diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java index af42759d..65c03aa1 100644 --- a/src/main/java/burp/BurpExtender.java +++ b/src/main/java/burp/BurpExtender.java @@ -24,6 +24,8 @@ public void initialize(MontoyaApi api) { api.extension().setName(extensionName); api.userInterface().registerContextMenuItemsProvider(new CstcContextMenuItemsProvider(api, view)); api.http().registerHttpHandler(new CstcHttpHandler(view)); + api.proxy().registerRequestHandler(new CstcProxyRequestHandler(view)); + api.proxy().registerResponseHandler(new CstcProxyResponseHandler(view)); api.userInterface().registerSuiteTab(extensionName, view); api.userInterface().registerHttpRequestEditorProvider(new MyHttpRequestEditorProvider(view)); api.userInterface().registerHttpRequestEditorProvider(new MyHttpRequestEditorProviderFormatting(view)); @@ -40,8 +42,10 @@ public void initialize(MontoyaApi api) { private void restoreRecipe(PersistedObject persistence) { try { this.view.getFormatRecipePanel().restoreState(persistence.getString(BurpOperation.FORMAT + "Recipe")); - this.view.getIncomingRecipePanel().restoreState(persistence.getString(BurpOperation.INCOMING + "Recipe")); - this.view.getOutgoingRecipePanel().restoreState(persistence.getString(BurpOperation.OUTGOING + "Recipe")); + this.view.getIncomingHttpResponseRecipePanel().restoreState(persistence.getString(BurpOperation.INCOMING_HTTP_RESPONSE + "Recipe")); + this.view.getIncomingProxyRequestRecipePanel().restoreState(persistence.getString(BurpOperation.INCOMING_PROXY_REQUEST + "Recipe")); + this.view.getOutgoingHttpRequestRecipePanel().restoreState(persistence.getString(BurpOperation.OUTGOING_HTTP_REQUEST + "Recipe")); + this.view.getOutgoingProxyResponseRecipePanel().restoreState(persistence.getString(BurpOperation.OUTGOING_PROXY_RESPONSE + "Recipe")); } catch (Exception e) { Logger.getInstance().log( "Could not restore the recipe for one or multiple panels. If this is the first time using CSTC in a project, you can ignore this message."); diff --git a/src/main/java/burp/CstcContextMenuItemsProvider.java b/src/main/java/burp/CstcContextMenuItemsProvider.java index 59650938..a6dc79a5 100644 --- a/src/main/java/burp/CstcContextMenuItemsProvider.java +++ b/src/main/java/burp/CstcContextMenuItemsProvider.java @@ -30,27 +30,45 @@ public CstcContextMenuItemsProvider(MontoyaApi api, View view) public List provideMenuItems(ContextMenuEvent event) { List menuItems = new ArrayList<>(); - JMenuItem incomingMenu = new JMenuItem("Send to CSTC (Incoming)"); - JMenuItem outgoingMenu = new JMenuItem("Send to CSTC (Outgoing)"); - JMenuItem incomingReqFormatMenu = new JMenuItem("Send request to CSTC (Formatting)"); - JMenuItem incomingResFormatMenu = new JMenuItem("Send response to CSTC (Formatting)"); + JMenuItem incomingHttpResponseMenu = new JMenuItem("Send to Incoming HTTP Responses"); + JMenuItem incomingProxyRequestMenu = new JMenuItem("Send to Incoming Proxy Requests"); + JMenuItem outgoingHttpRequestMenu = new JMenuItem("Send to Outgoing HTTP Requests"); + JMenuItem outgoingProxyResponseMenu = new JMenuItem("Send to Outgoing Proxy Responses"); + JMenuItem incomingReqFormatMenu = new JMenuItem("Send request to Formatting"); + JMenuItem incomingResFormatMenu = new JMenuItem("Send response to Formatting"); - menuItems.add(outgoingMenu); - menuItems.add(incomingMenu); + menuItems.add(outgoingHttpRequestMenu); + menuItems.add(outgoingProxyResponseMenu); + menuItems.add(incomingHttpResponseMenu); + menuItems.add(incomingProxyRequestMenu); menuItems.add(incomingReqFormatMenu); menuItems.add(incomingResFormatMenu); - incomingMenu.addActionListener(new ActionListener() { + incomingHttpResponseMenu.