├── .gitignore ├── README.md ├── doc └── sqlmap4burp++ui.png ├── pom.xml └── src └── main └── java └── burp ├── BurpExtender.java ├── Config.java ├── ConfigDlg.java ├── GBC.java ├── Menu.java ├── SqlmapStarter.java └── Util.java /.gitignore: -------------------------------------------------------------------------------- 1 | /out 2 | /.idea 3 | *.class 4 | src/META-INF/* 5 | .DS_Store 6 | target/ 7 | *.iml -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # sqlmap4burp++ | burp联动sqlmap插件 2 | ## 0x01 插件简介 3 | sqlmap4burp++对[sqlmap4burp](https://github.com/difcareer/sqlmap4burp)进行了重构,可在多个平台下快速联动Burp与sqlmap。 4 | 5 | ![插件ui](doc/sqlmap4burp++ui.png) 6 | 7 | 在sqlmap4burp基础上进行了如下改动: 8 | 9 | * 在支持Windows基础上,拓展对Linux,macOS的支持 10 | * 移除对commons-io-.jar,commons-langs-.jar的依赖 11 | * 移除Burpsuite JTab控件,采用弹窗式配置,让界面更加简洁易用。 12 | * 移除了多余的代码 13 | 14 | 想了解更多重构细节移步:[《重构sqlmap4burp》](http://gv7.me/articles/2019/refactoring-sqlmap4burp/) 15 | 16 | ## 0x02 插件编译 17 | 18 | ``` 19 | mvn package 20 | ``` 21 | 22 | ## 0x03 插件演示 23 | 已经在如下系统测试成功: 24 | * Windows:7,10 25 | * macOS:Mojave 10.14.5 26 | * Linux:Kali2019.2 27 | 28 | [![视频演示](https://img.youtube.com/vi/1RWVkztssvw/0.jpg)](https://www.youtube.com/watch?v=1RWVkztssvw) 29 | 30 | ## 0x04 FQA 31 | #### 1.在macOS下无法弹出Terminal? 32 | 出现这种情况,一般有以下两个原因。 33 | * 原因一:没有允许运行外部`Burp suite`运行`osascript`。 34 | * 原因二:没有启动终端(Terminal),请将其启动。若已经是运行状态,那么请重启它! 35 | 36 | #### 2.在Linux下弹出Terminal,为何没有执行命令呢? 37 | 这是正常现象,插件已经将命令复制到剪贴板,将其粘贴到弹出的命令窗口即可!目前插件在Linux下暂时无法实现启动Terminal的同时使其运行sqlmap命令,所以暂时采用这种临时的方法。 38 | 39 | #### 3.插件每次都必须要配置`Python name`和`Sqlmap path`么? 40 | 这两个配置是插件保证正常运行的关键,但并不需要每次配置,只需要第一次使用插件时配置好即可。之后无论是关闭插件,重启Burp suite,配置内容都会被记录好。 41 | ## 0x05 参考项目 42 | * https://github.com/blueroutecn/Burpsuite4Extender 43 | * https://github.com/difcareer/sqlmap4burp 44 | -------------------------------------------------------------------------------- /doc/sqlmap4burp++ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/c0ny1/sqlmap4burp-plus-plus/5bf40a3444196370e61ec2aaeb2cb34f6116cfbc/doc/sqlmap4burp++ui.png -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 4.0.0 6 | 7 | me.gv7.tools.burpextend 8 | sqlmap4burp-plus-plus 9 | 0.1 10 | 11 | 12 | 13 | 14 | net.portswigger.burp.extender 15 | burp-extender-api 16 | 1.7.22 17 | 18 | 19 | 20 | 1.6 21 | 1.6 22 | 23 | 24 | 25 | 26 | 27 | org.apache.maven.plugins 28 | maven-assembly-plugin 29 | 30 | 31 | package 32 | 33 | single 34 | 35 | 36 | 37 | 38 | 39 | jar-with-dependencies 40 | 41 | 42 | 43 | 44 | 45 | 46 | -------------------------------------------------------------------------------- /src/main/java/burp/BurpExtender.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | import java.io.PrintWriter; 4 | 5 | public class BurpExtender implements IBurpExtender { 6 | public static IExtensionHelpers helpers; 7 | public static IBurpExtenderCallbacks callbacks; 8 | public static PrintWriter stdout; 9 | public static PrintWriter stderr; 10 | 11 | @Override 12 | public void registerExtenderCallbacks(final IBurpExtenderCallbacks callbacks) { 13 | this.helpers = callbacks.getHelpers(); 14 | this.callbacks = callbacks; 15 | this.stdout = new PrintWriter(callbacks.getStdout(),true); 16 | this.stderr = new PrintWriter(callbacks.getStderr(),true); 17 | 18 | callbacks.registerContextMenuFactory(new Menu()); 19 | callbacks.setExtensionName(String.format("%s %s",Config.getExtenderName(),Config.getExtenderVersion())); 20 | stdout.println(Util.getBanner()); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/burp/Config.