Skip to content

Commit

Permalink
bugfix ViewState
Browse files Browse the repository at this point in the history
  • Loading branch information
isayan committed Feb 28, 2021
1 parent c8b9bf4 commit 74c989a
Show file tree
Hide file tree
Showing 20 changed files with 266 additions and 577 deletions.
Binary file modified libs/BurpExtensionCommons-v0.4.2.0.jar
View file
Binary file not shown.
Empty file added nbproject/project.properties
View file
Empty file.
Binary file modified release/YaguraExtender-v2.2.jar
View file
Binary file not shown.
6 changes: 3 additions & 3 deletions src/main/java/aspx/viewstate/ViewState.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,13 +99,13 @@ public boolean isMacEnabled() {
public Algorithm getMacAlgorithm() {
Algorithm algorithm = Algorithm.HMAC_UNKNOWN;
switch (digest.length) {
case 0x20:
case 20:
algorithm = Algorithm.HMAC_SHA256;
break;
case 0x30:
case 30:
algorithm = Algorithm.HMAC_SHA384;
break;
case 0x40:
case 40:
algorithm = Algorithm.HMAC_SHA512;
break;
}
Expand Down
92 changes: 46 additions & 46 deletions src/main/java/extend/util/external/TransUtil.java
View file

Large diffs are not rendered by default.

3 changes: 2 additions & 1 deletion src/main/java/yagura/model/HttpMessageItem.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import extension.burp.HttpService;
import extension.helpers.HttpMessage;
import extension.helpers.HttpResponse;
import extension.helpers.HttpUtil;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.logging.Level;
Expand Down Expand Up @@ -230,7 +231,7 @@ public String getGuessCharset() {
}

public boolean isSSL() {
return "https".equals(this.getProtocol());
return HttpUtil.isSSL(this.getProtocol());
}

public void dump() {
Expand Down
3 changes: 0 additions & 3 deletions src/main/java/yagura/model/MatchReplaceGroup.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,6 @@ public List<MatchReplaceItem> getReplaceList() {
return Collections.unmodifiableList(this.replaceList);
}

/**
* @return the replaceMap
*/
public void setReplaceList(List<MatchReplaceItem> replaceList) {
this.replaceList.clear();
this.replaceList.addAll(replaceList);
Expand Down
7 changes: 2 additions & 5 deletions src/main/java/yagura/model/Parameter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,6 @@
import burp.IParameter;
import extension.helpers.StringUtil;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.util.logging.Level;
import java.util.logging.Logger;

/**
*
Expand Down Expand Up @@ -90,7 +87,7 @@ public String getUniversalName() {
return null;
}
} else {
return StringUtil.getStringCharset(StringUtil.getBytesRaw(parameter.getName()), StandardCharsets.ISO_8859_1);
return StringUtil.getStringRaw(StringUtil.getBytesRaw(parameter.getName()));
}
}

Expand All @@ -102,7 +99,7 @@ public String getUniversalValue() {
return null;
}
} else {
return StringUtil.getStringCharset(StringUtil.getBytesRaw(parameter.getName()), StandardCharsets.ISO_8859_1);
return StringUtil.getStringRaw(StringUtil.getBytesRaw(parameter.getName()));
}
}

Expand Down
7 changes: 3 additions & 4 deletions src/main/java/yagura/model/QuickSearchEvent.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,12 @@
* @author isayan
*/
public class QuickSearchEvent extends EventObject {

private String keyword = "";
private boolean smartMatch = false;
private boolean regexp = false;
private boolean ignoreCase = false;
public boolean clearView = false;

public QuickSearchEvent(Object source, String keyword, boolean smartMatch, boolean regexp, boolean ignoreCase, boolean clearView) {
super(source);
this.keyword = keyword;
Expand All @@ -29,7 +28,7 @@ public QuickSearchEvent(Object source, String keyword, boolean smartMatch, boole
public String getKeyword() {
return this.keyword;
}

/**
* @return the smartMatch
*/
Expand All @@ -50,7 +49,7 @@ public boolean isRegexp() {
public boolean isIgnoreCase() {
return ignoreCase;
}

/**
* @return the clearView
*/
Expand Down
4 changes: 3 additions & 1 deletion src/main/java/yagura/model/ResultView.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,12 @@ public ResultView(IHttpRequestResponse item, int ordinal) {
public ObjectTableColumn getColumn() {
return new ObjectTableColumn() {

