support ScanIssue

ReadMe.md

@@ -12,7 +12,7 @@ Burp Suiteは主にアジア圏のエンコーディング周りが弱いため
 
 ## 必須ライブラリ
 ビルドには別途 [BurpExtLib](https://github.com/raise-isayan/BurpExtLib) のライブラリを必要とします。
-* BurpExtlib v1.7.32
+* BurpExtlib v1.7.34
 
 ## 注意事項
 このツールは、私個人が勝手に開発したもので、PortSwigger社は一切関係ありません。本ツールを使用したことによる不具合等についてPortSwiggerに問い合わせないようお願いします。

src/burp/BurpExtender.java

@@ -47,7 +47,6 @@
 import yagura.model.JSearchProperty;
 import yagura.model.JTransCoderProperty;
 import yagura.model.MatchReplaceGroup;
-import yagura.model.StartEndPosion;
 import yagura.signature.MarkIssue;
 import yagura.signature.MatchAlert;
 import yagura.signature.MatchAlertIssue;
@@ -211,7 +210,7 @@ public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessa
 
     }
 
-    private synchronized String getCurrentLogTimestamp() {
+    public synchronized String getCurrentLogTimestamp() {
         SimpleDateFormat format = this.logProperty.getLogTimestampDateFormat();
         return format.format(new java.util.Date());
     }
@@ -502,7 +501,7 @@ private void matchAlertMessage(String toolName, boolean messageIsRequest, IHttpR
                         messageInfo.setComment(bean.getComment());
                     }
                     if (bean.getNotifyTypes().contains(MatchAlertItem.NotifyType.SCANNER_ISSUE)) {
-                        MatchAlert alert = new MatchAlert(this.getMatchAlertProperty());
+                        MatchAlert alert = new MatchAlert(toolName, this.getMatchAlertProperty());
                         MatchAlertIssue issue = new MatchAlertIssue(bean, markList);
                         List<IScanIssue> issues = alert.makeIssueList(messageIsRequest, messageInfo, issue, markList);
                         for (IScanIssue scanissue : issues) {

src/yagura/signature/MatchAlert.java

@@ -16,20 +16,30 @@
 import java.net.URL;
 import java.util.ArrayList;
 import java.util.List;
+import yagura.external.TransUtil;
 import yagura.model.MatchAlertItem;
 import yagura.model.MatchAlertProperty;
-import yagura.model.StartEndPosion;
 
 /**
  *
  * @author isayan
  */
 public class MatchAlert implements Signature<MatchAlertIssue> {
+
+    private final String toolName;
     private final MatchAlertProperty option;
 
-    public MatchAlert(final MatchAlertProperty option) {
+    public MatchAlert(final String toolName, final MatchAlertProperty option) {
+        this.toolName = toolName;
         this.option = option;
     }
+
+    /**
+     * @return the toolName
+     */
+    public String getToolName() {
+        return toolName;
+    }
 
     @Override
     public IScanIssue makeScanIssue(final IHttpRequestResponse messageInfo, final MatchAlertIssue issue) {
@@ -69,7 +79,8 @@ public String getConfidence() {
             @Override
             public String getIssueBackground() {
                 final String ISSUE_BACKGROUND = "\r\n"
-                        + "<h4>Reference:</h4>";
+                        + "<h4>Reference:</h4>" 
+                        + "<p>MatchAlert for YaguraExtender</p>";
                 return ISSUE_BACKGROUND;
             }
 
@@ -82,6 +93,8 @@ public String getRemediationBackground() {
             public String getIssueDetail() {
                 StringBuilder buff = new StringBuilder();
                 buff.append("<h4>Datail:</h4>");
+                buff.append(String.format("<p>toolName: %s</p>", TransUtil.toHtmlEncode(toolName)));
+                buff.append(String.format("<p>Scan Date: %s</p>", BurpExtender.getInstance().getCurrentLogTimestamp()));
                 return buff.toString();
             }
 

src/yagura/view/MatchAlertItemDlg.form

@@ -415,6 +415,9 @@
                       <Properties>
                         <Property name="text" type="java.lang.String" value="scanner issue"/>
                       </Properties>
+                      <Events>
+                        <EventHandler event="stateChanged" listener="javax.swing.event.ChangeListener" parameters="javax.swing.event.ChangeEvent" handler="chkScannerIssueStateChanged"/>
+                      </Events>
                     </Component>
                     <Component class="javax.swing.JComboBox" name="cmbSeverity">
                       <Properties>

src/yagura/view/MatchAlertItemDlg.java

@@ -4,13 +4,14 @@
  */
 package yagura.view;
 
+import burp.BurpExtender;
 import burp.BurpExtenderImpl;
 import extend.util.SwingUtil;
 import extend.view.base.CustomDialog;
 import yagura.model.MatchAlertItem;
 import extend.view.base.MatchItem;
-import extend.view.base.MatchItem.NotifyType;
 import java.awt.Component;
+import java.awt.event.ComponentEvent;
 import java.util.EnumSet;
 import javax.swing.*;
 
@@ -177,6 +178,11 @@ public void stateChanged(javax.swing.event.ChangeEvent evt) {
         chkAlerts_tab.setText("alerts tab");
 
         chkScannerIssue.setText("scanner issue");
+        chkScannerIssue.addChangeListener(new javax.swing.event.ChangeListener() {
+            public void stateChanged(javax.swing.event.ChangeEvent evt) {
+                chkScannerIssueStateChanged(evt);
+            }
+        });
 
         cmbSeverity.setModel(new javax.swing.DefaultComboBoxModel<>(new String[] { "HIGH", "MEDIUM", "LOW", "INFORMATION" }));
 
