Single threaded model working

iriusrisk · Apr 22, 2012 · 5ef605a · 5ef605a
1 parent f16139b
commit 5ef605a
Show file tree

Hide file tree

Showing 11 changed files with 262 additions and 260 deletions.
diff --git a/burp-client/src/main/java/net/continuumsecurity/burpclient/BurpClient.java b/burp-client/src/main/java/net/continuumsecurity/burpclient/BurpClient.java
@@ -49,19 +49,18 @@ public BurpClient(String baseUrl, String proxyHost, int proxyPort) {
         service = client.resource(UriBuilder.fromUri(baseUrl).build());
     }
 
-    public int scan(String url) throws Exception {
+    public void scan(String url) throws Exception {
         String query = "target=" + URLEncoder.encode(url, "UTF-8");
         ClientResponse response = service.path("scanner").path("scan").post(ClientResponse.class, query);
-        return response.getEntity(JSONObject.class).getInt("id");
     }
 
-    public int percentComplete(int id) throws Exception {
-        ClientResponse response = service.path("scanner").path(Integer.toString(id)).path("complete").get(ClientResponse.class);
+    public int percentComplete() throws Exception {
+        ClientResponse response = service.path("scanner").path("complete").get(ClientResponse.class);
         return response.getEntity(JSONObject.class).getInt("complete");
     }
 
-    public ScanIssueList getIssueList(int scanId) {
-        return (service.path("scanner").path(Integer.toString(scanId)).path("issues").get(ScanIssueList.class));
+    public ScanIssueList getIssueList() {
+        return (service.path("scanner").path("issues").get(ScanIssueList.class));
     }
 
     public List<HttpMessage> getProxyHistory() {
@@ -111,6 +110,10 @@ public void reset() throws RuntimeException {
         service.path("reset").type(MediaType.APPLICATION_JSON).get(ClientResponse.class);
     }
 
+    public void clearIssues() throws RuntimeException {
+        service.path("clear").type(MediaType.APPLICATION_JSON).get(ClientResponse.class);
+    }
+
     public void destroy() {
         client.destroy();
     }

diff --git a/burp-client/src/test/java/net/continuumsecurity/burpclient/BurpClientTest.java b/burp-client/src/test/java/net/continuumsecurity/burpclient/BurpClientTest.java
@@ -1,7 +1,6 @@
 package net.continuumsecurity.burpclient;
 
 import net.continuumsecurity.restyburp.Settings;
-import net.continuumsecurity.restyburp.model.HttpRequestResponseBean;
 
 import org.apache.log4j.Logger;
 import org.junit.AfterClass;
@@ -39,8 +38,9 @@ public void setUp() {
 				e.printStackTrace();
 			}
 	    }
+
 
-	    //@Test
+	    /*@Test
 	    public void testFindInResponse() {
 	    	String regex = ".*<input.*?type.*?=.*?pasword.*";
 	    	//driver.get(target);
@@ -54,7 +54,7 @@ public void testFindInResponse() {
 	    	String response = new String(result.getResponse());
 	    	assert (response.contains(regex));
 	    	log.debug("Response="+response);
-	    }
+	    }*/
 
 
 }
diff --git a/log4j.properties b/log4j.properties
@@ -13,4 +13,5 @@ log4j.appender.A1.layout.ConversionPattern=%d{HH:mm:ss,SSS} %-5p [%c] - %m%n
 
 log4j.logger.net.continuumsecurity.restyburp.ScanQueueMap = TRACE
 log4j.logger.net.continuumsecurity.restyburp.BurpService = TRACE
-log4j.logger.com.gargoylesoftware.htmlunit.javascript = ERROR
+log4j.logger.com.gargoylesoftware.htmlunit.javascript = ERROR
+log4j.logger.org.apache.http = ERROR
diff --git a/pom.xml b/pom.xml
@@ -1,109 +1,114 @@
 
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
 
-    <groupId>net.continuumsecurity</groupId>
-    <artifactId>resty-burp</artifactId>
-    <version>0.2-SNAPSHOT</version>
-    <packaging>jar</packaging>
-    <name>resty-burp</name>
-    <url>http://maven.apache.org</url>
+	<groupId>net.continuumsecurity</groupId>
+	<artifactId>resty-burp</artifactId>
+	<version>0.2-SNAPSHOT</version>
+	<packaging>jar</packaging>
+	<name>resty-burp</name>
+	<url>http://maven.apache.org</url>
 
