bugfix MatchAlert

nbproject/project.properties

@@ -76,7 +76,7 @@ jnlp.signed=false
 jnlp.signing=
 jnlp.signing.alias=
 jnlp.signing.keystore=
-main.class=burp.BurpExtender
+main.class=burp.StartBurp
 # \u7f72\u540d\u4ed8\u304dRIA\u304c\u898b\u3064\u304b\u308b\u3068\u4e88\u671f\u3055\u308c\u308b\u5834\u6240\u3092\u8b58\u5225\u3059\u308b\u30c7\u30d5\u30a9\u30eb\u30c8\u306eApplication-Library-Allowable-Codebase\u5c5e\u6027\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u30aa\u30fc\u30d0\u30fc\u30e9\u30a4\u30c9\u3002
 manifest.custom.application.library.allowable.codebase=
 # JavaScript\u30b3\u30fc\u30c9\u304c\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30d7\u30ed\u30f3\u30d7\u30c8\u306a\u3057\u3067RIA\u3092\u547c\u3073\u51fa\u305b\u308b\u30c9\u30e1\u30a4\u30f3\u3092\u8b58\u5225\u3059\u308b\u30c7\u30d5\u30a9\u30eb\u30c8\u306eCaller-Allowable-Codebase\u5c5e\u6027\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u30aa\u30fc\u30d0\u30fc\u30e9\u30a4\u30c9\u3002

release.xml

@@ -2,7 +2,7 @@
 <project name="YaguraExtender" default="release" basedir="." xmlns:asciidoctor="antlib:org.asciidoctor.ant">
 
     <!-- Load our properties -->
-    <property file="src/yagura/release.properties"/>
+    <property file="src/burp/release.properties"/>
     <property name="dist.dir" value="."/>
     <property name="dist.zip" value="YaguraExtender.${version}.zip"/>
     <property name="help.zip" value="YaguraExtender.${version}-help.zip"/>
@@ -33,6 +33,8 @@
             <exclude name="**/.svn"/>
             <exclude name="**/.git"/>
             <exclude name="*.zip"/>
+            <exclude name="*.md5"/>
+            <exclude name="*.sha1"/>
             <exclude name="*.log"/>
             <exclude name="*.log.lck"/>
             <exclude name="burp.extender.xml"/>

src/burp/BurpExtender.java

@@ -47,6 +47,10 @@
 import yagura.model.JSearchProperty;
 import yagura.model.JTransCoderProperty;
 import yagura.model.MatchReplaceGroup;
+import yagura.model.StartEndPosion;
+import yagura.signature.MarkIssue;
+import yagura.signature.MatchAlert;
+import yagura.signature.MatchAlertIssue;
 
 /**
  * @author isayan
@@ -61,8 +65,8 @@ public BurpExtender() {
      * @param args the command line arguments
      */
     public static void main(String args[]) {
-//        JOptionPane.showMessageDialog(null, "This starting method is not supported.", "Burp Extension", JOptionPane.INFORMATION_MESSAGE);
-    //        burp.StartBurp.main(args);
+    //  JOptionPane.showMessageDialog(null, "This starting method is not supported.", "Burp Extension", JOptionPane.INFORMATION_MESSAGE);
+    //  burp.StartBurp.main(args);
     }
 
     /**
@@ -97,13 +101,11 @@ public static BurpExtender getInstance() {
     private final TabbetOption tabbetOption = new TabbetOption();
     private final HtmlCommetViewTab commentViewTab = new HtmlCommetViewTab();
     private final GeneratePoCTab generatePoCTab = new GeneratePoCTab();
-    private BurpWrap.Version burp_version = null;
 
