Skip to content

Commit

Permalink
support JSONP
Browse files Browse the repository at this point in the history
  • Loading branch information
isayan committed Apr 21, 2020
1 parent 36d063c commit ed8d8a6
Show file tree
Hide file tree
Showing 11 changed files with 625 additions and 101 deletions.
Binary file modified release/YaguraExtender-v1.9.jar
View file
Binary file not shown.
16 changes: 16 additions & 0 deletions src/main/java/burp/BurpExtender.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,21 @@ public IMessageEditorTab createNewInstance(IMessageEditorController controller,
}
};

private final IMessageEditorTabFactory responseJSONPTab = new IMessageEditorTabFactory() {
@Override
public IMessageEditorTab createNewInstance(IMessageEditorController controller, boolean editable) {
final JSONViewTab tab = new JSONViewTab(controller, editable, false) {

@Override
public boolean isJsonp() {
return true;
}

};
return tab;
}
};

private final KeyEventPostProcessor dispatcher = new KeyEventPostProcessor() {
@Override
public boolean postProcessKeyEvent(KeyEvent e) {
Expand Down Expand Up @@ -235,6 +250,7 @@ public void registerView() {
cb.registerMessageEditorTabFactory(this.commentViewTab);
cb.registerMessageEditorTabFactory(this.requestJSONTab);
cb.registerMessageEditorTabFactory(this.responseJSONTab);
cb.registerMessageEditorTabFactory(this.responseJSONPTab);
cb.registerMessageEditorTabFactory(this.jwtViewTab);
}

Expand Down
6 changes: 4 additions & 2 deletions src/main/java/extend/util/external/FormatUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,8 +57,10 @@ public static boolean isJson(String jsonString) {
return JsonUtil.isJson(jsonString);
}



public static boolean isJsonp(String jsonString) {
return JsonUtil.isJsonp(jsonString);
}

public static String prettyXml(String xmlString) throws IOException {
return prettyXml(xmlString, true);
}
Expand Down
22 changes: 20 additions & 2 deletions src/main/java/extend/util/external/JsonUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ public class JsonUtil {

public static boolean validJson(String jsonElementString) {
try {
JsonParser.parseString(jsonElementString);
return true;
JsonParser.parseString(jsonElementString);
return true;
}
catch (JsonSyntaxException ex) {
return false;
Expand Down Expand Up @@ -68,6 +68,14 @@ public static DefaultTreeModel toJsonTreeModel(JsonElement jsonElement) {
return model;
}

public static DefaultTreeModel toJsonTreeModel(JsonpElement jsonpElement) {
DefaultMutableTreeNode rootJson = new DefaultMutableTreeNode("JSONP");
DefaultTreeModel model = new DefaultTreeModel(rootJson);
rootJson.add(new DefaultMutableTreeNode(jsonpElement.getCallbackName() + "()"));
toJsonTreeNode(jsonpElement.getJsonElement(), rootJson);
return model;
}

private static void toJsonTreeNode(JsonElement jsonElement, DefaultMutableTreeNode parentNode) {
if (jsonElement.isJsonObject()) {
DefaultMutableTreeNode node = new DefaultMutableTreeNode("{}");
Expand Down Expand Up @@ -115,6 +123,16 @@ public static boolean isJson(String jsonString) {
}
}

public static boolean isJsonp(String jsonpString) {
try {
JsonpElement.parseJsonp(jsonpString);
return true;
}
catch (JsonSyntaxException ex) {
return false;
}
}

private static final Map<Class<?>, Object> typeAdapterMap = new HashMap<>();

public static void registerTypeHierarchyAdapter(Class<?> baseType, Object typeAdapter) {
Expand Down
59 changes: 59 additions & 0 deletions src/main/java/extend/util/external/JsonpElement.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
package extend.util.external;

import com.google.gson.JsonElement;
import com.google.gson.JsonSyntaxException;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/**
*
* @author isayan
*/
public class JsonpElement {

private JsonpElement() {
}

private final static Pattern JSONP_TYPE = Pattern.compile("\\s*([\\w\\$\\.]+)\\s*\\(\\s*(\\{.*?\\})\\s*\\)", Pattern.DOTALL);

public static JsonpElement parseJsonp(String jsonpString) throws JsonSyntaxException {
Matcher m = JSONP_TYPE.matcher(jsonpString);
if (m.lookingAt()) {
JsonpElement jsonp = new JsonpElement();
jsonp.raw = m.group(0);
jsonp.callbackName = m.group(1);
jsonp.jsonElement = JsonUtil.parse(m.group(2));
return jsonp;
}
throw new JsonSyntaxException("jsonp invalid format");
}

private String raw;

public String getRaw() {
return raw;
}

private String callbackName;

public String getCallbackName() {
return callbackName;
}

private JsonElement jsonElement;

public JsonElement getJsonElement() {
return jsonElement;
}

public String pretty() throws IOException {
StringBuilder buff = new StringBuilder();
buff.append(callbackName);
buff.append("(\n");
buff.append(JsonUtil.prettyJson(jsonElement, true));
buff.append("\n)");
return buff.toString();
}