-    <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    </properties>
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+	</properties>
 
-    <dependencies>
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <version>4.10</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>net.sf.jopt-simple</groupId>
-            <artifactId>jopt-simple</artifactId>
-            <version>4.3</version>
-        </dependency>
-        <dependency>
-            <groupId>log4j</groupId>
-            <artifactId>log4j</artifactId>
-            <version>1.2.16</version>
-        </dependency>
-        <dependency>
-            <groupId>net.portswigger</groupId>
-            <artifactId>burpsuite-pro</artifactId>
-            <version>1.4.07</version>
-        </dependency>
-        <dependency>
-            <groupId>com.sun.jersey.contribs</groupId>
-            <artifactId>jersey-apache-client</artifactId>
-            <version>1.11</version>
-        </dependency>
-        <dependency>
-            <groupId>org.codehaus.jettison</groupId>
-            <artifactId>jettison</artifactId>
-            <version>1.1</version>
-        </dependency>
-        <dependency>
-            <groupId>com.sun.jersey</groupId>
-            <artifactId>jersey-bundle</artifactId>
-            <version>1.10</version>
-        </dependency>
-        <dependency>
-            <groupId>com.sun.jersey</groupId>
-            <artifactId>jersey-json</artifactId>
-            <version>1.10</version>
-        </dependency>
-        <dependency>
-            <groupId>com.sun.grizzly</groupId>
-            <artifactId>grizzly-servlet-webserver</artifactId>
-            <version>1.9.46</version>
-        </dependency>
-        <dependency>
-            <groupId>org.seleniumhq.selenium</groupId>
-            <artifactId>selenium-java</artifactId>
-            <version>2.18.0</version>
-            <scope>test</scope>
-        </dependency>
-      <dependency>
-        <groupId>asm</groupId>
-        <artifactId>asm-all</artifactId>
-        <version>3.3.1</version>
-      </dependency>
-      <dependency>
-        <groupId>commons-codec</groupId>
-        <artifactId>commons-codec</artifactId>
-        <version>1.4</version>
-      </dependency>
-      <dependency>
-        <groupId>commons-jxpath</groupId>
-        <artifactId>commons-jxpath</artifactId>
-        <version>1.3</version>
-      </dependency>
-      <dependency>
-        <groupId>org.codehaus.jackson</groupId>
-        <artifactId>jackson-core-lgpl</artifactId>
-        <version>1.9.0</version>
-      </dependency>
-      <dependency>
-        <groupId>com.sun.jersey</groupId>
-        <artifactId>jersey-grizzly</artifactId>
-        <version>1.11</version>
-      </dependency>
-    </dependencies>
-    <build>
-        <plugins>
-            <plugin>  
-                <groupId>org.codehaus.mojo</groupId>  
-                <artifactId>exec-maven-plugin</artifactId>  
-                <version>1.2.1</version> 
-                <configuration> 
-                <mainClass>net.continuumsecurity.restyburp.BurpService</mainClass>   
-
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
+	<dependencies>
+		<dependency>
+			<groupId>net.continuumsecurity</groupId>
+			<artifactId>burp-client</artifactId>
+			<version>0.2-SNAPSHOT</version>
+		</dependency>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>4.10</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>net.sf.jopt-simple</groupId>
+			<artifactId>jopt-simple</artifactId>
+			<version>4.3</version>
+		</dependency>
+		<dependency>
+			<groupId>log4j</groupId>
+			<artifactId>log4j</artifactId>
+			<version>1.2.16</version>
+		</dependency>
+		<dependency>
+			<groupId>net.portswigger</groupId>
+			<artifactId>burpsuite-pro</artifactId>
+			<version>1.4.05</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.jersey.contribs</groupId>
+			<artifactId>jersey-apache-client</artifactId>
+			<version>1.11</version>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jettison</groupId>
+			<artifactId>jettison</artifactId>
+			<version>1.1</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.jersey</groupId>
+			<artifactId>jersey-bundle</artifactId>
+			<version>1.10</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.jersey</groupId>
+			<artifactId>jersey-json</artifactId>
+			<version>1.10</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.grizzly</groupId>
+			<artifactId>grizzly-servlet-webserver</artifactId>
+			<version>1.9.46</version>
+		</dependency>
+		<dependency>
+			<groupId>org.seleniumhq.selenium</groupId>
+			<artifactId>selenium-java</artifactId>
+			<version>2.18.0</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>asm</groupId>
+			<artifactId>asm-all</artifactId>
+			<version>3.3.1</version>
+		</dependency>
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>1.4</version>
+		</dependency>
+		<dependency>
+			<groupId>commons-jxpath</groupId>
+			<artifactId>commons-jxpath</artifactId>
+			<version>1.3</version>
+		</dependency>
+		<dependency>
+			<groupId>org.codehaus.jackson</groupId>
+			<artifactId>jackson-core-lgpl</artifactId>
+			<version>1.9.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.jersey</groupId>
+			<artifactId>jersey-grizzly</artifactId>
+			<version>1.11</version>
+		</dependency>
+	</dependencies>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.codehaus.mojo</groupId>
+				<artifactId>exec-maven-plugin</artifactId>
+				<version>1.2.1</version>
+				<configuration>
+					<mainClass>net.continuumsecurity.restyburp.BurpService</mainClass>
+
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
 </project>
diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java
@@ -28,6 +28,7 @@
 import java.util.Properties;
 import java.util.Set;
 
