├── .gitignore
├── .travis.yml
├── LICENSE.txt
├── OAuthConfig.sample.java
├── README.md
├── api
└── burp
│ ├── IBurpExtender.java
│ ├── IBurpExtenderCallbacks.java
│ ├── IContextMenuFactory.java
│ ├── IContextMenuInvocation.java
│ ├── ICookie.java
│ ├── IExtensionHelpers.java
│ ├── IExtensionStateListener.java
│ ├── IHttpListener.java
│ ├── IHttpRequestResponse.java
│ ├── IHttpRequestResponsePersisted.java
│ ├── IHttpRequestResponseWithMarkers.java
│ ├── IHttpService.java
│ ├── IInterceptedProxyMessage.java
│ ├── IIntruderAttack.java
│ ├── IIntruderPayloadGenerator.java
│ ├── IIntruderPayloadGeneratorFactory.java
│ ├── IIntruderPayloadProcessor.java
│ ├── IMenuItemHandler.java
│ ├── IMessageEditor.java
│ ├── IMessageEditorController.java
│ ├── IMessageEditorTab.java
│ ├── IMessageEditorTabFactory.java
│ ├── IParameter.java
│ ├── IProxyListener.java
│ ├── IRequestInfo.java
│ ├── IResponseInfo.java
│ ├── IScanIssue.java
│ ├── IScanQueueItem.java
│ ├── IScannerCheck.java
│ ├── IScannerInsertionPoint.java
│ ├── IScannerInsertionPointProvider.java
│ ├── IScannerListener.java
│ ├── IScopeChangeListener.java
│ ├── ISessionHandlingAction.java
│ ├── ITab.java
│ ├── ITempFile.java
│ └── ITextEditor.java
├── build.xml
├── src
└── burp
│ ├── BurpExtender.java
│ ├── BurpHttpRequestWrapper.java
│ └── OAuthTest.java
└── test-inputs
├── 1.txt
└── 2.txt
/.gitignore:
--------------------------------------------------------------------------------
1 | src/burp/OAuthConfig.java
2 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: java
2 | sudo: false
3 | install:
4 | - mkdir lib
5 | - wget "https://github.com/mttkay/signpost/releases/download/1.2.1.2/signpost-core-1.2.1.2.jar" -O lib/signpost.jar
6 | - wget "https://search.maven.org/remotecontent?filepath=junit/junit/4.12/junit-4.12.jar" -O lib/junit.jar
7 | - wget "https://search.maven.org/remotecontent?filepath=org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar" -O lib/hamcrest.jar
8 | - curl "http://xenia.sote.hu/ftp/mirrors/www.apache.org//commons/codec/binaries/commons-codec-1.11-bin.tar.gz" | tar -xz "commons-codec-1.11/commons-codec-1.11.jar"
9 | - mv commons-codec-1.11/commons-codec-1.11.jar lib/commons-codec.jar
10 | - ln OAuthConfig.sample.java src/burp/OAuthConfig.java
11 |
12 | jdk:
13 | - oraclejdk8
14 | - oraclejdk9
15 | - openjdk7
16 | - openjdk8
17 | os:
18 | - linux
19 |
--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
1 | Copyright (c) 2013 Andras Veres-Szentkiralyi
2 |
3 | Permission is hereby granted, free of charge, to any person
4 | obtaining a copy of this software and associated documentation
5 | files (the "Software"), to deal in the Software without
6 | restriction, including without limitation the rights to use,
7 | copy, modify, merge, publish, distribute, sublicense, and/or sell
8 | copies of the Software, and to permit persons to whom the
9 | Software is furnished to do so, subject to the following
10 | conditions:
11 |
12 | The above copyright notice and this permission notice shall be
13 | included in all copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
17 | OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
19 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
20 | WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 | FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
22 | OTHER DEALINGS IN THE SOFTWARE.
23 |
--------------------------------------------------------------------------------
/OAuthConfig.sample.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | public class OAuthConfig {
4 | public static final boolean scopeOnly = false; // true ignores out of scope requests
5 |
6 | public static String getConsumerKey() {
7 | return "ConsumerKey";
8 | }
9 |
10 | public static String getConsumerSecret() {
11 | return "ConsumerSecret";
12 | }
13 |
14 | public static String getToken() {
15 | return "Token";
16 | }
17 |
18 | public static String getTokenSecret() {
19 | return "TokenSecret";
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | OAuth plugin for Burp Suite
2 | ===========================
3 |
4 | [](https://travis-ci.org/dnet/burp-oauth)
5 |
6 | Building
7 | --------
8 |
9 | - Install the dependencies, in case of libraries, put the JARs into `lib`
10 | - Copy `OAuthConfig.sample.java` to `src/burp/OAuthConfig.java` and modify it to your needs
11 | - Execute `ant`, and you'll have the plugin ready in `burp-oauth.jar`
12 |
13 | Dependencies
14 | ------------
15 |
16 | - JDK 1.6+ (tested on OpenJDK 6 and Oracle JDK 7 + 8, recommended Debian/Ubuntu package: `openjdk-8-jdk`)
17 | - Apache ANT (Debian/Ubuntu package: `ant`)
18 | - `oauth-signpost` https://github.com/mttkay/signpost
19 | - Apache Commons Codecs: http://commons.apache.org/codec/
20 | - JUnit 4+ (only required for testing)
21 |
22 | License
23 | -------
24 |
25 | The whole project is available under MIT license, see `LICENSE.txt`.
26 |
27 | Known limitations
28 | -----------------
29 |
30 | - Configuration has to be done at compile time using `OAuthConfig.java`
31 |
--------------------------------------------------------------------------------
/api/burp/IBurpExtender.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IBurpExtender.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * All extensions must implement this interface.
14 | *
15 | * Implementations must be called BurpExtender, in the package burp, must be
16 | * declared public, and must provide a default (public, no-argument)
17 | * constructor.
18 | */
19 | public interface IBurpExtender
20 | {
21 | /**
22 | * This method is invoked when the extension is loaded. It registers an
23 | * instance of the
24 | * IBurpExtenderCallbacks interface, providing methods that may
25 | * be invoked by the extension to perform various actions.
26 | *
27 | * @param callbacks An
28 | * IBurpExtenderCallbacks object.
29 | */
30 | void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks);
31 | }
32 |
--------------------------------------------------------------------------------
/api/burp/IBurpExtenderCallbacks.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IBurpExtenderCallbacks.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.Component;
13 | import java.io.OutputStream;
14 | import java.util.List;
15 | import java.util.Map;
16 |
17 | /**
18 | * This interface is used by Burp Suite to pass to extensions a set of callback
19 | * methods that can be used by extensions to perform various actions within
20 | * Burp.
21 | *
22 | * When an extension is loaded, Burp invokes its
23 | * registerExtenderCallbacks() method and passes an instance of the
24 | * IBurpExtenderCallbacks interface. The extension may then invoke
25 | * the methods of this interface as required in order to extend Burp's
26 | * functionality.
27 | */
28 | public interface IBurpExtenderCallbacks
29 | {
30 | /**
31 | * Flag used to identify Burp Suite as a whole.
32 | */
33 | static final int TOOL_SUITE = 0x00000001;
34 | /**
35 | * Flag used to identify the Burp Target tool.
36 | */
37 | static final int TOOL_TARGET = 0x00000002;
38 | /**
39 | * Flag used to identify the Burp Proxy tool.
40 | */
41 | static final int TOOL_PROXY = 0x00000004;
42 | /**
43 | * Flag used to identify the Burp Spider tool.
44 | */
45 | static final int TOOL_SPIDER = 0x00000008;
46 | /**
47 | * Flag used to identify the Burp Scanner tool.
48 | */
49 | static final int TOOL_SCANNER = 0x00000010;
50 | /**
51 | * Flag used to identify the Burp Intruder tool.
52 | */
53 | static final int TOOL_INTRUDER = 0x00000020;
54 | /**
55 | * Flag used to identify the Burp Repeater tool.
56 | */
57 | static final int TOOL_REPEATER = 0x00000040;
58 | /**
59 | * Flag used to identify the Burp Sequencer tool.
60 | */
61 | static final int TOOL_SEQUENCER = 0x00000080;
62 | /**
63 | * Flag used to identify the Burp Decoder tool.
64 | */
65 | static final int TOOL_DECODER = 0x00000100;
66 | /**
67 | * Flag used to identify the Burp Comparer tool.
68 | */
69 | static final int TOOL_COMPARER = 0x00000200;
70 | /**
71 | * Flag used to identify the Burp Extender tool.
72 | */
73 | static final int TOOL_EXTENDER = 0x00000400;
74 |
75 | /**
76 | * This method is used to set the display name for the current extension,
77 | * which will be displayed within the user interface for the Extender tool.
78 | *
79 | * @param name The extension name.
80 | */
81 | void setExtensionName(String name);
82 |
83 | /**
84 | * This method is used to obtain an
85 | * IExtensionHelpers object, which can be used by the extension
86 | * to perform numerous useful tasks.
87 | *
88 | * @return An object containing numerous helper methods, for tasks such as
89 | * building and analyzing HTTP requests.
90 | */
91 | IExtensionHelpers getHelpers();
92 |
93 | /**
94 | * This method is used to obtain the current extension's standard output
95 | * stream. Extensions should write all output to this stream, allowing the
96 | * Burp user to configure how that output is handled from within the UI.
97 | *
98 | * @return The extension's standard output stream.
99 | */
100 | OutputStream getStdout();
101 |
102 | /**
103 | * This method is used to obtain the current extension's standard error
104 | * stream. Extensions should write all error messages to this stream,
105 | * allowing the Burp user to configure how that output is handled from
106 | * within the UI.
107 | *
108 | * @return The extension's standard error stream.
109 | */
110 | OutputStream getStderr();
111 |
112 | /**
113 | * This method prints a line of output to the current extension's standard
114 | * output stream.
115 | *
116 | * @param output The message to print.
117 | */
118 | void printOutput(String output);
119 |
120 | /**
121 | * This method prints a line of output to the current extension's standard
122 | * error stream.
123 | *
124 | * @param error The message to print.
125 | */
126 | void printError(String error);
127 |
128 | /**
129 | * This method is used to register a listener which will be notified of
130 | * changes to the extension's state. Note: Any extensions that start
131 | * background threads or open system resources (such as files or database
132 | * connections) should register a listener and terminate threads / close
133 | * resources when the extension is unloaded.
134 | *
135 | * @param listener An object created by the extension that implements the
136 | * IExtensionStateListener interface.
137 | */
138 | void registerExtensionStateListener(IExtensionStateListener listener);
139 |
140 | /**
141 | * This method is used to retrieve the extension state listeners that are
142 | * registered by the extension.
143 | *
144 | * @return A list of extension state listeners that are currently registered
145 | * by this extension.
146 | */
147 | List getExtensionStateListeners();
148 |
149 | /**
150 | * This method is used to remove an extension state listener that has been
151 | * registered by the extension.
152 | *
153 | * @param listener The extension state listener to be removed.
154 | */
155 | void removeExtensionStateListener(IExtensionStateListener listener);
156 |
157 | /**
158 | * This method is used to register a listener which will be notified of
159 | * requests and responses made by any Burp tool. Extensions can perform
160 | * custom analysis or modification of these messages by registering an HTTP
161 | * listener.
162 | *
163 | * @param listener An object created by the extension that implements the
164 | * IHttpListener interface.
165 | */
166 | void registerHttpListener(IHttpListener listener);
167 |
168 | /**
169 | * This method is used to retrieve the HTTP listeners that are registered by
170 | * the extension.
171 | *
172 | * @return A list of HTTP listeners that are currently registered by this
173 | * extension.
174 | */
175 | List getHttpListeners();
176 |
177 | /**
178 | * This method is used to remove an HTTP listener that has been registered
179 | * by the extension.
180 | *
181 | * @param listener The HTTP listener to be removed.
182 | */
183 | void removeHttpListener(IHttpListener listener);
184 |
185 | /**
186 | * This method is used to register a listener which will be notified of
187 | * requests and responses being processed by the Proxy tool. Extensions can
188 | * perform custom analysis or modification of these messages, and control
189 | * in-UI message interception, by registering a proxy listener.
190 | *
191 | * @param listener An object created by the extension that implements the
192 | * IProxyListener interface.
193 | */
194 | void registerProxyListener(IProxyListener listener);
195 |
196 | /**
197 | * This method is used to retrieve the Proxy listeners that are registered
198 | * by the extension.
199 | *
200 | * @return A list of Proxy listeners that are currently registered by this
201 | * extension.
202 | */
203 | List getProxyListeners();
204 |
205 | /**
206 | * This method is used to remove a Proxy listener that has been registered
207 | * by the extension.
208 | *
209 | * @param listener The Proxy listener to be removed.
210 | */
211 | void removeProxyListener(IProxyListener listener);
212 |
213 | /**
214 | * This method is used to register a listener which will be notified of new
215 | * issues that are reported by the Scanner tool. Extensions can perform
216 | * custom analysis or logging of Scanner issues by registering a Scanner
217 | * listener.
218 | *
219 | * @param listener An object created by the extension that implements the
220 | * IScannerListener interface.
221 | */
222 | void registerScannerListener(IScannerListener listener);
223 |
224 | /**
225 | * This method is used to retrieve the Scanner listeners that are registered
226 | * by the extension.
227 | *
228 | * @return A list of Scanner listeners that are currently registered by this
229 | * extension.
