From 50b199f91f8b2fb37e4f64b8aa5ef712b29bbfdf Mon Sep 17 00:00:00 2001 From: gdgd009xcd Date: Mon, 15 Jan 2024 21:25:10 +0900 Subject: [PATCH] 24011501 NEPOTIANUS231220 - improve: Added javahelp [?] button on the right-top corner of the MacroBuilder tab - maintenance: Removed the "Tracking Parameter" JPanel which is used only burp from the MacroBuilder Tab. --- addOns/automacrobuilder/CHANGELOG.md | 6 + .../automacrobuilder.gradle.kts | 2 +- .../automacrobuilder/CookieManager.java | 70 ++++----- .../generated/MacroBuilderUI.java | 136 ++++++++++-------- .../zap/ExtensionAutoMacroBuilder.java | 3 +- .../src/main/javahelp/help/contents/help.html | 3 + .../src/main/javahelp/help/index.xml | 2 +- .../src/main/javahelp/help/map.jhm | 2 +- .../src/main/javahelp/help/toc.xml | 2 +- .../src/main/resources/burp/Bundle.properties | 6 +- .../resources/burp/Bundle_ja_JP.properties | 5 +- .../automacrobuilder/zap/resources/cake.png | Bin 755 -> 0 bytes .../automacrobuilder/zap/resources/icon/Q.png | Bin 0 -> 788 bytes .../zap/resources/icon/question.png | Bin 302 -> 0 bytes 14 files changed, 133 insertions(+), 104 deletions(-) delete mode 100644 addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/cake.png create mode 100644 addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/icon/Q.png delete mode 100644 addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/icon/question.png diff --git a/addOns/automacrobuilder/CHANGELOG.md b/addOns/automacrobuilder/CHANGELOG.md index 1beae91..f815c33 100644 --- a/addOns/automacrobuilder/CHANGELOG.md +++ b/addOns/automacrobuilder/CHANGELOG.md @@ -2,6 +2,12 @@ All notable changes to this add-on will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [v1.1.14] - 2023-12-14 +### Added +- improve: Added javahelp [?] button on the right-top corner of the MacroBuilder tab +### Changed +- maintenance: Removed the "Tracking Parameter" JPanel which is used only burp from the MacroBuilder Tab. + ## [v1.1.13] - 2023-12-14 ### Fixed - bugfix: Fixed "null null null" response status-line is appeared in messageView diff --git a/addOns/automacrobuilder/automacrobuilder.gradle.kts b/addOns/automacrobuilder/automacrobuilder.gradle.kts index 8f8d6ab..f0fb662 100644 --- a/addOns/automacrobuilder/automacrobuilder.gradle.kts +++ b/addOns/automacrobuilder/automacrobuilder.gradle.kts @@ -1,6 +1,6 @@ import org.zaproxy.gradle.addon.AddOnStatus -version = "1.1.13" +version = "1.1.14" description = "AutoMacroBuilder for ZAP" tasks.withType { diff --git a/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/CookieManager.java b/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/CookieManager.java index 3a4e698..5e86867 100644 --- a/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/CookieManager.java +++ b/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/CookieManager.java @@ -82,42 +82,44 @@ public List parse(String hostName, String path, String setCookieHead hostName, path, true); // SSL attribute is ignored when cookie values ​​are added to - String defaultPath = extractDefaultPath(path); - originalURIs.add(uri); - // - // Description of Cookie Attributes - // - // * domain - // specified: - // cookie is sent specified domain or subdomain of it. - // the domain attribute must be a domain containing the - // current host name, so, only same as host or subdomain can be specified. - // (ex: hostname example.com domain=example.com or domain=www.example.com) - // Not specified: - // If domain attribute is not specified, the cookie is sent only to the host that sent Set-Cookie. - // - // * path - // specified: - // cookie is sent to the request path which prefix matches the path value. - // - // Not specified: - // defaultPath is assigned as the path value. defaultPath is directory portion of request-uri. - // ex1. uri=http://test.com/shared/lib/index.php - // defaultPath = /shared/lib - // ex2. uri=http://test.com/index.php - // defaultPath = / - // ex3. uri=http://test.com/ - // defaultPath = / - // - // - for (HttpCookie hc : parsedcookies) { - String pathProp = hc.getPath(); - if (pathProp == null || pathProp.isEmpty()) { - hc.setPath(defaultPath); + if (uri != null) { + String defaultPath = extractDefaultPath(path); + originalURIs.add(uri); + // + // Description of Cookie Attributes + // + // * domain + // specified: + // cookie is sent specified domain or subdomain of it. + // the domain attribute must be a domain containing the + // current host name, so, only same as host or subdomain can be specified. + // (ex: hostname example.com domain=example.com or domain=www.example.com) + // Not specified: + // If domain attribute is not specified, the cookie is sent only to the host that sent Set-Cookie. + // + // * path + // specified: + // cookie is sent to the request path which prefix matches the path value. + // + // Not specified: + // defaultPath is assigned as the path value. defaultPath is directory portion of request-uri. + // ex1. uri=http://test.com/shared/lib/index.php + // defaultPath = /shared/lib + // ex2. uri=http://test.com/index.php + // defaultPath = / + // ex3. uri=http://test.com/ + // defaultPath = / + // + // + for (HttpCookie hc : parsedcookies) { + String pathProp = hc.getPath(); + if (pathProp == null || pathProp.isEmpty()) { + hc.setPath(defaultPath); + } + cookiestore.add(uri, hc); } - cookiestore.add(uri, hc); + return parsedcookies; } - return parsedcookies; } return null; } diff --git a/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/generated/MacroBuilderUI.java b/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/generated/MacroBuilderUI.java index 124fd6f..e9793f1 100644 --- a/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/generated/MacroBuilderUI.java +++ b/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/generated/MacroBuilderUI.java @@ -11,10 +11,8 @@ import java.awt.event.InputEvent; import java.io.BufferedReader; import java.io.FileReader; -import java.io.IOException; import java.io.UnsupportedEncodingException; -import java.net.URI; -import java.net.URISyntaxException; +import java.net.URL; import java.net.URLEncoder; import java.util.ArrayList; import java.util.HashMap; @@ -25,6 +23,9 @@ import java.util.logging.Level; import java.util.logging.Logger; import java.util.regex.Pattern; +import javax.help.CSH; +import javax.help.HelpBroker; +import javax.help.HelpSet; import javax.swing.*; import javax.swing.border.LineBorder; import javax.swing.text.JTextComponent; @@ -39,6 +40,7 @@ import org.zaproxy.zap.extension.automacrobuilder.view.StyledDocumentWithChunk; import org.zaproxy.zap.extension.automacrobuilder.zap.ExtensionAutoMacroBuilder; import org.zaproxy.zap.extension.automacrobuilder.zap.ZapUtil; +import org.zaproxy.zap.extension.help.ExtensionHelp; import static org.zaproxy.zap.extension.automacrobuilder.EnvironmentVariables.JSONFileIANACharsetName; import static org.zaproxy.zap.extension.automacrobuilder.EnvironmentVariables.ZAP_ICONS; @@ -59,8 +61,8 @@ public class MacroBuilderUI extends javax.swing.JPanel implements InterfacePar private static final ImageIcon PLUS_BUTTON_ICON = MyFontUtils.getScaledIcon( new ImageIcon(MacroBuilderUI.class.getResource(ZAP_ICONS + "/plus.png"))); - private static final ImageIcon QUESTION_BUTTON_ICON = MyFontUtils.getScaledIcon( - new ImageIcon(MacroBuilderUI.class.getResource(ZAP_ICONS + "/question.png"))); + public static final ImageIcon QUESTION_BUTTON_ICON = MyFontUtils.getScaledIcon( + new ImageIcon(MacroBuilderUI.class.getResource(ZAP_ICONS + "/Q.png"))); // List rlist = null; // ParmGenMacroTrace pmt = null; @@ -128,7 +130,7 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { pmtProvider.setCBreplaceTrackingParam(isReplaceMode()); // waittimer setting. - jCheckBox2ActionPerformed(null); + WaitTimerCheckBoxActionPerformed(null); } @@ -444,19 +446,19 @@ private void initComponents() { Load = new javax.swing.JButton(); Save = new javax.swing.JButton(); StartScan = new javax.swing.JButton(); - jLabel2 = new javax.swing.JLabel(); + macroRequestListLabelTitle = new javax.swing.JLabel(); jPanel5 = new javax.swing.JPanel(); CBinheritFromCache = new javax.swing.JCheckBox(); jLabel4 = new javax.swing.JLabel(); - jPanel6 = new javax.swing.JPanel(); + burpTrackingParameter = new javax.swing.JPanel(); TrackMode = new javax.swing.JComboBox<>(); jLabel3 = new javax.swing.JLabel(); jButton1 = new javax.swing.JButton(); jSeparator1 = new javax.swing.JSeparator(); - jCheckBox2 = new javax.swing.JCheckBox(); + WaitTimerCheckBox = new javax.swing.JCheckBox(); waitsec = new javax.swing.JTextField(); MBfromStepNo = new javax.swing.JCheckBox(); - jLabel1 = new javax.swing.JLabel(); + OtherOptionsLabelTitle = new javax.swing.JLabel(); jPanel7 = new javax.swing.JPanel(); FinalResponse = new javax.swing.JCheckBox(); requestListNum = new javax.swing.JLabel(); @@ -469,6 +471,18 @@ private void initComponents() { MacroRequestListTabs = new javax.swing.JTabbedPane(); jScrollPane1 = new javax.swing.JScrollPane(); RequestList = new javax.swing.JList<>(); + generalHelpBtn = new JButton(QUESTION_BUTTON_ICON); + + + + generalHelpBtn.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + ExtensionHelp.showHelp("addon.automacrobuilder"); + } + }); + + SendTo.setText(bundle.getString("MacroBuilderUI.SENDTO.text")); // NOI18N @@ -574,7 +588,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { descriptionVacantArea = new JPanel(new FlowLayout(FlowLayout.CENTER, 0, 0)); JLabel messageAreaMovedToStatusLabel = new JLabel(); messageAreaMovedToStatusLabel.putClientProperty("html.disable", Boolean.FALSE); - messageAreaMovedToStatusLabel.setText(bundle.getString("MacroBuilderUI.describeMessageView")); + messageAreaMovedToStatusLabel.setText(bundle.getString("MacroBuilderUI.describeMessageView.text")); descriptionVacantArea.add(messageAreaMovedToStatusLabel); LineBorder lborder = new LineBorder(Color.BLACK, 2, false); descriptionVacantArea.setBorder(lborder); @@ -712,7 +726,8 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { } }); - jLabel2.setText(bundle.getString("MacroBuilderUI.MacroRequestListLabel2.text")); // NOI18N + macroRequestListLabelTitle.setText(bundle.getString("MacroBuilderUI.MacroRequestListLabelTitle.text")); // NOI18N + // macroRequestListLabelTitle.setBorder(javax.swing.BorderFactory.createLineBorder(new java.awt.Color(0, 0, 0))); jPanel5.setBorder(javax.swing.BorderFactory.createTitledBorder(bundle.getString("MacroBuilderUI.TakeOverCache.text"))); // NOI18N @@ -751,7 +766,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addContainerGap()) ); - jPanel6.setBorder(javax.swing.BorderFactory.createTitledBorder(bundle.getString("MacroBuilderUI.TrackingParamBorder.text"))); // NOI18N + burpTrackingParameter.setBorder(javax.swing.BorderFactory.createTitledBorder(bundle.getString("MacroBuilderUI.TrackingParamBorder.text"))); // NOI18N TrackMode.setModel(new javax.swing.DefaultComboBoxModel<>(new String[] { "replace", "baseline" })); TrackMode.setToolTipText("\n[baseline] mode:
\nthe token parameter value is changed only the baseline part , so which you can tamper by burp tools.
\n
\nyou can add test pattern in parameter value, e.g. '||'
\nex.
\ntoken=8B12C123'||' ===> token=A912D8VC'||'

\nNote: In baseline mode,if you encounter problem which fails tracking tokens, you should select \"■update baseline■\" menu in BurpTool's popup menu.
\n
\n[replace] mode:
\nthe token parameter value is completely replaced with tracking value, so which you cannot tamper by burp tools.
\nex.
\ntoken=8B12C123'||' ===> token=A912D8VC
"); @@ -775,25 +790,25 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { } }); - javax.swing.GroupLayout jPanel6Layout = new javax.swing.GroupLayout(jPanel6); - jPanel6.setLayout(jPanel6Layout); - jPanel6Layout.setHorizontalGroup( - jPanel6Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel6Layout.createSequentialGroup() + javax.swing.GroupLayout burpTrackingParameterLayout = new javax.swing.GroupLayout(burpTrackingParameter); + burpTrackingParameter.setLayout(burpTrackingParameterLayout); + burpTrackingParameterLayout.setHorizontalGroup( + burpTrackingParameterLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(burpTrackingParameterLayout.createSequentialGroup() .addContainerGap() - .addGroup(jPanel6Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(burpTrackingParameterLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) .addComponent(TrackMode, javax.swing.GroupLayout.PREFERRED_SIZE, 101, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 