+import net.continuumsecurity.burpclient.ScanPolicy;
 import net.continuumsecurity.restyburp.ScanQueueMap;
 import net.continuumsecurity.restyburp.Utils;
 import net.continuumsecurity.restyburp.model.ScanIssueBean;
@@ -86,16 +87,17 @@ public ScanQueueMap scan(String baseUrl) {
             try {
                 URL url = new URL(baseUrl);
                 if (Utils.containsUrl(rr.getUrl(), url) && !outOfScope.contains(rr.getUrl()) && !map.hasUrl(rr.getUrl().toExternalForm())) {
-                    log.debug("Adding " + rr.getUrl() + " to scope.");
-
+                    log.debug("\tcallbacks.isInScope("+rr.getUrl()+") is "+callbacks.isInScope(rr.getUrl()));
                     if (!callbacks.isInScope(rr.getUrl())) {
                     	callbacks.includeInScope(rr.getUrl());
-                    	log.trace("\tcallbacks.isInScope("+rr.getUrl()+") is "+callbacks.isInScope(rr.getUrl()));
-                    }              
+                    } 
                     boolean useHttps = rr.getProtocol().equalsIgnoreCase("https");
-                    log.debug("\tabout to scan: "+rr.getHost()+" "+rr.getPort()+" "+rr.getUrl());
+                    log.debug("\tabout to scan: "+rr.getUrl());
                     IScanQueueItem isq = callbacks.doActiveScan(rr.getHost(), rr.getPort(), useHttps, rr.getRequest());
+                    log.debug("ScanItem for "+rr.getUrl()+" has "+isq.getNumRequests()+" requests, "+isq.getNumInsertionPoints()+" insertion points, status: "+isq.getStatus());
+                    log.debug("\tadding "+rr.getUrl().toExternalForm()+" to ScanQueueMap");
                     map.addItem(rr.getUrl().toExternalForm(), isq);
+                    if (isPassiveEnabled()) callbacks.doPassiveScan(rr.getHost(), rr.getPort(), useHttps, rr.getRequest(),rr.getResponse());
                 }
             } catch (Exception e) {
                 e.printStackTrace();
@@ -150,6 +152,18 @@ public void setConfigFile(String filename) {
         configFile = filename;
     }
 
+    public boolean isPassiveEnabled() {
+    	Map<String, String> config = callbacks.saveConfig();
+        if (config.get(ScanPolicy.MIME).equalsIgnoreCase("true")) return true;
+        if (config.get(ScanPolicy.PARAMS).equalsIgnoreCase("true")) return true;
+        if (config.get(ScanPolicy.FORMS).equalsIgnoreCase("true")) return true;
+        if (config.get(ScanPolicy.CACHING).equalsIgnoreCase("true")) return true;
+        if (config.get(ScanPolicy.COOKIES).equalsIgnoreCase("true")) return true;
+        if (config.get(ScanPolicy.LINKS).equalsIgnoreCase("true")) return true;
+        if (config.get(ScanPolicy.VIEWSTATE).equalsIgnoreCase("true")) return true;
+        return false;
+    }
+
     private void saveConfig(String filename) {
         FileOutputStream out = null;
         try {