}
2 changes: 1 addition & 1 deletion src/main/java/yagura/model/UniversalViewProperty.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ public List<String> getEncodingList() {
}

public enum UniversalView {
GENERATE_POC, HTML_COMMENT, JSON, JWT, JRAW, JPARAM;
GENERATE_POC, HTML_COMMENT, JSON, JSONP, JWT, JRAW, JPARAM;

public static UniversalView parseValue(String value) {
UniversalView eval = (UniversalView) Util.parseEnumValue(UniversalView.class, value);
Expand Down
174 changes: 127 additions & 47 deletions src/main/java/yagura/view/JSONView.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@
import extend.util.ConvertUtil;
import extend.util.SwingUtil;
import extend.util.external.JsonUtil;
import extend.util.external.JsonpElement;
import java.awt.Font;
import java.io.IOException;
import java.util.List;
import java.util.concurrent.ExecutionException;
import java.util.logging.Level;
Expand All @@ -25,14 +27,24 @@
*/
public class JSONView extends javax.swing.JPanel {

private final boolean isJsonp;

/**
* Creates new form JSONView
*/
public JSONView() {
this(false);
}

/**
* Creates new form JSONView
*/
public JSONView(boolean isJsonp) {
this.isJsonp = isJsonp;
initComponents();
customizeComponents();
}

private final EditorKit jsonStyleEditorKit = new StyledEditorKit() {
@Override
public Document createDefaultDocument() {
Expand Down Expand Up @@ -143,61 +155,129 @@ public void setMessage(String content) {
root.removeAllChildren();

if (content != null) {
// Raw
SwingWorker swRaw = new SwingWorker<String, Object>() {
@Override
protected String doInBackground() throws Exception {
publish("...");
return JsonUtil.prettyJson(content);
}
if (this.isJsonp) {
setMessageJsonp(content);
}
else {
setMessageJson(content);
}
}
}

private void setMessageJson(String content) {
// Raw
SwingWorker swRaw = new SwingWorker<String, Object>() {
@Override
protected String doInBackground() throws Exception {
publish("...");
return JsonUtil.prettyJson(content);
}

protected void process(List<Object> chunks) {
txtJSON.setText("Heavy Processing" + ConvertUtil.repeat("...", chunks.size()));
protected void process(List<Object> chunks) {
txtJSON.setText("Heavy Processing" + ConvertUtil.repeat("...", chunks.size()));
}

protected void done() {
try {
txtJSON.setText(get());
txtJSON.setCaretPosition(0);
} catch (InterruptedException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (ExecutionException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
}

protected void done() {
try {
txtJSON.setText(get());
txtJSON.setCaretPosition(0);
} catch (InterruptedException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (ExecutionException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
}
}

};
swRaw.execute();

// Tree View
SwingWorker swTree = new SwingWorker<DefaultTreeModel, Object>() {
@Override
protected DefaultTreeModel doInBackground() throws Exception {
publish("...");
return (DefaultTreeModel) JsonUtil.toJsonTreeModel(JsonUtil.parse(content));
}

protected void process(List<Object> chunks) {
modelJSON.setRoot(new DefaultMutableTreeNode("Heavy Processing" + ConvertUtil.repeat("...", chunks.size())));
}

protected void done() {
try {
modelJSON = get();
SwingUtil.allNodesChanged(treeJSON);
treeJSON.setModel(modelJSON);
expandJsonTree();
} catch (InterruptedException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (ExecutionException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
}
}
};
swTree.execute();
}

private void setMessageJsonp(String content) {
// Raw
SwingWorker swRaw = new SwingWorker<JsonpElement, Object>() {
@Override
protected JsonpElement doInBackground() throws Exception {
publish("...");
return JsonpElement.parseJsonp(content);
}

};
swRaw.execute();
protected void process(List<Object> chunks) {
txtJSON.setText("Heavy Processing" + ConvertUtil.repeat("...", chunks.size()));
}

// Tree View
SwingWorker swTree = new SwingWorker<DefaultTreeModel, Object>() {
@Override
protected DefaultTreeModel doInBackground() throws Exception {
publish("...");
return (DefaultTreeModel) JsonUtil.toJsonTreeModel(JsonUtil.parse(content));
protected void done() {
try {
JsonpElement jsonpElement = get();
txtJSON.setText(jsonpElement.pretty());
txtJSON.setCaretPosition(0);
} catch (InterruptedException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (ExecutionException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
}
}

};
swRaw.execute();

protected void process(List<Object> chunks) {
modelJSON.setRoot(new DefaultMutableTreeNode("Heavy Processing" + ConvertUtil.repeat("...", chunks.size())));
// Tree View
SwingWorker swTree = new SwingWorker<DefaultTreeModel, Object>() {
@Override
protected DefaultTreeModel doInBackground() throws Exception {
publish("...");
JsonpElement jsonpElement = JsonpElement.parseJsonp(content);
return (DefaultTreeModel) JsonUtil.toJsonTreeModel(jsonpElement);
}

protected void process(List<Object> chunks) {
modelJSON.setRoot(new DefaultMutableTreeNode("Heavy Processing" + ConvertUtil.repeat("...", chunks.size())));
}

protected void done() {
try {
modelJSON = get();
SwingUtil.allNodesChanged(treeJSON);
treeJSON.setModel(modelJSON);
expandJsonTree();
} catch (InterruptedException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (ExecutionException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
}

protected void done() {
try {
modelJSON = get();
SwingUtil.allNodesChanged(treeJSON);
treeJSON.setModel(modelJSON);
expandJsonTree();
} catch (InterruptedException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
} catch (ExecutionException ex) {
Logger.getLogger(JSONView.class.getName()).log(Level.SEVERE, null, ex);
}
}
};
swTree.execute();
}
}
};
swTree.execute();
}

public String getMessage() {
return this.txtJSON.getText();
}
Expand Down
Loading

0 comments on commit ed8d8a6

Please sign in to comment.