Skip to content

Commit 2c29f90

Browse files
author
isayan
committed
fix Genarate PoC
1 parent 32d1713 commit 2c29f90

File tree

10 files changed

+211
-201
lines changed

10 files changed

+211
-201
lines changed

gradle.properties

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
netbeans.org-netbeans-modules-javascript2-requirejs.enabled=true
22
release_version_major=3.0
3-
release_version_minor=4.2
3+
release_version_minor=5.0
44
netbeans.license=mit

libs/BurpExtensionCommons-v3.0.4.0.jar renamed to libs/BurpExtensionCommons-v3.0.5.0.jar

182 KB
Binary file not shown.

release/YaguraExtension-v3.0.jar

4.29 KB
Binary file not shown.

src/main/java/burp/BurpExtension.java

Lines changed: 76 additions & 74 deletions
Large diffs are not rendered by default.

src/main/java/extend/util/external/TransUtil.java

Lines changed: 77 additions & 89 deletions
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ public static ChronoUnit toChronoUnit(DateUnit unit) {
7575
}
7676

7777
public enum EncodeType {
78-
ALL, ALPHANUM, STANDARD, LIGHT, URL_SAFE, JAVA_SCRIPT
78+
ALL, ALPHANUM, STANDARD, LIGHT, BURP_LIKE, JAVA_SCRIPT
7979
};
8080

8181
public enum ConvertCase {
@@ -92,8 +92,8 @@ public static Pattern getEncodeTypePattern(EncodeType type) {
9292
return SmartCodec.ENCODE_PATTERN_STANDARD;
9393
case LIGHT:
9494
return SmartCodec.ENCODE_PATTERN_LIGHT;
95-
case URL_SAFE:
96-
return SmartCodec.ENCODE_PATTERN_URLSAFE;
95+
case BURP_LIKE:
96+
return SmartCodec.ENCODE_PATTERN_BURP;
9797
case JAVA_SCRIPT:
9898
return SmartCodec.ENCODE_PATTERN_JS;
9999
default:
@@ -959,116 +959,104 @@ public static String toByteOctEncode(byte[] bytes, Pattern pattern) {
959959

960960
private final static Pattern PTN_BYTE_GROUP = Pattern.compile("((?:\\\\[xX][0-9a-fA-F]{2})+)|((?:\\\\[0-9]{1,3})+)");
961961

962-
public static String toByteDecode(String input, String charset) {
962+
public static String toByteDecode(String input, String charset) throws UnsupportedEncodingException {
963963
StringBuffer buff = new StringBuffer();
964964
Matcher m = PTN_BYTE_GROUP.matcher(input);
965-
try {
966-
while (m.find()) {
967-
String hex = m.group(1);
968-
String oct = m.group(2);
969-
if (hex != null) {
970-
Matcher m2 = PTN_BYTE_HEX1.matcher(hex);
971-
ByteBuffer buf = ByteBuffer.allocate(hex.length());
972-
while (m2.find()) {
973-
String hexcode = m2.group(1);
974-
int u = Character.digit(hexcode.charAt(0), 16);
975-
int l = Character.digit(hexcode.charAt(1), 16);
976-
buf.put((byte) ((u << 4) + l));
977-
}
978-
buf.flip();
979-
byte[] value = new byte[buf.limit()];
980-
buf.get(value);
981-
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
982-
} else if (oct != null) {
983-
Matcher m3 = PTN_BYTE_OCT.matcher(oct);
984-
ByteBuffer buf = ByteBuffer.allocate(oct.length());
985-
while (m3.find()) {
986-
String octecode = m3.group(1);
987-
buf.put((byte) Integer.parseInt(octecode, 8));
988-
}
989-
buf.flip();
990-
byte[] value = new byte[buf.limit()];
991-
buf.get(value);
992-
m.appendReplacement(buff, Matcher.quoteReplacement(new String(value, charset)));
965+
while (m.find()) {
966+
String hex = m.group(1);
967+
String oct = m.group(2);
968+
if (hex != null) {
969+
Matcher m2 = PTN_BYTE_HEX1.matcher(hex);
970+
ByteBuffer buf = ByteBuffer.allocate(hex.length());
971+
while (m2.find()) {
972+
String hexcode = m2.group(1);
973+
int u = Character.digit(hexcode.charAt(0), 16);
974+
int l = Character.digit(hexcode.charAt(1), 16);
975+
buf.put((byte) ((u << 4) + l));
976+
}
977+
buf.flip();
978+
byte[] value = new byte[buf.limit()];
979+
buf.get(value);
980+
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
981+
} else if (oct != null) {
982+
Matcher m3 = PTN_BYTE_OCT.matcher(oct);
983+
ByteBuffer buf = ByteBuffer.allocate(oct.length());
984+
while (m3.find()) {
985+
String octecode = m3.group(1);
986+
buf.put((byte) Integer.parseInt(octecode, 8));
993987
}
988+
buf.flip();
989+
byte[] value = new byte[buf.limit()];
990+
buf.get(value);
991+
m.appendReplacement(buff, Matcher.quoteReplacement(new String(value, charset)));
994992
}
995-
m.appendTail(buff);
996-
} catch (UnsupportedEncodingException ex) {
997-
logger.log(Level.SEVERE, ex.getMessage(), ex);
998993
}
994+
m.appendTail(buff);
999995
return buff.toString();
1000996
}
1001997
private final static Pattern PTN_BYTE_HEX = Pattern.compile("((?:[0-9a-fA-F]{2}))");
1002998