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | public class Config { 4 | private static final String EXTENDER_NAME = "sqlmap4burp++"; 5 | private static final String EXTENDER_VERSION = "0.2"; 6 | private static String PYTHON_NAME = "python"; 7 | private static String SQLMAP_PATH = "sqlmap"; 8 | private static String REQUST_FILE_PATH = ""; 9 | private static String SQLMAP_OPTIONS_COMMAND = ""; 10 | private static String OS_TYPE; 11 | private static boolean IS_INJECT = false; 12 | 13 | 14 | public static String getExtenderName() { 15 | return EXTENDER_NAME; 16 | } 17 | 18 | public static String getExtenderVersion() { 19 | return EXTENDER_VERSION; 20 | } 21 | 22 | public static String getPythonName() { 23 | try { 24 | String val = BurpExtender.callbacks.loadExtensionSetting("PYTHON_NAME"); 25 | if(val == null){ 26 | return Config.PYTHON_NAME; 27 | }else{ 28 | return val; 29 | } 30 | }catch(Exception e){ 31 | return Config.PYTHON_NAME; 32 | } 33 | } 34 | 35 | public static void setPythonName(String pythonName) { 36 | BurpExtender.callbacks.saveExtensionSetting("PYTHON_NAME", String.valueOf(pythonName)); 37 | Config.SQLMAP_PATH = pythonName; 38 | } 39 | 40 | public static String getSqlmapPath() { 41 | try { 42 | String val = BurpExtender.callbacks.loadExtensionSetting("SQLMAP_PATH"); 43 | if(val == null){ 44 | return Config.SQLMAP_PATH; 45 | }else{ 46 | return val; 47 | } 48 | }catch(Exception e){ 49 | return Config.SQLMAP_PATH; 50 | } 51 | } 52 | 53 | public static void setSqlmapPath(String sqlmapPath) { 54 | BurpExtender.callbacks.saveExtensionSetting("SQLMAP_PATH", String.valueOf(sqlmapPath)); 55 | Config.SQLMAP_PATH = sqlmapPath; 56 | } 57 | 58 | public static String getRequstFilePath() { 59 | return REQUST_FILE_PATH; 60 | } 61 | 62 | public static void setRequstFilePath(String requstFilePath) { 63 | REQUST_FILE_PATH = requstFilePath; 64 | } 65 | 66 | public static String getSqlmapOptionsCommand() { 67 | try { 68 | String val = BurpExtender.callbacks.loadExtensionSetting("SQLMAP_OPTIONS_COMMAND"); 69 | if(val == null){ 70 | return Config.SQLMAP_OPTIONS_COMMAND; 71 | }else{ 72 | return val; 73 | } 74 | }catch(Exception e){ 75 | return Config.SQLMAP_OPTIONS_COMMAND; 76 | } 77 | } 78 | 79 | public static void setSqlmapOptionsCommand(String sqlmapOptionsCommand) { 80 | BurpExtender.callbacks.saveExtensionSetting("SQLMAP_OPTIONS_COMMAND", String.valueOf(sqlmapOptionsCommand)); 81 | Config.SQLMAP_OPTIONS_COMMAND = sqlmapOptionsCommand; 82 | } 83 | 84 | public static String getOsType() { 85 | return OS_TYPE; 86 | } 87 | 88 | public static void setOsType(String osType) { 89 | OS_TYPE = osType; 90 | } 91 | 92 | public static boolean isIsInject() { 93 | return IS_INJECT; 94 | } 95 | 96 | public static void setIsInject(boolean isInject) { 97 | IS_INJECT = isInject; 98 | } 99 | } 100 | -------------------------------------------------------------------------------- /src/main/java/burp/ConfigDlg.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | import javax.swing.*; 4 | import java.awt.