Skip to content

Commit

Permalink
Merge pull request #21 from augustd/fix-load-from-file
Browse files Browse the repository at this point in the history 
Fix load from file
  • Loading branch information
@augustd
augustd authored Nov 11, 2017
2 parents 2625c7a + 2c836dc commit 5660758
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 36 deletions.
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>com.codemagi</groupId>
<artifactId>burp-suite-utils</artifactId>
<version>1.0.11</version>
<version>1.0.12</version>
<packaging>jar</packaging>
<name>Burp Suite Utils</name>
<description>The Burp Suite Utils project provides developers with APIs for building Burp Suite Extensions.</description>
Expand Down
90 changes: 55 additions & 35 deletions src/main/java/com/codemagi/burp/RuleTableComponent.java
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,19 @@
package com.codemagi.burp;

import burp.IBurpExtenderCallbacks;
import burp.IHttpRequestResponse;
import burp.IHttpService;
import burp.impl.HttpService;
import com.codemagi.burp.parser.HttpRequest;
import com.codemagi.burp.parser.HttpResponse;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.Reader;
import java.io.StringReader;
import java.net.URL;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.swing.DefaultCellEditor;
import javax.swing.event.TableModelEvent;
import javax.swing.event.TableModelListener;
Expand Down Expand Up @@ -57,14 +54,9 @@ public RuleTableComponent(PassiveScan passiveScan, IBurpExtenderCallbacks callba
//restore saved settings
restoreSettings();

//load match rules from GitHub
boolean loadSuccess = loadMatchRules(urlTextField.getText());

//as a backup, load match rules from within the jar
if (!loadSuccess && backupUrl != null) {
mCallbacks.printOutput("WARNING: Failed to load remote match rules");
loadMatchRulesFromJar(backupUrl);
}
//load match rules from configured URL
MatchRulesLoader loader = new MatchRulesLoader(urlTextField.getText());
loader.start();

//add a listener for changes to the table model
final DefaultTableModel model = (DefaultTableModel)rules.getModel();
Expand Down Expand Up @@ -123,12 +115,13 @@ private boolean loadMatchRules(String rulesUrl) {
URL url = new URL(rulesUrl);
IHttpService service = new HttpService(url);
HttpRequest request = new HttpRequest(url);
HttpRequestThread requestThread = new HttpRequestThread(service, request.getBytes(), mCallbacks);
requestThread.start();
requestThread.join();
byte[] responseBytes = mCallbacks.makeHttpRequest(
service.getHost(),
service.getPort(),
HttpService.PROTOCOL_HTTPS.equalsIgnoreCase(service.getProtocol()),
request.getBytes());

//parse the response
byte[] responseBytes = requestThread.getResponse();
if (responseBytes == null) return false; //no response received from server
HttpResponse response = HttpResponse.parseMessage(responseBytes);

Expand All @@ -142,15 +135,35 @@ private boolean loadMatchRules(String rulesUrl) {

} catch (IOException e) {
scan.printStackTrace(e);
} catch (NumberFormatException e) {
scan.printStackTrace(e);
} catch (Exception e) {
scan.printStackTrace(e);
}

return false;
}

protected class MatchRulesLoader extends Thread {

private String rulesUrl;

public MatchRulesLoader(String rulesUrl) {
this.rulesUrl = rulesUrl;
}

@Override
public void run() {
boolean success = loadMatchRules(rulesUrl);

if (success) {
saveSettings();
} else if (!success && backupUrl != null) {
mCallbacks.printOutput("WARNING: Failed to load remote match rules");
success = loadMatchRulesFromJar(backupUrl);
}
}

}

/**
* Load match rules from within the jar
*/
Expand Down Expand Up @@ -210,15 +223,24 @@ private void processMatchRules(BufferedReader reader) throws IOException {
String[] values = str.split("\\t");
model.addRow(values);

Pattern pattern = Pattern.compile(values[0]);

scan.addMatchRule(new MatchRule(
pattern,
new Integer(values[1]),
values[2],
ScanIssueSeverity.fromName(values[3]),
ScanIssueConfidence.fromName(values[4]))
);
try {
Pattern pattern = Pattern.compile(values[0]);

scan.addMatchRule(new MatchRule(
pattern,
new Integer(values[1]),
values[2],
ScanIssueSeverity.fromName(values[3]),
ScanIssueConfidence.fromName(values[4]))
);
} catch (PatternSyntaxException pse) {
//in case the match pattern is invalid
mCallbacks.printError("Invalid match pattern: " + values[0]);

} catch (NumberFormatException e) {
//in case the match group is invalid
mCallbacks.printError("Invalid match group: " + values[1]);
}
}
}

Expand Down Expand Up @@ -387,12 +409,9 @@ public void actionPerformed(java.awt.event.ActionEvent evt) {
}// </editor-fold>//GEN-END:initComponents

private void loadBtnActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_loadBtnActionPerformed
//read value from text field
String url = urlTextField.getText();

//issue request to URL
boolean success = loadMatchRules(url);
if (success) saveSettings();
//issue request to URL in GUI
MatchRulesLoader loader = new MatchRulesLoader(urlTextField.getText());
loader.start();
}//GEN-LAST:event_loadBtnActionPerformed

private void urlTextFieldActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_urlTextFieldActionPerformed
Expand Down Expand Up @@ -423,9 +442,10 @@ private void resetButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-F

//load the defaults
urlTextField.setText(DEFAULT_URL);
loadMatchRules(DEFAULT_URL);

saveSettings();
//issue request to URL
MatchRulesLoader loader = new MatchRulesLoader(DEFAULT_URL);
loader.start();
}//GEN-LAST:event_resetButtonActionPerformed

// Variables declaration - do not modify//GEN-BEGIN:variables
Expand Down

0 comments on commit 5660758

Please sign in to comment.