admin/HaE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:2.4.3
Branches Tags
admin:main admin:file admin:network
admin:4.3.1 admin:4.3 admin:4.2.1 admin:4.2 admin:4.1.2 admin:4.1.1 admin:4.1 admin:4.0.5 admin:4.0.4 admin:4.0.3 admin:4.0.2 admin:4.0.1 admin:4.0 admin:3.4 admin:3.3.4 admin:3.3.3 admin:3.3.2 admin:3.3.1 admin:3.3 admin:3.2.2 admin:3.2.1 admin:3.2 admin:3.1 admin:3.0.2 admin:3.0.1 admin:3.0 admin:2.6.1 admin:2.6 admin:2.5.11 admin:2.5.10 admin:2.5.9 admin:2.5.8 admin:2.5.7 admin:2.5.6 admin:2.5.5 admin:2.5.4.1 admin:2.5.4 admin:2.5.3 admin:2.5.2 admin:2.5.1 admin:2.5 admin:2.4.7 admin:2.4.8 admin:2.4.6 admin:2.4.5 admin:2.4.4 admin:2.4.3 admin:2.4.2 admin:2.4.1 admin:2.4 admin:2.3 admin:2.2.3 admin:2.2.2 admin:2.2.1 admin:2.2 admin:2.1.5 admin:2.1.6 admin:2.1.4 admin:2.1.3 admin:2.1.2 admin:2.1.1 admin:2.1 admin:2.0.7 admin:2.0.6 admin:2.0.5 admin:2.0.4 admin:2.0.3 admin:2.0.2 admin:2.0.1 admin:2.0 admin:1.5.1 admin:1.5 admin:1.4.2 admin:1.4.1 admin:1.4 admin:1.3 admin:1.2 admin:1.1 admin:1.0
..
compare: admin:2.4.7
Branches Tags
admin:file admin:main admin:network
admin:4.3.1 admin:4.3 admin:4.2.1 admin:4.2 admin:4.1.2 admin:4.1.1 admin:4.1 admin:4.0.5 admin:4.0.4 admin:4.0.3 admin:4.0.2 admin:4.0.1 admin:4.0 admin:3.4 admin:3.3.4 admin:3.3.3 admin:3.3.2 admin:3.3.1 admin:3.3 admin:3.2.2 admin:3.2.1 admin:3.2 admin:3.1 admin:3.0.2 admin:3.0.1 admin:3.0 admin:2.6.1 admin:2.6 admin:2.5.11 admin:2.5.10 admin:2.5.9 admin:2.5.8 admin:2.5.7 admin:2.5.6 admin:2.5.5 admin:2.5.4.1 admin:2.5.4 admin:2.5.3 admin:2.5.2 admin:2.5.1 admin:2.5 admin:2.4.7 admin:2.4.8 admin:2.4.6 admin:2.4.5 admin:2.4.4 admin:2.4.3 admin:2.4.2 admin:2.4.1 admin:2.4 admin:2.3 admin:2.2.3 admin:2.2.2 admin:2.2.1 admin:2.2 admin:2.1.5 admin:2.1.6 admin:2.1.4 admin:2.1.3 admin:2.1.2 admin:2.1.1 admin:2.1 admin:2.0.7 admin:2.0.6 admin:2.0.5 admin:2.0.4 admin:2.0.3 admin:2.0.2 admin:2.0.1 admin:2.0 admin:1.5.1 admin:1.5 admin:1.4.2 admin:1.4.1 admin:1.4 admin:1.3 admin:1.2 admin:1.1 admin:1.0

9 Commits
2.4.3 ... 2.4.7

Author SHA1 Message Date
gh0stkey
e1c05ba10d Version: 2.4.7 Update 2023-09-28 01:48:51 +08:00
gh0stkey
6a17064b3a Version: 2.4.7 Update 2023-09-28 01:42:09 +08:00
gh0stkey
e698bb1caa Version: 2.4.7 Update 2023-09-28 01:23:36 +08:00
gh0stkey
a69503ca3d Version: 2.4.7 Update 2023-09-27 23:55:02 +08:00
AnonymousUser
d590d4a70e Version: 2.4.6 Update 2023-02-22 17:36:50 +08:00
AnonymousUser
548339fa58 Version: 2.4.6 Update 2023-02-22 17:25:55 +08:00
AnonymousUser
df4496d4fd Version: 2.4.5 Update 2022-12-18 16:12:16 +08:00
AnonymousUser
48e355ac54 Update 2022-12-18 15:09:28 +08:00
AnonymousUser
b784aa1425 Version: 2.4.4 Update 2022-09-26 18:49:35 +08:00
8 changed files with 211 additions and 129 deletions
Expand all files Collapse all files