     @Override
     public void registerExtenderCallbacks(IBurpExtenderCallbacks cb) {
         super.registerExtenderCallbacks(cb);
-        this.burp_version = new BurpWrap.Version(cb);
-        if (this.burp_version.isExtendSupport()) {
+        if (this.getBurpVersion().isExtendSupport()) {
             // 設定ファイル読み込み
             try {
                 String configXML = getCallbacks().loadExtensionSetting("configXML");
@@ -374,7 +376,7 @@ private boolean autoresponderProxyMessage(
                 StringBuffer sb = new StringBuffer();
                 if (m.find()) {
                     m.appendReplacement(sb, m.group(0));
-                    sb.append("\r\nX-AutoResponder: " + url);
+                    sb.append("\r\nX-AutoResponder: ").append(url);
                 }
                 m.appendTail(sb);
                 request = sb.toString();
@@ -387,35 +389,6 @@ private boolean autoresponderProxyMessage(
             Logger.getLogger(BurpExtender.class.getName()).log(Level.SEVERE, null, ex);
         }
         return apply;
-
-//                // Fullパスに変換
-//                String request = Util.decodeMessage(messageInfo.getRequest());
-//                Matcher m = REQUEST_URI.matcher(request);
-//                StringBuffer sb = new StringBuffer();
-//               while (m.find()) {
-//                    sb.append(m.group(1));
-//                    sb.append("/?");
-//                    m.appendReplacement(sb, Matcher.quoteReplacement(url));
-//                    sb.append(m.group(3));
-//                }
-//                m.appendTail(sb);
-//                request = sb.toString();
-//                try {
-//                    if (bean.getBodyOnly()) {
-//                        HttpMessage message = HttpMessage.parseHttpMessage(responseByte);
-//                        byte bodyBytes[] = Util.bytesFromFile(new File(bean.getReplace()));
-//                        message.setBody(Util.getRawStr(bodyBytes));
-//                        message.updateContentLength(true);
-//                        responseByte = message.getMessageBytes();
-//                    }
-//                    else {
-//                        responseByte = Util.bytesFromFile(new File(bean.getReplace()));
-//                    }
-//                    break;
-//                } catch (IOException ex) {
-//                    Logger.getLogger(BurpExtender.class.getName()).log(Level.SEVERE, null, ex);
-//                }
-//        }        
     }    
 
     /**
@@ -501,39 +474,53 @@ private void matchAlertMessage(String toolName, boolean messageIsRequest, IHttpR
                 if (!bean.getTargetTools().contains(tools)) {
                     continue;
                 }
-//                Pattern p = bean.compileRegex(!bean.isRegexp());
                 Pattern p = bean.getRegexPattern();
                 String decodeMessage = "";
                 if (bean.isRequest() && messageIsRequest) {
                     decodeMessage = Util.decodeMessage(messageInfo.getRequest());
                 } else if (bean.isResponse() && !messageIsRequest) {
                     decodeMessage = Util.decodeMessage(messageInfo.getResponse());
                 }
+                List<MarkIssue> markList = new ArrayList<>();
                 Matcher m = p.matcher(decodeMessage);
                 int count = 0;
                 while (m.find()) {
+                    markList.add(new MarkIssue(messageIsRequest, m.start(), m.end()));
                     count++;
                 }
                 if (count > 0) {
                     if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.ALERTS_TAB)) {
                         issueAlert(toolName, String.format("[%s]: %d matches:%s url:%s", toolName, count, bean.getMatch(), reqInfo.getUrl().toString()), TrayIcon.MessageType.WARNING);
                     }
-//                    if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.TRAY_MESSAGE)) {
+                    if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.TRAY_MESSAGE)) {
 //                        trayMenu.displayMessage(toolName, String.format("[%s]: %d matches:%s url:%s", toolName, count, bean.getMatch(), reqInfo.getUrl().toString()), TrayIcon.MessageType.WARNING);
-//                    }
+                    }
                     if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.ITEM_HIGHLIGHT)) {
                         BurpWrap.setHighlightColor(messageInfo, String.valueOf(bean.getHighlightColor()));
                     }
                     if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.COMMENT)) {
                         messageInfo.setComment(bean.getComment());
                     }
+                    if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.SCANNER_ISSUE)) {
+                        MatchAlert alert = new MatchAlert(this.getMatchAlertProperty());
+                        MatchAlertIssue issue = new MatchAlertIssue(bean, markList);
+                        List<IScanIssue> issues = alert.makeIssueList(messageIsRequest, messageInfo, issue, markList);
+                        for (IScanIssue scanissue : issues) {
+                            BurpExtender.getCallbacks().addScanIssue(scanissue);                        
+                        }                        
+                    }
                 }
             } catch (Exception ex) {
                 Logger.getLogger(BurpExtender.class.getName()).log(Level.SEVERE, null, ex);
             }
         }
     }
-
+
+//    private IScannerCheck professionalPassiveScanCheck() {
+//       MatchAlert scan = new MatchAlert(this.getMatchAlertProperty());
+//       return scan.passiveScanCheck();
+//    }
+
     /**
      * debugModeの取得
      */