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - view.getIncomingRecipePanel().setInput(event.messageEditorRequestResponse().isPresent() ? event.messageEditorRequestResponse().get().requestResponse() : event.selectedRequestResponses().get(0)); + view.getIncomingHttpResponseRecipePanel().setInput(event.messageEditorRequestResponse().isPresent() ? event.messageEditorRequestResponse().get().requestResponse() : event.selectedRequestResponses().get(0)); + } + }); + + incomingProxyRequestMenu.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + view.getIncomingProxyRequestRecipePanel().setInput(event.messageEditorRequestResponse().isPresent() ? event.messageEditorRequestResponse().get().requestResponse() : event.selectedRequestResponses().get(0)); } }); - outgoingMenu.addActionListener(new ActionListener() { + outgoingHttpRequestMenu.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + view.getOutgoingHttpRequestRecipePanel().setInput(event.messageEditorRequestResponse().isPresent() ? event.messageEditorRequestResponse().get().requestResponse() : event.selectedRequestResponses().get(0)); + } + }); + + outgoingProxyResponseMenu.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { - view.getOutgoingRecipePanel().setInput(event.messageEditorRequestResponse().isPresent() ? event.messageEditorRequestResponse().get().requestResponse() : event.selectedRequestResponses().get(0)); + view.getOutgoingProxyResponseRecipePanel().setInput(event.messageEditorRequestResponse().isPresent() ? event.messageEditorRequestResponse().get().requestResponse() : event.selectedRequestResponses().get(0)); } }); diff --git a/src/main/java/burp/CstcHttpHandler.java b/src/main/java/burp/CstcHttpHandler.java index 4ac49013..bc54d4fb 100644 --- a/src/main/java/burp/CstcHttpHandler.java +++ b/src/main/java/burp/CstcHttpHandler.java @@ -25,9 +25,9 @@ public class CstcHttpHandler implements HttpHandler { @Override public RequestToBeSentAction handleHttpRequestToBeSent(HttpRequestToBeSent requestToBeSent) { - if (BurpUtils.getInstance().getFilterState().shouldProcess(FilterState.BurpOperation.OUTGOING, requestToBeSent.toolSource())) { + if (BurpUtils.getInstance().getFilterState().shouldProcess(FilterState.BurpOperation.OUTGOING_HTTP_REQUEST, requestToBeSent.toolSource().toolType())) { ByteArray request = requestToBeSent.toByteArray(); - ByteArray modifiedRequest = view.getOutgoingRecipePanel().bake(request, MessageType.REQUEST); + ByteArray modifiedRequest = view.getOutgoingHttpRequestRecipePanel().bake(request, MessageType.REQUEST); return continueWith(HttpRequest.httpRequest(modifiedRequest).withService(requestToBeSent.httpService())); } else{ @@ -37,9 +37,9 @@ public RequestToBeSentAction handleHttpRequestToBeSent(HttpRequestToBeSent reque @Override public ResponseReceivedAction handleHttpResponseReceived(HttpResponseReceived responseReceived) { - if (BurpUtils.getInstance().getFilterState().shouldProcess(FilterState.BurpOperation.INCOMING, responseReceived.toolSource())) { + if (BurpUtils.getInstance().getFilterState().shouldProcess(FilterState.BurpOperation.INCOMING_HTTP_RESPONSE, responseReceived.toolSource().toolType())) { ByteArray response = responseReceived.toByteArray(); - ByteArray modifiedResponse = view.getIncomingRecipePanel().bake(response, MessageType.RESPONSE); + ByteArray modifiedResponse = view.getIncomingHttpResponseRecipePanel().bake(response, MessageType.RESPONSE); return continueWith(HttpResponse.httpResponse(modifiedResponse)); } else{ diff --git a/src/main/java/burp/CstcProxyRequestHandler.java b/src/main/java/burp/CstcProxyRequestHandler.java new file mode 100644 index 00000000..b79777a7 --- /dev/null +++ b/src/main/java/burp/CstcProxyRequestHandler.java @@ -0,0 +1,41 @@ +package burp; + +import burp.api.montoya.core.ByteArray; +import burp.api.montoya.core.ToolType; +import burp.api.montoya.http.message.requests.HttpRequest; +import burp.api.montoya.proxy.http.InterceptedRequest; +import burp.api.montoya.proxy.http.ProxyRequestHandler; +import burp.api.montoya.proxy.http.ProxyRequestReceivedAction; +import