230 | */
231 | List getScannerListeners();
232 |
233 | /**
234 | * This method is used to remove a Scanner listener that has been registered
235 | * by the extension.
236 | *
237 | * @param listener The Scanner listener to be removed.
238 | */
239 | void removeScannerListener(IScannerListener listener);
240 |
241 | /**
242 | * This method is used to register a listener which will be notified of
243 | * changes to Burp's suite-wide target scope.
244 | *
245 | * @param listener An object created by the extension that implements the
246 | * IScopeChangeListener interface.
247 | */
248 | void registerScopeChangeListener(IScopeChangeListener listener);
249 |
250 | /**
251 | * This method is used to retrieve the scope change listeners that are
252 | * registered by the extension.
253 | *
254 | * @return A list of scope change listeners that are currently registered by
255 | * this extension.
256 | */
257 | List getScopeChangeListeners();
258 |
259 | /**
260 | * This method is used to remove a scope change listener that has been
261 | * registered by the extension.
262 | *
263 | * @param listener The scope change listener to be removed.
264 | */
265 | void removeScopeChangeListener(IScopeChangeListener listener);
266 |
267 | /**
268 | * This method is used to register a factory for custom context menu items.
269 | * When the user invokes a context menu anywhere within Burp, the factory
270 | * will be passed details of the invocation event, and asked to provide any
271 | * custom context menu items that should be shown.
272 | *
273 | * @param factory An object created by the extension that implements the
274 | * IContextMenuFactory interface.
275 | */
276 | void registerContextMenuFactory(IContextMenuFactory factory);
277 |
278 | /**
279 | * This method is used to retrieve the context menu factories that are
280 | * registered by the extension.
281 | *
282 | * @return A list of context menu factories that are currently registered by
283 | * this extension.
284 | */
285 | List getContextMenuFactories();
286 |
287 | /**
288 | * This method is used to remove a context menu factory that has been
289 | * registered by the extension.
290 | *
291 | * @param factory The context menu factory to be removed.
292 | */
293 | void removeContextMenuFactory(IContextMenuFactory factory);
294 |
295 | /**
296 | * This method is used to register a factory for custom message editor tabs.
297 | * For each message editor that already exists, or is subsequently created,
298 | * within Burp, the factory will be asked to provide a new instance of an
299 | * IMessageEditorTab object, which can provide custom rendering
300 | * or editing of HTTP messages.
301 | *
302 | * @param factory An object created by the extension that implements the
303 | * IMessageEditorTabFactory interface.
304 | */
305 | void registerMessageEditorTabFactory(IMessageEditorTabFactory factory);
306 |
307 | /**
308 | * This method is used to retrieve the message editor tab factories that are
309 | * registered by the extension.
310 | *
311 | * @return A list of message editor tab factories that are currently
312 | * registered by this extension.
313 | */
314 | List getMessageEditorTabFactories();
315 |
316 | /**
317 | * This method is used to remove a message editor tab factory that has been
318 | * registered by the extension.
319 | *
320 | * @param factory The message editor tab factory to be removed.
321 | */
322 | void removeMessageEditorTabFactory(IMessageEditorTabFactory factory);
323 |
324 | /**
325 | * This method is used to register a provider of Scanner insertion points.
326 | * For each base request that is actively scanned, Burp will ask the
327 | * provider to provide any custom scanner insertion points that are
328 | * appropriate for the request.
329 | *
330 | * @param provider An object created by the extension that implements the
331 | * IScannerInsertionPointProvider interface.
332 | */
333 | void registerScannerInsertionPointProvider(
334 | IScannerInsertionPointProvider provider);
335 |
336 | /**
337 | * This method is used to retrieve the Scanner insertion point providers
338 | * that are registered by the extension.
339 | *
340 | * @return A list of Scanner insertion point providers that are currently
341 | * registered by this extension.
342 | */
343 | List getScannerInsertionPointProviders();
344 |
345 | /**
346 | * This method is used to remove a Scanner insertion point provider that has
347 | * been registered by the extension.
348 | *
349 | * @param provider The Scanner insertion point provider to be removed.
350 | */
351 | void removeScannerInsertionPointProvider(
352 | IScannerInsertionPointProvider provider);
353 |
354 | /**
355 | * This method is used to register a custom Scanner check. When performing
356 | * scanning, Burp will ask the check to perform active or passive scanning
357 | * on the base request, and report any Scanner issues that are identified.
358 | *
359 | * @param check An object created by the extension that implements the
360 | * IScannerCheck interface.
361 | */
362 | void registerScannerCheck(IScannerCheck check);
363 |
364 | /**
365 | * This method is used to retrieve the Scanner checks that are registered by
366 | * the extension.
367 | *
368 | * @return A list of Scanner checks that are currently registered by this
369 | * extension.
370 | */
371 | List getScannerChecks();
372 |
373 | /**
374 | * This method is used to remove a Scanner check that has been registered by
375 | * the extension.
376 | *
377 | * @param check The Scanner check to be removed.
378 | */
379 | void removeScannerCheck(IScannerCheck check);
380 |
381 | /**
382 | * This method is used to register a factory for Intruder payloads. Each
383 | * registered factory will be available within the Intruder UI for the user
384 | * to select as the payload source for an attack. When this is selected, the
385 | * factory will be asked to provide a new instance of an
386 | * IIntruderPayloadGenerator object, which will be used to
387 | * generate payloads for the attack.
388 | *
389 | * @param factory An object created by the extension that implements the
390 | * IIntruderPayloadGeneratorFactory interface.
391 | */
392 | void registerIntruderPayloadGeneratorFactory(
393 | IIntruderPayloadGeneratorFactory factory);
394 |
395 | /**
396 | * This method is used to retrieve the Intruder payload generator factories
397 | * that are registered by the extension.
398 | *
399 | * @return A list of Intruder payload generator factories that are currently
400 | * registered by this extension.
401 | */
402 | List
403 | getIntruderPayloadGeneratorFactories();
404 |
405 | /**
406 | * This method is used to remove an Intruder payload generator factory that
407 | * has been registered by the extension.
408 | *
409 | * @param factory The Intruder payload generator factory to be removed.
410 | */
411 | void removeIntruderPayloadGeneratorFactory(
412 | IIntruderPayloadGeneratorFactory factory);
413 |
414 | /**
415 | * This method is used to register a custom Intruder payload processor. Each
416 | * registered processor will be available within the Intruder UI for the
417 | * user to select as the action for a payload processing rule.
418 | *
419 | * @param processor An object created by the extension that implements the
420 | * IIntruderPayloadProcessor interface.
421 | */
422 | void registerIntruderPayloadProcessor(IIntruderPayloadProcessor processor);
423 |
424 | /**
425 | * This method is used to retrieve the Intruder payload processors that are
426 | * registered by the extension.
427 | *
428 | * @return A list of Intruder payload processors that are currently
429 | * registered by this extension.
430 | */
431 | List getIntruderPayloadProcessors();
432 |
433 | /**
434 | * This method is used to remove an Intruder payload processor that has been
435 | * registered by the extension.
436 | *
437 | * @param processor The Intruder payload processor to be removed.
438 | */
439 | void removeIntruderPayloadProcessor(IIntruderPayloadProcessor processor);
440 |
441 | /**
442 | * This method is used to register a custom session handling action. Each
443 | * registered action will be available within the session handling rule UI
444 | * for the user to select as a rule action. Users can choose to invoke an
445 | * action directly in its own right, or following execution of a macro.
446 | *
447 | * @param action An object created by the extension that implements the
448 | * ISessionHandlingAction interface.
449 | */
450 | void registerSessionHandlingAction(ISessionHandlingAction action);
451 |
452 | /**
453 | * This method is used to retrieve the session handling actions that are
454 | * registered by the extension.
455 | *
456 | * @return A list of session handling actions that are currently registered
457 | * by this extension.
458 | */
459 | List getSessionHandlingActions();
460 |
461 | /**
462 | * This method is used to remove a session handling action that has been
463 | * registered by the extension.
464 | *
465 | * @param action The extension session handling action to be removed.
466 | */
467 | void removeSessionHandlingAction(ISessionHandlingAction action);
468 |
469 | /**
470 | * This method is used to unload the extension from Burp Suite.
471 | */
472 | void unloadExtension();
473 |
474 | /**
475 | * This method is used to add a custom tab to the main Burp Suite window.
476 | *
477 | * @param tab An object created by the extension that implements the
478 | * ITab interface.
479 | */
480 | void addSuiteTab(ITab tab);
481 |
482 | /**
483 | * This method is used to remove a previously-added tab from the main Burp
484 | * Suite window.
485 | *
486 | * @param tab An object created by the extension that implements the
487 | * ITab interface.
488 | */
489 | void removeSuiteTab(ITab tab);
490 |
491 | /**
492 | * This method is used to customize UI components in line with Burp's UI
493 | * style, including font size, colors, table line spacing, etc. The action
494 | * is performed recursively on any child components of the passed-in
495 | * component.
496 | *
497 | * @param component The UI component to be customized.
498 | */
499 | void customizeUiComponent(Component component);
500 |
501 | /**
502 | * This method is used to create a new instance of Burp's HTTP message
503 | * editor, for the extension to use in its own UI.
504 | *
505 | * @param controller An object created by the extension that implements the
506 | * IMessageEditorController interface. This parameter is
507 | * optional and may be null. If it is provided, then the
508 | * message editor will query the controller when required to obtain details
509 | * about the currently displayed message, including the
510 | * IHttpService for the message, and the associated request or
511 | * response message. If a controller is not provided, then the message
512 | * editor will not support context menu actions, such as sending requests to
513 | * other Burp tools.
514 | * @param editable Indicates whether the editor created should be editable,
515 | * or used only for message viewing.
516 | * @return An object that implements the IMessageEditor
517 | * interface, and which the extension can use in its own UI.
518 | */
519 | IMessageEditor createMessageEditor(IMessageEditorController controller,
520 | boolean editable);
521 |
522 | /**
523 | * This method returns the command line arguments that were passed to Burp
524 | * on startup.
525 | *
526 | * @return The command line arguments that were passed to Burp on startup.
527 | */
528 | String[] getCommandLineArguments();
529 |
530 | /**
531 | * This method is used to save configuration settings for the extension in a
532 | * persistent way that survives reloads of the extension and of Burp Suite.
533 | * Saved settings can be retrieved using the method
534 | * loadExtensionSetting().
535 | *
536 | * @param name The name of the setting.
537 | * @param value The value of the setting. If this value is null
538 | * then any existing setting with the specified name will be removed.
539 | */
540 | void saveExtensionSetting(String name, String value);
541 |
542 | /**
543 | * This method is used to load configuration settings for the extension that
544 | * were saved using the method
545 | * saveExtensionSetting().
546 | *
547 | * @param name The name of the setting.
548 | * @return The value of the setting, or null if no value is
549 | * set.
550 | */
551 | String loadExtensionSetting(String name);
552 |
553 | /**
554 | * This method is used to create a new instance of Burp's plain text editor,
555 | * for the extension to use in its own UI.
556 | *
557 | * @return An object that implements the ITextEditor interface,
558 | * and which the extension can use in its own UI.
559 | */
560 | ITextEditor createTextEditor();
561 |
562 | /**
563 | * This method can be used to send an HTTP request to the Burp Repeater
564 | * tool. The request will be displayed in the user interface, but will not
565 | * be issued until the user initiates this action.
566 | *
567 | * @param host The hostname of the remote HTTP server.
568 | * @param port The port of the remote HTTP server.
569 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
570 | * @param request The full HTTP request.
571 | * @param tabCaption An optional caption which will appear on the Repeater
572 | * tab containing the request. If this value is null then a
573 | * default tab index will be displayed.
574 | */
575 | void sendToRepeater(
576 | String host,
577 | int port,
578 | boolean useHttps,
579 | byte[] request,
580 | String tabCaption);
581 |
582 | /**
583 | * This method can be used to send an HTTP request to the Burp Intruder
584 | * tool. The request will be displayed in the user interface, and markers
585 | * for attack payloads will be placed into default locations within the
586 | * request.
587 | *
588 | * @param host The hostname of the remote HTTP server.
589 | * @param port The port of the remote HTTP server.
590 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
591 | * @param request The full HTTP request.
592 | */
593 | void sendToIntruder(
594 | String host,
595 | int port,
596 | boolean useHttps,
597 | byte[] request);
598 |
599 | /**
600 | * This method can be used to send an HTTP request to the Burp Intruder
601 | * tool. The request will be displayed in the user interface, and markers
602 | * for attack payloads will be placed into the specified locations within
603 | * the request.
604 | *
605 | * @param host The hostname of the remote HTTP server.
606 | * @param port The port of the remote HTTP server.
607 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
608 | * @param request The full HTTP request.
609 | * @param payloadPositionOffsets A list of index pairs representing the
610 | * payload positions to be used. Each item in the list must be an int[2]
611 | * array containing the start and end offsets for the payload position.
612 | */
613 | void sendToIntruder(
614 | String host,
615 | int port,
616 | boolean useHttps,
617 | byte[] request,
618 | List payloadPositionOffsets);
619 |
620 | /**
621 | * This method can be used to send data to the Comparer tool.
622 | *
623 | * @param data The data to be sent to Comparer.
624 | */
625 | void sendToComparer(byte[] data);
626 |
627 | /**
628 | * This method can be used to send a seed URL to the Burp Spider tool. If
629 | * the URL is not within the current Spider scope, the user will be asked if
630 | * they wish to add the URL to the scope. If the Spider is not currently
631 | * running, it will be started. The seed URL will be requested, and the
632 | * Spider will process the application's response in the normal way.
