Version: 2.1.4 Update

src/main/java/burp/BurpExtender.java

@@ -29,23 +29,26 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
         this.callbacks = callbacks;
         BurpExtender.helpers = callbacks.getHelpers();
 
-        String version = "2.1.2";
+        String version = "2.1.4";
         callbacks.setExtensionName(String.format("HaE (%s) - Highlighter and Extractor", version));
         // 定义输出
         stdout = new PrintWriter(callbacks.getStdout(), true);
         stdout.println("@Core Author: EvilChen");
-        stdout.println("@UI Author: 0chencc");
+        stdout.println("@Architecture Author: 0chencc");
         stdout.println("@Github: https://github.com/gh0stkey/HaE");
+        stdout.println("@Team: OverSpace Security Team");
         // UI
         SwingUtilities.invokeLater(this::initialize);
 
         callbacks.registerHttpListener(BurpExtender.this);
         callbacks.registerMessageEditorTabFactory(BurpExtender.this);
     }
+
     private void initialize(){
         callbacks.customizeUiComponent(main);
         callbacks.addSuiteTab(BurpExtender.this);
     }
+
     @Override
     public String getTabCaption(){
         return "HaE";
@@ -69,14 +72,9 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
             } else {
                 content = messageInfo.getResponse();
             }
+
             String c = new String(content, StandardCharsets.UTF_8).intern();
-            IHttpService iHttpService = null;
+            List<String> result = pm.processMessageByContent(helpers, content, messageIsRequest, true);
-            try {
-                iHttpService = messageInfo.getHttpService();
-            } catch(Exception e) {
-                // stdout.println("iHttpService Error: " + e);
-            }
-            List<String> result = pm.processMessageByContent(helpers, iHttpService, content, messageIsRequest, true);
             if (result != null && !result.isEmpty() && result.size() > 0) {
                 String originalColor = messageInfo.getHighlight();
                 String originalComment = messageInfo.getComment();
@@ -97,6 +95,7 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
 
     }
 
+
     class MarkInfoTab implements IMessageEditorTab {
         private final ITextEditor markInfoText;
         private byte[] currentMessage;
@@ -106,8 +105,8 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
 
         public MarkInfoTab(IMessageEditorController controller, boolean editable) {
             this.controller = controller;
-            markInfoText = callbacks.createTextEditor();
+            this.markInfoText = callbacks.createTextEditor();
-            markInfoText.setEditable(editable);
+            this.markInfoText.setEditable(editable);
         }
 
         @Override
@@ -117,45 +116,37 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
 
         @Override
         public Component getUiComponent() {
-            return markInfoText.getComponent();
+            return this.markInfoText.getComponent();
         }
 
         @Override
         public boolean isEnabled(byte[] content, boolean isRequest) {
             String c = new String(content, StandardCharsets.UTF_8).intern();
-            IHttpService iHttpService = null;
+            List<String> result = pm.processMessageByContent(helpers, content, isRequest, false);
-            try {
-                iHttpService = controller.getHttpService();
-            } catch(Exception e) {
-                // stdout.println("iHttpService Error: " + e);
-            }
-            List<String> result = pm.processMessageByContent(helpers, iHttpService, content, isRequest, false);
             if (result != null && !result.isEmpty()) {
                 if (isRequest) {
-                    extractRequestContent = result.get(0).getBytes();
+                    this.extractRequestContent = result.get(0).getBytes();
                 } else {
-                    extractResponseContent = result.get(0).getBytes();
+                    this.extractResponseContent = result.get(0).getBytes();
                 }
                 return true;
             }
-
             return false;
-
         }
 
         @Override
         public byte[] getMessage() {
-            return currentMessage;
+            return this.currentMessage;
         }
 
         @Override
         public boolean isModified() {
-            return markInfoText.isTextModified();
+            return this.markInfoText.isTextModified();
         }
 
         @Override
         public byte[] getSelectedData() {
-            return markInfoText.getSelectedText();
+            return this.markInfoText.getSelectedText();
         }
 