*; 5 | import java.awt.event.ActionEvent; 6 | import java.awt.event.ActionListener; 7 | import java.awt.event.WindowAdapter; 8 | import java.awt.event.WindowEvent; 9 | 10 | /** 11 | * 配置窗口类,负责显示配置窗口,处理窗口消息 12 | */ 13 | public class ConfigDlg extends JDialog { 14 | private final JPanel mainPanel = new JPanel(); 15 | 16 | private final JLabel lbPythonName = new JLabel("Python name:"); 17 | private final JTextField tfPythonName = new JTextField(30); 18 | private final JLabel lbSqlmapPath = new JLabel("Sqlmap path:"); 19 | private final JTextField tfSqlmapPath = new JTextField(30); 20 | private final JButton btnBrowse = new JButton("Browse"); 21 | private final JLabel lbSqlmapOption = new JLabel("Sqlmap option:"); 22 | private final JTextField tfSqlmapOption = new JTextField(30); 23 | private final JLabel lbPrompt = new JLabel("Prompt:"); 24 | 25 | private final JButton btnOK = new JButton("OK"); 26 | private final JButton btnCancel = new JButton("Cancel"); 27 | 28 | 29 | public ConfigDlg(){ 30 | initGUI(); 31 | initEvent(); 32 | initValue(); 33 | this.setTitle("sqlmap4burp++ config"); 34 | } 35 | 36 | 37 | /** 38 | * 初始化UI 39 | */ 40 | private void initGUI(){ 41 | JLabel lbPythonNameHelp = new JLabel("?"); 42 | lbPythonNameHelp.setToolTipText("eg: python,python2,python3,py2,py3,..."); 43 | JLabel lbSqlmapOptionHelp = new JLabel("?"); 44 | lbSqlmapOptionHelp.setToolTipText("eg: --level 5,--batch,..."); 45 | 46 | mainPanel.setLayout(new GridBagLayout()); 47 | mainPanel.add(lbPythonName,new GBC(0,0,2,1).setFill(GBC.BOTH).setInsets(10,10,2,0)); 48 | mainPanel.add(tfPythonName, new GBC(2,0,3,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 49 | mainPanel.add(lbPythonNameHelp,new GBC(5,0,6,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 50 | mainPanel.add(lbSqlmapPath,new GBC(0,1,2,1).setFill(GBC.BOTH).setInsets(10,10,2,0)); 51 | mainPanel.add(tfSqlmapPath,new GBC(2,1,3,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 52 | mainPanel.add(btnBrowse,new GBC(5,1,1,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 53 | mainPanel.add(lbSqlmapOption,new GBC(0,2,2,1).setFill(GBC.BOTH).setInsets(10,10,2,0)); 54 | mainPanel.add(tfSqlmapOption,new GBC(2,2,3,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 55 | mainPanel.add(lbSqlmapOptionHelp,new GBC(5,2,1,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 56 | mainPanel.add(btnOK,new GBC(0,3,1,1).setFill(GBC.BOTH).setInsets(10,10,10,0)); 57 | mainPanel.add(btnCancel,new GBC(1,3,1,1).setFill(GBC.BOTH).setInsets(10,0,10,10)); 58 | 59 | if(Util.getOSType() == Util.OS_LINUX){ 60 | lbPrompt.setText("Notice: The command will be copied to the clipboard. Paste it into Terminal!"); 61 | mainPanel.add(lbPrompt,new GBC(2,3,1,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 62 | }else if(Util.getOSType() == Util.OS_MAC){ 63 | lbPrompt.setText("Notice: Please ensure that Terminal is in running state!"); 64 | mainPanel.add(lbPrompt,new GBC(2,3,1,1).setFill(GBC.BOTH).setInsets(10,0,2,10)); 65 | } 66 | lbPrompt.setForeground(new Color(0,0,255)); 67 | 68 | this.setModal(true); 69 | this.setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); 70 | this.add(mainPanel); 71 | //使配置窗口自动适应控件大小,防止部分控件无法显示 72 | this.pack(); 73 | //居中显示配置窗口 74 | Dimension screensize=Toolkit.getDefaultToolkit().getScreenSize(); 75 | this.setBounds(screensize.width/2-this.getWidth()/2,screensize.height/2-this.getHeight()/2,this.getWidth(),this.getHeight()); 76 | BurpExtender.callbacks.customizeUiComponent(this); 77 | } 78 | 79 | 80 | /** 81 | * 初始化事件 82 | */ 83 | private void initEvent(){ 84 | 85 | btnBrowse.addActionListener(new ActionListener() { 86 | public void actionPerformed(ActionEvent e) { 87 | JFileChooser chooser = new JFileChooser(); 88 | chooser.setFileSelectionMode(JFileChooser.FILES_ONLY);//设置只能选择目录 89 | int returnVal = chooser.showOpenDialog(ConfigDlg.this); 90 | if(returnVal == JFileChooser.APPROVE_OPTION) { 91 | String selectPath =chooser.getSelectedFile().getPath() ; 92 | tfSqlmapPath.setText(selectPath); 93 | chooser.hide(); 94 | } 