From 7dedff09ba216c6252f213908f15f2560e2fa500 Mon Sep 17 00:00:00 2001 From: F6JO <64877810+F6JO@users.noreply.github.com> Date: Tue, 18 Oct 2022 16:17:31 +0800 Subject: [PATCH] Upload 1.3 --- src/main/java/burp/Bfunc.java | 88 ++++++--- src/main/java/burp/BurpExtender.java | 44 ++--- src/main/java/burp/Config.java | 184 +++++++++++++----- src/main/java/burp/TabTitleEditListener.java | 186 +++++++++++++++++++ src/main/java/burp/View.java | 96 +++++++--- src/main/java/func/init_Yaml_thread.java | 10 +- src/main/java/func/threads.java | 73 ++++---- src/main/java/func/vulscan.java | 4 +- src/main/java/yaml/YamlUtil.java | 4 +- 9 files changed, 522 insertions(+), 167 deletions(-) create mode 100644 src/main/java/burp/TabTitleEditListener.java diff --git a/src/main/java/burp/Bfunc.java b/src/main/java/burp/Bfunc.java index 4be2299..3271e44 100644 --- a/src/main/java/burp/Bfunc.java +++ b/src/main/java/burp/Bfunc.java @@ -1,40 +1,82 @@ package burp; - - - import yaml.YamlUtil; +import javax.swing.*; +import java.util.Hashtable; import java.util.List; import java.util.Map; public class Bfunc { - public static void show_yaml(View view_class, List log, String path){ - - synchronized (log) { - log.clear(); - int row = log.size(); - Map Dict_Yaml = YamlUtil.readYaml(path); - List> rule_list = (List>) Dict_Yaml.get("Load_List"); - for (Map zidian : rule_list){ - String id = String.valueOf(zidian.get("id")); - String name = (String) zidian.get("name"); - String url = (String) zidian.get("url"); - String re = (String) zidian.get("re"); - String info = (String) zidian.get("info"); - String state = (String) zidian.get("state"); - String method = (String) zidian.get("method"); - log.add(new View.LogEntry(id,name,method,url,re,info,state)); - view_class.fireTableRowsInserted(row, row); + public static Map Get_Views() { + Map views = new Hashtable(); + Map jieguo = YamlUtil.readYaml(BurpExtender.Yaml_Path); + List> rule_list = (List>) jieguo.get("Load_List"); + for (Map zidian : rule_list) { + String type = (String) zidian.get("type"); + String id = String.valueOf(zidian.get("id")); + boolean loaded = Boolean.parseBoolean(String.valueOf(zidian.get("loaded"))); + String name = (String) zidian.get("name"); + String url = (String) zidian.get("url"); + String re = (String) zidian.get("re"); + String info = (String) zidian.get("info"); + String state = (String) zidian.get("state"); + String method = (String) zidian.get("method"); + if (views.containsKey(type)) { + View view_one = views.get(type); + view_one.log.add(new View.LogEntry(id, type, loaded, name, method, url, re, info, state)); + views.put(type, view_one); + } else { + View view_one = new View(); + view_one.log.add(new View.LogEntry(id, type, loaded, name, method, url, re, info, state)); + views.put(type, view_one); } + } + return views; + } - + public static void show_yaml_view(BurpExtender burp, View view,String type) { + if (view == null){ + show_yaml(burp); + }else { + List log = view.log; + synchronized (log) { + log.clear(); + int row = log.size(); + Map Dict_Yaml = YamlUtil.readYaml(BurpExtender.Yaml_Path); + List> rule_list = (List>) Dict_Yaml.get("Load_List"); + for (Map zidian : rule_list) { + String type2 = String.valueOf(zidian.get("type")); + if (type2.equals(type)) { + String id = String.valueOf(zidian.get("id")); + boolean loaded = Boolean.parseBoolean(String.valueOf(zidian.get("loaded"))); + String name = (String) zidian.get("name"); + String url = (String) zidian.get("url"); + String re = (String) zidian.get("re"); + String info = (String) zidian.get("info"); + String state = (String) zidian.get("state"); + String method = (String) zidian.get("method"); + log.add(new View.LogEntry(id, type, loaded, name, method, url, re, info, state)); + view.fireTableRowsInserted(row, row); + } + } + } + burp.views = Get_Views(); } - } + public static void show_yaml (BurpExtender burp){ + burp.views = Get_Views(); + burp.Config_l.ruleTabbedPane.removeAll(); + for (String key : burp.views.keySet()) { + burp.Config_l.ruleTabbedPane.addTab(key, burp.views.get(key).Get_View()); + } + burp.Config_l.ruleTabbedPane.addTab("...", new JLabel()); + + + } -} + } diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java index a0f1662..8f041e5 100644 --- a/src/main/java/burp/BurpExtender.java +++ b/src/main/java/burp/BurpExtender.java @@ -30,8 +30,6 @@ public class BurpExtender implements IBurpExtender, IScannerCheck, IContextMenuF private UrlRepeat urlC; public Collection history_url = new LinkedList(); public static String EXPAND_NAME = "Route Vulnerable Scanning"; - public View view_class; - public List log; public Config