Skip to content

Commit

Permalink
Created RsaEncryptPayloadForZap.py
Browse files Browse the repository at this point in the history 
Signed-off-by: Michał Walkowski <[email protected]>
  • Loading branch information
@mwalkowski
mwalkowski committed Feb 17, 2024
1 parent a33e339 commit 88a094a
Show file tree
Hide file tree
Showing 2 changed files with 47 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- extender/arpSyndicateSubdomainDiscovery.js - uses the API of [ARPSyndicate's Subdomain Center](https://www.subdomain.center/)
to find and add subdomains to the Sites Tree.
- passive/JavaDisclosure.js - Passive scan for Java error messages leaks
- httpsender/RsaEncryptPayloadForZap.py - A script that encrypts requests using RSA

## [18] - 2024-01-29
### Added
Expand Down
46 changes: 46 additions & 0 deletions httpsender/RsaEncryptPayloadForZap.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
# RSA Encrypt Payload Script for Zed Attack Proxy - ZAP
# HelpAddOn Script - HTTPSender
# Michal Walkowski - https://mwalkowski.github.io/
#
# Tested with Jython 14 beta and ZAP 2.14.0
# Based On: https://mwalkowski.github.io/post/using-burp-python-scripts-to-encrypt-requests-with-rsa-keys/
# You can test the script's functionality using https://github.com/mwalkowski/api-request-security-poc



import json
import base64
import subprocess

# path to public.pem
PUBLIC_KEY = "public.pem"

PAYLOAD_PLACEHOLDER = "PAYLOAD"
PAYLOAD = '{\"keyId\": \"init\", \"encryptedPayload\": \"' + PAYLOAD_PLACEHOLDER + '\"}'


def encrypt_body(body):
body_b64 = base64.standard_b64encode(json.dumps(body, ensure_ascii=False).encode()).decode()

cmd = 'printf %s "{}" | openssl pkeyutl -encrypt -pubin -inkey {} | openssl base64'.format(body_b64, PUBLIC_KEY)
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
output, err = process.communicate()
if err.decode() != "":
raise Exception(err)

return output.decode().replace("\n", "")


def sendingRequest(msg, initiator, helper):
body = msg.getRequestBody().toString()
msg.setNote(body)
body = json.loads(body)
encrypted_body = encrypt_body(body)
new_payload = PAYLOAD.replace(PAYLOAD_PLACEHOLDER, encrypted_body)
msg.setRequestBody(new_payload)
msg.getRequestHeader().setHeader("content-length", str(len(new_payload)))


def responseReceived(msg, initiator, helper):
body = msg.getNote()
msg.setRequestBody(body)

0 comments on commit 88a094a

Please sign in to comment.