95 | } 96 | }); 97 | 98 | 99 | btnOK.addActionListener(new ActionListener() { 100 | @Override 101 | public void actionPerformed(ActionEvent e) { 102 | Config.setIsInject(true); 103 | Config.setPythonName(tfPythonName.getText().trim()); 104 | Config.setSqlmapPath(tfSqlmapPath.getText().trim()); 105 | Config.setSqlmapOptionsCommand(tfSqlmapOption.getText().trim()); 106 | ConfigDlg.this.dispose(); 107 | } 108 | }); 109 | 110 | btnCancel.addActionListener(new ActionListener() { 111 | @Override 112 | public void actionPerformed(ActionEvent e) { 113 | Config.setIsInject(false); 114 | ConfigDlg.this.dispose(); 115 | } 116 | }); 117 | 118 | this.addWindowListener(new WindowAdapter() { 119 | @Override 120 | public void windowClosing(WindowEvent e) { 121 | super.windowClosing(e); 122 | Config.setIsInject(false); 123 | } 124 | }); 125 | 126 | } 127 | 128 | 129 | /** 130 | * 为控件赋值 131 | */ 132 | public void initValue(){ 133 | tfPythonName.setText(Config.getPythonName()); 134 | //BurpExtender.stderr.println("Python name:"+Config.getPythonName()); 135 | tfSqlmapPath.setText(Config.getSqlmapPath()); 136 | tfSqlmapOption.setText(Config.getSqlmapOptionsCommand()); 137 | } 138 | } -------------------------------------------------------------------------------- /src/main/java/burp/GBC.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | import java.awt.*; 4 | 5 | public class GBC extends GridBagConstraints { 6 | // 初始化左上角位置 7 | public GBC(int gridx, int gridy) { 8 | this.gridx = gridx; 9 | this.gridy = gridy; 10 | } 11 | 12 | // 初始化左上角位置和所占行数和列数 13 | public GBC(int gridx, int gridy, int gridwidth, int gridheight) { 14 | this.gridx = gridx; 15 | this.gridy = gridy; 16 | this.gridwidth = gridwidth; 17 | this.gridheight = gridheight; 18 | } 19 | 20 | // 对齐方式 21 | public GBC setAnchor(int anchor) { 22 | this.anchor = anchor; 23 | return this; 24 | } 25 | 26 | // 是否拉伸及拉伸方向 27 | public GBC setFill(int fill) { 28 | this.fill = fill; 29 | return this; 30 | } 31 | 32 | // x和y方向上的增量 33 | public GBC setWeight(double weightx, double weighty) { 34 | this.weightx = weightx; 35 | this.weighty = weighty; 36 | return this; 37 | } 38 | 39 | // 外部填充 40 | public GBC setInsets(int distance) { 41 | this.insets = new Insets(distance, distance, distance, distance); 42 | return this; 43 | } 44 | 45 | // 外填充 46 | public GBC setInsets(int top, int left, int bottom, int right) { 47 | this.insets = new Insets(top, left, bottom, right); 48 | return this; 49 | } 50 | 51 | // 内填充 52 | public GBC setIpad(int ipadx, int ipady) { 53 | this.ipadx = ipadx; 54 | this.ipady = ipady; 55 | return this; 56 | } 57 | } -------------------------------------------------------------------------------- /src/main/java/burp/Menu.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | import javax.swing.*; 4 | import java.awt.event.ActionEvent; 5 | import java.awt.event.ActionListener; 6 | import java.text.SimpleDateFormat; 7 | import java.util.ArrayList; 8 | import java.util.Date; 9 | import java.util.List; 10 | 11 | 12 | public class Menu implements IContextMenuFactory { 13 | 14 | @Override 15 | public List createMenuItems(final IContextMenuInvocation invocation) { 16 | List list = new ArrayList(); 17 | 18 | // if(invocation.getInvocationContext() != IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST){ 19 | // return list; 20 | // } 21 | 22 | JMenuItem jMenuItem = new JMenuItem("Send to sqlmap4burp++"); 23 | list.add(jMenuItem); 24 | jMenuItem.addActionListener(new ActionListener() { 25 | @Override 26 | public void actionPerformed(ActionEvent