21, javax.swing.GroupLayout.PREFERRED_SIZE)) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel3, javax.swing.GroupLayout.PREFERRED_SIZE, GroupLayout.PREFERRED_SIZE, Short.MAX_VALUE) .addContainerGap()) ); - jPanel6Layout.setVerticalGroup( - jPanel6Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel6Layout.createSequentialGroup() + burpTrackingParameterLayout.setVerticalGroup( + burpTrackingParameterLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, burpTrackingParameterLayout.createSequentialGroup() .addContainerGap(14, Short.MAX_VALUE) - .addGroup(jPanel6Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel6Layout.createSequentialGroup() + .addGroup(burpTrackingParameterLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(burpTrackingParameterLayout.createSequentialGroup() .addComponent(TrackMode, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(39, 39, 39) .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 23, javax.swing.GroupLayout.PREFERRED_SIZE)) @@ -801,10 +816,17 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) ); - jCheckBox2.setText("WaitTimer(sec)"); - jCheckBox2.addActionListener(new java.awt.event.ActionListener() { + // burpTrackingParameter is no need for ZAP. + burpTrackingParameter = new JPanel(); + JLabel burpTrackingParameterPanelDisabledLabel = new JLabel(); + burpTrackingParameterPanelDisabledLabel.putClientProperty("html.disable", Boolean.FALSE); + burpTrackingParameterPanelDisabledLabel.setText(bundle.getString("MacroBuilderUI.burpTrackingParameterPanelDisabledLabel.text")); + burpTrackingParameter.add(burpTrackingParameterPanelDisabledLabel); + + WaitTimerCheckBox.setText("WaitTimer(sec)"); + WaitTimerCheckBox.addActionListener(new java.awt.event.ActionListener() { public void actionPerformed(java.awt.event.ActionEvent evt) { - jCheckBox2ActionPerformed(evt); + WaitTimerCheckBoxActionPerformed(evt); } }); @@ -817,7 +839,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { } }); - jLabel1.setText("Other Options(Usually, you do not need chage options below.)"); + OtherOptionsLabelTitle.setText("Other Options(Usually, you do not need chage options below.)"); jPanel7.setBorder(javax.swing.BorderFactory.createTitledBorder("Pass response of subsequent request back as the result of scan/resend request")); @@ -941,16 +963,13 @@ public void valueChanged(javax.swing.event.ListSelectionEvent evt) { .addGroup(jPanel4Layout.createSequentialGroup() .addContainerGap() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel4Layout.createSequentialGroup() - .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, 826, javax.swing.GroupLayout.PREFERRED_SIZE) - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel4Layout.createSequentialGroup() - .addComponent(descriptionVacantArea, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addContainerGap()) + .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING, false) + .addComponent(generalHelpBtn, javax.swing.GroupLayout.Alignment.TRAILING,javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))) .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel4Layout.createSequentialGroup() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel4Layout.createSequentialGroup() - .addComponent(jLabel2, javax.swing.GroupLayout.PREFERRED_SIZE, 402, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(macroRequestListLabelTitle, javax.swing.GroupLayout.PREFERRED_SIZE, 402, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(0, 0, Short.MAX_VALUE)) .addComponent(MacroRequestListTabs)) .addGap(18, 18, 18) @@ -964,10 +983,16 @@ public void valueChanged(javax.swing.event.ListSelectionEvent evt) { .addComponent(UpSelected, javax.swing.GroupLayout.PREFERRED_SIZE, GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(DownSelected, javax.swing.GroupLayout.PREFERRED_SIZE, GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) .addContainerGap()) + .addGroup(jPanel4Layout.createSequentialGroup() + .addComponent(OtherOptionsLabelTitle, javax.swing.GroupLayout.PREFERRED_SIZE, 