@Override
public String getColumnName(int column) {
return columns[column];
}

@Override
public int getColumnCount() {
return columns.length;
}
Expand Down Expand Up @@ -67,7 +69,7 @@ public Object getObject(int column) {
try {
HttpMessageItem msg = this;
switch (column) {
case 0: //
case 0: //
value = msg;
break;
case 1: // #
Expand Down
2 changes: 0 additions & 2 deletions src/main/java/yagura/model/SendToItem.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
Expand Down Expand Up @@ -260,7 +259,6 @@ public void setExtendPropertyString(String propString) {
}
}


/**
* @return the extend
*/
Expand Down
16 changes: 5 additions & 11 deletions src/main/java/yagura/model/SendToMenu.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,7 @@
import burp.IHttpService;
import burp.IMessageEditorController;
import burp.IScanIssue;
import extension.helpers.ConvertUtil;
import extension.helpers.HttpUtil;
import java.awt.Component;
import java.awt.TrayIcon;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
Expand All @@ -21,11 +19,7 @@
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.swing.FocusManager;
import javax.swing.JMenuItem;
import javax.swing.JTable;
import javax.swing.KeyStroke;
import javax.swing.table.TableModel;

/**
* burp new IF
Expand Down Expand Up @@ -76,7 +70,7 @@ public void renewMenu(SendToProperty property) {
for (String encoding : encodingList) {
javax.swing.JMenuItem mnuItemEncoding = new javax.swing.JMenuItem();
mnuItemEncoding.setText(encoding);
mnuItemEncoding.addActionListener(sendToItem);
mnuItemEncoding.addActionListener(sendToItem);
mnuItem.add(mnuItemEncoding);
}
if (property.isSubMenu()) {
Expand All @@ -102,7 +96,7 @@ public void renewMenu(SendToProperty property) {
if (sendToItem.isEnabled()) {
this.menuList.add(mnuItem);
}
}
}
}

} else {
Expand All @@ -125,9 +119,9 @@ public void warning(SendToEvent evt) {
public void error(SendToEvent evt) {
BurpExtender.issueAlert("SendToServer", evt.getMessage(), TrayIcon.MessageType.ERROR);
logger.log(Level.SEVERE, evt.getMessage()); }

});

sendToList.add(sendToItem);
mnuItem.addActionListener(sendToItem);
if (property.isSubMenu()) {
Expand Down Expand Up @@ -317,7 +311,7 @@ public boolean isExtendVisible() {

};
}

private IContextMenuInvocation getContextMenuInvocation(KeyEvent evt, IHttpRequestResponse[] messageInfo) {
return new IContextMenuInvocation() {
@Override
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/yagura/model/SendToMenuItem.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
*/
public abstract class SendToMenuItem
extends SendToItem implements java.awt.event.ActionListener {
private final static Logger logger = Logger.getLogger(SendToMenu.class.getName());
private final static Logger logger = Logger.getLogger(SendToMenuItem.class.getName());

protected IContextMenuInvocation contextMenu = null;

Expand Down Expand Up @@ -93,5 +93,5 @@ protected File tempMessageFile(IHttpRequestResponse messageInfo, int index) {
public abstract void menuItemClicked(String menuItemCaption, IHttpRequestResponse[] messageInfo);

public abstract boolean isEnabled();

}
50 changes: 26 additions & 24 deletions src/main/java/yagura/model/UniversalViewProperty.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import com.google.gson.annotations.Expose;
import extension.helpers.ConvertUtil;
import extension.helpers.StringUtil;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
Expand Down Expand Up @@ -61,24 +62,24 @@ public static List<String> getDefaultEncodingList(Locale lang) {
List<String> list = new ArrayList<>();
if (lang == null) {
for (String enc : ENCODING_DEFAULT_OTHER_LIST) {
if (charSets.get(enc) != null) list.add(enc);
if (charSets.get(enc) != null) list.add(enc);
}
}
else if (lang.equals(Locale.JAPANESE)) {
for (String enc : ENCODING_DEFAULT_JAPANESE_LIST) {
if (charSets.get(enc) != null) list.add(enc);
if (charSets.get(enc) != null) list.add(enc);
}
} else if (lang.equals(Locale.CHINESE)) {
for (String enc : ENCODING_DEFAULT_CHINESE_LIST) {
if (charSets.get(enc) != null) list.add(enc);
if (charSets.get(enc) != null) list.add(enc);
}
} else if (lang.equals(Locale.KOREAN)) {
for (String enc : ENCODING_DEFAULT_KOREAN_LIST) {
if (charSets.get(enc) != null) list.add(enc);
if (charSets.get(enc) != null) list.add(enc);
}
} else {
for (String enc : ENCODING_DEFAULT_OTHER_LIST) {
if (charSets.get(enc) != null) list.add(enc);
if (charSets.get(enc) != null) list.add(enc);
}
}
return Collections.unmodifiableList(list);
Expand All @@ -100,18 +101,18 @@ public boolean isLineWrap() {
public void setLineWrap(boolean lineWrap) {
this.lineWrap = lineWrap;
}

