admin/HaE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Readme

Browse Source
This commit is contained in:
AnonymousUser
2020-10-06 23:33:01 +08:00
parent 098b8e80d5
commit 91dc5f22f6
2 changed files with 138 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
README.md
View File

@@ -1,101 +1,91 @@
# HaE - Highlighter and Extractor
## 介绍
Note: My english is not very good, Thanks!
**HaE**是基于 `BurpSuite` 插件 `JavaAPI` 开发的请求高亮标记与信息提取的辅助型插件。
Read Chinese simplified version ([README_zh](README_zh.md)).
## Introduction
**HaE** is used to highlight HTTP requests and extract information from HTTP response messages.
![-w1070](images/16000706401522.jpg)
该插件可以通过自定义正则的方式匹配**响应报文**,可以自行决定符合该自定义正则匹配的相应请求是否需要高亮标记、信息提取。
The plugin can custom regular expression to match HTTP response messages. You can decide for yourself whether the corresponding request that meets the custom regular expression match needs to be highlighted and information extracted.
****`HaE`的使用,对测试人员来说需要基本的正则表达式基础,由于`Java`正则表达式的库并没有`Python`的优雅或方便在使用正则的HaE要求使用者必须使用`()`将所需提取的表达式内容包含;例如你要匹配一个**Shiro应用**的响应报文,正常匹配规则为`rememberMe=delete`,如果你要提取这段内容的话就需要变成`(rememberMe=delete)`
**Note**The use of HaE requires a basic regular expression foundation for testers. Since the Java regular expression library is not as elegant or convenient as Python, when using regular expressions, HaE requires users to use `()` to extract what they need The expression content contains; for example, if you want to match a response message of a Shiro application, the normal matching rule is `rememberMe=delete`, if you want to extract this content, you need to become `(rememberMe=delete)`.
## 使用方法
## Instructions
插件装载:`Extender - Extensions - Add - Select File - Next`
Load: `Extender - Extensions - Add - Select File - Next`
初次装载`HaE`会初始化配置文件,默认配置文件内置一个正则:`Email`,初始化的配置文件会放在与`BurpSuite Jar`包同级目录下。
The configuration file is initialized when HaE is loaded for the first time. The default configuration file has a built-in regular expression: `Email`. The initialized configuration file will be placed in the same directory as the BurpSuite Jar package.
![-w330](images/16000708493657.jpg)
除了初始化的配置文件外,还有`init.hae`,该文件用于存储配置文件路径;`HaE`支持自定义配置文件路径,你可以通过点击`Select File`按钮进行选择自定义配置文件。
In addition to the initial configuration file, there is `init.hae`, which is used to store the configuration file path; `HaE` supports custom configuration file paths, and you can select a custom configuration file by clicking the `Select File` button.
![-w477](images/16000710069404.jpg)
HaE支持三个动作:
HaE supports three actions:
1. 重载规则(Reload当你不使用HaE UI界面去修改配置文件内的规则时而是直接基于配置文件进行修改规则时可使用
2. 新建规则New新建规则会自动添加一行表格数据单击或双击进行修改数据即可自动保存
3. 删除规则(Delete):单击选中某条规则时,按下该按钮即可删除规则。
1. Reload: It can be used when you do not use the HaE UI interface to modify the rules in the configuration file, but directly modify the rules based on the configuration file;
2. New: Add a new rule will automatically add a row of table data, click or double-click to modify the data to automatically save;