826, javax.swing.GroupLayout.PREFERRED_SIZE) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel4Layout.createSequentialGroup() + .addComponent(descriptionVacantArea, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addContainerGap()) .addGroup(jPanel4Layout.createSequentialGroup() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel4Layout.createSequentialGroup() - .addComponent(jCheckBox2, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(WaitTimerCheckBox, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addGap(18, 18, 18) .addComponent(waitsec, javax.swing.GroupLayout.PREFERRED_SIZE, 68, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(150, 150, 150)) @@ -975,21 +1000,25 @@ public void valueChanged(javax.swing.event.ListSelectionEvent evt) { .addComponent(MBfromStepNo, javax.swing.GroupLayout.PREFERRED_SIZE, GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(26, 26, 26))) .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) + .addComponent(MBtoStepNo, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(MBmonitorofprocessing, javax.swing.GroupLayout.PREFERRED_SIZE, 405, javax.swing.GroupLayout.PREFERRED_SIZE))) .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel4Layout.createSequentialGroup() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) .addComponent(jPanel7, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(jSeparator1, javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jPanel6, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(burpTrackingParameter, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(jPanel5, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addGap(26, 26, 26)))) ); jPanel4Layout.setVerticalGroup( jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel4Layout.createSequentialGroup() - .addGap(23, 23, 23) - .addComponent(jLabel2) + .addGroup(jPanel4Layout.createParallelGroup(GroupLayout.Alignment.LEADING, false) + .addComponent(generalHelpBtn, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addGap(23, 23, 23)) + .addComponent(macroRequestListLabelTitle) .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel4Layout.createSequentialGroup() .addGap(42, 42, 42) @@ -1016,16 +1045,16 @@ public void valueChanged(javax.swing.event.ListSelectionEvent evt) { .addGap(18, 18, 18) .addComponent(jPanel5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) - .addComponent(jPanel6, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(burpTrackingParameter, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) .addComponent(jSeparator1, javax.swing.GroupLayout.PREFERRED_SIZE, 10, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) .addComponent(jPanel7, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(73, 73, 73) - .addComponent(jLabel1) + .addComponent(OtherOptionsLabelTitle) .addGap(18, 18, 18) .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jCheckBox2) + .addComponent(WaitTimerCheckBox) .addComponent(MBmonitorofprocessing) .addComponent(waitsec, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) .addGap(43, 43, 43) @@ -1195,11 +1224,11 @@ private void CBinheritFromCacheActionPerformed(java.awt.event.ActionEvent evt) { pmtProvider.setCBInheritFromCache(CBinheritFromCache.isSelected()); }//GEN-LAST:event_CBinheritFromCacheActionPerformed - private void jCheckBox2ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jCheckBox2ActionPerformed + private void WaitTimerCheckBoxActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jCheckBox2ActionPerformed // TODO add your handling code here: ParmGenMacroTrace pmt = getSelectedParmGenMacroTrace(); if (pmt != null) { - if(jCheckBox2.isSelected()){ + if(WaitTimerCheckBox.isSelected()){ pmtProvider.setWaitTimer(waitsec.getText()); }else{ pmtProvider.setWaitTimer("0"); @@ -1798,17 +1827,7 @@ private void TrackModeActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIR }//GEN-LAST:event_TrackModeActionPerformed private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed - try { - // TODO add your handling code here: - java.awt.Desktop.getDesktop().browse(new URI(bundle.getString("MacroBuilderUI.baselinemode.text"))); - } catch (IOException ex) { - Logger.getLogger(MacroBuilderUI.class.getName()).log(Level.SEVERE, null, ex); - } catch (URISyntaxException ex) { - Logger.getLogger(MacroBuilderUI.class.getName()).log(Level.SEVERE, null, ex); - } - - - + }//GEN-LAST:event_jButton1ActionPerformed private void