633 | *
634 | * @param url The new seed URL to begin spidering from.
635 | */
636 | void sendToSpider(
637 | java.net.URL url);
638 |
639 | /**
640 | * This method can be used to send an HTTP request to the Burp Scanner tool
641 | * to perform an active vulnerability scan. If the request is not within the
642 | * current active scanning scope, the user will be asked if they wish to
643 | * proceed with the scan.
644 | *
645 | * @param host The hostname of the remote HTTP server.
646 | * @param port The port of the remote HTTP server.
647 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
648 | * @param request The full HTTP request.
649 | * @return The resulting scan queue item.
650 | */
651 | IScanQueueItem doActiveScan(
652 | String host,
653 | int port,
654 | boolean useHttps,
655 | byte[] request);
656 |
657 | /**
658 | * This method can be used to send an HTTP request to the Burp Scanner tool
659 | * to perform an active vulnerability scan, based on a custom list of
660 | * insertion points that are to be scanned. If the request is not within the
661 | * current active scanning scope, the user will be asked if they wish to
662 | * proceed with the scan.
663 | *
664 | * @param host The hostname of the remote HTTP server.
665 | * @param port The port of the remote HTTP server.
666 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
667 | * @param request The full HTTP request.
668 | * @param insertionPointOffsets A list of index pairs representing the
669 | * positions of the insertion points that should be scanned. Each item in
670 | * the list must be an int[2] array containing the start and end offsets for
671 | * the insertion point.
672 | * @return The resulting scan queue item.
673 | */
674 | IScanQueueItem doActiveScan(
675 | String host,
676 | int port,
677 | boolean useHttps,
678 | byte[] request,
679 | List insertionPointOffsets);
680 |
681 | /**
682 | * This method can be used to send an HTTP request to the Burp Scanner tool
683 | * to perform a passive vulnerability scan.
684 | *
685 | * @param host The hostname of the remote HTTP server.
686 | * @param port The port of the remote HTTP server.
687 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
688 | * @param request The full HTTP request.
689 | * @param response The full HTTP response.
690 | */
691 | void doPassiveScan(
692 | String host,
693 | int port,
694 | boolean useHttps,
695 | byte[] request,
696 | byte[] response);
697 |
698 | /**
699 | * This method can be used to issue HTTP requests and retrieve their
700 | * responses.
701 | *
702 | * @param httpService The HTTP service to which the request should be sent.
703 | * @param request The full HTTP request.
704 | * @return An object that implements the IHttpRequestResponse
705 | * interface, and which the extension can query to obtain the details of the
706 | * response.
707 | */
708 | IHttpRequestResponse makeHttpRequest(IHttpService httpService,
709 | byte[] request);
710 |
711 | /**
712 | * This method can be used to issue HTTP requests and retrieve their
713 | * responses.
714 | *
715 | * @param host The hostname of the remote HTTP server.
716 | * @param port The port of the remote HTTP server.
717 | * @param useHttps Flags whether the protocol is HTTPS or HTTP.
718 | * @param request The full HTTP request.
719 | * @return The full response retrieved from the remote server.
720 | */
721 | byte[] makeHttpRequest(
722 | String host,
723 | int port,
724 | boolean useHttps,
725 | byte[] request);
726 |
727 | /**
728 | * This method can be used to query whether a specified URL is within the
729 | * current Suite-wide scope.
730 | *
731 | * @param url The URL to query.
732 | * @return Returns true if the URL is within the current
733 | * Suite-wide scope.
734 | */
735 | boolean isInScope(java.net.URL url);
736 |
737 | /**
738 | * This method can be used to include the specified URL in the Suite-wide
739 | * scope.
740 | *
741 | * @param url The URL to include in the Suite-wide scope.
742 | */
743 | void includeInScope(java.net.URL url);
744 |
745 | /**
746 | * This method can be used to exclude the specified URL from the Suite-wide
747 | * scope.
748 | *
749 | * @param url The URL to exclude from the Suite-wide scope.
750 | */
751 | void excludeFromScope(java.net.URL url);
752 |
753 | /**
754 | * This method can be used to display a specified message in the Burp Suite
755 | * alerts tab.
756 | *
757 | * @param message The alert message to display.
758 | */
759 | void issueAlert(String message);
760 |
761 | /**
762 | * This method returns details of all items in the Proxy history.
763 | *
764 | * @return The contents of the Proxy history.
765 | */
766 | IHttpRequestResponse[] getProxyHistory();
767 |
768 | /**
769 | * This method returns details of items in the site map.
770 | *
771 | * @param urlPrefix This parameter can be used to specify a URL prefix, in
772 | * order to extract a specific subset of the site map. The method performs a
773 | * simple case-sensitive text match, returning all site map items whose URL
774 | * begins with the specified prefix. If this parameter is null, the entire
775 | * site map is returned.
776 | *
777 | * @return Details of items in the site map.
778 | */
779 | IHttpRequestResponse[] getSiteMap(String urlPrefix);
780 |
781 | /**
782 | * This method returns all of the current scan issues for URLs matching the
783 | * specified literal prefix.
784 | *
785 | * @param urlPrefix This parameter can be used to specify a URL prefix, in
786 | * order to extract a specific subset of scan issues. The method performs a
787 | * simple case-sensitive text match, returning all scan issues whose URL
788 | * begins with the specified prefix. If this parameter is null, all issues
789 | * are returned.
790 | * @return Details of the scan issues.
791 | */
792 | IScanIssue[] getScanIssues(String urlPrefix);
793 |
794 | /**
795 | * This method is used to generate a report for the specified Scanner
796 | * issues. The report format can be specified. For all other reporting
797 | * options, the default settings that appear in the reporting UI wizard are
798 | * used.
799 | *
800 | * @param format The format to be used in the report. Accepted values are
801 | * HTML and XML.
802 | * @param issues The Scanner issues to be reported.
803 | * @param file The file to which the report will be saved.
804 | */
805 | void generateScanReport(String format, IScanIssue[] issues,
806 | java.io.File file);
807 |
808 | /**
809 | * This method is used to retrieve the contents of Burp's session handling
810 | * cookie jar. Extensions that provide an
811 | * ISessionHandlingAction can query and update the cookie jar
812 | * in order to handle unusual session handling mechanisms.
813 | *
814 | * @return A list of ICookie objects representing the contents
815 | * of Burp's session handling cookie jar.
816 | */
817 | List getCookieJarContents();
818 |
819 | /**
820 | * This method is used to update the contents of Burp's session handling
821 | * cookie jar. Extensions that provide an
822 | * ISessionHandlingAction can query and update the cookie jar
823 | * in order to handle unusual session handling mechanisms.
824 | *
825 | * @param cookie An ICookie object containing details of the
826 | * cookie to be updated. If the cookie jar already contains a cookie that
827 | * matches the specified domain and name, then that cookie will be updated
828 | * with the new value and expiration, unless the new value is
829 | * null, in which case the cookie will be removed. If the
830 | * cookie jar does not already contain a cookie that matches the specified
831 | * domain and name, then the cookie will be added.
832 | */
833 | void updateCookieJar(ICookie cookie);
834 |
835 | /**
836 | * This method can be used to add an item to Burp's site map with the
837 | * specified request/response details. This will overwrite the details of
838 | * any existing matching item in the site map.
839 | *
840 | * @param item Details of the item to be added to the site map
841 | */
842 | void addToSiteMap(IHttpRequestResponse item);
843 |
844 | /**
845 | * This method can be used to restore Burp's state from a specified saved
846 | * state file. This method blocks until the restore operation is completed,
847 | * and must not be called from the event dispatch thread.
848 | *
849 | * @param file The file containing Burp's saved state.
850 | */
851 | void restoreState(java.io.File file);
852 |
853 | /**
854 | * This method can be used to save Burp's state to a specified file. This
855 | * method blocks until the save operation is completed, and must not be
856 | * called from the event dispatch thread.
857 | *
858 | * @param file The file to save Burp's state in.
859 | */
860 | void saveState(java.io.File file);
861 |
862 | /**
863 | * This method causes Burp to save all of its current configuration as a Map
864 | * of name/value Strings.
865 | *
866 | * @return A Map of name/value Strings reflecting Burp's current
867 | * configuration.
868 | */
869 | Map saveConfig();
870 |
871 | /**
872 | * This method causes Burp to load a new configuration from the Map of
873 | * name/value Strings provided. Any settings not specified in the Map will
874 | * be restored to their default values. To selectively update only some
875 | * settings and leave the rest unchanged, you should first call
876 | * saveConfig() to obtain Burp's current configuration, modify
877 | * the relevant items in the Map, and then call
878 | * loadConfig() with the same Map.
879 | *
880 | * @param config A map of name/value Strings to use as Burp's new
881 | * configuration.
882 | */
883 | void loadConfig(Map config);
884 |
885 | /**
886 | * This method sets the master interception mode for Burp Proxy.
887 | *
888 | * @param enabled Indicates whether interception of Proxy messages should be
889 | * enabled.
890 | */
891 | void setProxyInterceptionEnabled(boolean enabled);
892 |
893 | /**
894 | * This method retrieves information about the version of Burp in which the
895 | * extension is running. It can be used by extensions to dynamically adjust
896 | * their behavior depending on the functionality and APIs supported by the
897 | * current version.
898 | *
899 | * @return An array of Strings comprised of: the product name (e.g. Burp
900 | * Suite Professional), the major version (e.g. 1.5), the minor version
901 | * (e.g. 03)
902 | */
903 | String[] getBurpVersion();
904 |
905 | /**
906 | * This method retrieves the absolute path name of the file from which the
907 | * current extension was loaded.
908 | *
909 | * @return The absolute path name of the file from which the current
910 | * extension was loaded.
911 | */
912 | String getExtensionFilename();
913 |
914 | /**
915 | * This method determines whether the current extension was loaded as a
916 | * BApp (a Burp App from the BApp Store).
917 | *
918 | * @return Returns true if the current extension was loaded as a BApp.
919 | */
920 | boolean isExtensionBapp();
921 |
922 | /**
923 | * This method can be used to shut down Burp programmatically, with an
924 | * optional prompt to the user. If the method returns, the user canceled the
925 | * shutdown prompt.
926 | *
927 | * @param promptUser Indicates whether to prompt the user to confirm the
928 | * shutdown.
929 | */
930 | void exitSuite(boolean promptUser);
931 |
932 | /**
933 | * This method is used to create a temporary file on disk containing the
934 | * provided data. Extensions can use temporary files for long-term storage
935 | * of runtime data, avoiding the need to retain that data in memory.
936 | *
937 | * @param buffer The data to be saved to a temporary file.
938 | * @return An object that implements the ITempFile interface.
939 | */
940 | ITempFile saveToTempFile(byte[] buffer);
941 |
942 | /**
943 | * This method is used to save the request and response of an
944 | * IHttpRequestResponse object to temporary files, so that they
945 | * are no longer held in memory. Extensions can used this method to convert
946 | * IHttpRequestResponse objects into a form suitable for
947 | * long-term storage.
948 | *
949 | * @param httpRequestResponse The IHttpRequestResponse object
950 | * whose request and response messages are to be saved to temporary files.
951 | * @return An object that implements the
952 | * IHttpRequestResponsePersisted interface.
953 | */
954 | IHttpRequestResponsePersisted saveBuffersToTempFiles(
955 | IHttpRequestResponse httpRequestResponse);
956 |
957 | /**
958 | * This method is used to apply markers to an HTTP request or response, at
959 | * offsets into the message that are relevant for some particular purpose.
960 | * Markers are used in various situations, such as specifying Intruder
961 | * payload positions, Scanner insertion points, and highlights in Scanner
962 | * issues.
963 | *
964 | * @param httpRequestResponse The IHttpRequestResponse object
965 | * to which the markers should be applied.
966 | * @param requestMarkers A list of index pairs representing the offsets of
967 | * markers to be applied to the request message. Each item in the list must
968 | * be an int[2] array containing the start and end offsets for the marker.
969 | * The markers in the list should be in sequence and not overlapping. This
970 | * parameter is optional and may be null if no request markers
971 | * are required.
972 | * @param responseMarkers A list of index pairs representing the offsets of
973 | * markers to be applied to the response message. Each item in the list must
974 | * be an int[2] array containing the start and end offsets for the marker.
975 | * The markers in the list should be in sequence and not overlapping. This
976 | * parameter is optional and may be null if no response markers
977 | * are required.
978 | * @return An object that implements the
979 | * IHttpRequestResponseWithMarkers interface.
980 | */
981 | IHttpRequestResponseWithMarkers applyMarkers(
982 | IHttpRequestResponse httpRequestResponse,
983 | List requestMarkers,
984 | List responseMarkers);
985 |
986 | /**
987 | * This method is used to obtain the descriptive name for the Burp tool
988 | * identified by the tool flag provided.
989 | *
990 | * @param toolFlag A flag identifying a Burp tool ( TOOL_PROXY,
991 | * TOOL_SCANNER, etc.). Tool flags are defined within this
992 | * interface.
993 | * @return The descriptive name for the specified tool.