BIN
images/16000720732854.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 167 KiB

After

Width:  |  Height:  |  Size: 140 KiB

BIN
images/databoard.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 82 KiB

After

Width:  |  Height:  |  Size: 55 KiB

9
src/main/java/burp/BurpExtender.java
View File

@@ -34,7 +34,7 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
this.callbacks = callbacks;
BurpExtender.helpers = callbacks.getHelpers();
String version = "2.4.3";
String version = "2.4.7";
callbacks.setExtensionName(String.format("HaE (%s) - Highlighter and Extractor", version));
// 定义输出
stdout = new PrintWriter(callbacks.getStdout(), true);
@@ -104,7 +104,6 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
messageInfo.setHighlight(color);
String addComment = String.join(", ", result.get(1).get("comment"));
stdout.println(addComment);
String resComment = !Objects.equals(originalComment, "") ? String.format("%s, %s", originalComment, addComment) : addComment;
messageInfo.setComment(resComment);
@@ -144,6 +143,7 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
public boolean isEnabled(byte[] content, boolean isRequest) {
String c = new String(content, StandardCharsets.UTF_8).intern();
List<Map<String, String>> result = pm.processMessageByContent(helpers, content, isRequest, false, "");
if (result != null && !result.isEmpty()) {
Map<String, String> dataMap = result.get(0);
if (isRequest) {
@@ -209,7 +209,10 @@ public class BurpExtender implements IBurpExtender, IHttpListener, IMessageEdito
data[x][0] = extractData[x];
// stdout.println(extractData[x]);
}
JScrollPane jScrollPane = new JScrollPane(new JTable(data, new Object[]{"Information"}));
JTable infoTable = new JTable(data, new Object[]{"Information"});
infoTable.setAutoCreateRowSorter(true);
JScrollPane jScrollPane = new JScrollPane(infoTable);
lTitleList.add(i);
this.jTabbedPane.addTab(i, jScrollPane);
});

4
src/main/java/burp/Config.java
View File

@@ -9,10 +9,12 @@ import java.util.List;
import java.util.Map;
public class Config {
public static String excludeSuffix = "3g2|3gp|7z|aac|abw|aif|aifc|aiff|arc|au|avi|azw|bin|bmp|bz|bz2|cmx|cod|csh|css|csv|doc|docx|eot|epub|gif|gz|ico|ics|ief|jar|jfif|jpe|jpeg|jpg|m3u|mid|midi|mjs|mp2|mp3|mpa|mpe|mpeg|mpg|mpkg|mpp|mpv2|odp|ods|odt|oga|ogv|ogx|otf|pbm|pdf|pgm|png|pnm|ppm|ppt|pptx|ra|ram|rar|ras|rgb|rmi|rtf|snd|svg|swf|tar|tif|tiff|ttf|vsd|wav|weba|webm|webp|woff|woff2|xbm|xls|xlsx|xpm|xul|xwd|zip|zip";
public static String excludeSuffix = "3g2|3gp|7z|aac|abw|aif|aifc|aiff|apk|arc|au|avi|azw|bat|bin|bmp|bz|bz2|cmd|cmx|cod|com|csh|css|csv|dll|doc|docx|ear|eot|epub|exe|flac|flv|gif|gz|ico|ics|ief|jar|jfif|jpe|jpeg|jpg|less|m3u|mid|midi|mjs|mkv|mov|mp2|mp3|mp4|mpa|mpe|mpeg|mpg|mpkg|mpp|mpv2|odp|ods|odt|oga|ogg|ogv|ogx|otf|pbm|pdf|pgm|png|pnm|ppm|ppt|pptx|ra|ram|rar|ras|rgb|rmi|rtf|scss|sh|snd|svg|swf|tar|tif|tiff|ttf|vsd|war|wav|weba|webm|webp|wmv|woff|woff2|xbm|xls|xlsx|xpm|xul|xwd|zip";
public static String[] scopeArray = new String[] {
"any",
"any header",
"any body",
"response",
"response header",
"response body",