1003-
public static String toByteHexDecode(String input, String charset) {
999+
public static String toByteHexDecode(String input, String charset) throws UnsupportedEncodingException {
10041000
StringBuffer buff = new StringBuffer();
10051001
Matcher m = PTN_BYTE_HEX_GROUP.matcher(input);
1006-
try {
1007-
while (m.find()) {
1008-
String hex = m.group(1);
1009-
if (hex != null) {
1010-
Matcher m0 = PTN_BYTE_HEX.matcher(hex);
1011-
ByteBuffer buf = ByteBuffer.allocate(hex.length());
1012-
while (m0.find()) {
1013-
String hexcode = m0.group(1);
1014-
int u = Character.digit(hexcode.charAt(0), 16);
1015-
int l = Character.digit(hexcode.charAt(1), 16);
1016-
buf.put((byte) ((u << 4) + l));
1017-
}
1018-
buf.flip();
1019-
byte[] value = new byte[buf.limit()];
1020-
buf.get(value);
1021-
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
1002+
while (m.find()) {
1003+
String hex = m.group(1);
1004+
if (hex != null) {
1005+
Matcher m0 = PTN_BYTE_HEX.matcher(hex);
1006+
ByteBuffer buf = ByteBuffer.allocate(hex.length());
1007+
while (m0.find()) {
1008+
String hexcode = m0.group(1);
1009+
int u = Character.digit(hexcode.charAt(0), 16);
1010+
int l = Character.digit(hexcode.charAt(1), 16);
1011+
buf.put((byte) ((u << 4) + l));
10221012
}
1013+
buf.flip();
1014+
byte[] value = new byte[buf.limit()];
1015+
buf.get(value);
1016+
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
10231017
}
1024-
m.appendTail(buff);
1025-
} catch (UnsupportedEncodingException ex) {
1026-
logger.log(Level.SEVERE, ex.getMessage(), ex);
10271018
}
1019+
m.appendTail(buff);
10281020
return buff.toString();
10291021
}
10301022

10311023
private final static Pattern PTN_BYTE_HEX2_GROUP = Pattern.compile("((?:\\\\[xX][0-9a-fA-F]{2})+)|((?:\\\\[0-9a-fA-F]{2})+)");
10321024