994 | */
995 | String getToolName(int toolFlag);
996 |
997 | /**
998 | * This method is used to register a new Scanner issue. Note:
999 | * Wherever possible, extensions should implement custom Scanner checks
1000 | * using
1001 | * IScannerCheck and report issues via those checks, so as to
1002 | * integrate with Burp's user-driven workflow, and ensure proper
1003 | * consolidation of duplicate reported issues. This method is only designed
1004 | * for tasks outside of the normal testing workflow, such as importing
1005 | * results from other scanning tools.
1006 | *
1007 | * @param issue An object created by the extension that implements the
1008 | * IScanIssue interface.
1009 | */
1010 | void addScanIssue(IScanIssue issue);
1011 |
1012 | /**
1013 | * This method parses the specified request and returns details of each
1014 | * request parameter.
1015 | *
1016 | * @param request The request to be parsed.
1017 | * @return An array of: String[] { name, value, type }
1018 | * containing details of the parameters contained within the request.
1019 | * @deprecated Use IExtensionHelpers.analyzeRequest() instead.
1020 | */
1021 | @Deprecated
1022 | String[][] getParameters(byte[] request);
1023 |
1024 | /**
1025 | * This method parses the specified request and returns details of each HTTP
1026 | * header.
1027 | *
1028 | * @param message The request to be parsed.
1029 | * @return An array of HTTP headers.
1030 | * @deprecated Use IExtensionHelpers.analyzeRequest() or
1031 | * IExtensionHelpers.analyzeResponse() instead.
1032 | */
1033 | @Deprecated
1034 | String[] getHeaders(byte[] message);
1035 |
1036 | /**
1037 | * This method can be used to register a new menu item which will appear on
1038 | * the various context menus that are used throughout Burp Suite to handle
1039 | * user-driven actions.
1040 | *
1041 | * @param menuItemCaption The caption to be displayed on the menu item.
1042 | * @param menuItemHandler The handler to be invoked when the user clicks on
1043 | * the menu item.
1044 | * @deprecated Use registerContextMenuFactory() instead.
1045 | */
1046 | @Deprecated
1047 | void registerMenuItem(
1048 | String menuItemCaption,
1049 | IMenuItemHandler menuItemHandler);
1050 | }
1051 |
--------------------------------------------------------------------------------
/api/burp/IContextMenuFactory.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IContextMenuFactory.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 | import javax.swing.JMenuItem;
14 |
15 | /**
16 | * Extensions can implement this interface and then call
17 | * IBurpExtenderCallbacks.registerContextMenuFactory() to register
18 | * a factory for custom context menu items.
19 | */
20 | public interface IContextMenuFactory
21 | {
22 | /**
23 | * This method will be called by Burp when the user invokes a context menu
24 | * anywhere within Burp. The factory can then provide any custom context
25 | * menu items that should be displayed in the context menu, based on the
26 | * details of the menu invocation.
27 | *
28 | * @param invocation An object that implements the
29 | * IMessageEditorTabFactory interface, which the extension can
30 | * query to obtain details of the context menu invocation.
31 | * @return A list of custom menu items (which may include sub-menus,
32 | * checkbox menu items, etc.) that should be displayed. Extensions may
33 | * return
34 | * null from this method, to indicate that no menu items are
35 | * required.
36 | */
37 | List createMenuItems(IContextMenuInvocation invocation);
38 | }
39 |
--------------------------------------------------------------------------------
/api/burp/IContextMenuInvocation.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IContextMenuInvocation.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.event.InputEvent;
13 |
14 | /**
15 | * This interface is used when Burp calls into an extension-provided
16 | * IContextMenuFactory with details of a context menu invocation.
17 | * The custom context menu factory can query this interface to obtain details of
18 | * the invocation event, in order to determine what menu items should be
19 | * displayed.
20 | */
21 | public interface IContextMenuInvocation
22 | {
23 | /**
24 | * Used to indicate that the context menu is being invoked in a request
25 | * editor.
26 | */
27 | static final byte CONTEXT_MESSAGE_EDITOR_REQUEST = 0;
28 | /**
29 | * Used to indicate that the context menu is being invoked in a response
30 | * editor.
31 | */
32 | static final byte CONTEXT_MESSAGE_EDITOR_RESPONSE = 1;
33 | /**
34 | * Used to indicate that the context menu is being invoked in a non-editable
35 | * request viewer.
36 | */
37 | static final byte CONTEXT_MESSAGE_VIEWER_REQUEST = 2;
38 | /**
39 | * Used to indicate that the context menu is being invoked in a non-editable
40 | * response viewer.
41 | */
42 | static final byte CONTEXT_MESSAGE_VIEWER_RESPONSE = 3;
43 | /**
44 | * Used to indicate that the context menu is being invoked in the Target
45 | * site map tree.
46 | */
47 | static final byte CONTEXT_TARGET_SITE_MAP_TREE = 4;
48 | /**
49 | * Used to indicate that the context menu is being invoked in the Target
50 | * site map table.
51 | */
52 | static final byte CONTEXT_TARGET_SITE_MAP_TABLE = 5;
53 | /**
54 | * Used to indicate that the context menu is being invoked in the Proxy
55 | * history.
56 | */
57 | static final byte CONTEXT_PROXY_HISTORY = 6;
58 | /**
59 | * Used to indicate that the context menu is being invoked in the Scanner
60 | * results.
61 | */
62 | static final byte CONTEXT_SCANNER_RESULTS = 7;
63 | /**
64 | * Used to indicate that the context menu is being invoked in the Intruder
65 | * payload positions editor.
66 | */
67 | static final byte CONTEXT_INTRUDER_PAYLOAD_POSITIONS = 8;
68 | /**
69 | * Used to indicate that the context menu is being invoked in an Intruder
70 | * attack results.
71 | */
72 | static final byte CONTEXT_INTRUDER_ATTACK_RESULTS = 9;
73 | /**
74 | * Used to indicate that the context menu is being invoked in a search
75 | * results window.
76 | */
77 | static final byte CONTEXT_SEARCH_RESULTS = 10;
78 |
79 | /**
80 | * This method can be used to retrieve the native Java input event that was
81 | * the trigger for the context menu invocation.
82 | *
83 | * @return The InputEvent that was the trigger for the context
84 | * menu invocation.
85 | */
86 | InputEvent getInputEvent();
87 |
88 | /**
89 | * This method can be used to retrieve the Burp tool within which the
90 | * context menu was invoked.
91 | *
92 | * @return A flag indicating the Burp tool within which the context menu was
93 | * invoked. Burp tool flags are defined in the
94 | * IBurpExtenderCallbacks interface.
95 | */
96 | int getToolFlag();
97 |
98 | /**
99 | * This method can be used to retrieve the context within which the menu was
100 | * invoked.
101 | *
102 | * @return An index indicating the context within which the menu was
103 | * invoked. The indices used are defined within this interface.
104 | */
105 | byte getInvocationContext();
106 |
107 | /**
108 | * This method can be used to retrieve the bounds of the user's selection
109 | * into the current message, if applicable.
110 | *
111 | * @return An int[2] array containing the start and end offsets of the
112 | * user's selection in the current message. If the user has not made any
113 | * selection in the current message, both offsets indicate the position of
114 | * the caret within the editor. If the menu is not being invoked from a
115 | * message editor, the method returns null.
116 | */
117 | int[] getSelectionBounds();
118 |
119 | /**
120 | * This method can be used to retrieve details of the HTTP requests /
121 | * responses that were shown or selected by the user when the context menu
122 | * was invoked.
123 | *
124 | * Note: For performance reasons, the objects returned from this
125 | * method are tied to the originating context of the messages within the
126 | * Burp UI. For example, if a context menu is invoked on the Proxy intercept
127 | * panel, then the
128 | * IHttpRequestResponse returned by this method will reflect
129 | * the current contents of the interception panel, and this will change when
130 | * the current message has been forwarded or dropped. If your extension
131 | * needs to store details of the message for which the context menu has been
132 | * invoked, then you should query those details from the
133 | * IHttpRequestResponse at the time of invocation, or you
134 | * should use
135 | * IBurpExtenderCallbacks.saveBuffersToTempFiles() to create a
136 | * persistent read-only copy of the
137 | * IHttpRequestResponse.
138 | *
139 | * @return An array of IHttpRequestResponse objects
140 | * representing the items that were shown or selected by the user when the
141 | * context menu was invoked. This method returns null if no
142 | * messages are applicable to the invocation.
143 | */
144 | IHttpRequestResponse[] getSelectedMessages();
145 |
146 | /**
147 | * This method can be used to retrieve details of the Scanner issues that
148 | * were selected by the user when the context menu was invoked.
149 | *
150 | * @return An array of IScanIssue objects representing the
151 | * issues that were selected by the user when the context menu was invoked.
152 | * This method returns null if no Scanner issues are applicable
153 | * to the invocation.
154 | */
155 | IScanIssue[] getSelectedIssues();
156 | }
157 |
--------------------------------------------------------------------------------
/api/burp/ICookie.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ICookie.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.Date;
13 |
14 | /**
15 | * This interface is used to hold details about an HTTP cookie.
16 | */
17 | public interface ICookie
18 | {
19 | /**
20 | * This method is used to retrieve the domain for which the cookie is in
21 | * scope.
22 | *
23 | * @return The domain for which the cookie is in scope. Note: For
24 | * cookies that have been analyzed from responses (by calling
25 | * IExtensionHelpers.analyzeResponse() and then
26 | * IResponseInfo.getCookies(), the domain will be
27 | * null if the response did not explicitly set a domain
28 | * attribute for the cookie.
29 | */
30 | String getDomain();
31 |
32 | /**
33 | * This method is used to retrieve the path for which the cookie is in
34 | * scope.
35 | *
36 | * @return The path for which the cookie is in scope or null if none is set.
37 | */
38 | String getPath();
39 |
40 | /**
41 | * This method is used to retrieve the expiration time for the cookie.
42 | *
43 | * @return The expiration time for the cookie, or
44 | * null if none is set (i.e., for non-persistent session
45 | * cookies).
46 | */
47 | Date getExpiration();
48 |
49 | /**
50 | * This method is used to retrieve the name of the cookie.
51 | *
52 | * @return The name of the cookie.
53 | */
54 | String getName();
55 |
56 | /**
57 | * This method is used to retrieve the value of the cookie.
58 | * @return The value of the cookie.
59 | */
60 | String getValue();
61 | }
62 |
--------------------------------------------------------------------------------
/api/burp/IExtensionHelpers.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IExtensionHelpers.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.net.URL;
13 | import java.util.List;
14 |
15 | /**
16 | * This interface contains a number of helper methods, which extensions can use
17 | * to assist with various common tasks that arise for Burp extensions.
18 | *
19 | * Extensions can call
20 | * IBurpExtenderCallbacks.getHelpers to obtain an instance of this
21 | * interface.
22 | */
23 | public interface IExtensionHelpers
24 | {
25 | /**
26 | * This method can be used to analyze an HTTP request, and obtain various
27 | * key details about it.
28 | *
29 | * @param request An
30 | * IHttpRequestResponse object containing the request to be
31 | * analyzed.
32 | * @return An
33 | * IRequestInfo object that can be queried to obtain details
34 | * about the request.
35 | */
36 | IRequestInfo analyzeRequest(IHttpRequestResponse request);
37 |
38 | /**
39 | * This method can be used to analyze an HTTP request, and obtain various
40 | * key details about it.
41 | *
42 | * @param httpService The HTTP service associated with the request. This is
43 | * optional and may be
44 | * null, in which case the resulting
45 | * IRequestInfo object will not include the full request URL.
46 | * @param request The request to be analyzed.
47 | * @return An
48 | * IRequestInfo object that can be queried to obtain details
49 | * about the request.
50 | */
51 | IRequestInfo analyzeRequest(IHttpService httpService, byte[] request);
52 |
53 | /**
54 | * This method can be used to analyze an HTTP request, and obtain various
55 | * key details about it. The resulting
56 | * IRequestInfo object will not include the full request URL.
57 | * To obtain the full URL, use one of the other overloaded
58 | * analyzeRequest() methods.
59 | *
60 | * @param request The request to be analyzed.
61 | * @return An
62 | * IRequestInfo object that can be queried to obtain details
63 | * about the request.
64 | */
65 | IRequestInfo analyzeRequest(byte[] request);
66 |
67 | /**
68 | * This method can be used to analyze an HTTP response, and obtain various
69 | * key details about it.
70 | *
71 | * @param response The response to be analyzed.
72 | * @return An
73 | * IResponseInfo object that can be queried to obtain details
74 | * about the response.
75 | */
76 | IResponseInfo analyzeResponse(byte[] response);
77 |
78 | /**
79 | * This method can be used to retrieve details of a specified parameter
80 | * within an HTTP request. Note: Use
81 | * analyzeRequest() to obtain details of all parameters within
82 | * the request.
83 | *
84 | * @param request The request to be inspected for the specified parameter.
85 | * @param parameterName The name of the parameter to retrieve.
86 | * @return An
87 | * IParameter object that can be queried to obtain details
88 | * about the parameter, or
89 | * null if the parameter was not found.
90 | */
91 | IParameter getRequestParameter(byte[] request, String parameterName);
92 |
93 | /**
94 | * This method can be used to URL-decode the specified data.
95 | *
96 | * @param data The data to be decoded.
97 | * @return The decoded data.
98 | */
99 | String urlDecode(String data);
100 |
101 | /**
102 | * This method can be used to URL-encode the specified data. Any characters
103 | * that do not need to be encoded within HTTP requests are not encoded.
104 | *
105 | * @param data The data to be encoded.
106 | * @return The encoded data.