burp.api.montoya.proxy.http.ProxyRequestToBeSentAction; +import de.usd.cstchef.Utils.MessageType; +import de.usd.cstchef.view.View; +import de.usd.cstchef.view.filter.FilterState; + +import static burp.api.montoya.proxy.http.ProxyRequestReceivedAction.continueWith; + +public class CstcProxyRequestHandler implements ProxyRequestHandler { + + private View view; + + public CstcProxyRequestHandler(View view) { + this.view = view; + } + + @Override + public ProxyRequestReceivedAction handleRequestReceived(InterceptedRequest interceptedRequest) { + if (BurpUtils.getInstance().getFilterState().shouldProcess(FilterState.BurpOperation.INCOMING_PROXY_REQUEST, ToolType.PROXY)) { + ByteArray request = interceptedRequest.toByteArray(); + ByteArray modifiedRequest = view.getIncomingProxyRequestRecipePanel().bake(request, MessageType.REQUEST); + return continueWith(HttpRequest.httpRequest(modifiedRequest).withService(interceptedRequest.httpService())); + } + else{ + return continueWith(interceptedRequest); + } + } + + @Override + public ProxyRequestToBeSentAction handleRequestToBeSent(InterceptedRequest interceptedRequest) { + return ProxyRequestToBeSentAction.continueWith(interceptedRequest); + } + +} \ No newline at end of file diff --git a/src/main/java/burp/CstcProxyResponseHandler.java b/src/main/java/burp/CstcProxyResponseHandler.java new file mode 100644 index 00000000..6ae76676 --- /dev/null +++ b/src/main/java/burp/CstcProxyResponseHandler.java @@ -0,0 +1,41 @@ +package burp; + +import burp.api.montoya.core.ByteArray; +import burp.api.montoya.core.ToolType; +import burp.api.montoya.http.message.responses.HttpResponse; +import burp.api.montoya.proxy.http.InterceptedResponse; +import burp.api.montoya.proxy.http.ProxyResponseHandler; +import burp.api.montoya.proxy.http.ProxyResponseReceivedAction; +import burp.api.montoya.proxy.http.ProxyResponseToBeSentAction; +import de.usd.cstchef.Utils.MessageType; +import de.usd.cstchef.view.View; +import de.usd.cstchef.view.filter.FilterState; + +import static burp.api.montoya.proxy.http.ProxyResponseToBeSentAction.continueWith; + +public class CstcProxyResponseHandler implements ProxyResponseHandler { + + private View view; + + public CstcProxyResponseHandler(View view) { + this.view = view; + } + + @Override + public ProxyResponseReceivedAction handleResponseReceived(InterceptedResponse interceptedResponse) { + return ProxyResponseReceivedAction.continueWith(interceptedResponse); + } + + @Override + public ProxyResponseToBeSentAction handleResponseToBeSent(InterceptedResponse interceptedResponse) { + if (BurpUtils.getInstance().getFilterState().shouldProcess(FilterState.BurpOperation.OUTGOING_PROXY_RESPONSE, ToolType.PROXY)) { + ByteArray response = interceptedResponse.toByteArray(); + ByteArray modifiedResponse = view.getOutgoingProxyResponseRecipePanel().bake(response, MessageType.RESPONSE); + return continueWith(HttpResponse.httpResponse(modifiedResponse)); + } + else{ + return continueWith(interceptedResponse); + } + } + +} \ No newline at end of file diff --git a/src/main/java/burp/MyExtensionProvidedHttpRequestEditor.java b/src/main/java/burp/MyExtensionProvidedHttpRequestEditor.java index f299c4a6..61d7b22c 100644 --- a/src/main/java/burp/MyExtensionProvidedHttpRequestEditor.java +++ b/src/main/java/burp/MyExtensionProvidedHttpRequestEditor.java @@ -39,7 +39,7 @@ public HttpRequest getRequest() @Override public void setRequestResponse(HttpRequestResponse requestResponse) { - ByteArray result = view.getOutgoingRecipePanel().bake(requestResponse.request().toByteArray(), MessageType.REQUEST); + ByteArray result = view.getOutgoingHttpRequestRecipePanel().bake(requestResponse.request().toByteArray(), MessageType.REQUEST); this.requestEditor.setContents(result); } diff --git a/src/main/java/de/usd/cstchef/Utils.java b/src/main/java/de/usd/cstchef/Utils.java index 6306b53e..7fbdf6fd 