1033-
public static String toByteHex2Decode(String input, String charset) {
1025+
public static String toByteHex2Decode(String input, String charset) throws UnsupportedEncodingException {
10341026
StringBuffer buff = new StringBuffer();
10351027
Matcher m = PTN_BYTE_HEX2_GROUP.matcher(input);
1036-
try {
1037-
while (m.find()) {
1038-
String hex1 = m.group(1);
1039-
String hex2 = m.group(2);
1040-
if (hex1 != null) {
1041-
Matcher m2 = PTN_BYTE_HEX1.matcher(hex1);
1042-
ByteBuffer buf = ByteBuffer.allocate(hex1.length());
1043-
while (m2.find()) {
1044-
String hexcode = m2.group(1);
1045-
int u = Character.digit(hexcode.charAt(0), 16);
1046-
int l = Character.digit(hexcode.charAt(1), 16);
1047-
buf.put((byte) ((u << 4) + l));
1048-
}
1049-
buf.flip();
1050-
byte[] value = new byte[buf.limit()];
1051-
buf.get(value);
1052-
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
1053-
} else if (hex2 != null) {
1054-
Matcher m3 = PTN_BYTE_HEX2.matcher(hex2);
1055-
ByteBuffer buf = ByteBuffer.allocate(hex2.length());
1056-
while (m3.find()) {
1057-
String hexcode = m3.group(1);
1058-
int u = Character.digit(hexcode.charAt(0), 16);
1059-
int l = Character.digit(hexcode.charAt(1), 16);
1060-
buf.put((byte) ((u << 4) + l));
1061-
}
1062-
buf.flip();
1063-
byte[] value = new byte[buf.limit()];
1064-
buf.get(value);
1065-
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
1028+
while (m.find()) {
1029+
String hex1 = m.group(1);
1030+
String hex2 = m.group(2);
1031+
if (hex1 != null) {
1032+
Matcher m2 = PTN_BYTE_HEX1.matcher(hex1);
1033+
ByteBuffer buf = ByteBuffer.allocate(hex1.length());
1034+
while (m2.find()) {
1035+
String hexcode = m2.group(1);
1036+
int u = Character.digit(hexcode.charAt(0), 16);
1037+
int l = Character.digit(hexcode.charAt(1), 16);
1038+
buf.put((byte) ((u << 4) + l));
1039+
}
1040+
buf.flip();
1041+
byte[] value = new byte[buf.limit()];
1042+
buf.get(value);
1043+
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
1044+
} else if (hex2 != null) {
1045+
Matcher m3 = PTN_BYTE_HEX2.matcher(hex2);
1046+
ByteBuffer buf = ByteBuffer.allocate(hex2.length());
1047+
while (m3.find()) {
1048+
String hexcode = m3.group(1);
1049+
int u = Character.digit(hexcode.charAt(0), 16);
1050+
int l = Character.digit(hexcode.charAt(1), 16);
1051+
buf.put((byte) ((u << 4) + l));
10661052
}
1053+
buf.flip();
1054+
byte[] value = new byte[buf.limit()];
1055+
buf.get(value);
1056+
m.appendReplacement(buff, Matcher.quoteReplacement(StringUtil.getStringCharset(value, charset)));
10671057
}
1068-
m.appendTail(buff);
1069-
} catch (UnsupportedEncodingException ex) {
1070-
logger.log(Level.SEVERE, ex.getMessage(), ex);
10711058
}
1059+
m.appendTail(buff);
10721060
return buff.toString();
10731061
}
10741062