107 | */
108 | String urlEncode(String data);
109 |
110 | /**
111 | * This method can be used to URL-decode the specified data.
112 | *
113 | * @param data The data to be decoded.
114 | * @return The decoded data.
115 | */
116 | byte[] urlDecode(byte[] data);
117 |
118 | /**
119 | * This method can be used to URL-encode the specified data. Any characters
120 | * that do not need to be encoded within HTTP requests are not encoded.
121 | *
122 | * @param data The data to be encoded.
123 | * @return The encoded data.
124 | */
125 | byte[] urlEncode(byte[] data);
126 |
127 | /**
128 | * This method can be used to Base64-decode the specified data.
129 | *
130 | * @param data The data to be decoded.
131 | * @return The decoded data.
132 | */
133 | byte[] base64Decode(String data);
134 |
135 | /**
136 | * This method can be used to Base64-decode the specified data.
137 | *
138 | * @param data The data to be decoded.
139 | * @return The decoded data.
140 | */
141 | byte[] base64Decode(byte[] data);
142 |
143 | /**
144 | * This method can be used to Base64-encode the specified data.
145 | *
146 | * @param data The data to be encoded.
147 | * @return The encoded data.
148 | */
149 | String base64Encode(String data);
150 |
151 | /**
152 | * This method can be used to Base64-encode the specified data.
153 | *
154 | * @param data The data to be encoded.
155 | * @return The encoded data.
156 | */
157 | String base64Encode(byte[] data);
158 |
159 | /**
160 | * This method can be used to convert data from String form into an array of
161 | * bytes. The conversion does not reflect any particular character set, and
162 | * a character with the hex representation 0xWXYZ will always be converted
163 | * into a byte with the representation 0xYZ. It performs the opposite
164 | * conversion to the method
165 | * bytesToString(), and byte-based data that is converted to a
166 | * String and back again using these two methods is guaranteed to retain its
167 | * integrity (which may not be the case with conversions that reflect a
168 | * given character set).
169 | *
170 | * @param data The data to be converted.
171 | * @return The converted data.
172 | */
173 | byte[] stringToBytes(String data);
174 |
175 | /**
176 | * This method can be used to convert data from an array of bytes into
177 | * String form. The conversion does not reflect any particular character
178 | * set, and a byte with the representation 0xYZ will always be converted
179 | * into a character with the hex representation 0x00YZ. It performs the
180 | * opposite conversion to the method
181 | * stringToBytes(), and byte-based data that is converted to a
182 | * String and back again using these two methods is guaranteed to retain its
183 | * integrity (which may not be the case with conversions that reflect a
184 | * given character set).
185 | *
186 | * @param data The data to be converted.
187 | * @return The converted data.
188 | */
189 | String bytesToString(byte[] data);
190 |
191 | /**
192 | * This method searches a piece of data for the first occurrence of a
193 | * specified pattern. It works on byte-based data in a way that is similar
194 | * to the way the native Java method
195 | * String.indexOf() works on String-based data.
196 | *
197 | * @param data The data to be searched.
198 | * @param pattern The pattern to be searched for.
199 | * @param caseSensitive Flags whether or not the search is case-sensitive.
200 | * @param from The offset within
201 | * data where the search should begin.
202 | * @param to The offset within
203 | * data where the search should end.
204 | * @return The offset of the first occurrence of the pattern within the
205 | * specified bounds, or -1 if no match is found.
206 | */
207 | int indexOf(byte[] data,
208 | byte[] pattern,
209 | boolean caseSensitive,
210 | int from,
211 | int to);
212 |
213 | /**
214 | * This method builds an HTTP message containing the specified headers and
215 | * message body. If applicable, the Content-Length header will be added or
216 | * updated, based on the length of the body.
217 | *
218 | * @param headers A list of headers to include in the message.
219 | * @param body The body of the message, of
220 | * null if the message has an empty body.
221 | * @return The resulting full HTTP message.
222 | */
223 | byte[] buildHttpMessage(List headers, byte[] body);
224 |
225 | /**
226 | * This method creates a GET request to the specified URL. The headers used
227 | * in the request are determined by the Request headers settings as
228 | * configured in Burp Spider's options.
229 | *
230 | * @param url The URL to which the request should be made.
231 | * @return A request to the specified URL.
232 | */
233 | byte[] buildHttpRequest(URL url);
234 |
235 | /**
236 | * This method adds a new parameter to an HTTP request, and if appropriate
237 | * updates the Content-Length header.
238 | *
239 | * @param request The request to which the parameter should be added.
240 | * @param parameter An
241 | * IParameter object containing details of the parameter to be
242 | * added. Supported parameter types are:
243 | * PARAM_URL,
244 | * PARAM_BODY and
245 | * PARAM_COOKIE.
246 | * @return A new HTTP request with the new parameter added.
247 | */
248 | byte[] addParameter(byte[] request, IParameter parameter);
249 |
250 | /**
251 | * This method removes a parameter from an HTTP request, and if appropriate
252 | * updates the Content-Length header.
253 | *
254 | * @param request The request from which the parameter should be removed.
255 | * @param parameter An
256 | * IParameter object containing details of the parameter to be
257 | * removed. Supported parameter types are:
258 | * PARAM_URL,
259 | * PARAM_BODY and
260 | * PARAM_COOKIE.
261 | * @return A new HTTP request with the parameter removed.
262 | */
263 | byte[] removeParameter(byte[] request, IParameter parameter);
264 |
265 | /**
266 | * This method updates the value of a parameter within an HTTP request, and
267 | * if appropriate updates the Content-Length header. Note: This
268 | * method can only be used to update the value of an existing parameter of a
269 | * specified type. If you need to change the type of an existing parameter,
270 | * you should first call
271 | * removeParameter() to remove the parameter with the old type,
272 | * and then call
273 | * addParameter() to add a parameter with the new type.
274 | *
275 | * @param request The request containing the parameter to be updated.
276 | * @param parameter An
277 | * IParameter object containing details of the parameter to be
278 | * updated. Supported parameter types are:
279 | * PARAM_URL,
280 | * PARAM_BODY and
281 | * PARAM_COOKIE.
282 | * @return A new HTTP request with the parameter updated.
283 | */
284 | byte[] updateParameter(byte[] request, IParameter parameter);
285 |
286 | /**
287 | * This method can be used to toggle a request's method between GET and
288 | * POST. Parameters are relocated between the URL query string and message
289 | * body as required, and the Content-Length header is created or removed as
290 | * applicable.
291 | *
292 | * @param request The HTTP request whose method should be toggled.
293 | * @return A new HTTP request using the toggled method.
294 | */
295 | byte[] toggleRequestMethod(byte[] request);
296 |
297 | /**
298 | * This method constructs an
299 | * IHttpService object based on the details provided.
300 | *
301 | * @param host The HTTP service host.
302 | * @param port The HTTP service port.
303 | * @param protocol The HTTP service protocol.
304 | * @return An
305 | * IHttpService object based on the details provided.
306 | */
307 | IHttpService buildHttpService(String host, int port, String protocol);
308 |
309 | /**
310 | * This method constructs an
311 | * IHttpService object based on the details provided.
312 | *
313 | * @param host The HTTP service host.
314 | * @param port The HTTP service port.
315 | * @param useHttps Flags whether the HTTP service protocol is HTTPS or HTTP.
316 | * @return An
317 | * IHttpService object based on the details provided.
318 | */
319 | IHttpService buildHttpService(String host, int port, boolean useHttps);
320 |
321 | /**
322 | * This method constructs an
323 | * IParameter object based on the details provided.
324 | *
325 | * @param name The parameter name.
326 | * @param value The parameter value.
327 | * @param type The parameter type, as defined in the
328 | * IParameter interface.
329 | * @return An
330 | * IParameter object based on the details provided.
331 | */
332 | IParameter buildParameter(String name, String value, byte type);
333 |
334 | /**
335 | * This method constructs an
336 | * IScannerInsertionPoint object based on the details provided.
337 | * It can be used to quickly create a simple insertion point based on a
338 | * fixed payload location within a base request.
339 | *
340 | * @param insertionPointName The name of the insertion point.
341 | * @param baseRequest The request from which to build scan requests.
342 | * @param from The offset of the start of the payload location.
343 | * @param to The offset of the end of the payload location.
344 | * @return An
345 | * IScannerInsertionPoint object based on the details provided.
346 | */
347 | IScannerInsertionPoint makeScannerInsertionPoint(
348 | String insertionPointName,
349 | byte[] baseRequest,
350 | int from,
351 | int to);
352 | }
353 |
--------------------------------------------------------------------------------
/api/burp/IExtensionStateListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IExtensionStateListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerExtensionStateListener() to
15 | * register an extension state listener. The listener will be notified of
16 | * changes to the extension's state. Note: Any extensions that start
17 | * background threads or open system resources (such as files or database
18 | * connections) should register a listener and terminate threads / close
19 | * resources when the extension is unloaded.
20 | */
21 | public interface IExtensionStateListener
22 | {
23 | /**
24 | * This method is called when the extension is unloaded.
25 | */
26 | void extensionUnloaded();
27 | }
28 |
--------------------------------------------------------------------------------
/api/burp/IHttpListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerHttpListener() to register an
15 | * HTTP listener. The listener will be notified of requests and responses made
16 | * by any Burp tool. Extensions can perform custom analysis or modification of
17 | * these messages by registering an HTTP listener.
18 | */
19 | public interface IHttpListener
20 | {
21 | /**
22 | * This method is invoked when an HTTP request is about to be issued, and
23 | * when an HTTP response has been received.
24 | *
25 | * @param toolFlag A flag indicating the Burp tool that issued the request.
26 | * Burp tool flags are defined in the
27 | * IBurpExtenderCallbacks interface.
28 | * @param messageIsRequest Flags whether the method is being invoked for a
29 | * request or response.
30 | * @param messageInfo Details of the request / response to be processed.
31 | * Extensions can call the setter methods on this object to update the
32 | * current message and so modify Burp's behavior.
33 | */
34 | void processHttpMessage(int toolFlag,
35 | boolean messageIsRequest,
36 | IHttpRequestResponse messageInfo);
37 | }
38 |
--------------------------------------------------------------------------------
/api/burp/IHttpRequestResponse.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpRequestResponse.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to retrieve and update details about HTTP messages.
14 | *
15 | * Note: The setter methods generally can only be used before the message
16 | * has been processed, and not in read-only contexts. The getter methods
17 | * relating to response details can only be used after the request has been
18 | * issued.
19 | */
20 | public interface IHttpRequestResponse
21 | {
22 | /**
23 | * This method is used to retrieve the request message.
24 | *
25 | * @return The request message.
26 | */
27 | byte[] getRequest();
28 |
29 | /**
30 | * This method is used to update the request message.
31 | *
32 | * @param message The new request message.
33 | */
34 | void setRequest(byte[] message);
35 |
36 | /**
37 | * This method is used to retrieve the response message.
38 | *
39 | * @return The response message.
40 | */
41 | byte[] getResponse();
42 |
43 | /**
44 | * This method is used to update the response message.
45 | *
46 | * @param message The new response message.
47 | */
48 | void setResponse(byte[] message);
49 |
50 | /**
51 | * This method is used to retrieve the user-annotated comment for this item,
52 | * if applicable.
53 | *
54 | * @return The user-annotated comment for this item, or null if none is set.
55 | */
56 | String getComment();
57 |
58 | /**
59 | * This method is used to update the user-annotated comment for this item.
60 | *
61 | * @param comment The comment to be assigned to this item.
62 | */
63 | void setComment(String comment);
64 |
65 | /**
66 | * This method is used to retrieve the user-annotated highlight for this
67 | * item, if applicable.
68 | *
69 | * @return The user-annotated highlight for this item, or null if none is
70 | * set.
71 | */
72 | String getHighlight();
73 |
74 | /**
75 | * This method is used to update the user-annotated highlight for this item.
76 | *
77 | * @param color The highlight color to be assigned to this item. Accepted
78 | * values are: red, orange, yellow, green, cyan, blue, pink, magenta, gray,
79 | * or a null String to clear any existing highlight.
80 | */
81 | void setHighlight(String color);
82 |
83 | /**
84 | * This method is used to retrieve the HTTP service for this request /
85 | * response.
86 | *
87 | * @return An
88 | * IHttpService object containing details of the HTTP service.
89 | */
90 | IHttpService getHttpService();
91 |
92 | /**
93 | * This method is used to update the HTTP service for this request /
94 | * response.
95 | *
96 | * @param httpService An
97 | * IHttpService object containing details of the new HTTP
98 | * service.
99 | */
100 | void setHttpService(IHttpService httpService);
101 |
102 | }
103 |
--------------------------------------------------------------------------------
/api/burp/IHttpRequestResponsePersisted.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpRequestResponsePersisted.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used for an
14 | * IHttpRequestResponse object whose request and response messages
15 | * have been saved to temporary files using
16 | * IBurpExtenderCallbacks.saveBuffersToTempFiles().
17 | */
18 | public interface IHttpRequestResponsePersisted extends IHttpRequestResponse
19 | {
20 | /**
21 | * This method is deprecated and no longer performs any action.
22 | */
23 | @Deprecated
24 | void deleteTempFiles();
25 | }
26 |
--------------------------------------------------------------------------------
/api/burp/IHttpRequestResponseWithMarkers.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpRequestResponseWithMarkers.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 |
14 | /**
15 | * This interface is used for an
16 | * IHttpRequestResponse object that has had markers applied.