         /*
@@ -166,12 +157,12 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
             String c = new String(content, StandardCharsets.UTF_8).intern();
             if (content.length > 0) {
                 if (isRequest) {
-                    markInfoText.setText(extractRequestContent);
+                    this.markInfoText.setText(this.extractRequestContent);
                 } else {
-                    markInfoText.setText(extractResponseContent);
+                    this.markInfoText.setText(this.extractResponseContent);
                 }
             }
-            currentMessage = content;
+            this.currentMessage = content;
         }
     }
 

src/main/java/burp/Config.java

@@ -4,7 +4,8 @@ package burp;
  * @author EvilChen
  */
 
-import java.util.HashMap;
+import burp.yaml.LoadConfig;
+import java.util.Map;
 
 public class Config {
     public static String excludeSuffix = "3g2|3gp|7z|aac|abw|aif|aifc|aiff|arc|au|avi|azw|bin|bmp|bz|bz2|cmx|cod|csh|css|csv|doc|docx|eot|epub|gif|gz|ico|ics|ief|jar|jfif|jpe|jpeg|jpg|m3u|mid|midi|mjs|mp2|mp3|mpa|mpe|mpeg|mpg|mpkg|mpp|mpv2|odp|ods|odt|oga|ogv|ogx|otf|pbm|pdf|pgm|png|pnm|ppm|ppt|pptx|ra|ram|rar|ras|rgb|rmi|rtf|snd|svg|swf|tar|tif|tiff|ttf|vsd|wav|weba|webm|webp|woff|woff2|xbm|xls|xlsx|xpm|xul|xwd|zip|zip";
@@ -37,4 +38,6 @@ public class Config {
             "magenta",
             "gray"
     };
+
+    public static Map<String,Object[][]> ruleConfig = LoadConfig.getRules();
 }

src/main/java/burp/action/ExtractContent.java

@@ -3,6 +3,7 @@ package burp.action;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
 
+import burp.Config;
 import burp.yaml.LoadConfig;
 import dk.brics.automaton.Automaton;
 import dk.brics.automaton.AutomatonMatcher;
@@ -19,10 +20,9 @@ public class ExtractContent {
 
     public Map<String, Map<String, Object>> matchRegex(byte[] content, String headers, byte[] body, String scopeString) {
         Map<String, Map<String, Object>> map = new HashMap<>(); // 最终返回的结果
-        Map<String,Object[][]> rules = LoadConfig.getRules();
+        Config.ruleConfig.keySet().forEach(i -> {
-        rules.keySet().forEach(i -> {
             String matchContent = "";
-            for (Object[] objects : rules.get(i)) {
+            for (Object[] objects : Config.ruleConfig.get(i)) {
                 // 遍历获取规则
                 List<String> result = new ArrayList<>();
                 Map<String, Object> tmpMap = new HashMap<>();
@@ -34,7 +34,7 @@ public class ExtractContent {
                 String scope = objects[4].toString();
                 String engine = objects[5].toString();
                 // 判断规则是否开启与作用域
-                if (loaded && (scope.contains(scopeString) || scope.equals("any"))) {
+                if (loaded && (scope.contains(scopeString) || "any".equals(scope))) {
                     switch (scope) {
                         case "any":
                         case "request":
@@ -49,9 +49,11 @@ public class ExtractContent {
                         case "response body":
                             matchContent = new String(body, StandardCharsets.UTF_8).intern();
                             break;
+                        default:
+                            break;
                     }
 
-                    if (engine.equals("nfa")) {
+                    if ("nfa".equals(engine)) {
                         Pattern pattern = new Pattern(regex);
                         Matcher matcher = pattern.matcher(matchContent);
                         while (matcher.find()) {

src/main/java/burp/action/ProcessMessage.java

@@ -15,14 +15,19 @@ public class ProcessMessage {
     GetColorKey gck = new GetColorKey();
     UpgradeColor uc = new UpgradeColor();
 
-    public List<String> processMessageByContent(IExtensionHelpers helpers, IHttpService httpService, byte[] content, boolean isRequest, boolean messageInfo) {
+    public List<String> processMessageByContent(IExtensionHelpers helpers, byte[] content, boolean isRequest, boolean messageInfo) {
         List<String> result = new ArrayList<>();;
         Map<String, Map<String, Object>> obj;
 
         if (isRequest) {
+
+            // 获取报文头
+            List<String> requestTmpHeaders = helpers.analyzeRequest(content).getHeaders();
+            String requestHeaders = String.join("\n", requestTmpHeaders);
+
             try {
                 // 流量清洗
-                String urlString = helpers.analyzeRequest(httpService, content).getUrl().toString();
+                String urlString = requestTmpHeaders.get(0).split(" ")[1];
                 urlString = urlString.indexOf("?") > 0 ? urlString.substring(0, urlString.indexOf("?")) : urlString;
 
