_VALUE) + .addComponent(jPanel8, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + ); + jPanel1Layout.setVerticalGroup( + jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addGap(4, 4, 4) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jLabel1) + .addComponent(jLabel3) + .addComponent(jLabel7)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jTextField1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jTextField3, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jTextField5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jLabel2) + .addComponent(jLabel4)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jTextField2, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jTextField4, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jCheckBox1)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 38, Short.MAX_VALUE) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jButton1) + .addComponent(jButton7)) + .addContainerGap()) + .addComponent(jPanel8, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + ); + + jPanel5.setBorder(javax.swing.BorderFactory.createTitledBorder("")); + jPanel5.setLayout(new javax.swing.BoxLayout(jPanel5, javax.swing.BoxLayout.LINE_AXIS)); + + jScrollPane6.setViewportView(jTextPane1); + + jPanel5.add(jScrollPane6); + + jButton4.setText("Decrypt"); + jButton4.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton4ActionPerformed(evt); + } + }); + + jButton5.setText("Encrypt"); + jButton5.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton5ActionPerformed(evt); + } + }); + + jPanel7.setBorder(javax.swing.BorderFactory.createTitledBorder("")); + jPanel7.setLayout(new java.awt.GridLayout(1, 0)); + + jScrollPane7.setViewportView(jTextPane2); + + jPanel7.add(jScrollPane7); + + javax.swing.GroupLayout jPanel2Layout = new javax.swing.GroupLayout(jPanel2); + jPanel2.setLayout(jPanel2Layout); + jPanel2Layout.setHorizontalGroup( + jPanel2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jPanel1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(jPanel5, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addGroup(jPanel2Layout.createSequentialGroup() + .addContainerGap() + .addComponent(jButton4) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(jButton5) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addComponent(jPanel7, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + ); + jPanel2Layout.setVerticalGroup( + jPanel2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel2Layout.createSequentialGroup() + .addContainerGap() + .addComponent(jPanel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(jPanel5, javax.swing.GroupLayout.PREFERRED_SIZE, 117, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel2Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jButton5) + .addComponent(jButton4)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jPanel7, javax.swing.GroupLayout.DEFAULT_SIZE, 97, Short.MAX_VALUE) + .addContainerGap()) + ); + + jTabbedPane2.addTab("Main", jPanel2); + + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); + this.setLayout(layout); + layout.setHorizontalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jTabbedPane2) + ); + layout.setVerticalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jTabbedPane2) + ); + }// //GEN-END:initComponents + + private void jTextField1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jTextField1ActionPerformed + // TODO add your handling code here: + }//GEN-LAST:event_jTextField1ActionPerformed + + private boolean check_input(){ + String secret_key = this.jTextField1.getText().trim(); + String initialize_vector = this.jTextField2.getText().trim(); + String filter_URL = this.jTextField5.getText().trim(); + if(secret_key.equals("") || initialize_vector.equals("") || filter_URL.equals("")){ + JOptionPane.showMessageDialog(null, "Parameter Missing", "Enter all require info!!!", 0); + return false; + } + return true; + } + private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed + if(!check_input()){ return;} + try { + this.myburp.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + this.myburp.sec_key = new SecretKeySpec(this.jTextField1.getText().getBytes(),"AES"); + this.myburp.iv_param = new IvParameterSpec(this.jTextField2.getText().getBytes()); + } catch (NoSuchAlgorithmException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } catch (NoSuchPaddingException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } + this.myburp.reqURL = this.jTextField5.getText(); + this.myburp.reqParameter = this.jTextField3.getText(); + this.myburp.decResponse = this.jCheckBox1.isSelected(); + this.myburp.callbacks.registerProxyListener(myburp); + this.myburp.stdout.println("AES-Killer Started"); + JOptionPane.showMessageDialog(null, "Proxy Listener Registered"); + }//GEN-LAST:event_jButton1ActionPerformed + + private void jButton3ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton3ActionPerformed + try { + this.myburp.