17 | * Extensions can create instances of this interface using
18 | * IBurpExtenderCallbacks.applyMarkers(), or provide their own
19 | * implementation. Markers are used in various situations, such as specifying
20 | * Intruder payload positions, Scanner insertion points, and highlights in
21 | * Scanner issues.
22 | */
23 | public interface IHttpRequestResponseWithMarkers extends IHttpRequestResponse
24 | {
25 | /**
26 | * This method returns the details of the request markers.
27 | *
28 | * @return A list of index pairs representing the offsets of markers for the
29 | * request message. Each item in the list is an int[2] array containing the
30 | * start and end offsets for the marker. The method may return
31 | * null if no request markers are defined.
32 | */
33 | List getRequestMarkers();
34 |
35 | /**
36 | * This method returns the details of the response markers.
37 | *
38 | * @return A list of index pairs representing the offsets of markers for the
39 | * response message. Each item in the list is an int[2] array containing the
40 | * start and end offsets for the marker. The method may return
41 | * null if no response markers are defined.
42 | */
43 | List getResponseMarkers();
44 | }
45 |
--------------------------------------------------------------------------------
/api/burp/IHttpService.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpService.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to provide details about an HTTP service, to which
14 | * HTTP requests can be sent.
15 | */
16 | public interface IHttpService
17 | {
18 | /**
19 | * This method returns the hostname or IP address for the service.
20 | *
21 | * @return The hostname or IP address for the service.
22 | */
23 | String getHost();
24 |
25 | /**
26 | * This method returns the port number for the service.
27 | *
28 | * @return The port number for the service.
29 | */
30 | int getPort();
31 |
32 | /**
33 | * This method returns the protocol for the service.
34 | *
35 | * @return The protocol for the service. Expected values are "http" or
36 | * "https".
37 | */
38 | String getProtocol();
39 | }
40 |
--------------------------------------------------------------------------------
/api/burp/IInterceptedProxyMessage.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IInterceptedProxyMessage.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.net.InetAddress;
13 |
14 | /**
15 | * This interface is used to represent an HTTP message that has been intercepted
16 | * by Burp Proxy. Extensions can register an
17 | * IProxyListener to receive details of proxy messages using this
18 | * interface. *
19 | */
20 | public interface IInterceptedProxyMessage
21 | {
22 | /**
23 | * This action causes Burp Proxy to follow the current interception rules to
24 | * determine the appropriate action to take for the message.
25 | */
26 | static final int ACTION_FOLLOW_RULES = 0;
27 | /**
28 | * This action causes Burp Proxy to present the message to the user for
29 | * manual review or modification.
30 | */
31 | static final int ACTION_DO_INTERCEPT = 1;
32 | /**
33 | * This action causes Burp Proxy to forward the message to the remote server
34 | * or client, without presenting it to the user.
35 | */
36 | static final int ACTION_DONT_INTERCEPT = 2;
37 | /**
38 | * This action causes Burp Proxy to drop the message.
39 | */
40 | static final int ACTION_DROP = 3;
41 | /**
42 | * This action causes Burp Proxy to follow the current interception rules to
43 | * determine the appropriate action to take for the message, and then make a
44 | * second call to processProxyMessage.
45 | */
46 | static final int ACTION_FOLLOW_RULES_AND_REHOOK = 0x10;
47 | /**
48 | * This action causes Burp Proxy to present the message to the user for
49 | * manual review or modification, and then make a second call to
50 | * processProxyMessage.
51 | */
52 | static final int ACTION_DO_INTERCEPT_AND_REHOOK = 0x11;
53 | /**
54 | * This action causes Burp Proxy to skip user interception, and then make a
55 | * second call to processProxyMessage.
56 | */
57 | static final int ACTION_DONT_INTERCEPT_AND_REHOOK = 0x12;
58 |
59 | /**
60 | * This method retrieves a unique reference number for this
61 | * request/response.
62 | *
63 | * @return An identifier that is unique to a single request/response pair.
64 | * Extensions can use this to correlate details of requests and responses
65 | * and perform processing on the response message accordingly.
66 | */
67 | int getMessageReference();
68 |
69 | /**
70 | * This method retrieves details of the intercepted message.
71 | *
72 | * @return An IHttpRequestResponse object containing details of
73 | * the intercepted message.
74 | */
75 | IHttpRequestResponse getMessageInfo();
76 |
77 | /**
78 | * This method retrieves the currently defined interception action. The
79 | * default action is
80 | * ACTION_FOLLOW_RULES. If multiple proxy listeners are
81 | * registered, then other listeners may already have modified the
82 | * interception action before it reaches the current listener. This method
83 | * can be used to determine whether this has occurred.
84 | *
85 | * @return The currently defined interception action. Possible values are
86 | * defined within this interface.
87 | */
88 | int getInterceptAction();
89 |
90 | /**
91 | * This method is used to update the interception action.
92 | *
93 | * @param interceptAction The new interception action. Possible values are
94 | * defined within this interface.
95 | */
96 | void setInterceptAction(int interceptAction);
97 |
98 | /**
99 | * This method retrieves the name of the Burp Proxy listener that is
100 | * processing the intercepted message.
101 | *
102 | * @return The name of the Burp Proxy listener that is processing the
103 | * intercepted message. The format is the same as that shown in the Proxy
104 | * Listeners UI - for example, "127.0.0.1:8080".
105 | */
106 | String getListenerInterface();
107 |
108 | /**
109 | * This method retrieves the client IP address from which the request for
110 | * the intercepted message was received.
111 | *
112 | * @return The client IP address from which the request for the intercepted
113 | * message was received.
114 | */
115 | InetAddress getClientIpAddress();
116 | }
117 |
--------------------------------------------------------------------------------
/api/burp/IIntruderAttack.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderAttack.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to hold details about an Intruder attack.
14 | */
15 | public interface IIntruderAttack
16 | {
17 | /**
18 | * This method is used to retrieve the HTTP service for the attack.
19 | *
20 | * @return The HTTP service for the attack.
21 | */
22 | IHttpService getHttpService();
23 |
24 | /**
25 | * This method is used to retrieve the request template for the attack.
26 | *
27 | * @return The request template for the attack.
28 | */
29 | byte[] getRequestTemplate();
30 |
31 | }
32 |
--------------------------------------------------------------------------------
/api/burp/IIntruderPayloadGenerator.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderPayloadGenerator.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used for custom Intruder payload generators. Extensions
14 | * that have registered an
15 | * IIntruderPayloadGeneratorFactory must return a new instance of
16 | * this interface when required as part of a new Intruder attack.
17 | */
18 | public interface IIntruderPayloadGenerator
19 | {
20 | /**
21 | * This method is used by Burp to determine whether the payload generator is
22 | * able to provide any further payloads.
23 | *
24 | * @return Extensions should return
25 | * false when all the available payloads have been used up,
26 | * otherwise
27 | * true.
28 | */
29 | boolean hasMorePayloads();
30 |
31 | /**
32 | * This method is used by Burp to obtain the value of the next payload.
33 | *
34 | * @param baseValue The base value of the current payload position. This
35 | * value may be
36 | * null if the concept of a base value is not applicable (e.g.
37 | * in a battering ram attack).
38 | * @return The next payload to use in the attack.
39 | */
40 | byte[] getNextPayload(byte[] baseValue);
41 |
42 | /**
43 | * This method is used by Burp to reset the state of the payload generator
44 | * so that the next call to
45 | * getNextPayload() returns the first payload again. This
46 | * method will be invoked when an attack uses the same payload generator for
47 | * more than one payload position, for example in a sniper attack.
48 | */
49 | void reset();
50 | }
51 |
--------------------------------------------------------------------------------
/api/burp/IIntruderPayloadGeneratorFactory.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderPayloadGeneratorFactory.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerIntruderPayloadGeneratorFactory()
15 | * to register a factory for custom Intruder payloads.
16 | */
17 | public interface IIntruderPayloadGeneratorFactory
18 | {
19 | /**
20 | * This method is used by Burp to obtain the name of the payload generator.
21 | * This will be displayed as an option within the Intruder UI when the user
22 | * selects to use extension-generated payloads.
23 | *
24 | * @return The name of the payload generator.
25 | */
26 | String getGeneratorName();
27 |
28 | /**
29 | * This method is used by Burp when the user starts an Intruder attack that
30 | * uses this payload generator.
31 | *
32 | * @param attack An
33 | * IIntruderAttack object that can be queried to obtain details
34 | * about the attack in which the payload generator will be used.
35 | * @return A new instance of
36 | * IIntruderPayloadGenerator that will be used to generate
37 | * payloads for the attack.
38 | */
39 | IIntruderPayloadGenerator createNewInstance(IIntruderAttack attack);
40 | }
41 |
--------------------------------------------------------------------------------
/api/burp/IIntruderPayloadProcessor.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderPayloadProcessor.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerIntruderPayloadProcessor() to
15 | * register a custom Intruder payload processor.
16 | */
17 | public interface IIntruderPayloadProcessor
18 | {
19 | /**
20 | * This method is used by Burp to obtain the name of the payload processor.
21 | * This will be displayed as an option within the Intruder UI when the user
22 | * selects to use an extension-provided payload processor.
23 | *
24 | * @return The name of the payload processor.
25 | */
26 | String getProcessorName();
27 |
28 | /**
29 | * This method is invoked by Burp each time the processor should be applied
30 | * to an Intruder payload.
31 | *
32 | * @param currentPayload The value of the payload to be processed.
33 | * @param originalPayload The value of the original payload prior to
34 | * processing by any already-applied processing rules.
35 | * @param baseValue The base value of the payload position, which will be
36 | * replaced with the current payload.
37 | * @return The value of the processed payload. This may be
38 | * null to indicate that the current payload should be skipped,
39 | * and the attack will move directly to the next payload.
40 | */
41 | byte[] processPayload(
42 | byte[] currentPayload,
43 | byte[] originalPayload,
44 | byte[] baseValue);
45 | }
46 |
--------------------------------------------------------------------------------
/api/burp/IMenuItemHandler.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMenuItemHandler.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerMenuItem() to register a custom
15 | * context menu item.
16 | *
17 | * @deprecated Use
18 | * IContextMenuFactory instead.
19 | */
20 | @Deprecated
21 | public interface IMenuItemHandler
22 | {
23 | /**
24 | * This method is invoked by Burp Suite when the user clicks on a custom
25 | * menu item which the extension has registered with Burp.
26 | *
27 | * @param menuItemCaption The caption of the menu item which was clicked.
28 | * This parameter enables extensions to provide a single implementation
29 | * which handles multiple different menu items.
30 | * @param messageInfo Details of the HTTP message(s) for which the context
31 | * menu was displayed.
32 | */
33 | void menuItemClicked(
34 | String menuItemCaption,
35 | IHttpRequestResponse[] messageInfo);
36 | }
37 |
--------------------------------------------------------------------------------
/api/burp/IMessageEditor.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMessageEditor.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.Component;
13 |
14 | /**
15 | * This interface is used to provide extensions with an instance of Burp's HTTP
16 | * message editor, for the extension to use in its own UI. Extensions should
17 | * call
18 | * IBurpExtenderCallbacks.createMessageEditor() to obtain an
19 | * instance of this interface.
20 | */
21 | public interface IMessageEditor
22 | {
23 | /**
24 | * This method returns the UI component of the editor, for extensions to add
25 | * to their own UI.
26 | *
27 | * @return The UI component of the editor.
28 | */
29 | Component getComponent();
30 |
31 | /**
32 | * This method is used to display an HTTP message in the editor.
33 | *
34 | * @param message The HTTP message to be displayed.
35 | * @param isRequest Flags whether the message is an HTTP request or
36 | * response.
37 | */
38 | void setMessage(byte[] message, boolean isRequest);
39 |
40 | /**
41 | * This method is used to retrieve the currently displayed message, which
42 | * may have been modified by the user.
43 | *
44 | * @return The currently displayed HTTP message.
45 | */
46 | byte[] getMessage();
47 |
48 | /**
49 | * This method is used to determine whether the current message has been
50 | * modified by the user.
51 | *
52 | * @return An indication of whether the current message has been modified by
53 | * the user since it was first displayed.
54 | */
55 | boolean isMessageModified();
56 |
57 | /**
58 | * This method returns the data that is currently selected by the user.
59 | *
60 | * @return The data that is currently selected by the user, or
61 | * null if no selection is made.
62 | */
63 | byte[] getSelectedData();
64 | }
65 |
--------------------------------------------------------------------------------
/api/burp/IMessageEditorController.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMessageEditorController.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used by an
14 | * IMessageEditor to obtain details about the currently displayed
15 | * message. Extensions that create instances of Burp's HTTP message editor can
16 | * optionally provide an implementation of
17 | * IMessageEditorController, which the editor will invoke when it
18 | * requires further information about the current message (for example, to send
19 | * it to another Burp tool). Extensions that provide custom editor tabs via an
20 | * IMessageEditorTabFactory will receive a reference to an
21 | * IMessageEditorController object for each tab instance they
22 | * generate, which the tab can invoke if it requires further information about
23 | * the current message.
24 | */
25 | public interface IMessageEditorController
26 | {
27 | /**
28 | * This method is used to retrieve the HTTP service for the current message.
29 | *
30 | * @return The HTTP service for the current message.
31 | */
32 | IHttpService getHttpService();
33 |
34 | /**
35 | * This method is used to retrieve the HTTP request associated with the
36 | * current message (which may itself be a response).
37 | *
38 | * @return The HTTP request associated with the current message.