src/main/java/yagura/view/GeneratePoCTab.java

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929
import java.io.File;
3030
import java.io.FileOutputStream;
3131
import java.io.IOException;
32+
import java.io.UnsupportedEncodingException;
3233
import java.nio.charset.StandardCharsets;
3334
import java.time.LocalDateTime;
3435
import java.time.format.DateTimeFormatter;
@@ -778,7 +779,7 @@ private String generatePoC(GenerateCsrfParameter csrfParam) {
778779
}
779780
}
780781
buff.append(String.format("<body%s>" + HttpUtil.LINE_TERMINATE, new Object[]{autoSubmit}));
781-
buff.append("<!-- begen form -->" + HttpUtil.LINE_TERMINATE);
782+
buff.append("<!-- begen form -->").append(HttpUtil.LINE_TERMINATE);
782783
String targetLink = (csrfParam.isCsrfMultiForm()) ? "target=\"_blank\"" : "";
783784
// csrf urlencoded/multipart
784785
if (!csrfTextPlain) {
@@ -805,10 +806,10 @@ private String generatePoC(GenerateCsrfParameter csrfParam) {
805806
paramName = StringUtil.getStringCharset(StringUtil.getBytesRaw(paramName), csrfEncoding);
806807
paramValue = StringUtil.getStringCharset(StringUtil.getBytesRaw(paramValue), csrfEncoding);
807808
if (MatchUtil.isUrlencoded(paramName)) {
808-
paramName = SmartCodec.toUrlEncode(paramName, csrfEncoding, true);
809+
paramName = SmartCodec.toUrlDecode(paramName, csrfEncoding);
809810
}
810811
if (MatchUtil.isUrlencoded(paramValue)) {
811-
paramValue = SmartCodec.toUrlEncode(paramValue, csrfEncoding, true);
812+
paramValue = SmartCodec.toUrlDecode(paramValue, csrfEncoding);
812813
}
813814
String decodename = HttpUtil.toHtmlEncode(paramName);
814815
String decodevalue = HttpUtil.toHtmlEncode(paramValue);
@@ -826,10 +827,10 @@ private String generatePoC(GenerateCsrfParameter csrfParam) {
826827
}
827828
} else {
828829
if (MatchUtil.isUrlencoded(paramName)) {
829-
paramName = SmartCodec.toUrlEncode(paramName, csrfEncoding, true);
830+
paramName = SmartCodec.toUrlDecode(paramName, csrfEncoding);
830831
}
831832
if (MatchUtil.isUrlencoded(paramValue)) {
832-
paramValue = SmartCodec.toUrlEncode(paramValue, csrfEncoding, true);
833+
paramValue = SmartCodec.toUrlDecode(paramValue, csrfEncoding);
833834
}
834835
}
835836
String decodename = HttpUtil.toHtmlEncode(paramName);
@@ -842,7 +843,7 @@ private String generatePoC(GenerateCsrfParameter csrfParam) {
842843
} else {
843844
String file_encoding = csrfEncoding;
844845
String decodevalue = StringUtil.getStringCharset(StringUtil.getBytesRaw(paramValue), file_encoding);
845-
buff.append("<!-- Internet Explorer browser only technique -->" + HttpUtil.LINE_TERMINATE);
846+
buff.append("<!-- Internet Explorer browser only technique -->").append(HttpUtil.LINE_TERMINATE);
846847
buff.append(String.format("<textarea name=\"%s&quot;; filename=&quot;%s&quot;&#x0d;&#x0a;Content-Type: text/plain; charset=%s\">",
847848
new Object[]{paramName, filename, file_encoding}));
848849
buff.append(HttpUtil.toHtmlEncode(decodevalue));
@@ -881,7 +882,7 @@ private String generatePoC(GenerateCsrfParameter csrfParam) {
881882
buff.append("</form>").append(HttpUtil.LINE_TERMINATE);
882883
buff.append("<!-- end form -->").append(HttpUtil.LINE_TERMINATE);
883884
buff.append("</body></html>").append(HttpUtil.LINE_TERMINATE);
884-
} catch (Exception ex) {
885+
} catch (UnsupportedEncodingException ex) {
885886
logger.log(Level.SEVERE, ex.getMessage(), ex);
886887
}
887888
return buff.toString();
@@ -998,10 +999,10 @@ private String generateHTML5PoC(GenerateCsrfParameter csrfParam) {
998999
}
9991000
} else {
10001001
if (MatchUtil.isUrlencoded(paramName)) {
1001-
paramName = SmartCodec.toUrlEncode(paramName, csrfEncoding, true);
1002+
paramName = SmartCodec.toUrlDecode(paramName, csrfEncoding);
10021003
}
10031004
if (MatchUtil.isUrlencoded(paramValue)) {
1004-
paramValue = SmartCodec.toUrlEncode(paramValue, csrfEncoding, true);
1005+
paramValue = SmartCodec.toUrlDecode(paramValue, csrfEncoding);
10051006
}
10061007
}
10071008

@@ -1121,7 +1122,7 @@ private String generateHTML5PoC(GenerateCsrfParameter csrfParam) {
11211122