e) { 27 | ConfigDlg cfd = new ConfigDlg(); 28 | cfd.show(); 29 | 30 | if(Config.isIsInject()) { 31 | IHttpRequestResponse[] messages = invocation.getSelectedMessages(); 32 | byte[] req = messages[0].getRequest(); 33 | IHttpService httpService = messages[0].getHttpService(); 34 | String host = httpService.getHost().replace(".", "_"); 35 | int port = httpService.getPort(); 36 | 37 | SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss"); 38 | String data = df.format(new Date()); 39 | String requstFilename = String.format("%s_%s_%s.req", host, port, data); 40 | String reqFilePath = Util.getTempReqName(requstFilename); 41 | Util.writeFile(req, reqFilePath); 42 | new Thread(new SqlmapStarter()).start(); 43 | Config.setIsInject(false); 44 | } 45 | } 46 | }); 47 | return list; 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /src/main/java/burp/SqlmapStarter.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | import javax.swing.*; 4 | import java.io.BufferedReader; 5 | import java.io.IOException; 6 | import java.io.InputStreamReader; 7 | import java.util.ArrayList; 8 | import java.util.List; 9 | import java.util.Properties; 10 | 11 | public class SqlmapStarter implements Runnable { 12 | 13 | @Override 14 | public void run() { 15 | try { 16 | String command = String.format("%s \"%s\" -r \"%s\" %s",Config.getPythonName(),Config.getSqlmapPath(),Config.getRequstFilePath(),Config.getSqlmapOptionsCommand()); 17 | List cmds = new ArrayList(); 18 | int osType = Util.getOSType(); 19 | if(osType == Util.OS_WIN){ 20 | cmds.add("cmd.exe"); 21 | cmds.add("/c"); 22 | cmds.add("start"); 23 | String batFilePath = Util.makeBatFile("sqlmap4burp.bat",command); 24 | if(!batFilePath.equals("Fail")){ 25 | cmds.add(batFilePath); 26 | }else{ 27 | String eMsg = "make sqlmap4burp.bat fail!"; 28 | JOptionPane.showMessageDialog(null,eMsg,"sqlmap4burp++ alert",JOptionPane.ERROR_MESSAGE); 29 | return; 30 | } 31 | }else if(osType == Util.OS_MAC){ 32 | String optionCommand = Config.getSqlmapOptionsCommand(); 33 | //将参数数中的"转译为\" 34 | optionCommand = optionCommand.replace("\"","\\\""); 35 | command = String.format("%s \\\"%s\\\" -r \\\"%s\\\" %s",Config.getPythonName(),Config.getSqlmapPath(),Config.getRequstFilePath(),optionCommand); 36 | cmds.add("osascript"); 37 | cmds.add("-e"); 38 | String cmd = "tell application \"Terminal\" \n" + 39 | " activate\n" + 40 | " do script \"%s\"\n" + 41 | "end tell"; 42 | cmds.add(String.format(cmd,command)); 43 | //BurpExtender.stdout.println(String.format(cmd,command)); 44 | }else if(osType == Util.OS_LINUX){ 45 | cmds.add("/bin/sh"); 46 | cmds.add("-c"); 47 | cmds.add("gnome-terminal"); 48 | Util.setSysClipboardText(command); 49 | JOptionPane.showMessageDialog(null,"The command has been copied to the clipboard. Please paste it into Terminal for execution","sqlmap4burp++ alert",JOptionPane.OK_OPTION); 50 | }else{ 51 | cmds.add("/bin/bash"); 52 | cmds.add("-c"); 53 | cmds.add(command); 54 | } 55 | 56 | ProcessBuilder processBuilder = new ProcessBuilder(cmds); 57 | Process process = processBuilder.start(); 58 | InputStreamReader ir = new InputStreamReader(process.getInputStream()); 59 | BufferedReader input = new BufferedReader (ir); 60 | String line; 61 | while ((line = input.readLine()) != null) { 62 | BurpExtender.stdout.println(line); 63 | } 64 | } catch (IOException e) { 65 | e.printStackTrace(); 66 | BurpExtender.stderr.println("[*]" + e.getMessage()); 67 | } catch (Exception e) { 68 | e.printStackTrace(); 69 | } 70 | 71 | } 72 | 73 | public static void main(String[] args) { 74 | // new Thread(new SqlmapStarter()).start(); 75 | Properties properties = System.getProperties(); 76 | System.out.println(properties.get("java.io.tmpdir")); 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /src/main/java/burp/Util.