Filter support is Hide items without responses

source · source · commit c57604e3bbad · 2018-09-10T20:08:15.000+09:00
diff --git a/release/YaguraExtender.jar b/release/YaguraExtender.jar
diff --git a/src/burp/BurpExtender.java b/src/burp/BurpExtender.java
@@ -31,6 +31,7 @@
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.net.MalformedURLException;
 import java.net.URL;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
@@ -929,17 +930,21 @@ public void sendToJTransCoder(String text) {
     public void sendToMessageInfoCopy(IContextMenuInvocation contextMenu, IHttpRequestResponse[] messageInfoList) {
         StringBuilder buff = new StringBuilder();
         try {
-            buff.append("url\tstatus\tlength\r\n");
+            buff.append("url\tquery\tmethod\tstatus\tlength\r\n");
             for (IHttpRequestResponse messageInfo : messageInfoList) {    
                 IRequestInfo reqInfo = BurpExtender.getHelpers().analyzeRequest(messageInfo);
                 URL url = reqInfo.getUrl();
                 buff.append(HttpUtil.toURL(url.getProtocol(), url.getHost(), url.getPort(), url.getPath()).toString());
+                buff.append("\t");
+                buff.append(url.getQuery());
+                buff.append("\t");
+                buff.append(reqInfo.getMethod());
                 if (messageInfo.getResponse() != null) {
                     HttpResponse httpResponse = HttpResponse.parseHttpResponse(messageInfo.getResponse());
                     buff.append("\t");
                     buff.append(httpResponse.getStatusCode());
                     buff.append("\t");
-                    buff.append(httpResponse.getContentLength());                                        
+                    buff.append(messageInfo.getResponse().length);                                        
                 }
                 buff.append("\r\n");
             }
@@ -948,5 +953,24 @@ public void sendToMessageInfoCopy(IContextMenuInvocation contextMenu, IHttpReque
         }
         SwingUtil.systemClipboardCopy(buff.toString());
     }
+
+    /**
+     * ***********************************************************************
+     * Add Host To Scope
+     * ***********************************************************************
+     */
+
+    public void sendToAddHostToScope(IContextMenuInvocation contextMenu, IHttpRequestResponse[] messageInfoList) {
+        try {
+            for (IHttpRequestResponse messageInfo : messageInfoList) {    
+                    IRequestInfo reqInfo = BurpExtender.getHelpers().analyzeRequest(messageInfo);
+                    URL url = reqInfo.getUrl();
+                    BurpExtender.getCallbacks().includeInScope(new URL(HttpUtil.toURL(url.getProtocol(), url.getHost(), url.getPort())));
+            }
+        } catch (MalformedURLException ex) {
+            Logger.getLogger(BurpExtender.class.getName()).log(Level.SEVERE, null, ex);
+        }
+    }
+
     
 }
diff --git a/src/burp/release.properties b/src/burp/release.properties
@@ -1,7 +1,7 @@
 # YaguraExtender build xml properties
 
 # version
-version=1.7.24.0
+version=1.7.25.0
 
 #lib
 asciidoctor-version=1.5.5
diff --git a/src/yagura/Config.java b/src/yagura/Config.java
@@ -288,6 +288,7 @@ protected static void loadFromXml(IniProp prop, OptionProperty option) throws IO
                 
         FilterProperty filter = new FilterProperty();
         filter.setShowOnlyScopeItems(prop.readEntryBool("jsearch", "showOnlyScopeItems", false));
+        filter.setHideItemsWithoutResponses(prop.readEntryBool("jsearch", "hideItemsWithoutResponsess", false));
         filter.setShowOnly(prop.readEntryBool("jsearch", "showOnly", false));
         filter.setShowOnlyExtension(prop.readEntry("jsearch", "showOnlyExtension", "asp,aspx,jsp,php"));
         filter.setHide(prop.readEntryBool("jsearch", "hide", false));
@@ -467,6 +468,7 @@ protected static void saveToXML(IniProp prop, OptionProperty option) throws IOEx
         
         FilterProperty filter = jsearch.getFilterProperty();
         prop.writeEntryBool("jsearch", "showOnlyScopeItems", filter.getShowOnlyScopeItems());
+        prop.writeEntryBool("jsearch", "hideItemsWithoutResponsess", filter.isHideItemsWithoutResponses());
         prop.writeEntryBool("jsearch", "showOnly", filter.getShowOnly());
         prop.writeEntry("jsearch", "showOnlyExtension", filter.getShowOnlyExtension());
         prop.writeEntryBool("jsearch", "hide", filter.getHide());
diff --git a/src/yagura/model/FilterProperty.java b/src/yagura/model/FilterProperty.java
@@ -23,6 +23,23 @@ public void setShowOnlyScopeItems(boolean value) {
         this.showOnlyScopeItems = value;
     }
 