100644 --- a/src/main/java/de/usd/cstchef/Utils.java +++ b/src/main/java/de/usd/cstchef/Utils.java @@ -444,7 +444,7 @@ public static Class[] getOperationsDevIncoming() { public static Class[] getOperations(BurpOperation operation) { //return BurpUtils.inBurp() ? Utils.getOperationsDev() : Utils.getOperationsDev(); - if(operation == BurpOperation.INCOMING) { + if(operation == BurpOperation.INCOMING_HTTP_RESPONSE) { return getOperationsDevIncoming(); } else { diff --git a/src/main/java/de/usd/cstchef/view/RecipePanel.java b/src/main/java/de/usd/cstchef/view/RecipePanel.java index 8d567487..00dd795c 100644 --- a/src/main/java/de/usd/cstchef/view/RecipePanel.java +++ b/src/main/java/de/usd/cstchef/view/RecipePanel.java @@ -219,8 +219,10 @@ public void actionPerformed(ActionEvent e) { JOptionPane.OK_CANCEL_OPTION, JOptionPane.PLAIN_MESSAGE); if (result == JOptionPane.OK_OPTION) { BurpUtils.getInstance().getFilterState().setFilterMask( - RequestFilterDialog.getInstance().getFilterMask(BurpOperation.INCOMING), - RequestFilterDialog.getInstance().getFilterMask(BurpOperation.OUTGOING)); + RequestFilterDialog.getInstance().getFilterMask(BurpOperation.INCOMING_HTTP_RESPONSE), + RequestFilterDialog.getInstance().getFilterMask(BurpOperation.INCOMING_PROXY_REQUEST), + RequestFilterDialog.getInstance().getFilterMask(BurpOperation.OUTGOING_HTTP_REQUEST), + RequestFilterDialog.getInstance().getFilterMask(BurpOperation.OUTGOING_PROXY_RESPONSE)); } BurpUtils.getInstance().getView().preventRaceConditionOnVariables(); BurpUtils.getInstance().getView().updateInactiveWarnings(); @@ -399,7 +401,22 @@ public void actionPerformed(ActionEvent e) { } public void disableAutobakeIfFilterActive() { - for(Boolean b : BurpUtils.getInstance().getFilterState().getIncomingFilterSettings().values()) { + for(Boolean b : BurpUtils.getInstance().getFilterState().getIncomingHttpResponseFilterSettings().values()) { + if(b) { + this.autoBake = false; + this.bakeCheckBox.setSelected(false); + this.bakeButton.setEnabled(true); + this.bakeCheckBox.setEnabled(false); + this.bakeCheckBox.setToolTipText("Auto bake is disabled if Filter is active."); + return; + } + else if(!this.bakeCheckBox.isEnabled() && !b) { + this.bakeCheckBox.setEnabled(true); + this.bakeCheckBox.setToolTipText(""); + } + } + + for(Boolean b : BurpUtils.getInstance().getFilterState().getIncomingProxyRequestFilterSettings().values()) { if(b) { this.autoBake = false; this.bakeCheckBox.setSelected(false); @@ -414,7 +431,22 @@ else if(!this.bakeCheckBox.isEnabled() && !b) { } } - for(Boolean b : BurpUtils.getInstance().getFilterState().getOutgoingFilterSettings().values()) { + for(Boolean b : BurpUtils.getInstance().getFilterState().getOutgoingHttpRequestFilterSettings().values()) { + if(b) { + this.autoBake = false; + this.bakeCheckBox.setSelected(false); + this.bakeButton.setEnabled(true); + this.bakeCheckBox.setEnabled(false); + this.bakeCheckBox.setToolTipText("Auto bake is disabled if Filter is active."); + return; + } + else if(!this.bakeCheckBox.isEnabled() && !b) { + this.bakeCheckBox.setEnabled(true); + this.bakeCheckBox.setToolTipText(""); + } + } + + for(Boolean b : BurpUtils.getInstance().getFilterState().getOutgoingProxyResponseFilterSettings().values()) { if(b) { this.autoBake = false; this.bakeCheckBox.setSelected(false); diff --git a/src/main/java/de/usd/cstchef/view/RequestFilterDialog.java b/src/main/java/de/usd/cstchef/view/RequestFilterDialog.java index e36c9e4d..a522f65a 100644 --- a/src/main/java/de/usd/cstchef/view/RequestFilterDialog.java +++ b/src/main/java/de/usd/cstchef/view/RequestFilterDialog.java @@ -30,8 +30,10 @@ public static RequestFilterDialog getInstance() { private RequestFilterDialog() { this.setLayout(new GridLayout(0, 3)); - JPanel incomingPanel = createPanel(BurpOperation.INCOMING); - JPanel outgoingPanel = createPanel(BurpOperation.OUTGOING); + JPanel