@Override public URL getUrl() { return helpers.analyzeRequest(baseRequestResponse).getUrl(); }
@Override public URL getUrl() { return helpers.analyzeRequest(baseRequestResponse).getUrl(); }
@Override public List<IScanIssue> doPassiveScan(IHttpRequestResponse baseRequestResponse) { List<IScanIssue> issues = super.doPassiveScan(baseRequestResponse); URL url = helpers.analyzeRequest(baseRequestResponse).getUrl(); /* * Here we check possible vulnerabilities related on request path */ if ((tabComponent.getCbxPathScanInScope().isSelected() && !callbacks.isInScope(url)) || !tabComponent.getCbxPathSearch().isSelected()) { return issues; } String domainName = url.getHost(); String path = url.getPath(); Domain domain = domains.get(domainName); if (domain == null) { domains.put(domainName, domain = new Domain()); } if (!domain.getPaths().containsKey(path)) { callbacks.printOutput("[Vulners] adding new path '" + path + "' for domain " + domainName); domain.getPaths().put(path, null); vulnersService.checkURLPath(domainName, path, baseRequestResponse); } return issues; }
String domainName = helpers.analyzeRequest(baseRequestResponse).getUrl().getHost(); List<int[]> startStop = new ArrayList<>(1); callbacks.printOutput("[Vulners] Processing issues for: " + domainName);
private void addURL(IRequestInfo requestInfo) { String externalForm = requestInfo.getUrl().toExternalForm(); int paramStart = externalForm.indexOf('?'); if (paramStart == -1) { uniqueURLs.add(externalForm); } else{ uniqueURLs.add(externalForm.substring(0, paramStart)); } }
public URL getURL(IHttpRequestResponse messageInfo){ IRequestInfo analyzeRequest = helpers.analyzeRequest(messageInfo); return analyzeRequest.getUrl(); //callbacks.getHelpers().analyzeRequest(baseRequestResponse).getUrl(); }
@Override public URL getUrl() { return helpers.analyzeRequest(requestResponse).getUrl(); }
public URL getUrl() { return helpers.analyzeRequest(reqres).getUrl(); }
private boolean checkUrl(IHttpRequestResponse messageInfo) { IRequestInfo analyzedRequest = BurpExtender.getHelpers().analyzeRequest(messageInfo); switch (this.matchRelationship) { case "Is In Scope": return BurpExtender.getCallbacks().isInScope(analyzedRequest.getUrl()); case "Matches": return analyzedRequest.getUrl().toString().matches(this.matchCondition); default: return !analyzedRequest.getUrl().toString().matches(this.matchCondition); } }
@Override public URL getUrl() { return helpers.analyzeRequest(requestResponse).getUrl(); }
public static void doActiveScan(IHttpRequestResponse req, int[] offsets) { String host = helpers.analyzeRequest(req).getUrl().getHost(); int port = helpers.analyzeRequest(req).getUrl().getPort(); boolean useHTTPS = helpers.analyzeRequest(req).getUrl().toString().startsWith("https"); ArrayList<int[]> offsetList = new ArrayList<>(); offsetList.add(offsets); try { callbacks.doActiveScan( host, port, useHTTPS, req.getRequest(), offsetList ); } catch (IllegalArgumentException e) { Utilities.err("Couldn't scan, bad insertion points: "+Arrays.toString(offsetList.get(0))); } }
private boolean checkFileExtension(IHttpRequestResponse messageInfo) { IRequestInfo analyzedRequest = BurpExtender.getHelpers().analyzeRequest(messageInfo); String fileExtension = Files.getFileExtension(analyzedRequest.getUrl().toString()); switch (this.matchRelationship) { case "Matches": return fileExtension.matches(this.matchCondition); default: return !fileExtension.matches(this.matchCondition); } }
private void addOrAppendResult(ParamInstance paramInstance, String resultText) { if(resultsMap.containsKey(paramInstance)) { String message = resultsMap.get(paramInstance)+"\n\n"+resultText; resultsMap.put(paramInstance, message); }else { IRequestInfo info = callbacks.getHelpers().analyzeRequest(paramInstance.getMessage()); URL url = info.getUrl(); resultsMap.put(paramInstance, resultText+"\n\n"+paramInstance.describe()+"\nURL: "+url); } }
@Override public void refreshDomains() { Log.debug("Refreshing the domain list"); IHttpRequestResponse[] reqResponses = callbacks.getProxyHistory(); SortedSet<String> hosts = new TreeSet<>(); for (IHttpRequestResponse reqResp : reqResponses) { IRequestInfo reqInfo = helpers.analyzeRequest(reqResp.getHttpService(), reqResp.getRequest()); hosts.add(reqInfo.getUrl().getProtocol() + "://" + reqInfo.getUrl().getHost()); } // for (String h : hosts) { // Log.debug(h); // } panel.addDomains(hosts); }
@Override public void actionPerformed(ActionEvent e) { try { Object selected = listMatches.getSelectedValue(); if (selected != null && selected instanceof ParamInstance) { IRequestInfo info = callbacks.getHelpers().analyzeRequest(((ParamInstance) selected).getMessage()); URL url = info.getUrl(); callbacks.sendToRepeater(url.getHost(), url.getPort(), url.getProtocol().toLowerCase().endsWith("s"), ((ParamInstance) selected).getMessage().getRequest(), title + "." + listMatches.getSelectedIndex()); } } catch (Throwable t) { callbacks.printError(t.getMessage()); } }
private SSOProtocol checkRequestForBrowserId(IRequestInfo requestInfo, IHttpRequestResponse httpRequestResponse) { final List<IParameter> parameterList = requestInfo.getParameters(); String host = requestInfo.getUrl().getHost(); if(host.contains("persona.org")){ if (parameterListContainsParameterName(parameterList, IN_REQUEST_BROWSERID_PARAMETER)) { markRequestResponse(httpRequestResponse, "BrowserID", HIGHLIGHT_COLOR); return new BrowserID(httpRequestResponse, "BrowserID", callbacks); } } return null; }
private URL hrrToUrl(IHttpRequestResponse baseRequestResponse) { IRequestInfo ri = helpers.analyzeRequest(baseRequestResponse.getHttpService(), baseRequestResponse.getRequest()); return ri.getUrl(); }
/** * {@inheritDoc} */ @Override public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessage message) { if (verbose && messageIsRequest) { IRequestInfo requestInfo = callbacks.getHelpers().analyzeRequest(message.getMessageInfo()); log("Proxy request to " + requestInfo.getUrl()); } }
private IScanIssue reportIssue(String payload, IHttpRequestResponse sentRequestResponse, IBurpCollaboratorInteraction collaboratorInteraction) { IHttpRequestResponse[] httpMessages = new IHttpRequestResponse[]{callbacks.applyMarkers(sentRequestResponse, buildRequestHighlights(payload, sentRequestResponse), Collections.emptyList())}; String issueDetail = buildIssueDetail(payload, collaboratorInteraction); return new CustomScanIssue(sentRequestResponse.getHttpService(), helpers.analyzeRequest(sentRequestResponse).getUrl(), httpMessages, issueDetail, ISSUE_TYPE, ISSUE_NAME, SEVERITY, CONFIDENCE, "", ISSUE_BACKGROUND, REMEDIATION_BACKGROUND); }
boolean matchesRequest(IRequestInfo request) throws JSONException { return isEnabled() && matchesTool("Extender") && matchesIParams(request.getParameters()) && matchesUrl(request.getUrl()); }