+    private boolean hideItemsWithoutResponses = false;
+
+    /**
+     * @return the hideItemsWithoutResponses
+     */
+    public boolean isHideItemsWithoutResponses() {
+        return hideItemsWithoutResponses;
+    }
+
+    /**
+     * @param hideItemsWithoutResponses the hideItemsWithoutResponses to set
+     */
+    public void setHideItemsWithoutResponses(boolean hideItemsWithoutResponses) {
+        this.hideItemsWithoutResponses = hideItemsWithoutResponses;
+    }
+
+    
     private boolean showOnly = false;
 
     public boolean getShowOnly() {
diff --git a/src/yagura/model/HttpMessageItem.java b/src/yagura/model/HttpMessageItem.java
@@ -152,8 +152,13 @@ public void setResponse(byte[] response)  {
 
     public short getStatusCode() throws Exception {
     if (this.httpItem != null) {
-            IResponseInfo resInfo = BurpExtender.getHelpers().analyzeResponse(this.httpItem.getResponse());
-            return resInfo.getStatusCode();
+            if (this.httpItem.getResponse() != null) {
+                IResponseInfo resInfo = BurpExtender.getHelpers().analyzeResponse(this.httpItem.getResponse());
+                return resInfo.getStatusCode();
+            }
+            else {
+                return 0;
+            }
         } else {
             return this.statuscode;
         }
diff --git a/src/yagura/model/ResultViewModel.java b/src/yagura/model/ResultViewModel.java
@@ -65,7 +65,10 @@ public Object getValueAt(int row, int col) {
                     value = String.valueOf(msg.getUrl());
                     break;
                 case 5: // status code
-                    value = String.valueOf((int) msg.getStatusCode());
+                    value = 0;
+                    if (msg.getResponse() != null) {
+                        value = String.valueOf((int) msg.getStatusCode());
+                    }
                     break;
                 case 6: // length
                     value = 0;
diff --git a/src/yagura/model/SendToExtend.java b/src/yagura/model/SendToExtend.java
@@ -65,6 +65,10 @@ public void sendToEvent(IHttpRequestResponse[] messageInfo) {
             BurpExtender.getInstance().sendToMessageInfoCopy(this.contextMenu, messageInfo);                                    
             break;
         }
+        case ADD_HOST_TO_SCOPE: {
+            BurpExtender.getInstance().sendToAddHostToScope(this.contextMenu, messageInfo);                                    
+            break;
+        }
         default:                             
             // ここには現状こない
             break;
diff --git a/src/yagura/model/SendToItem.java b/src/yagura/model/SendToItem.java
@@ -27,9 +27,10 @@ public enum ExtendType {
         REQUEST_AND_RESPONSE_TO_FILE,
         SEND_TO_JTRANSCODER,
         PASTE_FROM_JTRANSCODER,
-        MESSAGE_INFO_COPY;
+        MESSAGE_INFO_COPY,
+        ADD_HOST_TO_SCOPE;
 
-	@Override
+        @Override
 	public String toString() {
             String value = name().toLowerCase();
             return value.replace('_', ' ');
diff --git a/src/yagura/view/ResultFilterPopup.form b/src/yagura/view/ResultFilterPopup.form
@@ -161,13 +161,20 @@
                 </Property>
               </Properties>
 
-              <Layout class="org.netbeans.modules.form.compat2.layouts.DesignBoxLayout"/>
+              <Layout class="org.netbeans.modules.form.compat2.layouts.DesignBoxLayout">
+                <Property name="axis" type="int" value="3"/>
+              </Layout>
               <SubComponents>
                 <Component class="javax.swing.JCheckBox" name="chkShowOnlyinscopeItem">
                   <Properties>
                     <Property name="text" type="java.lang.String" value="Show only in-scope items"/>
                   </Properties>
                 </Component>
+                <Component class="javax.swing.JCheckBox" name="chkHideItemsWithoutResponses">
+                  <Properties>
+                    <Property name="text" type="java.lang.String" value="Hide items without responses"/>
+                  </Properties>
+                </Component>
               </SubComponents>
             </Container>
             <Container class="javax.swing.JPanel" name="pnlExtension">
diff --git a/src/yagura/view/ResultFilterPopup.java b/src/yagura/view/ResultFilterPopup.java
@@ -66,6 +66,7 @@ private void initComponents() {
         pnlLeft = new javax.swing.JPanel();
         pnlFilterByRequest = new javax.swing.JPanel();
         chkShowOnlyinscopeItem = new javax.swing.JCheckBox();
+        chkHideItemsWithoutResponses = new javax.swing.JCheckBox();
         pnlExtension = new javax.swing.JPanel();
         txtShowOnly = new javax.swing.JTextField();
         txtHide = new javax.swing.JTextField();
@@ -136,11 +137,14 @@ public void windowDeactivated(java.awt.event.WindowEvent evt) {
         pnlLeft.setLayout(new javax.swing.BoxLayout(pnlLeft, javax.swing.BoxLayout.Y_AXIS));
 