75
src/main/java/burp/action/ExtractContent.java
View File

@@ -1,5 +1,6 @@
package burp.action;
import burp.BurpExtender;
import java.nio.charset.StandardCharsets;
import java.util.*;
import burp.Config;
@@ -19,8 +20,10 @@ public class ExtractContent {
public Map<String, Map<String, Object>> matchRegex(byte[] content, String headers, byte[] body, String scopeString, String host) {
Map<String, Map<String, Object>> map = new HashMap<>(); // 最终返回的结果
Config.ruleConfig.keySet().forEach(i -> {
String matchContent = "";
for (Object[] objects : Config.ruleConfig.get(i)) {
// 多线程执行,一定程度上减少阻塞现象
Thread t = new Thread(() -> {
String matchContent = "";
// 遍历获取规则
List<String> result = new ArrayList<>();
Map<String, Object> tmpMap = new HashMap<>();
@@ -33,17 +36,19 @@ public class ExtractContent {
String engine = objects[5].toString();
boolean sensitive = (Boolean) objects[6];
// 判断规则是否开启与作用域
if (loaded && (scope.contains(scopeString) || "any".equals(scope))) {
if (loaded && (scope.contains(scopeString) || scope.contains("any"))) {
switch (scope) {
case "any":
case "request":
case "response":
matchContent = new String(content, StandardCharsets.UTF_8).intern();
break;
case "any header":
case "request header":
case "response header":
matchContent = headers;
break;
case "any body":
case "request body":
case "response body":
matchContent = new String(body, StandardCharsets.UTF_8).intern();
@@ -84,48 +89,58 @@ public class ExtractContent {
result.clear();
result.addAll(tmpList);
String nameAndSize = String.format("%s (%s)", name, result.size());
if (!result.isEmpty()) {
tmpMap.put("color", color);
tmpMap.put("data", String.join("\n", result));
// 初始化格式
map.put(name, tmpMap);
}
}
}
});
String dataStr = String.join("\n", result);
tmpMap.put("data", dataStr);
map.put(nameAndSize, tmpMap);
// 将提取的数据存放到全局变量中
// 添加到全局变量中便于Databoard检索
if (!host.isEmpty()) {
map.keySet().forEach(i -> {
Map<String, Object> tmpMap = map.get(i);
List<String> dataList = Arrays.asList(tmpMap.get("data").toString().split("\n"));
// 判断Host是否存在如存在则进行数据更新反之则新增数据
String[] splitHost = host.split("\\.");
String anyHost = (splitHost.length > 2 && !host.matches("\\b(?:\\d{1,3}\\.){3}\\d{1,3}\\b")) ? host.replace(splitHost[0], "*") : "";
List<String> dataList = Arrays.asList(dataStr.split("\n"));
if (Config.globalDataMap.containsKey(host)) {
Map<String, List<String>> gRuleMap = Config.globalDataMap.get(host);
// 判断匹配规则是否存在逻辑同Host判断
if (gRuleMap.containsKey(i)) {
List<String> gDataList = gRuleMap.get(i);
List<String> mergeDataList = new ArrayList<>();
// 合并两个List
mergeDataList.addAll(gDataList);
mergeDataList.addAll(dataList);
// 去重操作
HashSet tmpList = new HashSet(mergeDataList);
mergeDataList.clear();
mergeDataList.addAll(tmpList);
// 替换操作
gRuleMap.replace(i, gDataList, mergeDataList);
Map<String, List<String>> gRuleMap = new HashMap<>(Config.globalDataMap.get(host));
if (gRuleMap.containsKey(name)) {
List<String> gDataList = gRuleMap.get(name);
gDataList.addAll(dataList);
gDataList = new ArrayList<>(new HashSet<>(gDataList));
gRuleMap.replace(name, gDataList);
} else {
gRuleMap.put(i, dataList);
gRuleMap.put(name, dataList);
}
Config.globalDataMap.remove(host);
Config.globalDataMap.put(host, gRuleMap);
} else {
Map<String, List<String>> ruleMap = new HashMap<>();
ruleMap.put(i, dataList);
ruleMap.put(name, dataList);
// 添加单一Host
Config.globalDataMap.put(host, ruleMap);
}
if (!Config.globalDataMap.containsKey(anyHost) && anyHost.length() > 0) {
// 添加通配符Host实际数据从查询哪里将所有数据提取
Config.globalDataMap.put(anyHost, new HashMap<>());
} else if (!Config.globalDataMap.containsKey("*")) {
// 添加通配符全匹配,同上
Config.globalDataMap.put("*", new HashMap<>());
}
}
}
}
});
t.start();
try {
t.join();
} catch (InterruptedException e) {
BurpExtender.stdout.println(e);
}
}
});
return map;
}
}