39 | */
40 | byte[] getRequest();
41 |
42 | /**
43 | * This method is used to retrieve the HTTP response associated with the
44 | * current message (which may itself be a request).
45 | *
46 | * @return The HTTP response associated with the current message.
47 | */
48 | byte[] getResponse();
49 | }
50 |
--------------------------------------------------------------------------------
/api/burp/IMessageEditorTab.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMessageEditorTab.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.Component;
13 |
14 | /**
15 | * Extensions that register an
16 | * IMessageEditorTabFactory must return instances of this
17 | * interface, which Burp will use to create custom tabs within its HTTP message
18 | * editors.
19 | */
20 | public interface IMessageEditorTab
21 | {
22 | /**
23 | * This method returns the caption that should appear on the custom tab when
24 | * it is displayed. Note: Burp invokes this method once when the tab
25 | * is first generated, and the same caption will be used every time the tab
26 | * is displayed.
27 | *
28 | * @return The caption that should appear on the custom tab when it is
29 | * displayed.
30 | */
31 | String getTabCaption();
32 |
33 | /**
34 | * This method returns the component that should be used as the contents of
35 | * the custom tab when it is displayed. Note: Burp invokes this
36 | * method once when the tab is first generated, and the same component will
37 | * be used every time the tab is displayed.
38 | *
39 | * @return The component that should be used as the contents of the custom
40 | * tab when it is displayed.
41 | */
42 | Component getUiComponent();
43 |
44 | /**
45 | * The hosting editor will invoke this method before it displays a new HTTP
46 | * message, so that the custom tab can indicate whether it should be enabled
47 | * for that message.
48 | *
49 | * @param content The message that is about to be displayed, or a zero-length
50 | * array if the existing message is to be cleared.
51 | * @param isRequest Indicates whether the message is a request or a
52 | * response.
53 | * @return The method should return
54 | * true if the custom tab is able to handle the specified
55 | * message, and so will be displayed within the editor. Otherwise, the tab
56 | * will be hidden while this message is displayed.
57 | */
58 | boolean isEnabled(byte[] content, boolean isRequest);
59 |
60 | /**
61 | * The hosting editor will invoke this method to display a new message or to
62 | * clear the existing message. This method will only be called with a new
63 | * message if the tab has already returned
64 | * true to a call to
65 | * isEnabled() with the same message details.
66 | *
67 | * @param content The message that is to be displayed, or
68 | * null if the tab should clear its contents and disable any
69 | * editable controls.
70 | * @param isRequest Indicates whether the message is a request or a
71 | * response.
72 | */
73 | void setMessage(byte[] content, boolean isRequest);
74 |
75 | /**
76 | * This method returns the currently displayed message.
77 | *
78 | * @return The currently displayed message.
79 | */
80 | byte[] getMessage();
81 |
82 | /**
83 | * This method is used to determine whether the currently displayed message
84 | * has been modified by the user. The hosting editor will always call
85 | * getMessage() before calling this method, so any pending
86 | * edits should be completed within
87 | * getMessage().
88 | *
89 | * @return The method should return
90 | * true if the user has modified the current message since it
91 | * was first displayed.
92 | */
93 | boolean isModified();
94 |
95 | /**
96 | * This method is used to retrieve the data that is currently selected by
97 | * the user.
98 | *
99 | * @return The data that is currently selected by the user. This may be
100 | * null if no selection is currently made.
101 | */
102 | byte[] getSelectedData();
103 | }
104 |
--------------------------------------------------------------------------------
/api/burp/IMessageEditorTabFactory.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMessageEditorTabFactory.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerMessageEditorTabFactory() to
15 | * register a factory for custom message editor tabs. This allows extensions to
16 | * provide custom rendering or editing of HTTP messages, within Burp's own HTTP
17 | * editor.
18 | */
19 | public interface IMessageEditorTabFactory
20 | {
21 | /**
22 | * Burp will call this method once for each HTTP message editor, and the
23 | * factory should provide a new instance of an
24 | * IMessageEditorTab object.
25 | *
26 | * @param controller An
27 | * IMessageEditorController object, which the new tab can query
28 | * to retrieve details about the currently displayed message. This may be
29 | * null for extension-invoked message editors where the
30 | * extension has not provided an editor controller.
31 | * @param editable Indicates whether the hosting editor is editable or
32 | * read-only.
33 | * @return A new
34 | * IMessageEditorTab object for use within the message editor.
35 | */
36 | IMessageEditorTab createNewInstance(IMessageEditorController controller,
37 | boolean editable);
38 | }
39 |
--------------------------------------------------------------------------------
/api/burp/IParameter.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IParameter.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to hold details about an HTTP request parameter.
14 | */
15 | public interface IParameter
16 | {
17 | /**
18 | * Used to indicate a parameter within the URL query string.
19 | */
20 | static final byte PARAM_URL = 0;
21 | /**
22 | * Used to indicate a parameter within the message body.
23 | */
24 | static final byte PARAM_BODY = 1;
25 | /**
26 | * Used to indicate an HTTP cookie.
27 | */
28 | static final byte PARAM_COOKIE = 2;
29 | /**
30 | * Used to indicate an item of data within an XML structure.
31 | */
32 | static final byte PARAM_XML = 3;
33 | /**
34 | * Used to indicate the value of a tag attribute within an XML structure.
35 | */
36 | static final byte PARAM_XML_ATTR = 4;
37 | /**
38 | * Used to indicate the value of a parameter attribute within a multi-part
39 | * message body (such as the name of an uploaded file).
40 | */
41 | static final byte PARAM_MULTIPART_ATTR = 5;
42 | /**
43 | * Used to indicate an item of data within a JSON structure.
44 | */
45 | static final byte PARAM_JSON = 6;
46 |
47 | /**
48 | * This method is used to retrieve the parameter type.
49 | *
50 | * @return The parameter type. The available types are defined within this
51 | * interface.
52 | */
53 | byte getType();
54 |
55 | /**
56 | * This method is used to retrieve the parameter name.
57 | *
58 | * @return The parameter name.
59 | */
60 | String getName();
61 |
62 | /**
63 | * This method is used to retrieve the parameter value.
64 | *
65 | * @return The parameter value.
66 | */
67 | String getValue();
68 |
69 | /**
70 | * This method is used to retrieve the start offset of the parameter name
71 | * within the HTTP request.
72 | *
73 | * @return The start offset of the parameter name within the HTTP request,
74 | * or -1 if the parameter is not associated with a specific request.
75 | */
76 | int getNameStart();
77 |
78 | /**
79 | * This method is used to retrieve the end offset of the parameter name
80 | * within the HTTP request.
81 | *
82 | * @return The end offset of the parameter name within the HTTP request, or
83 | * -1 if the parameter is not associated with a specific request.
84 | */
85 | int getNameEnd();
86 |
87 | /**
88 | * This method is used to retrieve the start offset of the parameter value
89 | * within the HTTP request.
90 | *
91 | * @return The start offset of the parameter value within the HTTP request,
92 | * or -1 if the parameter is not associated with a specific request.
93 | */
94 | int getValueStart();
95 |
96 | /**
97 | * This method is used to retrieve the end offset of the parameter value
98 | * within the HTTP request.
99 | *
100 | * @return The end offset of the parameter value within the HTTP request, or
101 | * -1 if the parameter is not associated with a specific request.
102 | */
103 | int getValueEnd();
104 | }
105 |
--------------------------------------------------------------------------------
/api/burp/IProxyListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IProxyListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerProxyListener() to register a
15 | * Proxy listener. The listener will be notified of requests and responses being
16 | * processed by the Proxy tool. Extensions can perform custom analysis or
17 | * modification of these messages, and control in-UI message interception, by
18 | * registering a proxy listener.
19 | */
20 | public interface IProxyListener
21 | {
22 | /**
23 | * This method is invoked when an HTTP message is being processed by the
24 | * Proxy.
25 | *
26 | * @param messageIsRequest Indicates whether the HTTP message is a request
27 | * or a response.
28 | * @param message An
29 | * IInterceptedProxyMessage object that extensions can use to
30 | * query and update details of the message, and control whether the message
31 | * should be intercepted and displayed to the user for manual review or
32 | * modification.
33 | */
34 | void processProxyMessage(
35 | boolean messageIsRequest,
36 | IInterceptedProxyMessage message);
37 | }
38 |
--------------------------------------------------------------------------------
/api/burp/IRequestInfo.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IRequestInfo.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.net.URL;
13 | import java.util.List;
14 |
15 | /**
16 | * This interface is used to retrieve key details about an HTTP request.
17 | * Extensions can obtain an
18 | * IRequestInfo object for a given request by calling
19 | * IExtensionHelpers.analyzeRequest().
20 | */
21 | public interface IRequestInfo
22 | {
23 | /**
24 | * Used to indicate that there is no content.
25 | */
26 | static final byte CONTENT_TYPE_NONE = 0;
27 | /**
28 | * Used to indicate URL-encoded content.
29 | */
30 | static final byte CONTENT_TYPE_URL_ENCODED = 1;
31 | /**
32 | * Used to indicate multi-part content.
33 | */
34 | static final byte CONTENT_TYPE_MULTIPART = 2;
35 | /**
36 | * Used to indicate XML content.
37 | */
38 | static final byte CONTENT_TYPE_XML = 3;
39 | /**
40 | * Used to indicate JSON content.
41 | */
42 | static final byte CONTENT_TYPE_JSON = 4;
43 | /**
44 | * Used to indicate AMF content.
45 | */
46 | static final byte CONTENT_TYPE_AMF = 5;
47 | /**
48 | * Used to indicate unknown content.
49 | */
50 | static final byte CONTENT_TYPE_UNKNOWN = -1;
51 |
52 | /**
53 | * This method is used to obtain the HTTP method used in the request.
54 | *
55 | * @return The HTTP method used in the request.
56 | */
57 | String getMethod();
58 |
59 | /**
60 | * This method is used to obtain the URL in the request.
61 | *
62 | * @return The URL in the request.
63 | */
64 | URL getUrl();
65 |
66 | /**
67 | * This method is used to obtain the HTTP headers contained in the request.
68 | *
69 | * @return The HTTP headers contained in the request.
70 | */
71 | List getHeaders();
72 |
73 | /**
74 | * This method is used to obtain the parameters contained in the request.
75 | *
76 | * @return The parameters contained in the request.
77 | */
78 | List getParameters();
79 |
80 | /**
81 | * This method is used to obtain the offset within the request where the
82 | * message body begins.
83 | *
84 | * @return The offset within the request where the message body begins.
85 | */
86 | int getBodyOffset();
87 |
88 | /**
89 | * This method is used to obtain the content type of the message body.
90 | *
91 | * @return An indication of the content type of the message body. Available
92 | * types are defined within this interface.
93 | */
94 | byte getContentType();
95 | }
96 |
--------------------------------------------------------------------------------
/api/burp/IResponseInfo.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IResponseInfo.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 |
14 | /**
15 | * This interface is used to retrieve key details about an HTTP response.
16 | * Extensions can obtain an
17 | * IResponseInfo object for a given response by calling
18 | * IExtensionHelpers.analyzeResponse().
19 | */
20 | public interface IResponseInfo
21 | {
22 | /**
23 | * This method is used to obtain the HTTP headers contained in the response.
24 | *
25 | * @return The HTTP headers contained in the response.
26 | */
27 | List getHeaders();
28 |
29 | /**
30 | * This method is used to obtain the offset within the response where the
31 | * message body begins.
32 | *
33 | * @return The offset within the response where the message body begins.
34 | */
35 | int getBodyOffset();
36 |
37 | /**
38 | * This method is used to obtain the HTTP status code contained in the
39 | * response.
40 | *
41 | * @return The HTTP status code contained in the response.
42 | */
43 | short getStatusCode();
44 |
45 | /**
46 | * This method is used to obtain details of the HTTP cookies set in the
47 | * response.
48 | *
49 | * @return A list of ICookie objects representing the cookies
50 | * set in the response, if any.
51 | */
52 | List getCookies();
53 |
54 | /**
55 | * This method is used to obtain the MIME type of the response, as stated in
56 | * the HTTP headers.
57 | *
58 | * @return A textual label for the stated MIME type, or an empty String if
59 | * this is not known or recognized. The possible labels are the same as
60 | * those used in the main Burp UI.
61 | */
62 | String getStatedMimeType();
63 |
64 | /**
65 | * This method is used to obtain the MIME type of the response, as inferred
66 | * from the contents of the HTTP message body.
67 | *
68 | * @return A textual label for the inferred MIME type, or an empty String if
69 | * this is not known or recognized. The possible labels are the same as
70 | * those used in the main Burp UI.
71 | */
72 | String getInferredMimeType();
73 | }
74 |
--------------------------------------------------------------------------------
/api/burp/IScanIssue.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScanIssue.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to retrieve details of Scanner issues. Extensions can
14 | * obtain details of issues by registering an
15 | * IScannerListener or by calling
16 | * IBurpExtenderCallbacks.getScanIssues(). Extensions can also add
17 | * custom Scanner issues by registering an
18 | * IScannerCheck or calling
19 | * IBurpExtenderCallbacks.addScanIssue(), and providing their own
20 | * implementations of this interface
21 | */
22 | public interface IScanIssue
23 | {
24 | /**
25 | * This method returns the URL for which the issue was generated.
26 | *
27 | * @return The URL for which the issue was generated.
28 | */
29 | java.net.URL getUrl();
30 |
31 | /**
32 | * This method returns the name of the issue type.