messageViewStateChanged(javax.swing.event.ChangeEvent evt) {//GEN-FIRST:event_messageViewStateChanged @@ -2705,9 +2724,10 @@ public void clearMessageResponse() { private javax.swing.JMenuItem enableRequest; private javax.swing.JButton jButton1; private javax.swing.JCheckBox jCheckBox1; - private javax.swing.JCheckBox jCheckBox2; - private javax.swing.JLabel jLabel1; - private javax.swing.JLabel jLabel2; + private javax.swing.JCheckBox WaitTimerCheckBox; + private javax.swing.JLabel OtherOptionsLabelTitle; + private javax.swing.JLabel macroRequestListLabelTitle; + private javax.swing.JButton generalHelpBtn; private javax.swing.JLabel jLabel3; private javax.swing.JLabel jLabel4; private javax.swing.JPanel requestView; @@ -2715,7 +2735,7 @@ public void clearMessageResponse() { private javax.swing.JPanel trackingView; private javax.swing.JPanel jPanel4; private javax.swing.JPanel jPanel5; - private javax.swing.JPanel jPanel6; + private javax.swing.JPanel burpTrackingParameter; private javax.swing.JPanel jPanel7; private javax.swing.JScrollPane jScrollPane1; private javax.swing.JScrollPane jScrollPane2; diff --git a/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/zap/ExtensionAutoMacroBuilder.java b/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/zap/ExtensionAutoMacroBuilder.java index 130c1f5..b3383e0 100644 --- a/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/zap/ExtensionAutoMacroBuilder.java +++ b/addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/zap/ExtensionAutoMacroBuilder.java @@ -72,8 +72,7 @@ public class ExtensionAutoMacroBuilder extends ExtensionAdaptor { DisplayUtils.getScaledIcon( new ImageIcon(MyWorkPanel.class.getResource(ZAP_ICONS + "/A.png"))); - // private static final ImageIcon ICON = - // new ImageIcon(ExtensionAutoMacroBuilder.class.getResource(RESOURCES + "/cake.png")); + // private static final String EXAMPLE_FILE = "example/ExampleFile.txt"; diff --git a/addOns/automacrobuilder/src/main/javahelp/help/contents/help.html b/addOns/automacrobuilder/src/main/javahelp/help/contents/help.html index d82f03f..cc5b44f 100644 --- a/addOns/automacrobuilder/src/main/javahelp/help/contents/help.html +++ b/addOns/automacrobuilder/src/main/javahelp/help/contents/help.html @@ -13,8 +13,11 @@

About

Descriptions

+
    + The below links go to the page under https://github.com/gdgd009xcd/AutoMacroBuilderForZAP/wiki/

  • OverView
  • Basic Usage +
diff --git a/addOns/automacrobuilder/src/main/javahelp/help/index.xml b/addOns/automacrobuilder/src/main/javahelp/help/index.xml index 0b14a38..0b1a47c 100644 --- a/addOns/automacrobuilder/src/main/javahelp/help/index.xml +++ b/addOns/automacrobuilder/src/main/javahelp/help/index.xml @@ -5,5 +5,5 @@ - + diff --git a/addOns/automacrobuilder/src/main/javahelp/help/map.jhm b/addOns/automacrobuilder/src/main/javahelp/help/map.jhm index 769c97a..49afeb2 100644 --- a/addOns/automacrobuilder/src/main/javahelp/help/map.jhm +++ b/addOns/automacrobuilder/src/main/javahelp/help/map.jhm @@ -4,5 +4,5 @@ "http://java.sun.com/products/javahelp/map_1_0.dtd"> - + diff --git a/addOns/automacrobuilder/src/main/javahelp/help/toc.xml b/addOns/automacrobuilder/src/main/javahelp/help/toc.xml index a5b0435..42708d9 100644 --- a/addOns/automacrobuilder/src/main/javahelp/help/toc.xml +++ b/addOns/automacrobuilder/src/main/javahelp/help/toc.xml @@ -6,7 +6,7 @@ - + diff --git a/addOns/automacrobuilder/src/main/resources/burp/Bundle.properties b/addOns/automacrobuilder/src/main/resources/burp/Bundle.properties index 5c3b9fe..5edb89d 100644 --- a/addOns/automacrobuilder/src/main/resources/burp/Bundle.properties +++ b/addOns/automacrobuilder/src/main/resources/burp/Bundle.properties @@ -28,7 +28,7 @@ MacroBuilderUI.MBtoStepNo.text=Track Parameter Set To Specific Request MacroBuilderUI.SAVE.text=Save MacroBuilderUI.LOAD.text=Load MacroBuilderUI.FINAL\ RESPONSE.text=Final Response -MacroBuilderUI.MacroRequestListLabel2.text=Macro Requst List +MacroBuilderUI.MacroRequestListLabelTitle.text=Macro Requst List MacroBuilderUI.TakeOverCacheCheckBox.text=At the start to execute, use Cookies/Tracking Params from cache MacroBuilderUI.TakeOverInfoLabel.text=§ If the Session Cookie/Tracking Param(e.g. CSRF token) value has expired