3
src/main/java/burp/action/ProcessMessage.java
View File

@@ -1,5 +1,6 @@
package burp.action;
import burp.BurpExtender;
import burp.IExtensionHelpers;
import java.util.ArrayList;
import java.util.Arrays;
@@ -37,7 +38,6 @@ public class ProcessMessage {
return result;
}
// 获取报文主体
int requestBodyOffset = helpers.analyzeRequest(content).getBodyOffset();
byte[] requestBody = Arrays.copyOfRange(content, requestBodyOffset, content.length);
@@ -62,7 +62,6 @@ public class ProcessMessage {
// 获取报文主体
int responseBodyOffset = helpers.analyzeResponse(content).getBodyOffset();
byte[] responseBody = Arrays.copyOfRange(content, responseBodyOffset, content.length);
obj = ec.matchRegex(content, responseHeaders, responseBody, "response", host);
}

74
src/main/java/burp/ui/Databoard.java
View File

@@ -1,6 +1,8 @@
package burp.ui;
import burp.Config;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import javax.swing.table.DefaultTableModel;
import org.jetbrains.annotations.NotNull;
@@ -14,7 +16,7 @@ import javax.swing.event.DocumentEvent;
import javax.swing.event.DocumentListener;
/**
* @author LinChen
* @author LinChen && EvilChen
*/
public class Databoard extends JPanel {
@@ -22,11 +24,31 @@ public class Databoard extends JPanel {
initComponents();
}
/**
* 清空数据
*/
private void clearActionPerformed(ActionEvent e) {
// 清空页面
dataTabbedPane.removeAll();
String host = hostTextField.getText();
if (host.contains("*")) {
Map<String, Map<String, List<String>>> ruleMap = Config.globalDataMap;
ruleMap.keySet().forEach(i -> {
if (i.contains(host.replace("*.", "")) || host.equals("*")) {
Config.globalDataMap.remove(i);
}
});
} else {
Config.globalDataMap.remove(host);
}
}
private void initComponents() {
// JFormDesigner - Component initialization - DO NOT MODIFY //GEN-BEGIN:initComponents
hostLabel = new JLabel();
hostTextField = new JTextField();
dataTabbedPane = new JTabbedPane();
clearButton = new JButton();
//======== this ========
setLayout(new GridBagLayout());
@@ -43,7 +65,11 @@ public class Databoard extends JPanel {
add(hostTextField, new GridBagConstraints(2, 0, 1, 1, 0.0, 0.0,
GridBagConstraints.CENTER, GridBagConstraints.BOTH,
new Insets(8, 0, 5, 5), 0, 0));
clearButton.setText("Clear");
clearButton.addActionListener(this::clearActionPerformed);
add(clearButton, new GridBagConstraints(3, 0, 1, 1, 0.0, 0.0,
GridBagConstraints.CENTER, GridBagConstraints.BOTH,
new Insets(8, 0, 5, 5), 0, 0));
add(dataTabbedPane, new GridBagConstraints(1, 1, 3, 2, 0.0, 0.0,
GridBagConstraints.CENTER, GridBagConstraints.BOTH,
new Insets(8, 0, 0, 5), 0, 0));
@@ -56,9 +82,7 @@ public class Databoard extends JPanel {
*/
private static List<String> getHostByList(){
List<String> hostList = new ArrayList<>();
Config.globalDataMap.keySet().forEach(i -> {
hostList.add(i);
});
hostList.addAll(Config.globalDataMap.keySet());
return hostList;
}
@@ -143,10 +167,15 @@ public class Databoard extends JPanel {
if (!input.isEmpty()){
for (String host : getHostByList()) {
if (host.toLowerCase().contains(input.toLowerCase())) {
if (host.length() == input.length()){
comboBoxModel.insertElementAt(host,0);