incomingHttpResponsePanel = createHttpPanel(BurpOperation.INCOMING_HTTP_RESPONSE); + JPanel incomingProxyRequestPanel = createProxyPanel(BurpOperation.INCOMING_PROXY_REQUEST); + JPanel outgoingHttpRequestPanel = createHttpPanel(BurpOperation.OUTGOING_HTTP_REQUEST); + JPanel outgoingProxyResponsePanel = createProxyPanel(BurpOperation.OUTGOING_PROXY_RESPONSE); JPanel labelPanel = new JPanel(); labelPanel.setLayout(new GridLayout(7, 0)); @@ -43,12 +45,14 @@ private RequestFilterDialog() { this.removeAll(); this.add(labelPanel); - this.add("Outgoing", outgoingPanel); - this.add("Incoming", incomingPanel); + this.add("Outgoing HTTP Request", outgoingHttpRequestPanel); + this.add("Incoming HTTP Response", incomingHttpResponsePanel); + this.add("Incoming Proxy Request", incomingProxyRequestPanel); + this.add("Outgoing Proxy Response", outgoingProxyResponsePanel); } - private JPanel createPanel(BurpOperation operation) { + private JPanel createHttpPanel(BurpOperation operation) { if (BurpUtils.getInstance().getFilterState().getFilterMask(operation).isEmpty()) { BurpUtils.getInstance().getFilterState().getFilterMask(operation).put(new Filter(ToolType.PROXY, ToolType.PROXY.ordinal()), false); BurpUtils.getInstance().getFilterState().getFilterMask(operation).put(new Filter(ToolType.REPEATER, ToolType.REPEATER.ordinal()), false); @@ -60,7 +64,7 @@ private JPanel createPanel(BurpOperation operation) { JPanel panel = new JPanel(); panel.add(new JLabel(operation.toString())); - for (Map.Entry entry : BurpUtils.getInstance().getFilterState().getFilterMask(operation).entrySet()) { + for (Map.Entry entry : BurpUtils.getInstance().getFilterState().getFilterMask(operation).entrySet()) { Filter filter = entry.getKey(); boolean selected = entry.getValue(); @@ -78,6 +82,29 @@ public void actionPerformed(ActionEvent e) { panel.setLayout(new GridLayout(7, 0)); return panel; } + + private JPanel createProxyPanel(BurpOperation operation) { + if (BurpUtils.getInstance().getFilterState().getFilterMask(operation).isEmpty()) { + BurpUtils.getInstance().getFilterState().getFilterMask(operation).put(new Filter(ToolType.PROXY, ToolType.PROXY.ordinal()), false); + } + JPanel panel = new JPanel(); + for (Map.Entry entry : BurpUtils.getInstance().getFilterState().getFilterMask(operation).entrySet()) { + Filter filter = entry.getKey(); + boolean selected = entry.getValue(); + + JCheckBox box = new JCheckBox(); + box.setSelected(selected); + box.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + BurpUtils.getInstance().getFilterState().getFilterMask(operation).put(filter, box.isSelected()); + } + }); + panel.add(box); + } + panel.add(new JLabel(operation.toString())); + return panel; + } public void updateFilterSettings(){ RequestFilterDialog.instance = new RequestFilterDialog(); diff --git a/src/main/java/de/usd/cstchef/view/View.java b/src/main/java/de/usd/cstchef/view/View.java index d2cec15a..05a0ffff 100644 --- a/src/main/java/de/usd/cstchef/view/View.java +++ b/src/main/java/de/usd/cstchef/view/View.java @@ -17,8 +17,10 @@ public class View extends JPanel { - private RecipePanel incomingRecipePanel; - private RecipePanel outgoingRecipePanel; + private RecipePanel incomingHttpResponseRecipePanel; + private RecipePanel incomingProxyRequestRecipePanel; + private RecipePanel outgoingHttpRequestRecipePanel; + private RecipePanel outgoingProxyResponseRecipePanel; private RecipePanel formatRecipePanel; public View(){ @@ -31,22 +33,34 @@ public View(FilterState state) { this.setLayout(new BorderLayout()); JTabbedPane tabbedPane = new JTabbedPane(); - incomingRecipePanel = new RecipePanel(BurpOperation.INCOMING, MessageType.RESPONSE); - outgoingRecipePanel = new RecipePanel(BurpOperation.OUTGOING, MessageType.REQUEST); + incomingHttpResponseRecipePanel = new RecipePanel(BurpOperation.INCOMING_HTTP_RESPONSE, MessageType.RESPONSE); + incomingProxyRequestRecipePanel = new RecipePanel(BurpOperation.INCOMING_PROXY_REQUEST, MessageType.REQUEST); + outgoingHttpRequestRecipePanel = new RecipePanel(BurpOperation.OUTGOING_HTTP_REQUEST, MessageType.REQUEST); + outgoingProxyResponseRecipePanel = new RecipePanel(BurpOperation.OUTGOING_PROXY_RESPONSE, MessageType.RESPONSE); formatRecipePanel = new RecipePanel(BurpOperation.FORMAT, MessageType.RAW); - tabbedPane.addTab("Outgoing Requests", null, outgoingRecipePanel, "Outgoing requests from the browser, the repeater or another tool."); - tabbedPane.addTab("Incoming Responses", null, incomingRecipePanel, "Responses from the server."); + tabbedPane.addTab("Incoming Proxy Requests", null, incomingProxyRequestRecipePanel, "Incoming requests from the client application."); + tabbedPane.addTab("Outgoing HTTP Requests", null, outgoingHttpRequestRecipePanel, "Outgoing requests from any tool of Burp."); + tabbedPane.addTab("Incoming HTTP Responses", null, incomingHttpResponseRecipePanel, "Responses from the server."); + tabbedPane.addTab("Outgoing Proxy Responses", null, outgoingProxyResponseRecipePanel, "Outgoing responses from Burp."); tabbedPane.addTab("Formatting", null, formatRecipePanel, "Formatting for messages."); this.add(tabbedPane); } - public RecipePanel getIncomingRecipePanel() { - return this.incomingRecipePanel; + public RecipePanel getIncomingHttpResponseRecipePanel() { + return this.incomingHttpResponseRecipePanel; + } + + public RecipePanel getIncomingProxyRequestRecipePanel() { + return this.incomingProxyRequestRecipePanel; } - public RecipePanel getOutgoingRecipePanel() { - return this.outgoingRecipePanel; + public RecipePanel getOutgoingHttpRequestRecipePanel() { + return this.outgoingHttpRequestRecipePanel; + } + + public RecipePanel getOutgoingProxyResponseRecipePanel() { + return this.outgoingProxyResponseRecipePanel; } public RecipePanel getFormatRecipePanel() { @@ -65,22 +79,36 @@ public static void main(String[] args) { } public void updateInactiveWarnings() { - incomingRecipePanel.showInactiveWarning(); - for(Boolean b : BurpUtils.getInstance().getFilterState().getIncomingFilterSettings().values()){ + incomingHttpResponseRecipePanel.showInactiveWarning(); + for(Boolean b : BurpUtils.getInstance().getFilterState().getIncomingHttpResponseFilterSettings().values()){ + if(b == true) + incomingHttpResponseRecipePanel.hideInactiveWarning(); + } + + incomingProxyRequestRecipePanel.showInactiveWarning(); + for(Boolean b : BurpUtils.getInstance().getFilterState().getIncomingProxyRequestFilterSettings().values()){ if(b == true) - incomingRecipePanel.hideInactiveWarning(); + incomingProxyRequestRecipePanel.hideInactiveWarning(); } - outgoingRecipePanel.showInactiveWarning(); - for(Boolean b : BurpUtils.getInstance().getFilterState().getOutgoingFilterSettings().values()){ + outgoingHttpRequestRecipePanel.showInactiveWarning(); + for(Boolean b : BurpUtils.getInstance().getFilterState().getOutgoingHttpRequestFilterSettings().values()){ + if(b == true) + outgoingHttpRequestRecipePanel.hideInactiveWarning(); + } + + outgoingProxyResponseRecipePanel.showInactiveWarning(); + for(Boolean b : BurpUtils.getInstance().getFilterState().getOutgoingProxyResponseFilterSettings().values()){ if(b == true) - outgoingRecipePanel.hideInactiveWarning(); + outgoingProxyResponseRecipePanel.hideInactiveWarning(); } } public void preventRaceConditionOnVariables() { - incomingRecipePanel.disableAutobakeIfFilterActive(); - outgoingRecipePanel.disableAutobakeIfFilterActive(); + incomingHttpResponseRecipePanel.disableAutobakeIfFilterActive(); + incomingProxyRequestRecipePanel.disableAutobakeIfFilterActive(); + outgoingHttpRequestRecipePanel.disableAutobakeIfFilterActive(); + outgoingProxyResponseRecipePanel.disableAutobakeIfFilterActive(); formatRecipePanel.disableAutobakeIfFilterActive(); } } diff --git a/src/main/java/de/usd/cstchef/view/filter/FilterState.java