优化证书信息获取逻辑

u1s1jth · Mar 16, 2022 · 20d897b · 20d897b
1 parent c9e098e
commit 20d897b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 4 deletions.
diff --git a/src/burp/BurpExtender.java b/src/burp/BurpExtender.java
@@ -4,7 +4,9 @@
 import java.io.PrintWriter;
 import java.util.Date;
 import java.util.List;
+import java.util.Set;
 import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.CopyOnWriteArraySet;
 import java.util.concurrent.LinkedBlockingQueue;
 
 import javax.swing.JMenuItem;
@@ -44,6 +46,8 @@ public class BurpExtender implements IBurpExtender, ITab, IExtensionStateListene
 	//use to store messageInfo of proxy live
 	public static BlockingQueue<IHttpRequestResponse> inputQueue = new LinkedBlockingQueue<IHttpRequestResponse>();
 	//use to store messageInfo
+	public static Set<String> httpsChecked = new CopyOnWriteArraySet<>();
+	//temp variable to identify checked https用于记录已经做过HTTPS证书信息获取的httpService
 
 	public static PrintWriter getStdout() {
 		//不同的时候调用这个参数，可能得到不同的值
@@ -171,6 +175,9 @@ public void extensionUnloaded() {
 			stopLiveCapture();
 			if (TitlePanel.threadGetTitle != null) {
 				TitlePanel.threadGetTitle.interrupt();//maybe null
+				inputQueue.clear();
+				liveinputQueue.clear();
+				httpsChecked.clear();
 			}//必须要先结束线程，否则获取数据的操作根本无法结束，因为线程一直通过sync占用资源
 		} catch (Exception e) {
 			e.printStackTrace(stderr);

diff --git a/src/domain/DomainProducer.java b/src/domain/DomainProducer.java
@@ -18,7 +18,7 @@
 
 public class DomainProducer extends Thread {//Producer do
 	private final BlockingQueue<IHttpRequestResponse> inputQueue;//use to store messageInfo
-	private BlockingQueue<String> httpsQueue = new LinkedBlockingQueue<>();//temp variable to identify checked https
+
 
 	private int threadNo;
 	private volatile boolean stopflag = false;
@@ -97,7 +97,7 @@ public void run() {
 							entry.setComment("BaseOnCertInfo");
 							DomainPanel.fetchTargetModel().addRowIfValid(entry);
 
-							//重新判断类型，应该是确定的IP类型了。[email protected]
+							//重新判断类型，应该是确定的IP类型了。
 							type = DomainPanel.fetchTargetModel().domainType(Host);
 						}
 					}
@@ -106,8 +106,9 @@ public void run() {
 
 				//第二步：处理HTTPS证书
 				if (type !=DomainManager.USELESS && protocol.equalsIgnoreCase("https")){//get related domains
-					if (!httpsQueue.contains(shortURL)) {//httpService checked or not
-						httpsQueue.put(shortURL);//必须先添加，否则执行在执行https链接的过程中，已经有很多请求通过检测进行相同的请求了。
+					if (BurpExtender.httpsChecked.add(shortURL)) {//httpService checked or not
+						//如果set中已存在，返回false，如果不存在，返回true。
+						//必须先添加，否则执行在执行https链接的过程中，已经有很多请求通过检测进行相同的请求了。
 						Set<String> tmpDomains = CertInfo.getSANsbyKeyword(shortURL,DomainPanel.fetchTargetModel().fetchKeywordSet());
 						for (String domain:tmpDomains) {
 							BurpExtender.getStdout().println("Target Related Asset Found :"+domain);