                 // 正则判断
@@ -32,12 +37,10 @@ public class ProcessMessage {
             } catch (Exception e) {
                 return result;
             }
-            // 获取报文头
+
-            List<String> requestTmpHeaders = helpers.analyzeRequest(httpService, content).getHeaders();
-            String requestHeaders = String.join("\n", requestTmpHeaders);
 
             // 获取报文主体
-            int requestBodyOffset = helpers.analyzeRequest(httpService, content).getBodyOffset();
+            int requestBodyOffset = helpers.analyzeRequest(content).getBodyOffset();
             byte[] requestBody = Arrays.copyOfRange(content, requestBodyOffset, content.length);
 
             obj = ec.matchRegex(content, requestHeaders, requestBody, "request");

src/main/java/burp/ui/MainUI.java

@@ -1,5 +1,6 @@
 package burp.ui;
 
+import burp.Config;
 import burp.yaml.LoadConfig;
 import burp.yaml.SetConfig;
 
@@ -47,25 +48,18 @@ public class MainUI extends JPanel{
         int selectframe = selectFile.showDialog(new JLabel(),"Select");
         if (selectframe == JFileChooser.APPROVE_OPTION){
             String configpath = selectFile.getSelectedFile().toString();
-            reloadRule(configpath);
+            reloadRule();
             loadConn.setConfigPath(configpath);
         }
-        configFilepathtext.setText(loadConn.getConfigPath());
+        configFilepathtext.setText(LoadConfig.getConfigPath());
         reloadRule();
     }
-    private void reloadRule(String configFile){
+
-        tabbedPane1.removeAll();
-        Map<String,Object[][]> config = loadConn.getRules();
-        ruleSwitch.setListen(false);
-        config.keySet().forEach(i->tabbedPane1.addTab(i,new RulePane(config.get(i),tabbedPane1)));
-        tabbedPane1.addTab("...",new JLabel());
-        ruleSwitch.setListen(true);
-    }
     private void reloadRule(){
         tabbedPane1.removeAll();
-        Map<String,Object[][]> config = loadConn.getRules();
         ruleSwitch.setListen(false);
-        config.keySet().forEach(i->tabbedPane1.addTab(i,new RulePane(config.get(i),tabbedPane1))
+        Map<String,Object[][]> rules = LoadConfig.getRules();
+        rules.keySet().forEach(i->tabbedPane1.addTab(i,new RulePane(Config.ruleConfig.get(i),tabbedPane1))
         );
         tabbedPane1.addTab("...",new JLabel());
         ruleSwitch.setListen(true);
@@ -76,7 +70,6 @@ public class MainUI extends JPanel{
     }
 
     private void ESSaveMouseClicked(MouseEvent e) {
-        // TODO add your code here
         LoadConfig loadCon = new LoadConfig();
         loadCon.setExcludeSuffix(EStext.getText());
     }
@@ -175,13 +168,12 @@ public class MainUI extends JPanel{
                 new Insets(0, 0, 0, 0), 0, 0));
         // JFormDesigner - End of component initialization  //GEN-END:initComponents
 
-        Map<String,Object[][]> config = loadConn.getRules();
+        Config.ruleConfig.keySet().forEach(i->tabbedPane1.addTab(i,new RulePane(Config.ruleConfig.get(i),tabbedPane1)));
-        config.keySet().forEach(i->tabbedPane1.addTab(i,new RulePane(config.get(i),tabbedPane1)));
 
         tabbedPane1.addTab("...",new JLabel());
 
         //TabTitleEditListener ruleSwitch = new TabTitleEditListener(tabbedPane1);
-        configFilepathtext.setText(loadConn.getConfigPath());
+        configFilepathtext.setText(LoadConfig.getConfigPath());
         EStext.setText(loadConn.getExcludeSuffix());
         ruleSwitch = new TabTitleEditListener(tabbedPane1);
         tabbedPane1.addChangeListener(ruleSwitch);

src/main/java/burp/yaml/LoadConfig.java

@@ -80,21 +80,20 @@ public class LoadConfig {
     public static String getConfigPath(){
         try {
             InputStream inorder = new FileInputStream(SettingPath);
-            Map<String,Object> r;
+            Map<String,Object> r = yaml.load(inorder);
-            r = yaml.load(inorder);
             return r.get("configPath").toString();
         } catch (FileNotFoundException e) {
             e.printStackTrace();
             return ConfigPath;
         }
+
     }
 