b/src/main/java/de/usd/cstchef/view/filter/FilterState.java index 78e2b763..4dd27661 100644 --- a/src/main/java/de/usd/cstchef/view/filter/FilterState.java +++ b/src/main/java/de/usd/cstchef/view/filter/FilterState.java @@ -6,31 +6,46 @@ import com.fasterxml.jackson.databind.annotation.JsonDeserialize; -import burp.api.montoya.core.ToolSource; +import burp.api.montoya.core.ToolType; public class FilterState implements Serializable{ @JsonDeserialize(keyUsing = FilterStateDeserializer.class) - private LinkedHashMap incomingFilterSettings; + private LinkedHashMap incomingHttpResponseFilterSettings; @JsonDeserialize(keyUsing = FilterStateDeserializer.class) - private LinkedHashMap outgoingFilterSettings; - - public FilterState(LinkedHashMap incomingFilterSettings, - LinkedHashMap outgoingFilterSettings) { - this.incomingFilterSettings = incomingFilterSettings; - this.outgoingFilterSettings = outgoingFilterSettings; + private LinkedHashMap incomingProxyRequestFilterSettings; + @JsonDeserialize(keyUsing = FilterStateDeserializer.class) + private LinkedHashMap outgoingHttpRequestFilterSettings; + @JsonDeserialize(keyUsing = FilterStateDeserializer.class) + private LinkedHashMap outgoingProxyResponseFilterSettings; + + public FilterState(LinkedHashMap incomingHttpResponseFilterSettings, + LinkedHashMap incomingProxyRequestFilterSettings, + LinkedHashMap outgoingHttpRequestFilterSettings, + LinkedHashMap outgoingProxyResponseFilterSettings) { + this.incomingHttpResponseFilterSettings = incomingHttpResponseFilterSettings; + this.incomingProxyRequestFilterSettings = incomingProxyRequestFilterSettings; + this.outgoingHttpRequestFilterSettings = outgoingHttpRequestFilterSettings; + this.outgoingProxyResponseFilterSettings = outgoingProxyResponseFilterSettings; } public FilterState() { - this(new LinkedHashMap(), new LinkedHashMap()); + this(new LinkedHashMap(), new LinkedHashMap(), + new LinkedHashMap(), new LinkedHashMap()); } public void setFilterMask(LinkedHashMap filterMask, BurpOperation operation) { switch (operation) { - case INCOMING: - incomingFilterSettings = filterMask; + case INCOMING_HTTP_RESPONSE: + incomingHttpResponseFilterSettings = filterMask; + break; + case INCOMING_PROXY_REQUEST: + incomingProxyRequestFilterSettings = filterMask; break; - case OUTGOING: - outgoingFilterSettings = filterMask; + case OUTGOING_HTTP_REQUEST: + outgoingHttpRequestFilterSettings = filterMask; + break; + case OUTGOING_PROXY_RESPONSE: + outgoingProxyResponseFilterSettings = filterMask; break; default: break; @@ -39,30 +54,44 @@ public void setFilterMask(LinkedHashMap filterMask, BurpOperati public LinkedHashMap getFilterMask(BurpOperation operation) { switch (operation) { - case INCOMING: - return incomingFilterSettings; - case OUTGOING: - return outgoingFilterSettings; + case INCOMING_HTTP_RESPONSE: + return incomingHttpResponseFilterSettings; + case INCOMING_PROXY_REQUEST: + return incomingProxyRequestFilterSettings; + case OUTGOING_HTTP_REQUEST: + return outgoingHttpRequestFilterSettings; + case OUTGOING_PROXY_RESPONSE: + return outgoingProxyResponseFilterSettings; default: return new LinkedHashMap(); } } - public void setFilterMask(LinkedHashMap incomingFilterMask, - LinkedHashMap outgoingFilterMask) { - this.incomingFilterSettings = incomingFilterMask; - this.outgoingFilterSettings = outgoingFilterMask; + public void setFilterMask(LinkedHashMap incomingHttpResponseFilterMask, + LinkedHashMap incomingProxyRequestFilterMask, + LinkedHashMap outgoingHttpRequestFilterMask, + LinkedHashMap outgoingProxyResponseFilterMask) { + this.incomingHttpResponseFilterSettings = incomingHttpResponseFilterMask; + this.incomingProxyRequestFilterSettings = incomingProxyRequestFilterMask; + this.outgoingHttpRequestFilterSettings = outgoingHttpRequestFilterMask; + this.outgoingProxyResponseFilterSettings = outgoingProxyResponseFilterMask; } - public