2021-06-10 22:59:27 +08:00
|
|
|
package burp.action;
|
|
|
|
|
|
2021-09-07 22:09:42 +08:00
|
|
|
import java.nio.charset.StandardCharsets;
|
2021-06-10 22:59:27 +08:00
|
|
|
import java.util.*;
|
|
|
|
|
|
|
|
|
|
import dk.brics.automaton.Automaton;
|
|
|
|
|
import dk.brics.automaton.AutomatonMatcher;
|
|
|
|
|
import dk.brics.automaton.RegExp;
|
|
|
|
|
import dk.brics.automaton.RunAutomaton;
|
|
|
|
|
import jregex.Matcher;
|
|
|
|
|
import jregex.Pattern;
|
|
|
|
|
|
|
|
|
|
import burp.yaml.LoadRule;
|
|
|
|
|
import burp.yaml.LoadConfigFile;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* @author EvilChen
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
public class ExtractContent {
|
|
|
|
|
|
|
|
|
|
public Map<String, Map<String, Object>> matchRegex(byte[] content, String headers, byte[] body, String scopeString) {
|
|
|
|
|
Map<String, Map<String, Object>> map = new HashMap<>(); // 最终返回的结果
|
2021-09-07 22:09:42 +08:00
|
|
|
new LoadRule(LoadConfigFile.getConfigPath());
|
|
|
|
|
Map<String,Object[][]> rules = LoadRule.getConfig();
|
2021-06-10 22:59:27 +08:00
|
|
|
rules.keySet().forEach(i -> {
|
|
|
|
|
String matchContent = "";
|
|
|
|
|
for (Object[] objects : rules.get(i)) {
|
|
|
|
|
// 遍历获取规则
|
2021-07-06 18:33:11 +08:00
|
|
|
List<String> result = new ArrayList<>();
|
2021-06-10 22:59:27 +08:00
|
|
|
Map<String, Object> tmpMap = new HashMap<>();
|
|
|
|
|
|
|
|
|
|
String name = objects[1].toString();
|
|
|
|
|
boolean loaded = (Boolean) objects[0];
|
|
|
|
|
String regex = objects[2].toString();
|
|
|
|
|
String color = objects[3].toString();
|
|
|
|
|
String scope = objects[4].toString();
|
|
|
|
|
String engine = objects[5].toString();
|
|
|
|
|
// 判断规则是否开启与作用域
|
2021-06-12 15:19:39 +08:00
|
|
|
if (loaded && (scope.contains(scopeString) || scope.equals("any"))) {
|
2021-06-10 22:59:27 +08:00
|
|
|
switch (scope) {
|
|
|
|
|
case "any":
|
|
|
|
|
case "request":
|
|
|
|
|
case "response":
|
2021-09-07 22:09:42 +08:00
|
|
|
matchContent = new String(content, StandardCharsets.UTF_8).intern();
|
2021-06-10 22:59:27 +08:00
|
|
|
break;
|
|
|
|
|
case "request header":
|
|
|
|
|
case "response header":
|
|
|
|
|
matchContent = headers;
|
|
|
|
|
break;
|
|
|
|
|
case "request body":
|
|
|
|
|
case "response body":
|
2021-09-07 22:09:42 +08:00
|
|
|
matchContent = new String(body, StandardCharsets.UTF_8).intern();
|
2021-06-10 22:59:27 +08:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (engine.equals("nfa")) {
|
|
|
|
|
Pattern pattern = new Pattern(regex);
|
|
|
|
|
Matcher matcher = pattern.matcher(matchContent);
|
|
|
|
|
while (matcher.find()) {
|
|
|
|
|
// 添加匹配数据至list
|
|
|
|
|
// 强制用户使用()包裹正则
|
|
|
|
|
result.add(matcher.group(1));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2021-09-07 22:09:42 +08:00
|
|
|
RegExp regexp = new RegExp(regex);
|
|
|
|
|
Automaton auto = regexp.toAutomaton();
|
2021-06-10 22:59:27 +08:00
|
|
|
RunAutomaton runAuto = new RunAutomaton(auto, true);
|
|
|
|
|
AutomatonMatcher autoMatcher = runAuto.newMatcher(matchContent);
|
|
|
|
|
while (autoMatcher.find()) {
|
|
|
|
|
// 添加匹配数据至list
|
|
|
|
|
// 强制用户使用()包裹正则
|
|
|
|
|
result.add(autoMatcher.group());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 去除重复内容
|
|
|
|
|
HashSet tmpList = new HashSet(result);
|
|
|
|
|
result.clear();
|
|
|
|
|
result.addAll(tmpList);
|
|
|
|
|
|
|
|
|
|
if (!result.isEmpty()) {
|
|
|
|
|
tmpMap.put("color", color);
|
|
|
|
|
tmpMap.put("data", String.join("\n", result));
|
|
|
|
|
// 初始化格式
|
|
|
|
|
map.put(name, tmpMap);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return map;
|
|
|
|
|
}
|
|
|
|
|
}
|