Config_l; public ExecutorService ThreadPool; public boolean Carry_head = false; @@ -40,33 +38,35 @@ public class BurpExtender implements IBurpExtender, IScannerCheck, IContextMenuF public static String Download_Yaml_host = "raw.githubusercontent.com"; public static int Download_Yaml_port = 443; public static String Download_Yaml_file = "/F6JO/RouteVulScan/main/Config_yaml.yaml"; -// public boolean on_off = true; + public Map views; public JTextField Host_txtfield; + + + public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) { + if (!new File(Yaml_Path).exists()) { + Map x = new HashMap(); + Collection list1 = new ArrayList(); + x.put("Load_List", list1); + YamlUtil.writeYaml(x, Yaml_Path); + } this.call = callbacks; this.help = call.getHelpers(); - this.view_class = new View(); this.DomainName = new DomainNameRepeat(); this.urlC = new UrlRepeat(); - this.log = this.view_class.log; - this.Config_l = new Config(view_class, log,this); + this.Config_l = new Config(this); this.tags = new Tags(callbacks, Config_l); - if (!new File(Yaml_Path).exists()) { - Map x = new HashMap(); - Collection list1 = new ArrayList(); - x.put("Load_List",list1); - YamlUtil.writeYaml(x,Yaml_Path); - } - Bfunc.show_yaml(view_class, log, Yaml_Path); + this.views = Bfunc.Get_Views(); call.printOutput("@Info: Loading RouteVulScan success"); - call.printOutput("@Version: RouteVulScan 1.2"); + call.printOutput("@Version: RouteVulScan 1.3"); call.printOutput("@From: Code by F6JO"); call.printOutput("@Github: https://github.com/F6JO/RouteVulScan"); call.setExtensionName(EXPAND_NAME); call.registerScannerCheck(this); call.registerContextMenuFactory(this); + } public List doPassiveScan(IHttpRequestResponse baseRequestResponse) { @@ -98,12 +98,12 @@ public List doPassiveScan(IHttpRequestResponse baseRequestResponse) } catch (MalformedURLException e3) { throw new RuntimeException(e3); } - }else { + } else { return IssueList; } - }else { + } else { return IssueList; } } @@ -129,8 +129,6 @@ public List createMenuItems(IContextMenuInvocation invocation) { } - - class Right_click_monitor implements ActionListener { private IContextMenuInvocation invocation; private BurpExtender burp; @@ -147,10 +145,10 @@ public void actionPerformed(ActionEvent e) { for (IHttpRequestResponse i : RequestResponses) { try { IHttpService Http_Service = i.getHttpService(); - IRequestInfo RequestInfo = burp.help.analyzeRequest(Http_Service,i.getRequest()); + IRequestInfo RequestInfo = burp.help.analyzeRequest(Http_Service, i.getRequest()); String host_url = RequestInfo.getUrl().getProtocol() + "://" + RequestInfo.getUrl().getHost(); IHttpRequestResponse[] aaaa = burp.call.getSiteMap(host_url); - for (IHttpRequestResponse xxx : aaaa){ + for (IHttpRequestResponse xxx : aaaa) { String Root_Url = Http_Service.getProtocol() + "://" + Http_Service.getHost() + ":" + String.valueOf(Http_Service.getPort()); URL url = new URL(Root_Url + burp.help.analyzeRequest(xxx).getUrl().getPath()); BurpAnalyzedRequest Root_Request = new BurpAnalyzedRequest(burp.call, xxx); @@ -158,17 +156,11 @@ public void actionPerformed(ActionEvent e) { send.start(); } -// String Root_Url = Http_Service.getProtocol() + "://" + Http_Service.getHost() + ":" + String.valueOf(Http_Service.getPort()); -// URL url = new URL(Root_Url + burp.help.analyzeRequest(i).getUrl().getPath()); -// BurpAnalyzedRequest Root_Request = new BurpAnalyzedRequest(burp.call, i); -// start_send send = new start_send(burp, Root_Request); -// send.start(); } catch (Exception exception) { exception.printStackTrace(); } } -// burp.call.printOutput(String.valueOf(RequestResponses[0])); } } diff --git a/src/main/java/burp/Config.java b/src/main/java/burp/Config.java index 2674b2e..91ebbb5 100644 --- a/src/main/java/burp/Config.java +++ b/src/main/java/burp/Config.java @@ -15,15 +15,95 @@ public class Config { private JPanel one; private JTextField txtfield1; public String yaml_path = BurpExtender.Yaml_Path; - private View view_class; - private List log; public JSpinner spinner1; private BurpExtender burp; + public JTabbedPane ruleTabbedPane; + public TabTitleEditListener ruleSwitch; + protected static JPopupMenu tabMenu = new JPopupMenu(); + private JMenuItem closeTabMenuItem = new JMenuItem("Delete"); + private static int RulesInt = 0; + + public static String new_Rules() { + RulesInt += 1; + return "New " + RulesInt; + } + + public void newTab() { + Object[][] data = new Object[][]{{false, "New Name", "(New Regex)", "gray", "any", "nfa", false}}; + insertTab(ruleTabbedPane, Config.new_Rules(), data); + } + + public void insertTab(JTabbedPane pane, String title, Object[][] data) { + pane.addTab(title, new JLabel()); + pane.remove(pane.getSelectedIndex()); + pane.addTab("...", new JLabel()); + } + + public void closeTabActionPerformed(ActionEvent e) { + + if (ruleTabbedPane.getTabCount() > 2) { + Dialog frame = new JDialog();//构造一个新的JFrame,作为新窗口。 + frame.setBounds( + new Rectangle( + // 让新窗口与SwingTest窗口示例错开50像素。 + 620, + 300, + // 窗口总大小-500像素 + 200, + 100 + ) + ); + + + JPanel xin = new JPanel(); + xin.setLayout(null); + + JLabel Tips = new JLabel("Are you sure you want to delete"); + Tips.setBounds(20, 10, 200, 20); + xin.add(Tips); + + // Ok + JButton Ok_button = new JButton("Yes"); + Ok_button.setBounds(120, 40, 60, 20); + xin.add(Ok_button); + Ok_button.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + String type = ruleTabbedPane.getTitleAt(ruleTabbedPane.getSelectedIndex()); + View Remove_view = burp.views.get(type); + for (View.LogEntry l:Remove_view.log){ + YamlUtil.removeYaml(l.id,BurpExtender.Yaml_Path); + } + frame.dispose(); + + } + }); - public Config(View view_class, List log,BurpExtender burp) { - this.view_class = view_class; - this.log = log; + // no + JButton No_button = new JButton("NO"); + No_button.setBounds(30, 40, 60, 20); + xin.add(No_button); + No_button.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + frame.dispose(); + + } + }); + + + ((JDialog) frame).getContentPane().add(xin); + frame.setModalityType(Dialog.ModalityType.APPLICATION_MODAL); // 设置模式类型。 + frame.setVisible(true); + ruleTabbedPane.remove(ruleTabbedPane.getSelectedIndex()); + + } + } + + public Config(BurpExtender burp) { + tabMenu.add(closeTabMenuItem); + closeTabMenuItem.addActionListener(e -> closeTabActionPerformed(e)); this.burp = burp; } @@ -40,11 +120,8 @@ public Config(View view_class, List log,BurpExtender burp) { one.setBounds(0, 0, 1180, 500); - - // Yaml File Path 文本展示框 JLabel yaml_Path = new JLabel("Yaml File Path:"); -// yaml_Path.setBounds(5, -10, 100, 50); yaml_Path.setBounds(5, 20, 100, 50); // 展示路径 @@ -62,40 +139,43 @@ public Config(View view_class, List log,BurpExtender burp) { // load 按钮 JButton load_button = new JButton("Load Yaml"); load_button.setBounds(980, 34, 87, 23); - load_button_Yaml(load_button, view_class, log, txtfield1); + load_button_Yaml(load_button); // 线程选择 JLabel thread_num = new JLabel("Thread Numbers:"); thread_num.setBounds(1074, 20, 100, 50); - SpinnerNumberModel model1 = new SpinnerNumberModel(10, 1, 500, 5); + SpinnerNumberModel model1 = new SpinnerNumberModel(10, 1, 500, 3); this.spinner1 = new JSpinner(model1); ((JSpinner.DefaultEditor) this.spinner1.getEditor()).getTextField().setEditable(false); this.spinner1.setBounds(1168, 34, 100, 23); - - // add按钮 JButton add_button = new JButton("Add"); add_button.setBounds(5, 75, 70, 23); - Add_Button_Yaml(add_button, yaml_path, view_class, log); + Add_Button_Yaml(add_button, yaml_path); // Edit按钮 JButton edit_button = new JButton("Edit"); edit_button.setBounds(5, 100, 70, 23); - Edit_Button_Yaml(edit_button,yaml_path,view_class,log); +// Edit_Button_Yaml(edit_button,yaml_path,view_class,log); + Edit_Button_Yaml(edit_button, yaml_path); // Del按钮 JButton remove_button = new JButton("Del"); remove_button.setBounds(5, 125, 70, 23); - Del_Button_Yaml(remove_button,yaml_path,view_class,log); + Del_Button_Yaml(remove_button, yaml_path); - // 展示界面 - JSplitPane view = this.view_class.Get_View(); - view.setBounds(80, 60, 1185, 740); // 80 + // 展示界面容器 + ruleTabbedPane = new JTabbedPane(); + this.ruleSwitch = new TabTitleEditListener(ruleTabbedPane, this.burp); + ruleTabbedPane.setBounds(80, 60, 1185, 740); + Bfunc.show_yaml(burp); + ruleTabbedPane.addMouseListener(ruleSwitch); + // Switch 文本展示框 JLabel Expansion_switch = new JLabel("Extend Switch:"); @@ -107,7 +187,7 @@ public Config(View view_class, List log,BurpExtender burp) { on_off_button.setBounds(110, 5, 70, 23); Color Primary = on_off_button.getBackground(); // on_off_button.setBackground(Color.green); - on_off_Button_action(on_off_button,Primary); + on_off_Button_action(on_off_button, Primary); // Switch 文本展示框 JLabel Carry_head = new JLabel("Carry Head:"); @@ -116,7 +196,7 @@ public Config(View view_class, List log,BurpExtender burp) { // 携带head按钮 JButton carry_head_button = new JButton("Head_On"); carry_head_button.setBounds(329, 5, 90, 23); - carry_head_Button_action(carry_head_button,Primary); + carry_head_Button_action(carry_head_button, Primary); // Filter_Host 文本展示框 JLabel Filter_Host = new JLabel("Filter_Host:"); @@ -129,7 +209,6 @@ public Config(View view_class, List log,BurpExtender burp) { burp.Host_txtfield = Host_txtfield; - // 添加到主面板 one.add(yaml_Path); one.add(txtfield1); @@ -138,7 +217,7 @@ public Config(View view_class, List log,BurpExtender burp) { one.add(add_button); one.add(edit_button); one.add(remove_button); - one.add(view); + one.add(ruleTabbedPane); one.add(thread_num); one.add(spinner1); one.add(Expansion_switch); @@ -151,16 +230,16 @@ public Config(View view_class, List log,BurpExtender burp) { } - private void carry_head_Button_action(JButton Button_one,Color Primary) { + private void carry_head_Button_action(JButton Button_one, Color Primary) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - if (burp.Carry_head){ + if (burp.Carry_head) { burp.Carry_head = false; Button_one.setText("Head_On"); Button_one.setBackground(Primary); - }else { + } else { burp.Carry_head = true; Button_one.setText("Head_Off"); Button_one.setBackground(Color.green); @@ -171,19 +250,16 @@ public void actionPerformed(ActionEvent e) { } - - - - private void on_off_Button_action(JButton Button_one,Color Primary) { + private void on_off_Button_action(JButton Button_one, Color Primary) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - if (burp.on_off){ + if (burp.on_off) { burp.on_off = false; Button_one.setText("Start"); Button_one.setBackground(Primary); - }else { + } else { burp.on_off = true; Button_one.setText("Stop"); Button_one.setBackground(Color.green); @@ -194,23 +270,19 @@ public void actionPerformed(ActionEvent e) { } - private void Online_Update_Yaml(JButton Button_one) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - YamlUtil.init_Yaml(burp,view_class,log, txtfield1,one); + YamlUtil.init_Yaml(burp, one); } }); } - - - - private void Edit_Button_Yaml(JButton Button_one, String yaml_path1, View view_class, List log2) { + private void Edit_Button_Yaml(JButton Button_one, String yaml_path1) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { @@ -225,6 +297,8 @@ public void actionPerformed(ActionEvent e) { 300 ) ); + String type = ruleTabbedPane.getTitleAt(ruleTabbedPane.getSelectedIndex()); + View view_class = burp.views.get(type); JPanel xin = new JPanel(); xin.setLayout(null); @@ -240,7 +314,7 @@ public void actionPerformed(ActionEvent e) { // Method JLabel Method_field = new JLabel("Method :"); // JTextField Method_text = new JTextField(); - JComboBox Method_text=new JComboBox(); //创建JComboBox + JComboBox Method_text = new JComboBox(); //创建JComboBox Method_text.addItem("GET"); //向下拉列表中添加一项 Method_text.addItem("POST"); //向下拉列表中添加一项 Method_text.setSelectedItem(view_class.Choice.method); @@ -300,6 +374,8 @@ public void actionPerformed(ActionEvent e) { String state = State_text.getText(); Map add_map = new HashMap(); add_map.put("id", Integer.parseInt(view_class.Choice.id)); + add_map.put("type", type); + add_map.put("loaded", view_class.Choice.loaded); add_map.put("name", name); add_map.put("method", method); add_map.put("url", url); @@ -307,7 +383,8 @@ public void actionPerformed(ActionEvent e) { add_map.put("info", info); add_map.put("state", state); YamlUtil.updateYaml(add_map, yaml_path1); - Bfunc.show_yaml(view_class, log2, yaml_path1); + burp.views = Bfunc.Get_Views(); + Bfunc.show_yaml(burp); frame.dispose(); } @@ -336,11 +413,13 @@ public void actionPerformed(ActionEvent e) { } - private void Del_Button_Yaml(JButton Button_one,String yaml_path1, View view_class, List log2) { + private void Del_Button_Yaml(JButton Button_one, String yaml_path1) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { + String type = ruleTabbedPane.getTitleAt(ruleTabbedPane.getSelectedIndex()); + View view_class = burp.views.get(type); if (view_class.Choice != null) { JDialog frame = new JDialog();//构造一个新的JFrame,作为新窗口。 frame.setBounds( @@ -354,13 +433,14 @@ public void actionPerformed(ActionEvent e) { ) ); + JPanel xin = new JPanel(); xin.setLayout(null); JLabel Tips = new JLabel("Are you sure you want to delete"); Tips.setBounds(20, 10, 200, 20); xin.add(Tips); - + // Ok JButton Ok_button = new JButton("Yes"); Ok_button.setBounds(120, 40, 60, 20); @@ -368,8 +448,9 @@ public void actionPerformed(ActionEvent e) { Ok_button.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - YamlUtil.removeYaml(view_class.Choice.id,yaml_path1); - Bfunc.show_yaml(view_class,log2,yaml_path1); + YamlUtil.removeYaml(view_class.Choice.id, yaml_path1); + burp.views = Bfunc.Get_Views(); + Bfunc.show_yaml_view(burp, view_class, type); frame.dispose(); } @@ -399,11 +480,12 @@ public void actionPerformed(ActionEvent e) { } - private void Add_Button_Yaml(JButton Button_one, String yaml_path1, View view_class, List log2) { + private void Add_Button_Yaml(JButton Button_one, String yaml_path1) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { +// burp.call.printOutput(ruleSwitch.ruleEditTextField.getText().trim()); JDialog frame = new JDialog();//构造一个新的JFrame,作为新窗口。 