@@ -360,6 +366,12 @@ private void cmbAlertTypeActionPerformed(java.awt.event.ActionEvent evt) {//GEN-
 
     }//GEN-LAST:event_cmbAlertTypeActionPerformed
 
+    private void chkScannerIssueStateChanged(javax.swing.event.ChangeEvent evt) {//GEN-FIRST:event_chkScannerIssueStateChanged
+        this.txtIssueName.setEnabled(this.chkScannerIssue.isSelected());
+        this.cmbSeverity.setEnabled(this.chkScannerIssue.isSelected());
+        this.cmbConfidence.setEnabled(this.chkScannerIssue.isSelected());
+    }//GEN-LAST:event_chkScannerIssueStateChanged
+
     /**
      * @param args the command line arguments
      */
@@ -473,7 +485,18 @@ public Component getListCellRendererComponent(JList list, Object value, int inde
 
         this.txtComment.setEnabled(false);
 
-        SwingUtil.setContainerEnable(this.pnlScannerIssue, false);
+        this.txtIssueName.setEnabled(false);
+        this.cmbSeverity.setEnabled(false);
+        this.cmbConfidence.setEnabled(false);
+
+        // FreeVersion only
+        this.addComponentListener(new java.awt.event.ComponentAdapter() {
+            public void componentShown(ComponentEvent e) {
+                SwingUtil.setContainerEnable(pnlScannerIssue, BurpExtender.getInstance().getBurpVersion().isProfessional());
+            }
+        });
+
+//        SwingUtil.setContainerEnable(this.pnlScannerIssue, false);
 
     }
 
@@ -491,19 +514,19 @@ public MatchAlertItem getItem() {
         //item.setNotifyType((MatchItem.NotifyType) this.cmbAlertNotify.getSelectedItem());
         EnumSet<MatchItem.NotifyType> notifys = EnumSet.noneOf(MatchItem.NotifyType.class);
         if (this.chkAlerts_tab.isSelected()) {
-            notifys.add(NotifyType.ALERTS_TAB);
+            notifys.add(MatchItem.NotifyType.ALERTS_TAB);
         }
         if (this.chkTray_message.isSelected()) {
-            notifys.add(NotifyType.TRAY_MESSAGE);
+            notifys.add(MatchItem.NotifyType.TRAY_MESSAGE);
         }
         if (this.chkItem_highlight.isSelected()) {
-            notifys.add(NotifyType.ITEM_HIGHLIGHT);
+            notifys.add(MatchItem.NotifyType.ITEM_HIGHLIGHT);
         }
         if (this.chkComment.isSelected()) {
-            notifys.add(NotifyType.COMMENT);
+            notifys.add(MatchItem.NotifyType.COMMENT);
         }
         if (this.chkScannerIssue.isSelected()) {
-            notifys.add(NotifyType.SCANNER_ISSUE);
+            notifys.add(MatchItem.NotifyType.SCANNER_ISSUE);
         }
         item.setNotifyTypes(notifys);
 
@@ -528,13 +551,13 @@ public MatchAlertItem getItem() {
         }
         item.setTargetTools(tools);
 
-        if (item.getNotifyTypes().contains(NotifyType.ITEM_HIGHLIGHT)) {
+        if (item.getNotifyTypes().contains(MatchItem.NotifyType.ITEM_HIGHLIGHT)) {
             item.setHighlightColor((MatchItem.HighlightColor) this.cmbAlertColor.getSelectedItem());
         }
-        if (item.getNotifyTypes().contains(NotifyType.COMMENT)) {
+        if (item.getNotifyTypes().contains(MatchItem.NotifyType.COMMENT)) {
             item.setComment(this.txtComment.getText());
         }        
-        if (item.getNotifyTypes().contains(NotifyType.SCANNER_ISSUE)) {
+        if (item.getNotifyTypes().contains(MatchItem.NotifyType.SCANNER_ISSUE)) {
             item.setIssueName(this.txtIssueName.getText());
             String serverty = (String)this.cmbSeverity.getSelectedItem();
             item.setServerity(BurpExtenderImpl.Severity.valueOf(serverty));
@@ -568,13 +591,13 @@ public void setItem(MatchAlertItem item) {
         this.chkScanner.setSelected(tools.contains(MatchAlertItem.TargetTool.SCANNER));
         this.chkSequencer.setSelected(tools.contains(MatchAlertItem.TargetTool.SEQUENCER));
 
-        if (item.getNotifyTypes().contains(NotifyType.ITEM_HIGHLIGHT)) {
+        if (item.getNotifyTypes().contains(MatchItem.NotifyType.ITEM_HIGHLIGHT)) {
             this.cmbAlertColor.setSelectedItem(item.getHighlightColor());
         }
-        if (item.getNotifyTypes().contains(NotifyType.COMMENT)) {
+        if (item.getNotifyTypes().contains(MatchItem.NotifyType.COMMENT)) {
             this.txtComment.setText(item.getComment());
         }
-        if (item.getNotifyTypes().contains(NotifyType.SCANNER_ISSUE)) {
+        if (item.getNotifyTypes().contains(MatchItem.NotifyType.SCANNER_ISSUE)) {
             this.txtIssueName.setText(item.getIssueName());
             this.cmbSeverity.setSelectedItem(item.getServerity().toString());
             this.cmbConfidence.setSelectedItem(item.getConfidence().toString());