3. Delete: When you click to select a rule, press this button to delete the rule.
****HaE的操作都是基于表单UI的方式操作即会自动保存。
**Note**`HaE's operations` are based on the form UI, and all operations will be automatically saved.
## 插件优点
## Plugin Advantages
1. 多选项自定义控制适配需求;
2. 多颜色高亮分类将BurpSuite的所有高亮颜色集成`red, orange, yellow, green, cyan, blue, pink, magenta, gray`
3. 颜色升级算法利用下标的方式进行优先级排序当满足2个同颜色条件则以优先级顺序上升颜色。例如**两个正则,颜色为橘黄色,该请求两个正则都匹配到了,那么将升级为红色**
4. 简单的配置文件格式选用JSON格式格式为
1. Multi-option custom adaptation requirements;
2. Multi-color classification (colors of BurpSuite)`red, orange, yellow, green, cyan, blue, pink, magenta, gray`;
3. Color upgrade algorithm: **Two regulars expression, the colors are both orange, if the request are matched these, it will be upgraded to red.**
4. The configuration file format uses JSON format, the format is
```
{name: {"loaded": isLoaded:,"regex": regexText, "highlight": isHighlight, "extract": isExtract, "color": colorText}}
```
5. 内置简单缓存,在“多正则、大数据”的场景下减少卡顿现象。
5. Built-in simple cache to reduce the stuttering phenomenon in the `multi-regular, big data scenario`.
## 实际使用
## Actual Use
使用 RGPerson 生成测试数据,放入网站根目录文件中:
Use RGPerson to generate test data and put it in the root directory file of the website:
![-w467](images/16000719723284.jpg)
访问该地址,在`Proxy - HTTP History`中可以看见高亮请求,响应标签页中含有`MarkINFO`标签,其中将匹配到的信息提取了出来。
Visit the address, you can see the highlighted request in the `Proxy-HTTP History`, and you can see the response tab contains the `MarkINFO` tag, which extracts the matched information.
![-w1047](images/16000720732854.jpg)
## 正则优化
## Regular Expression Optimization
有些正则在实战应用场景中并不理想
Some regular expression are not ideal in actual combat application scenarios.
在正则匹配手机号、身份证号码的时候(纯数字类)会存在一些误报(这里匹配身份证号码无法进行校验,误报率很高),但手机号处理这一块可以解决:
There will be some false positives when regular expression matching mobile phone numbers (pure numbers), the mobile phone number processing can be solved:
原正则
Original regular expression
```
1[3-9]\d{9}
```
误报场景:`12315188888888123`,这时候会匹配到`15188888888`,而实际上这一段并不是手机号,所以修改正则为:
False positive scenario: `12315188888888123`, it will match `15188888888`, but this paragraph is not a mobile phone number, so the modification rule is:
```
[^0-9]+(1[3-9]\d{9})[^0-9]+
```
也就是要求匹配的手机号前后不能为0-9的数字。
The mobile phone number required to be matched cannot be a number from 0-9.
## 实战用法
1. CMS指纹识别Discuz正则`(Powered by Discuz!)`
2. OSS对象存储信息泄露正则`([A|a]ccess[K|k]ey[I|i]d|[A|a]ccess[K|k]ey[S|s]ecret)`
3. 内网地址信息提取,正则:`(?:10\.\d{1,3}\.\d{1,3}\.\d{1,3})|(?:172\.(?:(?:1[6-9])|(?:2\d)|(?:3[01]))\.\d{1,3}\.\d{1,3})|(?:192\.168\.\d{1,3}\.\d{1,3})`
4. 实战插件关联搭配漏洞挖掘案例https://mp.weixin.qq.com/s/5vNn7dMRZBtv0ojPBAHV7Q
### Include Regular Expression List
...还有诸多使用方法等待大家去发掘。
## 文末
随笔:正义感是一个不可丢失的东西。
Github项目地址BUG、需求、正则欢迎提交https://github.com/gh0stkey/HaE
### 收录正则列表
身份证号码来自https://github.com/gh0stkey/HaE/issues/3
Chinese ID-NumberFrom: https://github.com/gh0stkey/HaE/issues/3
```
[^0-9]([1-9]\d{5}(18|19|([23]\d))\d{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx])|([1-9]\d{5}\d{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)\d{2}[0-9Xx])[^0-9]
```
邮箱地址
Email Address
```
([\w-]+(?:\.[\w-]+)*@(?:[\w](?:[\w-]*[\w])?\.)+[\w](?:[\w-]*[\w])?)