comboBoxModel.setSelectedItem(host);
}else{
comboBoxModel.addElement(host);
}
}
}
}
hostComboBox.setPopupVisible(comboBoxModel.getSize() > 0);
isMatchHost = false;
}
@@ -159,10 +188,37 @@ public class Databoard extends JPanel {
private static void getInfoByHost(@NotNull JComboBox hostComboBox, JTabbedPane tabbedPane, JTextField textField) {
if (hostComboBox.getSelectedItem() != null) {
Map<String, Map<String, List<String>>> ruleMap = Config.globalDataMap;
Map<String, List<String>> selectUrl = ruleMap.get(hostComboBox.getSelectedItem());
Map<String, List<String>> selectHost = new HashMap<>();
String host = hostComboBox.getSelectedItem().toString();
if (host.contains("*")) {
// 通配符数据
Map<String, List<String>> finalSelectHost = selectHost;
ruleMap.keySet().forEach(i -> {
if (i.contains(host.replace("*.", "")) || host.equals("*")) {
ruleMap.get(i).keySet().forEach(e -> {
if (finalSelectHost.containsKey(e)) {
// 合并操作
List<String> newList = new ArrayList<>(finalSelectHost.get(e));
newList.addAll(ruleMap.get(i).get(e));
// 去重操作
HashSet tmpList = new HashSet(newList);
newList.clear();
newList.addAll(tmpList);
// 添加操作
finalSelectHost.put(e, newList);
} else {
finalSelectHost.put(e, ruleMap.get(i).get(e));
}
});
}
});
} else {
selectHost = ruleMap.get(host);
}
tabbedPane.removeAll();
for(Map.Entry<String, List<String>> entry: selectUrl.entrySet()){
tabbedPane.addTab(entry.getKey(), new JScrollPane(new HitRuleDataList(entry.getValue())));
for(Map.Entry<String, List<String>> entry: selectHost.entrySet()){
tabbedPane.addTab(String.format("%s (%s)", entry.getKey(), entry.getValue().size()), new JScrollPane(new HitRuleDataList(entry.getValue())));
}
textField.setText(hostComboBox.getSelectedItem().toString());
}
@@ -172,6 +228,7 @@ public class Databoard extends JPanel {
private JLabel hostLabel;
private JTextField hostTextField;
private JTabbedPane dataTabbedPane;
private JButton clearButton;
// JFormDesigner - End of variables declaration //GEN-END:variables
// 是否自动匹配Host
@@ -185,6 +242,7 @@ class HitRuleDataList extends JTable {
data[x][0] = list.get(x);
}
model.setDataVector(data, new Object[]{"Information"});
this.setAutoCreateRowSorter(true);
this.setModel(model);
}
}

9
src/main/java/burp/ui/MainUI.java
View File

@@ -18,7 +18,7 @@ import java.awt.event.*;
import java.util.Map;
/**
* @author LinChen
* @author LinChen && EvilChen
*/
public class MainUI extends JPanel{
@@ -45,7 +45,11 @@ public class MainUI extends JPanel{
}
private void onlineUpdateActionPerformed(ActionEvent e) {
String url = "https://raw.githubusercontent.com/gh0stkey/HaE/gh-pages/Config.yml";
// 添加提示框防止用户误触导致配置更新
int retCode = JOptionPane.showConfirmDialog(null, "Do you want to update config?", "Info",
JOptionPane.YES_NO_CANCEL_OPTION);
if (retCode == JOptionPane.YES_OPTION) {
String url = "https://cdn.jsdelivr.net/gh/gh0stkey/HaE@gh-pages/Config.yml";
OkHttpClient httpClient = new OkHttpClient();
Request httpRequest = new Request.Builder().url(url).get().build();
try {
@@ -64,6 +68,7 @@ public class MainUI extends JPanel{
new LoadConfig();
reloadRule();
}
}
private void reloadRule(){
ruleTabbedPane.removeAll();