public static void doActiveScan(IHttpRequestResponse req, int[] offsets) { String host = helpers.analyzeRequest(req).getUrl().getHost(); int port = helpers.analyzeRequest(req).getUrl().getPort(); boolean useHTTPS = helpers.analyzeRequest(req).getUrl().toString().startsWith("https"); ArrayList<int[]> offsetList = new ArrayList<>(); offsetList.add(offsets); try { callbacks.doActiveScan( host, port, useHTTPS, req.getRequest(), offsetList ); } catch (IllegalArgumentException e) { Utilities.err("Couldn't scan, bad insertion points: "+Arrays.toString(offsetList.get(0))); } }
IScanQueueItem item = callbacks.doActiveScan(url.getHost(), url.getPort(), url.getProtocol().equals("https"), requestResponse.getRequest()); log.info("URL has been sent to scan: " + callbacks.getHelpers().analyzeRequest(requestResponse).getUrl()); scanQueueItems.add(item);
private void sendToScanner(IBurpExtenderCallbacks callbacks, String url) { IHttpRequestResponse[] responses = callbacks.getSiteMap(url); for (IHttpRequestResponse response : responses) { IHttpService service = response.getHttpService(); boolean useHttps = service.getProtocol().equalsIgnoreCase("https"); callbacks.doActiveScan(service.getHost(), service.getPort(), useHttps, response.getRequest()); } }
public void launchTask(WorkTarget next) { IHttpRequestResponse itemToScanNext = next.req; IHttpService service = itemToScanNext.getHttpService(); boolean using_https = service.getProtocol().equals("https"); String host = service.getHost(); IScanQueueItem scanItem = callbacks.doActiveScan(host, service.getPort(), using_https, itemToScanNext.getRequest(), next.offsets); // Utilities.log("Launched scan on "+itemToScanNext.getHttpService().getHost()); if (Utilities.THROTTLE_SCANITEM_CREATION) { while ( scanItem.getStatus().equals("waiting")) { try { Thread.sleep(50); } catch (InterruptedException z) { Utilities.log("Scan feed interrupted, aborting"); return; } } } }
ret = callbacks.doActiveScan(message.getHttpService().getHost(), message.getHttpService().getPort(), (message.getHttpService().getProtocol().equals("http") ? false : true), requestString.getBytes(), insertionPointCoupledIndexes); ret = callbacks.doActiveScan(message.getHttpService().getHost(), message.getHttpService().getPort(), (message.getHttpService().getProtocol().equals("http") ? false : true), requestString.getBytes());
/** * Send the request to the Burp Scanner tool to perform an active vulnerability scan. * * @param messageInfo Details of the request / response to be processed. * Extensions can call the setter methods on this object to update the current message and so modify Burp's behavior. */ private void sendToScanner(IHttpRequestResponse messageInfo) { IHttpService httpService = messageInfo.getHttpService(); boolean serviceIsHttps = "https".equals(httpService.getProtocol()); URL url = helpers.analyzeRequest(messageInfo).getUrl(); if (callbacks.isInScope(url) && !config.getExclusions().contains(url)) { log("Sending URL to scanner: " + url); IScanQueueItem scanQueueItem = callbacks.doActiveScan(httpService.getHost(), httpService.getPort(), serviceIsHttps, messageInfo.getRequest()); scanQueueItems.add(scanQueueItem); } else if (verbose) { log("Skipping URL: " + url); } }
IScanQueueItem scan = callbacks.doActiveScan( extConfig.getInitialURL().getHost(), extConfig.getInitialURL().getPort() == -1 ? extConfig.getInitialURL().getDefaultPort() : extConfig.getInitialURL().getPort(),
IScanQueueItem scan = callbacks.doActiveScan( extConfig.getInitialURL().getHost(), extConfig.getInitialURL().getPort() == -1 ? extConfig.getInitialURL().getDefaultPort() : extConfig.getInitialURL().getPort(),
.getValueAt(row, tab.getTable().getColumn("#").getModelIndex()); HttpRequestResponse httpRequestResponse = this.httpRequestResponses.get(index); callbacks.doActiveScan(httpRequestResponse.getHttpService().getHost(), httpRequestResponse.getHttpService().getPort(), httpRequestResponse.isUseHttps(), httpRequestResponse.getRequest()