     // 获取不包含的后缀名
     public String getExcludeSuffix(){
         try {
             InputStream inorder = new FileInputStream(SettingPath);
-            Map<String,Object> r;
+            Map<String,Object> r = yaml.load(inorder);
-            r = yaml.load(inorder);
             return r.get("excludeSuffix").toString();
         } catch (FileNotFoundException e) {
             e.printStackTrace();

src/main/java/burp/yaml/SetConfig.java

@@ -1,5 +1,6 @@
 package burp.yaml;
 
+import burp.Config;
 import burp.yaml.template.Rule;
 import burp.yaml.template.Rules;
 import org.yaml.snakeyaml.DumperOptions;
@@ -17,8 +18,6 @@ import java.util.*;
 
 public class SetConfig {
 
-    private Map<String, Object[][]> ruleConfig = LoadConfig.getRules();
-
     public void format() {
         DumperOptions dop = new DumperOptions();
         dop.setDefaultFlowStyle(DumperOptions.FlowStyle.BLOCK);
@@ -28,12 +27,12 @@ public class SetConfig {
         RulesConfig con = new RulesConfig();
         List<Rules> rls = new ArrayList<>();
 
-        ruleConfig.keySet().forEach(i->
+        Config.ruleConfig.keySet().forEach(i->
         {
             Rules rlsTmp = new Rules();
             rlsTmp.setType(i);
             List<Rule> rl = new ArrayList<>();
-            for (Object[] objects : ruleConfig.get(i)) {
+            for (Object[] objects : Config.ruleConfig.get(i)) {
                 Rule rlTmp = new Rule();
                 rlTmp.setName((String) objects[1]);
                 rlTmp.setLoaded((Boolean) objects[0]);
@@ -57,46 +56,44 @@ public class SetConfig {
     }
 
     public void edit(Vector data, int select, String type) {
-        ruleConfig = LoadConfig.getRules();
+        Config.ruleConfig.get(type)[select] = data.toArray();
-        ruleConfig.get(type)[select] = data.toArray();
         this.format();
     }
 
     public void add(Vector data, String type) {
-        ruleConfig = LoadConfig.getRules();
+        ArrayList<Object[]> x = new ArrayList<>(Arrays.asList(Config.ruleConfig.get(type)));
-        ArrayList<Object[]> x = new ArrayList<>(Arrays.asList(ruleConfig.get(type)));
         x.add(data.toArray());
-        ruleConfig.put(type,x.toArray(new Object[x.size()][]));
+        Config.ruleConfig.put(type,x.toArray(new Object[x.size()][]));
         this.format();
     }
     public void remove(int select,String type) {
-        ruleConfig = LoadConfig.getRules();
+        ArrayList<Object[]> x = new ArrayList<>(Arrays.asList(Config.ruleConfig.get(type)));
-        ArrayList<Object[]> x = new ArrayList<>(Arrays.asList(ruleConfig.get(type)));
         x.remove(select);
-        ruleConfig.put(type,x.toArray(new Object[x.size()][]));
+        Config.ruleConfig.put(type,x.toArray(new Object[x.size()][]));
         this.format();
     }
 
     public void rename(String oldName, String newName) {
-        ruleConfig = LoadConfig.getRules();
+        Config.ruleConfig.put(newName, Config.ruleConfig.remove(oldName));
-        ruleConfig.put(newName, ruleConfig.remove(oldName));
         this.format();
     }
 
     public void deleteRules(String Rules) {
-        ruleConfig = LoadConfig.getRules();
+        Config.ruleConfig.remove(Rules);
-        ruleConfig.remove(Rules);
         this.format();
     }
     public String newRules() {
         int i = 0;
-        ruleConfig = LoadConfig.getRules();
         String name = "New ";
-        Object[][] data = new Object[][]{{false, "New Name", "(New Regex)", "gray", "any", "nfa"}};
+        Object[][] data = new Object[][]{
-        while (ruleConfig.containsKey(name + i)) {
+                {
+                    false, "New Name", "(New Regex)", "gray", "any", "nfa"
+                }
+        };
+        while (Config.ruleConfig.containsKey(name + i)) {
             i++;
         }
-        ruleConfig.put(name+i, data);
+        Config.ruleConfig.put(name + i, data);
         this.format();
         return name + i;
     }