\n   due to a timeout or other reason and the request results in an error,
\n   try clearing this check box. MacroBuilderUI.ClearMacroBtn.text=Clear @@ -47,13 +47,13 @@ MacroBuilderUI.INTRUDER.text=Intruder MacroBuilderUI.SCANNER.text=Scanner MacroBuilderUI.REPEATER.text=Repeater MacroBuilderUI.MBmonitorofprocessing.text=Monitor when Processing Burp Tools. -MacroBuilderUI.baselinemode.text=https://github.com/gdgd009xcd/AutoMacroBuilder/wiki/1.4.baseline-replace-mode MacroBuilderUI.TrackingParamterConfig.text=· baseline(experimental):
 you can test(tamper) tracking tokens with scanner/intruder which has baseline request.

\n· replace(default):
 Tracking tokens is completely replaced with extracted value from previous page's response.\n

* For Details , refer [?] button in the "baseline/replace mode" section. MacroBuilderUI.TakeOverCache.text=Initialize Cookie / Tracking Parameter value from cache at start MacroBuilderUI.TrackingParamBorder.text=Tracking Parameter(e.g. CSRF token) MacroBuilderUI.restore.text=Restore MacroBuilderUI.update.text=Update -MacroBuilderUI.describeMessageView=this area's component(messageView) was moved to "The information window"
which attached such as history tab.
You can display from menu:View->Show Tab->messageView Tab
or select popup menu "messageView" in above MacroRequestList area. +MacroBuilderUI.describeMessageView.text=this area's component(messageView) was moved to "The information window"
which attached such as history tab.
You can display from menu:View->Show Tab->messageView Tab
or select popup menu "messageView" in above MacroRequestList area. +MacroBuilderUI.burpTrackingParameterPanelDisabledLabel.text=This area's component(Tracking Parameter) is disabled because this addon doesn't require it. ParmGenAddParms.DialogTitle.text=Select Request parameter ParmGenAddParms.HowToRestoreTargetPathRegexInfoTitleLabel1.text=Target Path(Regex)\uFF1A\u3000To restore the default, select with the pull down below ParmGenAddParms.CancelBtn.text=Cancel diff --git a/addOns/automacrobuilder/src/main/resources/burp/Bundle_ja_JP.properties b/addOns/automacrobuilder/src/main/resources/burp/Bundle_ja_JP.properties index c99da56..84a505a 100644 --- a/addOns/automacrobuilder/src/main/resources/burp/Bundle_ja_JP.properties +++ b/addOns/automacrobuilder/src/main/resources/burp/Bundle_ja_JP.properties @@ -28,7 +28,7 @@ MacroBuilderUI.MBtoStepNo.text=\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF\u5024\ MacroBuilderUI.SAVE.text=Save MacroBuilderUI.LOAD.text=Load MacroBuilderUI.FINAL\ RESPONSE.text=final response -MacroBuilderUI.MacroRequestListLabel2.text=\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7 +MacroBuilderUI.MacroRequestListLabelTitle.text=\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7 MacroBuilderUI.TakeOverCacheCheckBox.text=\u30DE\u30AF\u30ED\u5B9F\u884C\u958B\u59CB\u6642\u3001\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF/Cookie\u5024\u3092\u30AD\u30E3\u30C3\u30B7\u30E5\u304B\u3089\u5F15\u304D\u7D99\u304E\u307E\u3059\u3002 MacroBuilderUI.TakeOverInfoLabel.text=\u203B\u30BF\u30A4\u30E0\u30A2\u30A6\u30C8\u3057\u7121\u52B9\u3068\u306A\u3063\u305F\u30BB\u30C3\u30B7\u30E7\u30F3Cookie\u5024\u306A\u3069\u3092\u30AD\u30E3\u30C3\u30B7\u30E5\u304B\u3089\u5F15\u304D\u7D99\u3044\u3067\u3057\u307E\u3044\u3001
 \u30EA\u30AF\u30A8\u30B9\u30C8\u304C\u30A8\u30E9\u30FC\u3068\u306A\u308B\u5834\u5408\u306F\u30C1\u30A7\u30C3\u30AF\u3092\u306F\u305A\u3057\u3066\u307F\u3066\u304F\u3060\u3055\u3044\u3002 MacroBuilderUI.ClearMacroBtn.text=\u30AF\u30EA\u30A2 @@ -44,14 +44,13 @@ MacroBuilderUI.INTRUDER.text=Intruder MacroBuilderUI.SCANNER.text=Scanner MacroBuilderUI.REPEATER.text=Repeater MacroBuilderUI.MBmonitorofprocessing.text=\u5B9F\u884C\u4E2D\u306E\u30EA\u30AF\u30A8\u30B9\u30C8\u30EC\u30B9\u30DD\u30F3\u30B9\u8868\u793A\uFF08\u51E6\u7406\u304C\u9045\u304F\u306A\u308B\uFF09 -MacroBuilderUI.baselinemode.text=https://github.com/gdgd009xcd/AutoMacroBuilder/wiki/2.4.baseline-replace%E3%83%A2%E3%83%BC%E3%83%89 MacroBuilderUI.TakeOverCache.text=\u958B\u59CB\u6642\u306B\u30AD\u30E3\u30C3\u30B7\u30E5\u304B\u3089Cookie/\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF(e.g. CSRF token)\u5024\u3092\u5F15\u304D\u7D99\u3050 MacroBuilderUI.TrackingParamBorder.text=\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF(e.g. CSRF token) MacroBuilderUI.restore.text=\u5143\u306B\u623B\u3059 MacroBuilderUI.update.text=\u66F4\u65B0 MacroBuilderUI.ParamTrackingBtn.text=\u8FFD\u8DE1 MacroBuilderUI.messageViewToAddTrackingTabToolTop.text=\u30D1\u30E9\u30E1\u30FC\u30BF\u8FFD\u8DE1\u306E\u7D50\u679C\u3092\u8868\u793A -MacroBuilderUI.describeMessageView=\u3053\u3053\u306B\u8868\u793A\u3057\u3066\u3044\u305F\u30B3\u30F3\u30DD\u30FC\u30CD\u30F3\u30C8\uFF08messageView\uFF09\u306F\u3001