11221123
buff.append("</body></html>").append(HttpUtil.LINE_TERMINATE);
11231124

1124-
} catch (Exception ex) {
1125+
} catch (UnsupportedEncodingException ex) {
11251126
logger.log(Level.SEVERE, ex.getMessage(), ex);
11261127
}
11271128
return buff.toString();
@@ -1202,6 +1203,9 @@ public boolean isEnabledFor(HttpRequestResponse httpRequestResponse) {
12021203
return false;
12031204
}
12041205
HttpRequestWapper request = new HttpRequestWapper(httpRequestResponse.request());
1206+
if (request.httpService() == null) {
1207+
return false;
1208+
}
12051209
String host = request.httpService().host();
12061210
if (host == null) {
12071211
return false;

src/main/java/yagura/view/HtmlCommetViewTab.java

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,17 @@
11
package yagura.view;
22

3+
import burp.BurpExtender;
34
import burp.BurpExtension;
45
import burp.api.montoya.http.message.MimeType;
56
import burp.api.montoya.http.message.HttpRequestResponse;
6-
import burp.api.montoya.http.message.responses.analysis.Attribute;
7-
import burp.api.montoya.http.message.responses.analysis.AttributeType;
87
import burp.api.montoya.ui.Selection;
98
import burp.api.montoya.ui.editor.extension.ExtensionProvidedEditor;
109
import extend.util.external.ThemeUI;
1110
import extend.util.external.TransUtil;
1211
import extension.helpers.ConvertUtil;
1312
import extension.helpers.HttpResponseWapper;
1413
import extension.helpers.HttpUtil;
14+
import extension.helpers.SmartCodec;
1515
import extension.helpers.StringUtil;
1616
import java.awt.Component;
1717
import java.awt.Font;
@@ -125,14 +125,18 @@ public void setMessageEncoding(String encoding) {
125125
return;
126126
}
127127
final boolean uniq = this.quickSearchTab.getUniqCheckBox().isSelected();
128-
129128
this.txtHtmlComment.setText("");
130129
SwingWorker swText = new SwingWorker<String, Object>() {
131130
@Override
132131
protected String doInBackground() throws Exception {
133132
publish("...");
134-
String comments[] = HttpUtil.extractHTMLComments(StringUtil.getStringCharset(httpRequestResponse.response().body().getBytes(), encoding), uniq);
135-
return TransUtil.join("\r\n", ConvertUtil.toUniqList(List.of(comments)));
133+
String body = StringUtil.getStringCharset(httpRequestResponse.response().body().getBytes(), encoding);
134+
String comments[] = HttpUtil.extractHTMLComments(body, uniq);
135+
// Htmlデコードする
136+
for (int i = 0; i < comments.length; i++) {
137+
comments[i] = SmartCodec.toHtmlDecode(comments[i]);
138+
}
139+
return TransUtil.join("\r\n", List.of(comments));
136140
}
137141

138142
@Override

src/main/java/yagura/view/JTransCoderTab.form

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1215,8 +1215,8 @@
12151215
<Property name="buttonGroup" type="javax.swing.ButtonGroup" editor="org.netbeans.modules.form.RADComponent$ButtonGroupPropertyEditor">
12161216
<ComponentRef name="btnGrpEncodeType"/>
12171217
</Property>
1218-
<Property name="text" type="java.lang.String" value="URLSafe"/>
1219-
<Property name="toolTipText" type="java.lang.String" value="[^a-zA-Z0-9\u005c._-]" containsInvalidXMLChars="true"/>
1218+
<Property name="text" type="java.lang.String" value="Burp"/>
1219+
<Property name="toolTipText" type="java.lang.String" value="[^A-Za-z0-9!\u005c&quot;$&apos;()*,/:&lt;&gt;@\u005c[\u005c\u005c\u005c]^`{|},.~-]" containsInvalidXMLChars="true"/>
12201220
</Properties>
12211221
<Events>
12221222
<EventHandler event="actionPerformed" listener="java.awt.event.ActionListener" parameters="java.awt.event.ActionEvent" handler="rdoURLSafeActionPerformed"/>

0 commit comments

Comments
 (0)