         pnlFilterByRequest.setBorder(javax.swing.BorderFactory.createTitledBorder("Filter by request type"));
-        pnlFilterByRequest.setLayout(new javax.swing.BoxLayout(pnlFilterByRequest, javax.swing.BoxLayout.LINE_AXIS));
+        pnlFilterByRequest.setLayout(new javax.swing.BoxLayout(pnlFilterByRequest, javax.swing.BoxLayout.PAGE_AXIS));
 
         chkShowOnlyinscopeItem.setText("Show only in-scope items");
         pnlFilterByRequest.add(chkShowOnlyinscopeItem);
 
+        chkHideItemsWithoutResponses.setText("Hide items without responses");
+        pnlFilterByRequest.add(chkHideItemsWithoutResponses);
+
         pnlLeft.add(pnlFilterByRequest);
 
         pnlExtension.setBorder(javax.swing.BorderFactory.createTitledBorder("Filter by extension"));
@@ -267,6 +271,7 @@ public void run() {
     private javax.swing.JCheckBox chkGray;
     private javax.swing.JCheckBox chkGreen;
     private javax.swing.JCheckBox chkHide;
+    private javax.swing.JCheckBox chkHideItemsWithoutResponses;
     private javax.swing.JCheckBox chkMagenta;
     private javax.swing.JCheckBox chkNoselect;
     private javax.swing.JCheckBox chkOrange;
@@ -291,6 +296,7 @@ public void run() {
 
     public void setProperty(FilterProperty filterProp) {
         this.chkShowOnlyinscopeItem.setSelected(filterProp.getShowOnlyScopeItems());
+        this.chkHideItemsWithoutResponses.setSelected(filterProp.isHideItemsWithoutResponses());
         this.chkShowOnly.setSelected(filterProp.getShowOnly());
         this.txtShowOnly.setText(filterProp.getShowOnlyExtension());
         this.chkHide.setSelected(filterProp.getHide());
@@ -305,6 +311,7 @@ public void setProperty(FilterProperty filterProp) {
     public FilterProperty getProperty() {
         FilterProperty filterProp = new FilterProperty();
         filterProp.setShowOnlyScopeItems(this.chkShowOnlyinscopeItem.isSelected());
+        filterProp.setHideItemsWithoutResponses(this.chkHideItemsWithoutResponses.isSelected());
         filterProp.setShowOnly(this.chkShowOnly.isSelected());
         filterProp.setShowOnlyExtension(this.txtShowOnly.getText());
         filterProp.setHide(this.chkHide.isSelected());
@@ -382,9 +389,15 @@ public boolean include(RowFilter.Entry<? extends Object, ? extends Object> entry
                 HttpMessageItem item = HttpMessageItem.toHttpMessageItem(entry);
 
                 boolean showOnlyScopFilter = true;
+                // Filter by request type
                 if (this.filterProp.getShowOnlyScopeItems()) {
                     showOnlyScopFilter = BurpWrap.isInScope(item.getUrl());
                 }
+
+                boolean hideItemsWithoutResponses = true;
+                if (this.filterProp.isHideItemsWithoutResponses()) {
+                    hideItemsWithoutResponses = (item.getResponse() != null);
+                }
                 // status filter
                 boolean statusFilter = false;
                 if (showOnlyScopFilter) {
@@ -435,7 +448,7 @@ public boolean include(RowFilter.Entry<? extends Object, ? extends Object> entry
                         }
                     }
                 }
-                allFilter = (statusFilter && colorFilter && matchFilter && showOnlyScopFilter);
+                allFilter = (statusFilter && colorFilter && matchFilter && showOnlyScopFilter && hideItemsWithoutResponses);
             } catch (Exception ex) {
                 Logger.getLogger(ResultFilterPopup.class.getName()).log(Level.SEVERE, null, ex);
             }