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | 4 | import java.awt.*; 5 | import java.awt.datatransfer.Clipboard; 6 | import java.awt.datatransfer.StringSelection; 7 | import java.awt.datatransfer.Transferable; 8 | import java.io.BufferedWriter; 9 | import java.io.File; 10 | import java.io.FileOutputStream; 11 | import java.io.OutputStreamWriter; 12 | import java.util.Properties; 13 | 14 | public class Util { 15 | public static final int OS_WIN = 1; 16 | public static final int OS_MAC = 2; 17 | public static final int OS_LINUX = 3; 18 | public static final int OS_UNKOWN = 4; 19 | 20 | public static String getOSName(){ 21 | return System.getProperties().getProperty("os.name").toUpperCase(); 22 | } 23 | 24 | 25 | public static int getOSType(){ 26 | String OS_NAME = getOSName(); 27 | if(OS_NAME.contains("WINDOW")){ 28 | return OS_WIN; 29 | }else if(OS_NAME.contains("MAC")){ 30 | return OS_MAC; 31 | }else if(OS_NAME.contains("LINUX")){ 32 | return OS_LINUX; 33 | }else { 34 | return OS_UNKOWN; 35 | } 36 | } 37 | 38 | 39 | public static void writeFile(byte[] bytes,String filepath){ 40 | try { 41 | //writePath 为最终文件路径名 如:D://test.txt 42 | FileOutputStream fos = new FileOutputStream(filepath); 43 | fos.write(bytes); 44 | fos.close(); 45 | } catch (Exception e) { 46 | //e.printStackTrace(); 47 | BurpExtender.stderr.println("[*] " + e.getMessage()); 48 | } 49 | } 50 | 51 | 52 | public static String getTempReqName(String filename) { 53 | Properties properties = System.getProperties(); 54 | String tempDir = (String) properties.get("java.io.tmpdir"); 55 | Config.setRequstFilePath(tempDir + File.separator + filename); 56 | return Config.getRequstFilePath(); 57 | } 58 | 59 | 60 | public static String makeBatFile(String filename,String content){ 61 | Properties properties = System.getProperties(); 62 | String tempDir = (String) properties.get("java.io.tmpdir"); 63 | String batFile = (tempDir + File.separator + filename); 64 | String sysEncoding = System.getProperty("file.encoding"); 65 | try { 66 | OutputStreamWriter write = new OutputStreamWriter(new FileOutputStream(batFile),sysEncoding); 67 | BufferedWriter writer=new BufferedWriter(write); 68 | writer.write(content); 69 | writer.close(); 70 | return batFile; 71 | } catch (Exception e) { 72 | BurpExtender.stderr.println("[*] "+e.getMessage()); 73 | return "Fail"; 74 | } 75 | } 76 | 77 | 78 | public static String getBanner(){ 79 | String bannerInfo = 80 | "[+] " + Config.getExtenderName() + " is loaded\n" 81 | + "[+] ^_^\n" 82 | + "[+]\n" 83 | + "[+] ###########################################################\n" 84 | + "[+] " + Config.getExtenderName() + " v" + Config.getExtenderVersion() +"\n" 85 | + "[+] anthor: c0ny1\n" 86 | + "[+] email: root@gv7.me\n" 87 | + "[+] github: http://github.com/c0ny1/sqlmap4burp-plus-plus\n" 88 | + "[+] ###########################################################\n" 89 | + "[+] Please enjoy it"; 90 | return bannerInfo; 91 | } 92 | 93 | 94 | public static void setSysClipboardText(String str) { 95 | Clipboard clip = Toolkit.getDefaultToolkit().getSystemClipboard(); 96 | Transferable tText = new StringSelection(str); 97 | clip.setContents(tText, null); 98 | } 99 | } 100 | --------------------------------------------------------------------------------