frame.setBounds( new Rectangle( @@ -415,7 +497,7 @@ public void actionPerformed(ActionEvent e) { 300 ) ); - + String type = ruleTabbedPane.getTitleAt(ruleTabbedPane.getSelectedIndex()); JPanel xin = new JPanel(); xin.setLayout(null); // Name @@ -428,8 +510,7 @@ public void actionPerformed(ActionEvent e) { // Method JLabel Method_field = new JLabel("Method :"); -// JTextField Method_text = new JTextField(); - JComboBox Method_text=new JComboBox(); //创建JComboBox + JComboBox Method_text = new JComboBox(); //创建JComboBox Method_text.addItem("GET"); //向下拉列表中添加一项 Method_text.addItem("POST"); //向下拉列表中添加一项 Method_field.setBounds(10, 45, 40, 20); @@ -493,7 +574,9 @@ public void actionPerformed(ActionEvent e) { String info = Info_text.getText(); String state = State_text.getText(); Map add_map = new HashMap(); + add_map.put("type", type); add_map.put("id", id); + add_map.put("loaded", true); add_map.put("name", name); add_map.put("method", method); add_map.put("url", url); @@ -501,7 +584,7 @@ public void actionPerformed(ActionEvent e) { add_map.put("info", info); add_map.put("state", state); YamlUtil.addYaml(add_map, yaml_path1); - Bfunc.show_yaml(view_class, log2, yaml_path1); + Bfunc.show_yaml_view(burp, burp.views.get(type), type); frame.dispose(); } @@ -529,11 +612,11 @@ public void actionPerformed(ActionEvent e) { } - private void load_button_Yaml(JButton Button_one, View tt, List ll, JTextField ii) { + private void load_button_Yaml(JButton Button_one) { Button_one.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - Bfunc.show_yaml(tt, ll, ii.getText()); + Bfunc.show_yaml(burp); } }); @@ -550,3 +633,4 @@ public void actionPerformed(ActionEvent e) { } } + diff --git a/src/main/java/burp/TabTitleEditListener.java b/src/main/java/burp/TabTitleEditListener.java new file mode 100644 index 0000000..d908a0d --- /dev/null +++ b/src/main/java/burp/TabTitleEditListener.java @@ -0,0 +1,186 @@ +package burp; + +import yaml.YamlUtil; + +import javax.swing.*; +import javax.swing.event.ChangeEvent; +import javax.swing.event.ChangeListener; +import javax.swing.event.DocumentEvent; +import javax.swing.event.DocumentListener; +import java.awt.*; +import java.awt.event.*; +import java.util.Hashtable; +import java.util.Map; + +class TabTitleEditListener extends MouseAdapter implements ChangeListener, DocumentListener { + public final JTextField ruleEditTextField = new JTextField(); + public final JTabbedPane ruleEditTabbedPane; + private BurpExtender burp; + protected int editingIndex = -1; + protected int len = -1; + protected Boolean listen = true; + protected Dimension dim; + protected Component tabComponent; + protected Boolean isRenameOk = false; + + protected final Action startEditing = new AbstractAction() { + @Override + public void actionPerformed(ActionEvent e) { + + editingIndex = ruleEditTabbedPane.getSelectedIndex(); + tabComponent = ruleEditTabbedPane.getTabComponentAt(editingIndex); + ruleEditTabbedPane.setTabComponentAt(editingIndex, ruleEditTextField); + isRenameOk = true; + ruleEditTextField.setVisible(true); + ruleEditTextField.setText(ruleEditTabbedPane.getTitleAt(editingIndex)); + ruleEditTextField.selectAll(); + ruleEditTextField.requestFocusInWindow(); + len = ruleEditTextField.getText().length(); + dim = ruleEditTextField.getPreferredSize(); + ruleEditTextField.setMinimumSize(dim); + + } + }; + + protected final Action renameTabTitle = new AbstractAction() { + @Override + public void actionPerformed(ActionEvent e) { + String title = ruleEditTextField.getText().trim(); + if (editingIndex >= 0 && !title.isEmpty()) { + String oldName = ruleEditTabbedPane.getTitleAt(editingIndex); + ruleEditTabbedPane.setTitleAt(editingIndex, title); + View view = burp.views.get(oldName); + if (view != null){ + for (View.LogEntry logEntry : view.log){ + Map up_map = new Hashtable(); + up_map.put("id", Integer.parseInt(logEntry.id)); + up_map.put("type", title); + up_map.put("loaded", logEntry.loaded); + up_map.put("name", logEntry.name); + up_map.put("method", logEntry.method); + up_map.put("url", logEntry.url); + up_map.put("re", logEntry.re); + up_map.put("info", logEntry.info); + up_map.put("state", logEntry.state); + YamlUtil.updateYaml(up_map,BurpExtender.Yaml_Path); + } + burp.views = Bfunc.Get_Views(); + } + + + } + cancelEditing.actionPerformed(null); + } + }; + + protected final Action cancelEditing = new AbstractAction() { + @Override + public void actionPerformed(ActionEvent e) { + if (editingIndex >= 