/** * {@inheritDoc} */ @Override public void newScanIssue(IScanIssue issue) { if (isFalsePositive(issue)) { log("Excluding false positive of type: " + issue.getIssueType() + ", name: " + issue.getIssueName() + " found at URL: " + issue.getUrl()); } else { log("New scan issue of type: " + issue.getIssueType() + ", name: " + issue.getIssueName() + " found at URL: " + issue.getUrl()); scanIssues.add(issue); } }
@Override public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { if (Objects.equals(existingIssue.getIssueDetail(), newIssue.getIssueDetail()) && existingIssue.getIssueType() == newIssue.getIssueType() && existingIssue.getUrl().equals(newIssue.getUrl())) return -1; else return 1; } }
@Override public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { if (existingIssue.getIssueName().equals(newIssue.getIssueName()) && existingIssue.getIssueDetail().equals(newIssue.getIssueDetail())) return -1; else return 0; } }
@Override public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { switch (newIssue.getIssueName()) { case "Clickjacking": case "Missing X-Content-Type-Options header": case "Missing X-XSS-Protection header": case "Content Security Policy related information": if (existingIssue.getIssueName().equals(newIssue.getIssueName()) && existingIssue.getUrl().getHost().equals(newIssue.getUrl().getHost()) && existingIssue.getUrl().getPath().equals(newIssue.getUrl().getPath())) { return -1; } return 0; default: if (existingIssue.getIssueDetail().equals(newIssue.getIssueDetail())) { return -1; } return 0; } }
if (ignoreIssueIds != null && ignoreIssueIds.contains(issue.getIssueType())) return; IHttpService issueService = issue.getHttpService(); int existingIssues = issueStat.getOrDefault(issue.getIssueName(), 0); if (extConfig.getMaxIssuesByType() > 0 && existingIssues >= extConfig.getMaxIssuesByType()) { return; switch (issue.getIssueType()) { if (issue.getIssueDetail().contains("https://" + d)) { return; IHttpRequestResponse[] trans = issue.getHttpMessages(); if (trans == null) return; for (IHttpRequestResponse t : trans) { stdout.println(t.getHttpService().getHost()); stdout.println(issue.getHttpService().getHost()); if (!extConfig.getPublicCorsWhitelist().contains(t.getHttpService().getHost())) { isInteresting = true; if (extConfig.getCrossdomainXmlWhitelist().contains(issue.getHttpService().getHost())) { return; issueStat.put(issue.getIssueName(), existingIssues+1); issues.add(issue);
/******************* * Consolidate duplicate issues. * * @param existingIssue The existing scanner issue. * @param newIssue The new scanner issue. * @return -1 keep existing issue, 0 to keep both, 1 to keep the new issue. ******************/ public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { //Compare issues if (existingIssue.getUrl().equals(newIssue.getUrl()) && existingIssue.getIssueName().equals(newIssue.getIssueName())) { //Return the issue with higher confidence if (confidenceValue(existingIssue) > confidenceValue(newIssue)) { return -1; } else if (confidenceValue(existingIssue) < confidenceValue(newIssue)) { return 1; } else { //Confidence matches, return the issue with higher severity if (severityValue(existingIssue) > severityValue(newIssue)) { return -1; } else if (severityValue(existingIssue) < severityValue(newIssue)) { return 1; } else { //Both match, keep the existing issue return -1; } } } //Keep both issues return 0; }
@Override public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { // This method is called when multiple issues are reported for the same URL // path by the same extension-provided check. The value we return from this // method determines how/whether Burp consolidates the multiple issues // to prevent duplication // // Since the issue name is sufficient to identify our issues as different, // if both issues have the same name, only report the existing issue // otherwise report both issues if (existingIssue.getIssueName().equals(newIssue.getIssueName())) { return -1; } else { return 0; } } }
IHttpRequestResponse[] httpMessages = scanIssue.getHttpMessages(); if(httpMessages.length > 0) issue.issue = scanIssue.getIssueName(); if(httpMessages[0] instanceof IHttpRequestResponseWithMarkers)
/** * Check if the provided issue is in the configured falsePositives list. * * @param issue Issue found by the scanner * @return {@code true} if Issue is in the configured falsePositives list, otherwise {@code false} */ private boolean isFalsePositive(IScanIssue issue) { for (Issue falsePositive : config.getFalsePositives()) { if (falsePositive.getType() == issue.getIssueType() && issue.getUrl().getPath().matches(falsePositive.getPath())) { return true; } } return false; }
public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { if( existingIssue.getIssueDetail().equals(newIssue.getIssueDetail()) ) { return -1; } else { return 0; } }
@Override public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIssue) { if (existingIssue.getIssueName().equals(newIssue.getIssueName()) && existingIssue.getIssueDetail().equals(newIssue.getIssueDetail())) return -1; else return 0; } }
/** * * Verify for a specific protocol - host a specific * issue has been already detected * * @param callbacks IBurpExtenderCallbacks * @param vulnerabilityName vulnerability to check if it's present into the issues * @param protocol (http/https) * @param host the hostname * */ public static boolean isvulnerabilityFound(IBurpExtenderCallbacks callbacks, String vulnerabilityName, String protocol, String host) { IScanIssue[] allIssues; allIssues = callbacks.getScanIssues(protocol + "://" + host); for (IScanIssue a : allIssues) { if (a.getIssueName().contains(vulnerabilityName)) { return true; } } return false; } }