@Override public URL getUrl() { return helpers.analyzeRequest(baseRequestResponse).getUrl(); }
@Override public String getIssueName() { return hasVulnerabilities() ? "[Vulners] Vulnerable Software detected" : "[Vulners] Software detected"; }
@Override public IHttpRequestResponse[] getHttpMessages() { return new IHttpRequestResponse[]{callbacks.applyMarkers(baseRequestResponse, null, null)}; }
@Override public List<IScanIssue> doPassiveScan(IHttpRequestResponse baseRequestResponse) { List<IScanIssue> issues = super.doPassiveScan(baseRequestResponse); URL url = helpers.analyzeRequest(baseRequestResponse).getUrl(); /* * Here we check possible vulnerabilities related on request path */ if ((tabComponent.getCbxPathScanInScope().isSelected() && !callbacks.isInScope(url)) || !tabComponent.getCbxPathSearch().isSelected()) { return issues; } String domainName = url.getHost(); String path = url.getPath(); Domain domain = domains.get(domainName); if (domain == null) { domains.put(domainName, domain = new Domain()); } if (!domain.getPaths().containsKey(path)) { callbacks.printOutput("[Vulners] adding new path '" + path + "' for domain " + domainName); domain.getPaths().put(path, null); vulnersService.checkURLPath(domainName, path, baseRequestResponse); } return issues; }
@Override public IHttpService getHttpService() { return baseRequestResponse.getHttpService(); }
@Override public void onFail(JSONObject error) { // update gui component tabComponent.getSoftwareTable().refreshTable(domains, tabComponent.getCbxSoftwareShowVuln().isSelected()); callbacks.addScanIssue(new SoftwareIssue( baseRequestResponse, helpers, callbacks, startStop, domains.get(domainName).getSoftware().get(software.getKey()) )); } });
@Override public void onScannerSuccess(Set<Vulnerability> vulnerabilities) { // update cache domains.get(domainName) .getPaths() .put(path, vulnerabilities); // update gui component tabComponent.getPathsTable().getDefaultModel().addRow(new Object[]{ domainName, path, Utils.getMaxScore(vulnerabilities), Utils.getVulnersList(vulnerabilities) }); // add Burp issue callbacks.addScanIssue(new PathIssue( baseRequestResponse, helpers, callbacks, path, vulnerabilities )); } });
/** * Rise on error returned or no vulnerabilities found */ public void onFail(JSONObject responseData) { callbacks.printError(responseData.getString("error")); };
@Override protected void initPassiveScan() { extensionName = "Software Vulnerability Scanner"; settingsNamespace = "VULNERS_"; BurpSuiteTab mTab = new BurpSuiteTab("Software Vulnerability Scanner", callbacks); this.tabComponent = new TabComponent(this, callbacks, domains); mTab.addComponent(tabComponent.getRootPanel()); vulnersService = new VulnersService(this, callbacks, helpers, domains, tabComponent); vulnersService.loadRules(); }
@Override public String getIssueDetail() { return hasVulnerabilities() ? getVulnerableIssue() : getClearIssue(); }
@Override protected IScanIssue getScanIssue(IHttpRequestResponse baseRequestResponse, List<ScannerMatch> matches, List<int[]> startStop) { return new SoftwareIssue(baseRequestResponse, helpers, callbacks, startStop, new Software("", "", "", "", "")); //TODO }
public void onSuccess(JSONObject data) { JSONArray bulletins = data.getJSONArray("search"); Set<Vulnerability> vulnerabilities = new HashSet<>(); for (Object bulletin : bulletins) { vulnerabilities.add( new Vulnerability(((JSONObject) bulletin).getJSONObject("_source")) ); } onScannerSuccess(vulnerabilities); }
public static CloseableHttpAsyncClient createSSLClient() { return createSSLClient(null); }
@Override public void changedUpdate(DocumentEvent e) { if (cbxProxyEnabled.isSelected()) { VulnersService.buildHttpClient(tbxProxyHost.getText(), tbxProxyPort.getText()); } } };
@Override public URL getUrl() { return helpers.analyzeRequest(baseRequestResponse).getUrl(); }
@Override public IHttpService getHttpService() { return baseRequestResponse.getHttpService(); }
@Override public IHttpRequestResponse[] getHttpMessages() { return new IHttpRequestResponse[]{callbacks.applyMarkers(baseRequestResponse, null, startStop)}; }
public VulnersService(BurpExtender burpExtender, IBurpExtenderCallbacks callbacks, IExtensionHelpers helpers, Map<String, Domain> domains, TabComponent tabComponent) { this.burpExtender = burpExtender; this.callbacks = callbacks; this.helpers = helpers; this.domains = domains; this.tabComponent = tabComponent; this.rateLimiter = RateLimiter.create(4.0); // Count of max RPS Unirest.setDefaultHeader("user-agent", "vulners-burpscanner-v-1.1"); Unirest.setAsyncHttpClient(HttpClient.createSSLClient()); }
public void actionPerformed(ActionEvent e) { boolean proxyEnabled = cbxProxyEnabled.isSelected(); VulnersService.buildHttpClient( proxyEnabled ? tbxProxyHost.getText() : "", proxyEnabled ? tbxProxyPort.getText() : "" ); } };