src/yagura/release.properties → src/burp/release.properties

@@ -1,7 +1,7 @@
 # YaguraExtender build xml properties
 
 # version
-version=1.7.22.0
+version=1.7.23.0
 
 #lib
 asciidoctor-version=1.5.5

src/yagura/Config.java

@@ -4,6 +4,7 @@
  */
 package yagura;
 
+import burp.BurpExtenderImpl;
 import yagura.model.AutoResponderItem;
 import yagura.model.EncodingProperty;
 import yagura.model.LoggingProperty;
@@ -259,6 +260,16 @@ protected static void loadFromXml(IniProp prop, OptionProperty option) throws IO
                 String comment = prop.readEntry("matchalert", String.format("item[%d].comment", i), "");
                 item.setComment(comment);
             }
+
+            if (item.getNotifyTypes().contains(MatchItem.NotifyType.SCANNER_ISSUE)) {
+                String issueName = prop.readEntry("matchalert", String.format("item[%d].issueName", i), "");
+                item.setIssueName(issueName);
+                String severity = prop.readEntry("matchalert", String.format("item[%d].severity", i), "");
+                item.setServerity(BurpExtenderImpl.Severity.valueOf(severity));
+                String confidence = prop.readEntry("matchalert", String.format("item[%d].confidence", i), "");
+                item.setConfidence(BurpExtenderImpl.Confidence.valueOf(confidence));                
+            }
+
             alertItemList.add(item);
         }
         option.getMatchAlertProperty().setMatchAlertItemList(alertItemList);
@@ -269,8 +280,10 @@ protected static void loadFromXml(IniProp prop, OptionProperty option) throws IO
         jsearch.setIgnoreCase(prop.readEntryBool("jsearch", "ignorecase", false));
         jsearch.setAutoRecogniseEncoding(prop.readEntryBool("jsearch", "autoRecogniseEncoding", false));
 
-        jsearch.setRequest(prop.readEntryBool("jsearch", "request", true));
-        jsearch.setResponse(prop.readEntryBool("jsearch", "response", true));
+        jsearch.setRequestHeader(prop.readEntryBool("jsearch", "requestHeader", true));
+        jsearch.setRequestBody(prop.readEntryBool("jsearch", "requestBody", true));
+        jsearch.setResponseHeader(prop.readEntryBool("jsearch", "responseHeader", true));
+        jsearch.setResponseBody(prop.readEntryBool("jsearch", "responseBody", true));
         jsearch.setComment(prop.readEntryBool("jsearch", "comment", true));
 
         FilterProperty filter = new FilterProperty();
@@ -306,8 +319,7 @@ protected static void loadFromXml(IniProp prop, OptionProperty option) throws IO
 
         transcoder.setRawEncoding(prop.readEntryBool("transcoder", "rawEncoding", false));
         transcoder.setGuessEncoding(prop.readEntryBool("transcoder", "guessEncoding", false));
-
-
+
     }
 
     /**
@@ -430,8 +442,15 @@ protected static void saveToXML(IniProp prop, OptionProperty option) throws IOEx
                 prop.writeEntry("matchalert", String.format("item[%d].comment", i), item.getComment());
             }
 
