public static boolean isResponseNull(IHttpRequestResponse message){ try { int x = message.getResponse().length; return false; }catch(Exception e){ //stdout.println(e); return true; } }
@Override public byte[] getResponse() { return requestResponse.getResponse(); } }
/** * Get the response of the current message. * @return The response. */ @Override public byte[] getResponse() { return currentlyDisplayedItem.getResponse(); } }
@Override public byte[] getResponse() { return displayedItem.getResponse(); }
private boolean checkStringInResponse(IHttpRequestResponse messageInfo) { switch (this.matchRelationship) { case "Matches": return new String(messageInfo.getResponse()).contains(this.matchCondition); case "Does Not Match": return !(new String(messageInfo.getResponse()).contains(this.matchCondition)); case "Matches Regex": return Pattern.compile(this.matchCondition).matcher(new String(messageInfo.getResponse())).find(); default: return !(Pattern.compile(this.matchCondition).matcher(new String(messageInfo.getResponse())).find()); } }
public Attack(IHttpRequestResponse req, Probe probe, String payload, String anchor) { this.firstRequest = req; this.lastRequest = req; this.probe = probe; this.payload = payload; this.anchor = anchor; add(req.getResponse(), anchor); firstFingerprint = fingerprint; this.lastPrint = fingerprint; }
public Attack(IHttpRequestResponse req) { this.firstRequest = req; this.lastRequest = req; add(req.getResponse(), ""); firstFingerprint = fingerprint; this.lastPrint = fingerprint; }
public Attack(IHttpRequestResponse req) { this.firstRequest = req; this.lastRequest = req; add(req.getResponse(), ""); firstFingerprint = fingerprint; this.lastPrint = fingerprint; }
public Attack(IHttpRequestResponse req, Probe probe, String payload, String anchor) { this.firstRequest = req; this.lastRequest = req; this.probe = probe; this.payload = payload; this.anchor = anchor; add(req.getResponse(), anchor); firstFingerprint = fingerprint; this.lastPrint = fingerprint; }
private String getStringResponseBody(IHttpRequestResponse baseRequestResponse) { String response = null; try { response = new String(baseRequestResponse.getResponse(), "UTF-8"); response = response.substring(helpers.analyzeResponse(baseRequestResponse.getResponse()).getBodyOffset()); } catch (UnsupportedEncodingException e) { System.out.println("Error converting string"); } return response; }
static IHttpRequestResponse highlightRequestResponse(IHttpRequestResponse attack, String responseHighlight, String requestHighlight, IScannerInsertionPoint insertionPoint) { List<int[]> requestMarkers = new ArrayList<>(1); if (requestHighlight != null && requestHighlight.length() > 2) { requestMarkers.add(insertionPoint.getPayloadOffsets(requestHighlight.getBytes())); } List<int[]> responseMarkers = new ArrayList<>(1); if (responseHighlight != null) { responseMarkers = getMatches(attack.getResponse(), responseHighlight.getBytes(), -1); } attack = callbacks.applyMarkers(attack, requestMarkers, responseMarkers); return attack; }
static IHttpRequestResponse highlightRequestResponse(IHttpRequestResponse attack, String responseHighlight, String requestHighlight, IScannerInsertionPoint insertionPoint) { List<int[]> requestMarkers = new ArrayList<>(1); if (requestHighlight != null && requestHighlight.length() > 2) { requestMarkers.add(insertionPoint.getPayloadOffsets(requestHighlight.getBytes())); } List<int[]> responseMarkers = new ArrayList<>(1); if (responseHighlight != null) { responseMarkers = getMatches(attack.getResponse(), responseHighlight.getBytes(), -1); } attack = callbacks.applyMarkers(attack, requestMarkers, responseMarkers); return attack; }
public short getStatusCode(IHttpRequestResponse messageInfo) { IResponseInfo analyzedResponse = helpers.analyzeResponse(messageInfo.getResponse()); return analyzedResponse.getStatusCode(); } public List<IParameter> getParas(IHttpRequestResponse messageInfo){
private void processLoginPossibilities(IHttpRequestResponse httpRequestResponse) { final byte[] responseBytes = httpRequestResponse.getResponse(); IResponseInfo responseInfo = helpers.analyzeResponse(responseBytes); checkRequestForOpenIdLoginMetadata(responseInfo, httpRequestResponse); }
static IHttpRequestResponse fetchFromSitemap(URL url) { IHttpRequestResponse[] pages = callbacks.getSiteMap(sensibleURL(url)); for (IHttpRequestResponse page : pages) { if (page.getResponse() != null) { if (url.equals(getURL(page))) { return page; } } } return null; }
static IHttpRequestResponse fetchFromSitemap(URL url) { IHttpRequestResponse[] pages = callbacks.getSiteMap(sensibleURL(url)); for (IHttpRequestResponse page : pages) { if (page.getResponse() != null) { if (url.equals(getURL(page))) { return page; } } } return null; }
@Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { if (!messageIsRequest) { // Add the response body to the hashmap responseHashMap.put(messageInfo.getHttpService().getHost(), new Response(messageInfo.getResponse())); } } }
@Override public List<IScanIssue> doPassiveScan(IHttpRequestResponse baseRequestResponse) { // IRequestInfo requestInfo = helpers.analyzeRequest(baseRequestResponse.getRequest()); IResponseInfo responseInfo = helpers.analyzeResponse(baseRequestResponse.getResponse()); List<ContentSecurityPolicy> csp = BurpPolicyBuilder.buildFromResponse(responseInfo); List<CspIssue> cspIssues = HeaderValidation.validateCspConfig(csp); if(cspIssues.size() == 0) return new ArrayList<IScanIssue>(); return convertIssues(cspIssues,baseRequestResponse); }
public List<String> getHeaderList(boolean messageIsRequest,IHttpRequestResponse messageInfo) { if(messageIsRequest) { IRequestInfo analyzeRequest = helpers.analyzeRequest(messageInfo); List<String> headers = analyzeRequest.getHeaders(); return headers; }else { IResponseInfo analyzeResponse = helpers.analyzeResponse(messageInfo.getResponse()); List<String> headers = analyzeResponse.getHeaders(); return headers; } }
private HashSet<String> recordHandling(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String probe) { String leftAnchor = Utilities.randomString(3); String middleAnchor = "z"+Integer.toString(Utilities.rnd.nextInt(9)); String rightAnchor = "z"+Utilities.randomString(3); String payload = leftAnchor + "\\\\" + middleAnchor + probe + rightAnchor; IHttpRequestResponse attack = callbacks.makeHttpRequest( baseRequestResponse.getHttpService(), insertionPoint.buildRequest(payload.getBytes())); // Utilities.buildRequest(baseRequestResponse, insertionPoint, payload) return getTransformationResults(leftAnchor + "\\" + middleAnchor, rightAnchor, helpers.stringToBytes(helpers.bytesToString(Utilities.filterResponse(attack.getResponse())))); }