@Expose
private int dispayMaxLength = 10000000;

public int getDispayMaxLength() {
return this.dispayMaxLength;
}

public void setDispayMaxLength(int dispayMaxLength) {
this.dispayMaxLength = dispayMaxLength;
}

// non Expose
private boolean clipbordAutoDecode = true;

Expand All @@ -138,24 +139,25 @@ public List<String> getEncodingList() {
public enum UniversalView {
GENERATE_POC, HTML_COMMENT, JSON, JSONP, JWT, VIEW_STATE, JRAW, JPARAM;

public static UniversalView parseValue(String value) {
UniversalView eval = (UniversalView) ConvertUtil.parseEnumValue(UniversalView.class, value);
if (eval == null) {
return null;
} else {
return eval;
}
public static UniversalView parseEnum(String s) {
String value = s.toUpperCase();
return Enum.valueOf(UniversalView.class, value);
}

private static final Pattern ENUM_SPLIT = Pattern.compile("\\w+");

public static EnumSet<UniversalView> enumSetValueOf(String s) {
EnumSet<UniversalView> values = EnumSet.noneOf(UniversalView.class);
Matcher m = ENUM_SPLIT.matcher(s.toUpperCase());
while (m.find()) {
values.add((UniversalView) ConvertUtil.parseEnumValue(UniversalView.class, m.group()));
public static EnumSet<UniversalView> parseEnumSet(String s) {
EnumSet<UniversalView> universal = EnumSet.noneOf(UniversalView.class);
if (!s.startsWith("[") && s.endsWith("]")) {
throw new IllegalArgumentException("No enum constant " + UniversalView.class.getCanonicalName() + "." + s);
}
String content = s.substring(1, s.length() - 1).trim();
if (content.isEmpty()) {
return universal;
}
for (String t : content.split(",")) {
String v = t.trim();
universal.add(parseEnum(v.replaceAll("\"", "")));
}
return values;
return universal;
}

@Override
Expand All @@ -167,7 +169,7 @@ public String toString() {
};

@Expose
private EnumSet<UniversalView> mesageView = EnumSet.of(UniversalView.GENERATE_POC, UniversalView.HTML_COMMENT, UniversalView.JSON);
private EnumSet<UniversalView> mesageView = EnumSet.of(UniversalView.GENERATE_POC, UniversalView.HTML_COMMENT, UniversalView.JSON, UniversalView.JSONP);

public EnumSet<UniversalView> getMessageView() {
return mesageView;
Expand Down
12 changes: 6 additions & 6 deletions src/main/java/yagura/view/JSearchTab.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -479,7 +479,7 @@ public void keyPressed(KeyEvent ke) {
}
});

// #
// #
this.cmbColor.setMaximumRowCount(10);
this.cmbColor.setRenderer(this.colorComboBoxRenderer);
this.cmbColor.addItem(""); // nonselect
Expand All @@ -496,12 +496,12 @@ public void keyPressed(KeyEvent ke) {
TableColumn colorColumn = this.tableResult.getColumnModel().getColumn(1);
colorColumn.setCellEditor(new DefaultCellEditor(this.cmbColor));

// Data
// Data
this.tableResult.getColumnModel().getColumn(0).setMinWidth(0);
this.tableResult.getColumnModel().getColumn(0).setPreferredWidth(0);
this.tableResult.getColumnModel().getColumn(0).setMaxWidth(0);

// #
// #
this.tableResult.getColumnModel().getColumn(1).setMinWidth(20);
this.tableResult.getColumnModel().getColumn(1).setPreferredWidth(60);
this.tableResult.getColumnModel().getColumn(1).setMaxWidth(80);
Expand Down Expand Up @@ -697,7 +697,7 @@ private boolean isValidRegex(String text) {
Pattern p = TransUtil.compileRegex(text, searchProp.isSmartMatch(), searchProp.isRegexp(), searchProp.isIgnoreCase());

IHttpRequestResponse messageInfo[] = BurpExtender.getCallbacks().getProxyHistory();
try {
try {
this.lblProgress.setText(String.format(SEARCH_PROGRESS, 0.0));
for (int i = 0; i < messageInfo.length; i++) {
HttpMessageItem item = new HttpMessageItem(messageInfo[i], i);
Expand Down Expand Up @@ -869,6 +869,6 @@ public void setLineWrap(boolean lineWrap) {
this.tabMessageView.setRequestLineWrap(lineWrap);
this.tabMessageView.setResponseLineWrap(lineWrap);
}


}
Loading

0 comments on commit 74c989a

Please sign in to comment.