0) { + ruleEditTabbedPane.setTabComponentAt(editingIndex, tabComponent); + ruleEditTextField.setVisible(false); + editingIndex = -1; + len = -1; + tabComponent = null; + ruleEditTextField.setPreferredSize(null); + ruleEditTabbedPane.requestFocusInWindow(); + } + if (ruleEditTabbedPane.getTabCount()-1 == ruleEditTabbedPane.getSelectedIndex()){ + burp.Config_l.newTab(); + renameTabTitle.actionPerformed(null); + } + + } + }; + + protected TabTitleEditListener(JTabbedPane tabbedPane,BurpExtender burp) { + super(); + this.burp = burp; + this.ruleEditTabbedPane = tabbedPane; + ruleEditTextField.setBorder(BorderFactory.createEmptyBorder()); + ruleEditTextField.addFocusListener(new FocusAdapter() { + @Override + public void focusLost(FocusEvent e) { + renameTabTitle.actionPerformed(null); + } + }); + InputMap im = ruleEditTextField.getInputMap(JComponent.WHEN_FOCUSED); + ActionMap am = ruleEditTextField.getActionMap(); + im.put(KeyStroke.getKeyStroke(KeyEvent.VK_ESCAPE, 0), "cancel-editing"); + am.put("cancel-editing", cancelEditing); + im.put(KeyStroke.getKeyStroke(KeyEvent.VK_ENTER, 0), "rename-tab-title"); + am.put("rename-tab-title", renameTabTitle); + ruleEditTextField.getDocument().addDocumentListener(this); + tabbedPane.getInputMap(JComponent.WHEN_FOCUSED).put(KeyStroke.getKeyStroke(KeyEvent.VK_ENTER, 0), "start-editing"); + tabbedPane.getActionMap().put("start-editing", startEditing); + } + + @Override + public void stateChanged(ChangeEvent e) { + if (e.getSource() instanceof JTabbedPane && listen) { + JTabbedPane pane = (JTabbedPane) e.getSource(); + if (!isRenameOk) { + if (pane.getSelectedIndex() == pane.getComponentCount() - 1) { + this.burp.Config_l.newTab(); + } + } else { + if (pane.getSelectedIndex() == pane.getComponentCount() - 2) { + this.burp.Config_l.newTab(); + } + } + } + renameTabTitle.actionPerformed(null); + } + + public void setListen(Boolean listen) { + this.listen = listen; + } + + @Override + public void insertUpdate(DocumentEvent e) { + updateTabSize(); + } + + @Override + public void removeUpdate(DocumentEvent e) { + updateTabSize(); + } + + @Override + public void changedUpdate(DocumentEvent e) { + } + + @Override + public void mouseClicked(MouseEvent e) { + switch (e.getButton()) { + case 1: { + Rectangle r = ruleEditTabbedPane.getBoundsAt(ruleEditTabbedPane.getSelectedIndex()); + boolean isDoubleClick = e.getClickCount() >= 2; + if (isDoubleClick && r.contains(e.getPoint())) { + startEditing.actionPerformed(null); + + } else { + renameTabTitle.actionPerformed(null); + } + break; + } + case 2:{ + + } + case 3: { + if (ruleEditTabbedPane.getTabCount()-1 != ruleEditTabbedPane.getSelectedIndex()) { + Config.tabMenu.show(e.getComponent(), e.getX(), e.getY()); + } + + break; + } + default: + break; + } + } + + protected void updateTabSize() { + ruleEditTextField.setPreferredSize(ruleEditTextField.getText().length() > len ? null : dim); + ruleEditTabbedPane.revalidate(); + } +} \ No newline at end of file diff --git a/src/main/java/burp/View.java b/src/main/java/burp/View.java index 821a831..4af91a0 100644 --- a/src/main/java/burp/View.java +++ b/src/main/java/burp/View.java @@ -1,10 +1,17 @@ package burp; +import yaml.YamlUtil; + import javax.swing.*; import javax.swing.table.AbstractTableModel; import javax.swing.table.TableModel; +import java.awt.event.ActionEvent; +import java.awt.event.MouseAdapter; +import java.awt.event.MouseEvent; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; +import java.util.Map; public class View extends AbstractTableModel { private JSplitPane splitPane; @@ -14,11 +21,15 @@ public class View extends AbstractTableModel { public LogEntry Choice; + + // // 实现IBurpExtender // + public View() { + // 创建最上面的一层 top = new JSplitPane(JSplitPane.VERTICAL_SPLIT); // // 创建容器,容器可以加入多个页面 @@ -29,15 +40,40 @@ public View() { // 日志条目表 Table logTable = new Table(this); - JScrollPane scrollPane = new JScrollPane(logTable); + logTable.addMouseListener(new MouseAdapter() { + //不要用click点击监听,如果速度过快就会识别为双击,有bug + @Override + public void mousePressed(MouseEvent e) { + // 点击复选框的操作 + if (e.getClickCount() == 1) { + int row = logTable.getSelectedRow(); + int column = logTable.getSelectedColumn(); + //复选框在哪列填多少,限制鼠标点击的位置 + if (column == 0) { + LogEntry logEntry = log.get(row); + Map add_map = new HashMap(); + add_map.put("id", Integer.parseInt(logEntry.id)); + add_map.put("type", logEntry.type); + add_map.put("loaded", !logEntry.loaded); + add_map.put("name", logEntry.name); + add_map.put("method", logEntry.method); + add_map.put("url", logEntry.url); + add_map.put("re", logEntry.re); + add_map.put("info", logEntry.info); + add_map.put("state", logEntry.state); + YamlUtil.updateYaml(add_map, BurpExtender.Yaml_Path); + logEntry.loaded = !logEntry.loaded; + + + } + + } + } + }); + JScrollPane scrollPane = new JScrollPane(logTable); - // 将日志条目表和展示窗添加到主拆分窗格 -// splitPane.add(scrollPane, "top"); -// tabs.add(scrollPane, "top"); - // 将两个页面插入容器 -// tabs.addTab("Show", splitPane); // 将容器置于顶层 top.setTopComponent(scrollPane); @@ -64,7 +100,7 @@ public int getRowCount() { // 设置总共有几列 @Override public int getColumnCount() { - return 6; + return 7; } // 设置每个列的名称 @@ -72,43 +108,58 @@ public int getColumnCount() { public String getColumnName(int columnIndex) { switch (columnIndex) { case 0: - return "Name"; + return "Loaded"; case 1: - return "Method"; + return "Name"; case 2: - return "URL"; + return "Method"; case 3: - return "RE"; + return "Url"; case 4: - return "INFO"; + return "Re"; case 5: - return "STATE"; + return "Info"; + case 6: + return "State"; default: return ""; } } + @Override public Class getColumnClass(int columnIndex) { - return String.class; + if (columnIndex == 0) { + return Boolean.class; + } else { + return String.class; + } + } + + @Override + public boolean isCellEditable(int row, int column) { + return column == 0; } + @Override public Object getValueAt(int rowIndex, int columnIndex) { LogEntry logEntry = log.get(rowIndex); // 设置每个条目的每一列的值 switch (columnIndex) { case 0: - return logEntry.name; + return logEntry.loaded; case 1: - return logEntry.method; + return logEntry.name; case 2: - return logEntry.url; + return logEntry.method; case 3: - return logEntry.re; + return logEntry.url; case 4: - return logEntry.info; + return logEntry.re; case 5: + return logEntry.info; + case 6: return logEntry.state; default: @@ -117,7 +168,6 @@ public Object getValueAt(int rowIndex, int columnIndex) { } - // // 扩展JTable以处理单元格选择 // @@ -144,6 +194,8 @@ public void changeSelection(int row, int col, boolean toggle, boolean extend) { public static class LogEntry { final String id; + String type; + Boolean loaded; final String method; final String name; final String url; @@ -151,8 +203,10 @@ public static class LogEntry { final String info; final String state; - LogEntry(String id, String name,String method ,String url, String re, String info, String state) { + LogEntry(String id, String type,Boolean loaded, String name, String method, String url, String re, String info, String state) { this.id = id; + this.type = type; + this.loaded = loaded; this.name = name; this.method = method; this.url = url; diff --git a/src/main/java/func/init_Yaml_thread.java b/src/main/java/func/init_Yaml_thread.java index 66907bc..7b46cb8 100644 --- a/src/main/java/func/init_Yaml_thread.java +++ b/src/main/java/func/init_Yaml_thread.java @@ -13,16 +13,10 @@ public class init_Yaml_thread extends Thread { private BurpExtender burp; - private View view_class; - private List log; - private JTextField txtfield1; private JPanel one; - public init_Yaml_thread(BurpExtender burp, View view_class, List log, JTextField txtfield1, JPanel one) { + public init_Yaml_thread(BurpExtender burp, JPanel one) { this.burp = burp; - this.view_class = view_class; - this.log = log; - this.txtfield1 = txtfield1; this.one = one; @@ -45,7 +39,7 @@ public void run() { file.write(this.burp.help.stringToBytes(ResponseBody)); file.close(); - Bfunc.show_yaml(this.view_class, this.log, this.txtfield1.getText()); + Bfunc.show_yaml(burp); JOptionPane.showMessageDialog(one, "Update successful", "Tips ", 1); } else { JOptionPane.showMessageDialog(one, "Request failed, please try to use proxy", "Error ", 0); diff --git a/src/main/java/func/threads.java b/src/main/java/func/threads.java index ab72046..bb3334e 100644 --- a/src/main/java/func/threads.java +++ b/src/main/java/func/threads.java @@ -38,56 +38,59 @@ public void run() { private static void go(Map zidian, vulscan vul, IHttpRequestResponse newHttpRequestResponse, List heads) { String name = (String) zidian.get("name"); + boolean loaded = (boolean) zidian.get("loaded"); String urll = (String) zidian.get("url"); String re = (String) zidian.get("re"); String info = (String) zidian.get("info"); String state = (String) zidian.get("state"); - URL url = null; - try { - url = new URL(vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().getProtocol(), vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().getHost(), vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().getPort(), String.valueOf(vul.Path_record) + urll); + if (loaded) { + URL url = null; + try { + url = new URL(vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().getProtocol(), vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().getHost(), vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().getPort(), String.valueOf(vul.Path_record) + urll); - } catch (MalformedURLException e) { - e.printStackTrace(); - } - boolean is_InList; - synchronized (vul.burp.history_url) { - is_InList = !vul.burp.history_url.contains(url.toString()); - } - if (is_InList) { + } catch (MalformedURLException e) { + e.printStackTrace(); + } + boolean is_InList; synchronized (vul.burp.history_url) { - vul.burp.history_url.add(url.toString()); - vul.burp.call.printOutput(url.toString()); + is_InList = !vul.burp.history_url.contains(url.toString()); } - byte[] request = vul.burp.help.buildHttpRequest(url); - // 添加head - if (vul.burp.Carry_head) { - synchronized (heads) { - heads.remove(0); - heads.add(0, vul.burp.help.analyzeRequest(request).getHeaders().get(0)); - request = vul.burp.help.buildHttpMessage(heads, new byte[]{}); + if (is_InList) { + synchronized (vul.burp.history_url) { + vul.burp.history_url.add(url.toString()); + vul.burp.call.printOutput(url.toString()); + } + byte[] request = vul.burp.help.buildHttpRequest(url); + // 添加head + if (vul.burp.Carry_head) { + synchronized (heads) { + heads.remove(0); + heads.add(0, vul.burp.help.analyzeRequest(request).getHeaders().get(0)); + request = vul.burp.help.buildHttpMessage(heads, new byte[]{}); + } + } + if ("POST".equals(zidian.get("method"))) { + request = vul.burp.help.toggleRequestMethod(request); } - } - if ("POST".equals(zidian.get("method"))) { - request = vul.burp.help.toggleRequestMethod(request); - } - newHttpRequestResponse = vul.burp.call.makeHttpRequest(vul.httpService, request); + newHttpRequestResponse = vul.burp.call.makeHttpRequest(vul.httpService, request); - if (vul.burp.help.analyzeResponse(newHttpRequestResponse.getResponse()).getStatusCode() == Integer.parseInt(state)) { - byte[] resp = newHttpRequestResponse.getResponse(); - Pattern re_rule = Pattern.compile(re, Pattern.CASE_INSENSITIVE); - Matcher pipe = re_rule.matcher(vul.burp.help.bytesToString(resp)); - String lang = String.valueOf(vul.burp.help.bytesToString(resp).length()); - if (pipe.find()) { - vulscan.ir_add(vul.burp.tags, name, vul.burp.help.analyzeRequest(newHttpRequestResponse).getMethod(), vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().toString(), String.valueOf(vul.burp.help.analyzeResponse(newHttpRequestResponse.getResponse()).getStatusCode()) + " ", info, lang, newHttpRequestResponse); + if (vul.burp.help.analyzeResponse(newHttpRequestResponse.getResponse()).getStatusCode() == Integer.parseInt(state)) { + byte[] resp = newHttpRequestResponse.getResponse(); + Pattern re_rule = Pattern.compile(re, Pattern.CASE_INSENSITIVE); + Matcher pipe = re_rule.matcher(vul.burp.help.bytesToString(resp)); + String lang = String.valueOf(vul.burp.help.bytesToString(resp).length()); + if (pipe.find()) { + vulscan.ir_add(vul.burp.tags, name, vul.burp.help.analyzeRequest(newHttpRequestResponse).getMethod(), vul.burp.help.analyzeRequest(newHttpRequestResponse).getUrl().toString(), String.valueOf(vul.burp.help.analyzeResponse(newHttpRequestResponse.getResponse()).getStatusCode()) + " ", info, lang, newHttpRequestResponse); + } } + } else { + vul.burp.call.printError("Skip: " + url.toString()); } - } else { - vul.burp.call.printError("Skip: " + url.toString()); - } + } } diff --git a/src/main/java/func/vulscan.java b/src/main/java/func/vulscan.java index 8c32fa7..4e64f88 100644 --- a/src/main/java/func/vulscan.java +++ b/src/main/java/func/vulscan.java @@ -7,6 +7,7 @@ import java.util.List; import java.util.Map; +import java.util.concurrent.Executors; import java.util.concurrent.ThreadPoolExecutor; public class vulscan { @@ -32,8 +33,7 @@ public vulscan(BurpExtender burp, BurpAnalyzedRequest Root_Request) { httpService = this.Root_Request.requestResponse().getHttpService(); IRequestInfo analyze_Request = help.analyzeRequest(httpService, request); List heads = analyze_Request.getHeaders(); -// request = help.buildHttpMessage(heads,request); -// String zifuchuan = help.bytesToString(request); + burp.ThreadPool = Executors.newFixedThreadPool((Integer) burp.Config_l.spinner1.getValue()); // 判断请求方法为POST diff --git a/src/main/java/yaml/YamlUtil.java b/src/main/java/yaml/YamlUtil.java index 60186af..a7f0835 100644 --- a/src/main/java/yaml/YamlUtil.java +++ b/src/main/java/yaml/YamlUtil.java @@ -16,8 +16,8 @@ public class YamlUtil { - public static void init_Yaml(BurpExtender burp, View view_class, List log, JTextField txtfield1, JPanel one) { - new init_Yaml_thread(burp, view_class, log, txtfield1, one).start(); + public static void init_Yaml(BurpExtender burp, JPanel one) { + new init_Yaml_thread(burp, one).start(); }