Version: 2.0.6 Update

README.md

@@ -85,3 +85,11 @@ https://gh0st.cn/HaE/
 随笔: 正义感是一个不可丢失的东西。
 
 Github项目地址（BUG、需求、正则欢迎提交）: https://github.com/gh0stkey/HaE
+
+## 404StarLink 2.0 - Galaxy
+
+![404StarLink Logo](https://github.com/knownsec/404StarLink-Project/raw/master/logo.png)
+
+`HaE` 是 404Team [星链计划2.0](https://github.com/knownsec/404StarLink2.0-Galaxy) 中的一环，如果对 `HaE` 有任何疑问又或是想要找小伙伴交流，可以参考星链计划的加群方式。
+
+- [https://github.com/knownsec/404StarLink2.0-Galaxy#community](https://github.com/knownsec/404StarLink2.0-Galaxy#community)

src/main/java/burp/BurpExtender.java

@@ -33,7 +33,7 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
         this.callbacks = callbacks;
         BurpExtender.helpers = callbacks.getHelpers();
 
-        String version = "2.0.4";
+        String version = "2.0.6";
         callbacks.setExtensionName(String.format("HaE (%s) - Highlighter and Extractor", version));
         // 定义输出
         stdout = new PrintWriter(callbacks.getStdout(), true);
@@ -73,18 +73,8 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
         // 判断是否是响应，且该代码作用域为：REPEATER、INTRUDER、PROXY（分别对应toolFlag 64、32、4）
         if (toolFlag == 64 || toolFlag == 32 || toolFlag == 4) {
             Map<String, Map<String, Object>> obj;
-            byte[] content = messageInfo.getRequest();
-            // 获取报文头
-            List<String> tmpHeaders = helpers.analyzeRequest(messageInfo.getHttpService(), content).getHeaders();
-            String headers = String.join("\n", tmpHeaders);
-
-            // 获取报文主体
-            int bodyOffset = helpers.analyzeRequest(messageInfo.getHttpService(), content).getBodyOffset();
-            byte[] byteRequest = messageInfo.getRequest();
-            byte[] body = Arrays.copyOfRange(byteRequest, bodyOffset, byteRequest.length);
-
             // 流量清洗
-            String urlString = helpers.analyzeRequest(messageInfo.getHttpService(), content).getUrl().toString();
+            String urlString = helpers.analyzeRequest(messageInfo.getHttpService(), messageInfo.getRequest()).getUrl().toString();
             urlString = urlString.indexOf("?") > 0 ? urlString.substring(0, urlString.indexOf("?")) : urlString;
 
             // 正则判断
@@ -93,10 +83,28 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
             }
 
             if (messageIsRequest) {
-                obj = ec.matchRegex(content, headers, body, "request");
+                byte[] byteRequest = messageInfo.getRequest();
+                // 获取报文头
+                List<String> requestTmpHeaders = helpers.analyzeRequest(messageInfo.getHttpService(), byteRequest).getHeaders();
+                String requestHeaders = String.join("\n", requestTmpHeaders);
+
+                // 获取报文主体
+                int requestBodyOffset = helpers.analyzeRequest(messageInfo.getHttpService(), byteRequest).getBodyOffset();
+                byte[] requestBody = Arrays.copyOfRange(byteRequest, requestBodyOffset, byteRequest.length);
+
+                obj = ec.matchRegex(byteRequest, requestHeaders, requestBody, "request");
             } else {
-                content = messageInfo.getResponse();
+                byte[] byteResponse = messageInfo.getResponse();
-                obj = ec.matchRegex(content, headers, body, "response");
+
+                // 获取报文头
+                List<String> responseTmpHeaders = helpers.analyzeRequest(messageInfo.getHttpService(), byteResponse).getHeaders();
+                String responseHeaders = String.join("\n", responseTmpHeaders);
+
+                // 获取报文主体
+                int responseBodyOffset = helpers.analyzeResponse(byteResponse).getBodyOffset();
+                byte[] responseBody = Arrays.copyOfRange(byteResponse, responseBodyOffset, byteResponse.length);
+
+                obj = ec.matchRegex(byteResponse, responseHeaders, responseBody, "response");
             }
 
             List<String> colorList = da.highlightList(obj);
@@ -147,32 +155,31 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
                 } catch (Exception e) {
                     return false;
                 }
+                IRequestInfo iRequestInfo = helpers.analyzeRequest(controller.getHttpService(), content);
 
                 // 获取报文头
-                List<String> tmpHeaders = helpers.analyzeRequest(controller.getHttpService(), content).getHeaders();
+                List<String> requestTmpHeaders = iRequestInfo.getHeaders();
-                String headers = String.join("\n", tmpHeaders);
+                String requestHeaders = String.join("\n", requestTmpHeaders);
                 // 获取报文主体
-                int bodyOffset = helpers.analyzeRequest(controller.getHttpService(), content).getBodyOffset();
+                int requestBodyOffset = iRequestInfo.getBodyOffset();
-                byte[] byteRequest = controller.getRequest();
+                byte[] requestBody = Arrays.copyOfRange(content, requestBodyOffset, content.length);
-                byte[] body = Arrays.copyOfRange(byteRequest, bodyOffset, byteRequest.length);
 
-                obj = ec.matchRegex(content, headers, body, "request");
+                obj = ec.matchRegex(content, requestHeaders, requestBody, "request");
                 if (obj.size() > 0) {
                     String result = da.extractString(obj);
                     extractRequestContent = result.getBytes();
                     return true;
                 }
             } else {
-
+                IResponseInfo iResponseInfo = helpers.analyzeResponse(content);
                 // 获取报文头
-                List<String> tmpHeaders1 = helpers.analyzeResponse(content).getHeaders();
+                List<String> responseTmpHeaders = iResponseInfo.getHeaders();
-                String headers1 = String.join("\n", tmpHeaders1);
+                String responseHeaders = String.join("\n", responseTmpHeaders);
                 // 获取报文主体
-                int bodyOffset1 = helpers.analyzeResponse(content).getBodyOffset();
+                int responseBodyOffset = iResponseInfo.getBodyOffset();
-                byte[] byteRequest1 = controller.getResponse();
+                byte[] responseBody = Arrays.copyOfRange(content, responseBodyOffset, content.length);
-                byte[] body = Arrays.copyOfRange(byteRequest1, bodyOffset1, byteRequest1.length);
 
-                obj = ec.matchRegex(content, headers1, body, "response");
+                obj = ec.matchRegex(content, responseHeaders, responseBody, "response");
                 if (obj.size() > 0) {
                     String result = da.extractString(obj);
                     extractResponseContent = result.getBytes();

src/main/java/burp/action/ExtractContent.java

@@ -28,7 +28,7 @@ public class ExtractContent {
             String matchContent = "";
             for (Object[] objects : rules.get(i)) {
                 // 遍历获取规则
-                List<String> result = new ArrayList<String>();
+                List<String> result = new ArrayList<>();
                 Map<String, Object> tmpMap = new HashMap<>();
 
                 String name = objects[1].toString();