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + this.myburp.sec_key = new SecretKeySpec(this.jTextField1.getText().getBytes(),"AES"); + this.myburp.iv_param = new IvParameterSpec(this.jTextField2.getText().getBytes()); + } catch (NoSuchAlgorithmException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } catch (NoSuchPaddingException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } + this.myburp.reqURL = this.jTextField5.getText(); + this.myburp.reqParameter = this.jTextField3.getText(); + this.myburp.decResponse = this.jCheckBox1.isSelected(); + + this.myburp.callbacks.registerHttpListener(myburp); +// this.myburp.callbacks.registerProxyListener(myburp); + this.myburp.stdout.println("AES-Killer Started"); + JOptionPane.showMessageDialog(null, "HTTP Listener Registered!!!"); + }//GEN-LAST:event_jButton3ActionPerformed + + private void jButton7ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton7ActionPerformed + this.myburp.callbacks.removeProxyListener(myburp); + JOptionPane.showMessageDialog(null, "Proxy Listener Deregistered"); + }//GEN-LAST:event_jButton7ActionPerformed + + private void jButton6ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton6ActionPerformed + this.myburp.callbacks.removeHttpListener(myburp); + JOptionPane.showMessageDialog(null, "HTTP Listener Deregistered!!!"); + }//GEN-LAST:event_jButton6ActionPerformed + + private void jButton4ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton4ActionPerformed + try { + this.myburp.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + this.myburp.sec_key = new SecretKeySpec(this.jTextField1.getText().getBytes(),"AES"); + this.myburp.iv_param = new IvParameterSpec(this.jTextField2.getText().getBytes()); + } catch (NoSuchAlgorithmException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } catch (NoSuchPaddingException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } + String enc_str = new String(this.jTextPane1.getText()); + enc_str = this.myburp.removeNull(this.myburp.removeOff(enc_str)); + String dec_str = new String(this.myburp.doDecrypt(enc_str)); + this.jTextPane2.setText(dec_str); +// JOptionPane.showMessageDialog(null, dec_str); + }//GEN-LAST:event_jButton4ActionPerformed + + private void jButton5ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton5ActionPerformed + try { + this.myburp.cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + this.myburp.sec_key = new SecretKeySpec(this.jTextField1.getText().getBytes(),"AES"); + this.myburp.iv_param = new IvParameterSpec(this.jTextField2.getText().getBytes()); + } catch (NoSuchAlgorithmException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } catch (NoSuchPaddingException ex) { + Logger.getLogger(MainPanel.class.getName()).log(Level.SEVERE, null, ex); + } + String dec_str = new String(this.jTextPane1.getText()); + String enc_str = new String(this.myburp.doEncrypt(dec_str)); + this.jTextPane2.setText(enc_str); + }//GEN-LAST:event_jButton5ActionPerformed + + + // Variables declaration - do not modify//GEN-BEGIN:variables + private javax.swing.JButton jButton1; + private javax.swing.JButton jButton3; + private javax.swing.JButton jButton4; + private javax.swing.JButton jButton5; + private javax.swing.JButton jButton6; + private javax.swing.JButton jButton7; + private javax.swing.JCheckBox jCheckBox1; + private javax.swing.JCheckBox jCheckBox2; + private javax.swing.JCheckBox jCheckBox4; + private javax.swing.JCheckBox jCheckBox5; + private javax.swing.JCheckBox jCheckBox7; + private javax.swing.JLabel jLabel1; + private javax.swing.JLabel jLabel2; + private javax.swing.JLabel jLabel3; + private javax.swing.JLabel jLabel4; + private javax.swing.JLabel jLabel7; + private javax.swing.JPanel jPanel1; + private javax.swing.JPanel jPanel2; + private javax.swing.JPanel jPanel4; + private javax.swing.JPanel jPanel5; + private javax.swing.JPanel jPanel7; + private javax.swing.JPanel jPanel8; + private javax.swing.JScrollPane jScrollPane1; + private javax.swing.JScrollPane jScrollPane6; + private javax.swing.JScrollPane jScrollPane7; + private javax.swing.JTabbedPane jTabbedPane2; + private javax.swing.JTextArea jTextArea1; + private javax.swing.JTextField jTextField1; + private javax.swing.JTextField jTextField2; + private javax.swing.JTextField jTextField3; + private javax.swing.JTextField jTextField4; + private javax.swing.JTextField jTextField5; + private javax.swing.JTextPane jTextPane1; + private javax.swing.JTextPane jTextPane2; + // End of variables declaration//GEN-END:variables +}