boolean shouldProcess(BurpOperation operation, ToolSource toolSource) { + public boolean shouldProcess(BurpOperation operation, ToolType toolType) { LinkedHashMap filterSettings; int filterMask = 0; switch (operation) { - case INCOMING: - filterSettings = incomingFilterSettings; + case INCOMING_HTTP_RESPONSE: + filterSettings = incomingHttpResponseFilterSettings; + break; + case INCOMING_PROXY_REQUEST: + filterSettings = incomingProxyRequestFilterSettings; + break; + case OUTGOING_HTTP_REQUEST: + filterSettings = outgoingHttpRequestFilterSettings; break; - case OUTGOING: - filterSettings = outgoingFilterSettings; + case OUTGOING_PROXY_RESPONSE: + filterSettings = outgoingProxyResponseFilterSettings; break; default: filterSettings = new LinkedHashMap<>(); @@ -71,42 +100,65 @@ public boolean shouldProcess(BurpOperation operation, ToolSource toolSource) { for (Map.Entry entry : filterSettings.entrySet()) { Filter filter = entry.getKey(); - if(filter.getToolType().equals(toolSource.toolType())){ + if(filter.getToolType().equals(toolType)){ return entry.getValue() == true; } } return false; } - public LinkedHashMap getIncomingFilterSettings() { - return this.incomingFilterSettings; + public LinkedHashMap getIncomingHttpResponseFilterSettings() { + return this.incomingHttpResponseFilterSettings; } - public void setIncomingFilterSettings(LinkedHashMap incomingFilterSettings) { - this.incomingFilterSettings = incomingFilterSettings; + public void setIncomingHttpResponseFilterSettings(LinkedHashMap incomingHttpResponseFilterSettings) { + this.incomingHttpResponseFilterSettings = incomingHttpResponseFilterSettings; + } + + public LinkedHashMap getIncomingProxyRequestFilterSettings() { + return this.incomingProxyRequestFilterSettings; + } + + public void setIncomingProxyRequestFilterSettings(LinkedHashMap incomingProxyRequestFilterSettings) { + this.incomingProxyRequestFilterSettings = incomingProxyRequestFilterSettings; } - public LinkedHashMap getOutgoingFilterSettings() { - return this.outgoingFilterSettings; + public LinkedHashMap getOutgoingHttpRequestFilterSettings() { + return this.outgoingHttpRequestFilterSettings; + } + + public void setOutgoingHttpRequestFilterSettings(LinkedHashMap outgoingHttpRequestFilterSettings) { + this.outgoingHttpRequestFilterSettings = outgoingHttpRequestFilterSettings; + } + + public LinkedHashMap getOutgoingProxyResponseFilterSettings() { + return this.outgoingProxyResponseFilterSettings; } - public void setOutgoingFilterSettings(LinkedHashMap outgoingFilterSettings) { - this.outgoingFilterSettings = outgoingFilterSettings; + public void setOutgoingProxyResponseFilterSettings(LinkedHashMap outgoingProxyResponseFilterSettings) { + this.outgoingProxyResponseFilterSettings = outgoingProxyResponseFilterSettings; } public String toString(){ - return "Incoming: " + this.incomingFilterSettings.toString() + "\nOutgoing: " + this.outgoingFilterSettings.toString(); + return "Incoming HTTP Response: " + this.incomingHttpResponseFilterSettings.toString() + + "\nIncoming Proxy Request: " + this.incomingProxyRequestFilterSettings.toString() + + "\nOutgoing HTTP Request: " + this.outgoingHttpRequestFilterSettings.toString() + + "\nOutgoing Proxy Response: " + this.outgoingProxyResponseFilterSettings.toString(); } public enum BurpOperation { - INCOMING, - OUTGOING, + INCOMING_HTTP_RESPONSE, + INCOMING_PROXY_REQUEST, + OUTGOING_HTTP_REQUEST, + OUTGOING_PROXY_RESPONSE, FORMAT; public String toString(){ switch(this){ - case INCOMING: return "Incoming"; - case OUTGOING: return "Outgoing"; + case INCOMING_HTTP_RESPONSE: return "Incoming_HTTP_Response"; + case INCOMING_PROXY_REQUEST: return "Incoming_Proxy_Request"; + case OUTGOING_HTTP_REQUEST: return "Outgoing_HTTP_Request"; + case OUTGOING_PROXY_RESPONSE: return "Outgoing_Proxy_Response"; case FORMAT: return "Formatting"; default: return ""; }