public void actionPerformed(ActionEvent e) { boolean proxyEnabled = cbxProxyEnabled.isSelected(); VulnersService.buildHttpClient( proxyEnabled ? tbxProxyHost.getText() : "", proxyEnabled ? tbxProxyPort.getText() : "" ); } };
@Override protected void initPassiveScan() { extensionName = "Software Vulnerability Scanner"; settingsNamespace = "VULNERS_"; BurpSuiteTab mTab = new BurpSuiteTab("Software Vulnerability Scanner", callbacks); this.tabComponent = new TabComponent(this, callbacks, domains); mTab.addComponent(tabComponent.getRootPanel()); vulnersService = new VulnersService(this, callbacks, helpers, domains, tabComponent); vulnersService.loadRules(); }
@Override public List<IScanIssue> doPassiveScan(IHttpRequestResponse baseRequestResponse) { List<IScanIssue> issues = super.doPassiveScan(baseRequestResponse); URL url = helpers.analyzeRequest(baseRequestResponse).getUrl(); /* * Here we check possible vulnerabilities related on request path */ if ((tabComponent.getCbxPathScanInScope().isSelected() && !callbacks.isInScope(url)) || !tabComponent.getCbxPathSearch().isSelected()) { return issues; } String domainName = url.getHost(); String path = url.getPath(); Domain domain = domains.get(domainName); if (domain == null) { domains.put(domainName, domain = new Domain()); } if (!domain.getPaths().containsKey(path)) { callbacks.printOutput("[Vulners] adding new path '" + path + "' for domain " + domainName); domain.getPaths().put(path, null); vulnersService.checkURLPath(domainName, path, baseRequestResponse); } return issues; }
vulnersService.checkSoftware(domainName, software, baseRequestResponse, startStop);
@Override public void changedUpdate(DocumentEvent e) { if (cbxProxyEnabled.isSelected()) { VulnersService.buildHttpClient(tbxProxyHost.getText(), tbxProxyPort.getText()); } } };