Version: 2.5.9 Update
This commit is contained in:
gh0stkey
@@ -1,5 +1,6 @@
|
||||
package burp.core.processor;
|
||||
|
||||
import burp.BurpExtender;
|
||||
import burp.core.GlobalCachePool;
|
||||
import burp.core.utils.HashCalculator;
|
||||
import burp.core.utils.MatchTool;
|
||||
@@ -13,6 +14,7 @@ import java.nio.charset.StandardCharsets;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.*;
|
||||
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
import jregex.Matcher;
|
||||
import jregex.Pattern;
|
||||
|
||||
@@ -93,31 +95,37 @@ public class DataProcessingUnit {
|
||||
break;
|
||||
}
|
||||
|
||||
if ("nfa".equals(engine)) {
|
||||
Pattern pattern;
|
||||
// 判断规则是否大小写敏感
|
||||
if (sensitive) {
|
||||
pattern = new Pattern(regex);
|
||||
} else {
|
||||
pattern = new Pattern(regex, Pattern.IGNORE_CASE);
|
||||
}
|
||||
try {
|
||||
if ("nfa".equals(engine)) {
|
||||
Pattern pattern;
|
||||
// 判断规则是否大小写敏感
|
||||
if (sensitive) {
|
||||
pattern = new Pattern(regex);
|
||||
} else {
|
||||
pattern = new Pattern(regex, Pattern.IGNORE_CASE);
|
||||
}
|
||||
|
||||
Matcher matcher = pattern.matcher(matchContent);
|
||||
while (matcher.find()) {
|
||||
// 添加匹配数据至list
|
||||
// 强制用户使用()包裹正则
|
||||
result.add(matcher.group(1));
|
||||
}
|
||||
} else {
|
||||
RegExp regexp = new RegExp(regex);
|
||||
Automaton auto = regexp.toAutomaton();
|
||||
RunAutomaton runAuto = new RunAutomaton(auto, true);
|
||||
AutomatonMatcher autoMatcher = runAuto.newMatcher(matchContent);
|
||||
while (autoMatcher.find()) {
|
||||
// 添加匹配数据至list
|
||||
// 强制用户使用()包裹正则
|
||||
result.add(autoMatcher.group());
|
||||
Matcher matcher = pattern.matcher(matchContent);
|
||||
while (matcher.find()) {
|
||||
// 添加匹配数据至list
|
||||
// 强制用户使用()包裹正则
|
||||
result.add(matcher.group(1));
|
||||
}
|
||||
} else {
|
||||
RegExp regexp = new RegExp(regex);
|
||||
Automaton auto = regexp.toAutomaton();
|
||||
RunAutomaton runAuto = new RunAutomaton(auto, true);
|
||||
AutomatonMatcher autoMatcher = runAuto.newMatcher(matchContent);
|
||||
while (autoMatcher.find()) {
|
||||
// 添加匹配数据至list
|
||||
// 强制用户使用()包裹正则
|
||||
result.add(autoMatcher.group());
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
BurpExtender.stdout.println(String.format("[x] Error Info:\nName: %s\nRegex: %s", name, regex));
|
||||
e.printStackTrace();
|
||||
continue;
|
||||
}
|
||||
|
||||
// 去除重复内容
|
||||
@@ -135,7 +143,7 @@ public class DataProcessingUnit {
|
||||
if (!Objects.equals(host, "") && host != null) {
|
||||
List<String> dataList = Arrays.asList(dataStr.split("\n"));
|
||||
if (ConfigEntry.globalDataMap.containsKey(host)) {
|
||||
Map<String, List<String>> gRuleMap = new HashMap<>(ConfigEntry.globalDataMap.get(host));
|
||||
ConcurrentHashMap<String, List<String>> gRuleMap = new ConcurrentHashMap<>(ConfigEntry.globalDataMap.get(host));
|
||||
if (gRuleMap.containsKey(name)) {
|
||||
// gDataList为不可变列表,因此需要重新创建一个列表以便于使用addAll方法
|
||||
List<String> gDataList = gRuleMap.get(name);
|
||||
|
||||
@@ -23,9 +23,29 @@ public class MessageProcessor {
|
||||
|
||||
List<Map<String, String>> reqObj = processRequestMessage(helpers, requestByte, host, actionFlag);
|
||||
List<Map<String, String>> resObj = processResponseMessage(helpers, responseByte, host, actionFlag);
|
||||
List<Map<String, String>> mergedList = new ArrayList<>();
|
||||
|
||||
List<Map<String, String>> mergedList = new ArrayList<>(reqObj);
|
||||
mergedList.addAll(resObj);
|
||||
if (reqObj != null && !reqObj.isEmpty()) {
|
||||
if (resObj != null && !resObj.isEmpty()) {
|
||||
List<String> colorList = new ArrayList<>();
|
||||
|
||||
colorList.add(reqObj.get(0).get("color"));
|
||||
colorList.add(resObj.get(0).get("color"));
|
||||
Map<String, String> colorMap = new HashMap<>();
|
||||
colorMap.put("color", colorProcessor.retrieveFinalColor(colorProcessor.retrieveColorIndices(colorList)));
|
||||
|
||||
Map<String, String> commentMap = new HashMap<>();
|
||||
String commentList = String.format("%s, %s", reqObj.get(1).get("comment"), resObj.get(1).get("comment"));
|
||||
commentMap.put("comment", commentList);
|
||||
|
||||
mergedList.add(0, colorMap);
|
||||
mergedList.add(1, commentMap);
|
||||
} else {
|
||||
mergedList = new ArrayList<>(reqObj);
|
||||
}
|
||||
} else if (resObj != null && !resObj.isEmpty()){
|
||||
mergedList = new ArrayList<>(resObj);
|
||||
}
|
||||
|
||||
return mergedList;
|
||||
}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
package burp.core.utils;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
public class StringHelper {
|
||||
public static String replaceFirstOccurrence(String original, String find, String replace) {
|
||||
int index = original.indexOf(find);
|
||||
@@ -27,4 +30,37 @@ public class StringHelper {
|
||||
// 如果patternIndex为-1,表示pattern字符串已经完全匹配
|
||||
return patternIndex == -1;
|
||||
}
|
||||
|
||||
public static String mergeComment(String comment) {
|
||||
if (!comment.contains(",")) {
|
||||
return comment;
|
||||
}
|
||||
|
||||
Map<String, Integer> itemCounts = new HashMap<>();
|
||||
String[] items = comment.split(", ");
|
||||
|
||||
for (String item : items) {
|
||||
if (item.contains("(") && item.contains(")")) {
|
||||
int openParenIndex = item.lastIndexOf("(");
|
||||
int closeParenIndex = item.lastIndexOf(")");
|
||||
String itemName = item.substring(0, openParenIndex).trim();
|
||||
int count = Integer.parseInt(item.substring(openParenIndex + 1, closeParenIndex).trim());
|
||||
itemCounts.put(itemName, itemCounts.getOrDefault(itemName, 0) + count);
|
||||
} else {
|
||||
itemCounts.put(item, 0);
|
||||
}
|
||||
}
|
||||
|
||||
StringBuilder mergedItems = new StringBuilder();
|
||||
|
||||
for (Map.Entry<String, Integer> entry : itemCounts.entrySet()) {
|
||||
String itemName = entry.getKey();
|
||||
int count = entry.getValue();
|
||||
if (count != 0) {
|
||||
mergedItems.append(itemName).append(" (").append(count).append("), ");
|
||||
}
|
||||
}
|
||||
|
||||
return mergedItems.substring(0, mergedItems.length() - 2);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user