+            if (item.getNotifyTypes().contains(MatchItem.NotifyType.SCANNER_ISSUE)) {
+                prop.writeEntry("matchalert", String.format("item[%d].issueName", i), item.getIssueName());
+                prop.writeEntry("matchalert", String.format("item[%d].severity", i), item.getServerity().name());
+                prop.writeEntry("matchalert", String.format("item[%d].confidence", i), item.getConfidence().name());                
+            }
+
             EnumSet<MatchItem.TargetTool> tools = item.getTargetTools();
             prop.writeEntry("matchalert", String.format("item[%d].target", i), Util.enumSetToString(tools));
+
         }        
 
         // JSearch Filter
@@ -440,8 +459,10 @@ protected static void saveToXML(IniProp prop, OptionProperty option) throws IOEx
         prop.writeEntryBool("jsearch", "ignorecase", jsearch.isIgnoreCase());
         prop.writeEntryBool("jsearch", "autoRecogniseEncoding", jsearch.isAutoRecogniseEncoding());
 
-        prop.writeEntryBool("jsearch", "request", jsearch.isRequest());
-        prop.writeEntryBool("jsearch", "response", jsearch.isResponse());
+        prop.writeEntryBool("jsearch", "requestHeader", jsearch.isRequestHeader());
+        prop.writeEntryBool("jsearch", "requestBody", jsearch.isRequestBody());
+        prop.writeEntryBool("jsearch", "responseHeader", jsearch.isResponseHeader());
+        prop.writeEntryBool("jsearch", "responseBody", jsearch.isResponseBody());
         prop.writeEntryBool("jsearch", "comment", jsearch.isComment());
 
         FilterProperty filter = jsearch.getFilterProperty();

src/yagura/Version.java

@@ -1,8 +1,6 @@
 package yagura;
 
-import yagura.Config;
 import extend.util.CustomVersion;
-import extend.util.Util;
 
 /*
  * To change this template, choose Tools | Templates and open the template in
@@ -14,7 +12,7 @@
  */
 public final class Version extends CustomVersion {
 
-    protected java.util.ResourceBundle bundle = java.util.ResourceBundle.getBundle("yagura/release");
+    protected java.util.ResourceBundle bundle = java.util.ResourceBundle.getBundle("burp/release");
 
     private Version() {
         String ver = bundle.getString("version");

src/yagura/external/CertUtil.java

@@ -11,18 +11,14 @@
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
-import java.security.GeneralSecurityException;
 import java.security.Key;
-import java.security.KeyFactory;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
-import java.security.spec.PKCS8EncodedKeySpec;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.regex.Pattern;
@@ -121,5 +117,18 @@ public static HashMap<String, CertificateInKey> loadFromJKS(File storeFile, Stri
         }
         return null;
     }
+
+    public static String getFirstAlias(KeyStore ks) throws KeyStoreException {
+        String alias = null;
+        // 最初にみつかったalias
+        if (alias == null) {
+            Enumeration<String> e = ks.aliases();
+            while (e.hasMoreElements()) {
+                alias = e.nextElement();
+                break;
+            }
+        }
+        return alias;
+    }
 
 }

src/yagura/model/EncodingProperty.java

@@ -15,7 +15,7 @@
  */
 public class EncodingProperty {
 
-    private static final String[] listDefault = {
+    private static final String[] ENCODING_DEFAULT_LIST = {
         "Shift_JIS",
         "EUC-JP",
         "UTF-8",
@@ -24,7 +24,7 @@ public class EncodingProperty {
     // Encoding tab
     public static List<String> getDefaultEncodingList() {
         List<String> list = new ArrayList<String>();
-        list.addAll(Arrays.asList(listDefault));
+        list.addAll(Arrays.asList(ENCODING_DEFAULT_LIST));
         return Collections.unmodifiableList(list);
     }
     private final List<String> encodingList = new ArrayList(getDefaultEncodingList());