\u5C65\u6B74\u30BF\u30D6\u304C\u8868\u793A\u3055\u308C\u308B\u30A8\u30EA\u30A2\u306B\u79FB\u52D5\u3057\u307E\u3057\u305F\u3002
\u30E1\u30CB\u30E5\u30FC\u304B\u3089\u8868\u793A->\u8868\u793A\u30BF\u30D6->messageView \u30BF\u30D6
\u307E\u305F\u306F\u4E0A\u90E8\u306E\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7\u3067\u30DD\u30C3\u30D7\u30A2\u30C3\u30D7\u30E1\u30CB\u30E5\u30FC\u304B\u3089messageView\u3092\u9078\u629E +MacroBuilderUI.describeMessageView.text=\u3053\u3053\u306B\u8868\u793A\u3057\u3066\u3044\u305F\u30B3\u30F3\u30DD\u30FC\u30CD\u30F3\u30C8\uFF08messageView\uFF09\u306F\u3001
\u5C65\u6B74\u30BF\u30D6\u304C\u8868\u793A\u3055\u308C\u308B\u30A8\u30EA\u30A2\u306B\u79FB\u52D5\u3057\u307E\u3057\u305F\u3002
\u30E1\u30CB\u30E5\u30FC\u304B\u3089\u8868\u793A->\u8868\u793A\u30BF\u30D6->messageView \u30BF\u30D6
\u307E\u305F\u306F\u4E0A\u90E8\u306E\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7\u3067\u30DD\u30C3\u30D7\u30A2\u30C3\u30D7\u30E1\u30CB\u30E5\u30FC\u304B\u3089messageView\u3092\u9078\u629E MacroBuilderUI.showMessageView.text=\u30E1\u30C3\u30BB\u30FC\u30B8\u8868\u793A ParmGenAddParms.DialogTitle.text=parameter\u9078\u629E\u753B\u9762 ParmGenAddParms.HowToRestoreTargetPathRegexInfoTitleLabel1.text=\u7F6E\u63DB\u5BFE\u8C61\u30D1\u30B9(Regex)\uFF1A\u3000\u65E2\u8A2D\u5B9A\u5024\u306B\u623B\u3059\u5834\u5408\u306F\u3001\u4E0B\u8A18\u306E\u30D7\u30EB\u30C0\u30A6\u30F3\u3067\u9078\u629E diff --git a/addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/cake.png b/addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/cake.png deleted file mode 100644 index c3bb699835ee1ef2d07315b8216f8e1fd4cc5191..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 755 zcmVXjcp~8X$#SmBQ4Csahe*s~k7*|Gg#X=L;;?A&QOMC<)F~qbrDe@4iJUi9t zw56TSv~#>O4FF)y)5#8dXbCukAP3sE`40N>-iQBWYkNCOQ$1)_^LHG%K zXzD4l!!*k(m57Q(dehNCEB*Zx>FJ@l=4L7+5=5F-Rz6RQEBS4&f`qSAOz;c zg|RWz^!DN)orc5VKy4rZIGs>A(BXDN&19HVFyJI#Cy-1+D<2PlRGYD0bdAR0p< ztJtzQM2*Ez)O84aol;dM<#oYXRTD&W&jV!Q^B^We;$6+`e#9?h!v-~8yltm_XfE;c zm|-B1Ofr@_K(!p1fgFAgXLS%QSMH(YY=yAtrr~uQs~9 z9*5WM_qp6Al&vtdbPWFb%cu+91c@$WcX#cZXPG6Q(f#4!sn3e?NxXiEg>}6!7hhl1 zILK>(eC}$W+e1*cqsV8L;i>IHmbcBmx|VrlWa|Cq=DV+^8M6S^|H*PKR0i?R`MZ&p zWxJI}&D`_j5O5e3K@EW$J|ma=$IN92Pw$8)4bxe!yYnweur}*J^r+b$rvFUi9@k?& l&JM0RzV;k7Tk%_f0RUHGjwiLB%3=Tj002ovPDHLkV1h1gTiO5s diff --git a/addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/icon/Q.png b/addOns/automacrobuilder/src/main/resources/org/zaproxy/zap/extension/automacrobuilder/zap/resources/icon/Q.png new file mode 100644 index 0000000000000000000000000000000000000000..c859bfd6cddd8947bcebff076b67f26c3d618dad GIT binary patch literal 788 zcmV+v1MB>WP)5r0004nX+uL$Nkc;* zaB^>EX>4Tx04R}tkv&MmP!xqvTcskc4t5X`%ut;yh>CR7DionYs1;guFnQ@8G-*gu zTpR`0f`dPcRRb`7 zkz)Z>sE`~#_#gb9ty!3wbdy2}p!>zPKSqJzF3_yo_V=-EH&1}TGjOG~{nZ8#|0KQM z)}lv1|2A-O-PYti;Bp5Te9|RDa-;w)f1v=ppV2qvfPq_}cg>w!>l~*KK!#?Ox&aOj zfw3ZGuY0_^r*m%q_O#~r1CwBKw7irH<^TWy24YJ`L;wH)0002_L%V+f000SaNLh0L z01FcU01FcV0GgZ_00007bV*G`2j~F}4;KXRd&Q6d000?uMObu0Z*6U5Zgc=ca%Ew3 zWn>_CX>@2HM@dakSAh-}0002%NklZGSQGJ|=|B&|KZg?K8Uuqf0}Ho0T&Y3$ zN(Kgo4m1}qGB7YPvmu=N|3A*KVPWSZ?1le-Q4P>+Qen^yS^&|+%u3h*Mix{lZh2k? zPJUU0bBPH=v&6j&#`6pq%o6wFRD&}q|Nr+NB@j&<3@M97T!0B*!a+`nxBvi?B2QhV SujDHL0000|gW!U_%O?XxI14-? ziy0WWg+Z8+Vb&Z8pdfpRr>`sfGd5u!bMEu6?wbLHWHUn|N}Tg^b5rw5fLsO!=c3fa zlGGH1^30M91$R&1fE2w{cA)qqPZ!4!i_>SPY~*WD;Bi_1;*py2|Nn)X4nA8_dPza- z2+LGImRXN0+`Z16SrNcBb=7%Up);xdh9~!4y6nWb^zX*FyE8=2SOwimF8sXKd*a1= z8l5eENe8nwguXg9q21^DG-Ize2eCr8kWY&KHY^jB+!bpWB80x%HR&$>QJ1x!`(k=> oOM-*Ji!T=r*mNEDknZuyX3ns&GI#3z+5&R6r>mdKI;Vst00H}Lg#Z8m