33 | *
34 | * @return The name of the issue type (e.g. "SQL injection").
35 | */
36 | String getIssueName();
37 |
38 | /**
39 | * This method returns a numeric identifier of the issue type. See the Burp
40 | * Scanner help documentation for a listing of all the issue types.
41 | *
42 | * @return A numeric identifier of the issue type.
43 | */
44 | int getIssueType();
45 |
46 | /**
47 | * This method returns the issue severity level.
48 | *
49 | * @return The issue severity level. Expected values are "High", "Medium",
50 | * "Low", "Information" or "False positive".
51 | *
52 | */
53 | String getSeverity();
54 |
55 | /**
56 | * This method returns the issue confidence level.
57 | *
58 | * @return The issue confidence level. Expected values are "Certain", "Firm"
59 | * or "Tentative".
60 | */
61 | String getConfidence();
62 |
63 | /**
64 | * This method returns a background description for this type of issue.
65 | *
66 | * @return A background description for this type of issue, or
67 | * null if none applies.
68 | */
69 | String getIssueBackground();
70 |
71 | /**
72 | * This method returns a background description of the remediation for this
73 | * type of issue.
74 | *
75 | * @return A background description of the remediation for this type of
76 | * issue, or
77 | * null if none applies.
78 | */
79 | String getRemediationBackground();
80 |
81 | /**
82 | * This method returns detailed information about this specific instance of
83 | * the issue.
84 | *
85 | * @return Detailed information about this specific instance of the issue,
86 | * or
87 | * null if none applies.
88 | */
89 | String getIssueDetail();
90 |
91 | /**
92 | * This method returns detailed information about the remediation for this
93 | * specific instance of the issue.
94 | *
95 | * @return Detailed information about the remediation for this specific
96 | * instance of the issue, or
97 | * null if none applies.
98 | */
99 | String getRemediationDetail();
100 |
101 | /**
102 | * This method returns the HTTP messages on the basis of which the issue was
103 | * generated.
104 | *
105 | * @return The HTTP messages on the basis of which the issue was generated.
106 | * Note: The items in this array should be instances of
107 | * IHttpRequestResponseWithMarkers if applicable, so that
108 | * details of the relevant portions of the request and response messages are
109 | * available.
110 | */
111 | IHttpRequestResponse[] getHttpMessages();
112 |
113 | /**
114 | * This method returns the HTTP service for which the issue was generated.
115 | *
116 | * @return The HTTP service for which the issue was generated.
117 | */
118 | IHttpService getHttpService();
119 |
120 | }
121 |
--------------------------------------------------------------------------------
/api/burp/IScanQueueItem.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScanQueueItem.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to retrieve details of items in the Burp Scanner
14 | * active scan queue. Extensions can obtain references to scan queue items by
15 | * calling
16 | * IBurpExtenderCallbacks.doActiveScan().
17 | */
18 | public interface IScanQueueItem
19 | {
20 | /**
21 | * This method returns a description of the status of the scan queue item.
22 | *
23 | * @return A description of the status of the scan queue item.
24 | */
25 | String getStatus();
26 |
27 | /**
28 | * This method returns an indication of the percentage completed for the
29 | * scan queue item.
30 | *
31 | * @return An indication of the percentage completed for the scan queue
32 | * item.
33 | */
34 | byte getPercentageComplete();
35 |
36 | /**
37 | * This method returns the number of requests that have been made for the
38 | * scan queue item.
39 | *
40 | * @return The number of requests that have been made for the scan queue
41 | * item.
42 | */
43 | int getNumRequests();
44 |
45 | /**
46 | * This method returns the number of network errors that have occurred for
47 | * the scan queue item.
48 | *
49 | * @return The number of network errors that have occurred for the scan
50 | * queue item.
51 | */
52 | int getNumErrors();
53 |
54 | /**
55 | * This method returns the number of attack insertion points being used for
56 | * the scan queue item.
57 | *
58 | * @return The number of attack insertion points being used for the scan
59 | * queue item.
60 | */
61 | int getNumInsertionPoints();
62 |
63 | /**
64 | * This method allows the scan queue item to be canceled.
65 | */
66 | void cancel();
67 |
68 | /**
69 | * This method returns details of the issues generated for the scan queue
70 | * item. Note: different items within the scan queue may contain
71 | * duplicated versions of the same issues - for example, if the same request
72 | * has been scanned multiple times. Duplicated issues are consolidated in
73 | * the main view of scan results. Extensions can register an
74 | * IScannerListener to get details only of unique, newly
75 | * discovered Scanner issues post-consolidation.
76 | *
77 | * @return Details of the issues generated for the scan queue item.
78 | */
79 | IScanIssue[] getIssues();
80 | }
81 |
--------------------------------------------------------------------------------
/api/burp/IScannerCheck.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScannerCheck.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 |
14 | /**
15 | * Extensions can implement this interface and then call
16 | * IBurpExtenderCallbacks.registerScannerCheck() to register a
17 | * custom Scanner check. When performing scanning, Burp will ask the check to
18 | * perform active or passive scanning on the base request, and report any
19 | * Scanner issues that are identified.
20 | */
21 | public interface IScannerCheck
22 | {
23 |
24 | /**
25 | * The Scanner invokes this method for each base request / response that is
26 | * passively scanned. Note: Extensions should only analyze the
27 | * HTTP messages provided during passive scanning, and should not make any
28 | * new HTTP requests of their own.
29 | *
30 | * @param baseRequestResponse The base HTTP request / response that should
31 | * be passively scanned.
32 | * @return A list of IScanIssue objects, or null
33 | * if no issues are identified.
34 | */
35 | List doPassiveScan(IHttpRequestResponse baseRequestResponse);
36 |
37 | /**
38 | * The Scanner invokes this method for each insertion point that is actively
39 | * scanned. Extensions may issue HTTP requests as required to carry out
40 | * active scanning, and should use the
41 | * IScannerInsertionPoint object provided to build scan
42 | * requests for particular payloads.
43 | * Note:
44 | * Scan checks should submit raw non-encoded payloads to insertion points,
45 | * and the insertion point has responsibility for performing any data
46 | * encoding that is necessary given the nature and location of the insertion
47 | * point.
48 | *
49 | * @param baseRequestResponse The base HTTP request / response that should
50 | * be actively scanned.
51 | * @param insertionPoint An IScannerInsertionPoint object that
52 | * can be queried to obtain details of the insertion point being tested, and
53 | * can be used to build scan requests for particular payloads.
54 | * @return A list of IScanIssue objects, or null
55 | * if no issues are identified.
56 | */
57 | List doActiveScan(
58 | IHttpRequestResponse baseRequestResponse,
59 | IScannerInsertionPoint insertionPoint);
60 |
61 | /**
62 | * The Scanner invokes this method when the custom Scanner check has
63 | * reported multiple issues for the same URL path. This can arise either
64 | * because there are multiple distinct vulnerabilities, or because the same
65 | * (or a similar) request has been scanned more than once. The custom check
66 | * should determine whether the issues are duplicates. In most cases, where
67 | * a check uses distinct issue names or descriptions for distinct issues,
68 | * the consolidation process will simply be a matter of comparing these
69 | * features for the two issues.
70 | *
71 | * @param existingIssue An issue that was previously reported by this
72 | * Scanner check.
73 | * @param newIssue An issue at the same URL path that has been newly
74 | * reported by this Scanner check.
75 | * @return An indication of which issue(s) should be reported in the main
76 | * Scanner results. The method should return -1 to report the
77 | * existing issue only, 0 to report both issues, and
78 | * 1 to report the new issue only.
79 | */
80 | int consolidateDuplicateIssues(
81 | IScanIssue existingIssue,
82 | IScanIssue newIssue);
83 | }
84 |
--------------------------------------------------------------------------------
/api/burp/IScannerInsertionPoint.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScannerInsertionPoint.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to define an insertion point for use by active Scanner
14 | * checks. Extensions can obtain instances of this interface by registering an
15 | * IScannerCheck, or can create instances for use by Burp's own
16 | * scan checks by registering an
17 | * IScannerInsertionPointProvider.
18 | */
19 | public interface IScannerInsertionPoint
20 | {
21 |
22 | /**
23 | * Used to indicate where the payload is inserted into the value of a URL
24 | * parameter.
25 | */
26 | static final byte INS_PARAM_URL = 0x00;
27 | /**
28 | * Used to indicate where the payload is inserted into the value of a body
29 | * parameter.
30 | */
31 | static final byte INS_PARAM_BODY = 0x01;
32 | /**
33 | * Used to indicate where the payload is inserted into the value of an HTTP
34 | * cookie.
35 | */
36 | static final byte INS_PARAM_COOKIE = 0x02;
37 | /**
38 | * Used to indicate where the payload is inserted into the value of an item
39 | * of data within an XML data structure.
40 | */
41 | static final byte INS_PARAM_XML = 0x03;
42 | /**
43 | * Used to indicate where the payload is inserted into the value of a tag
44 | * attribute within an XML structure.
45 | */
46 | static final byte INS_PARAM_XML_ATTR = 0x04;
47 | /**
48 | * Used to indicate where the payload is inserted into the value of a
49 | * parameter attribute within a multi-part message body (such as the name of
50 | * an uploaded file).
51 | */
52 | static final byte INS_PARAM_MULTIPART_ATTR = 0x05;
53 | /**
54 | * Used to indicate where the payload is inserted into the value of an item
55 | * of data within a JSON structure.
56 | */
57 | static final byte INS_PARAM_JSON = 0x06;
58 | /**
59 | * Used to indicate where the payload is inserted into the value of an AMF
60 | * parameter.
61 | */
62 | static final byte INS_PARAM_AMF = 0x07;
63 | /**
64 | * Used to indicate where the payload is inserted into the value of an HTTP
65 | * request header.
66 | */
67 | static final byte INS_HEADER = 0x20;
68 | /**
69 | * Used to indicate where the payload is inserted into a URL path folder.
70 | */
71 | static final byte INS_URL_PATH_FOLDER = 0x21;
72 | /**
73 | * Used to indicate where the payload is inserted into a URL path folder.
74 | * This is now deprecated; use INS_URL_PATH_FOLDER instead.
75 | */
76 | @Deprecated
77 | static final byte INS_URL_PATH_REST = INS_URL_PATH_FOLDER;
78 | /**
79 | * Used to indicate where the payload is inserted into the name of an added
80 | * URL parameter.
81 | */
82 | static final byte INS_PARAM_NAME_URL = 0x22;
83 | /**
84 | * Used to indicate where the payload is inserted into the name of an added
85 | * body parameter.
86 | */
87 | static final byte INS_PARAM_NAME_BODY = 0x23;
88 | /**
89 | * Used to indicate where the payload is inserted into the body of the HTTP
90 | * request.
91 | */
92 | static final byte INS_ENTIRE_BODY = 0x24;
93 | /**
94 | * Used to indicate where the payload is inserted into the URL path
95 | * filename.
96 | */
97 | static final byte INS_URL_PATH_FILENAME = 0x25;
98 | /**
99 | * Used to indicate where the payload is inserted at a location manually
100 | * configured by the user.
101 | */
102 | static final byte INS_USER_PROVIDED = 0x40;
103 | /**
104 | * Used to indicate where the insertion point is provided by an
105 | * extension-registered
106 | * IScannerInsertionPointProvider.
107 | */
108 | static final byte INS_EXTENSION_PROVIDED = 0x41;
109 | /**
110 | * Used to indicate where the payload is inserted at an unknown location
111 | * within the request.
112 | */
113 | static final byte INS_UNKNOWN = 0x7f;
114 |
115 | /**
116 | * This method returns the name of the insertion point.
117 | *
118 | * @return The name of the insertion point (for example, a description of a
119 | * particular request parameter).
120 | */
121 | String getInsertionPointName();
122 |
123 | /**
124 | * This method returns the base value for this insertion point.
125 | *
126 | * @return the base value that appears in this insertion point in the base
127 | * request being scanned, or null if there is no value in the
128 | * base request that corresponds to this insertion point.
129 | */
130 | String getBaseValue();
131 |
132 | /**
133 | * This method is used to build a request with the specified payload placed
134 | * into the insertion point. There is no requirement for extension-provided
135 | * insertion points to adjust the Content-Length header in requests if the
136 | * body length has changed, although Burp-provided insertion points will
137 | * always do this and will return a request with a valid Content-Length
138 | * header.
139 | * Note:
140 | * Scan checks should submit raw non-encoded payloads to insertion points,
141 | * and the insertion point has responsibility for performing any data
142 | * encoding that is necessary given the nature and location of the insertion
143 | * point.
144 | *
145 | * @param payload The payload that should be placed into the insertion
146 | * point.
147 | * @return The resulting request.
148 | */
149 | byte[] buildRequest(byte[] payload);
150 |
151 | /**
152 | * This method is used to determine the offsets of the payload value within
153 | * the request, when it is placed into the insertion point. Scan checks may
154 | * invoke this method when reporting issues, so as to highlight the relevant
155 | * part of the request within the UI.
156 | *
157 | * @param payload The payload that should be placed into the insertion
158 | * point.
159 | * @return An int[2] array containing the start and end offsets of the
160 | * payload within the request, or null if this is not applicable (for
161 | * example, where the insertion point places a payload into a serialized
162 | * data structure, the raw payload may not literally appear anywhere within
163 | * the resulting request).
164 | */
165 | int[] getPayloadOffsets(byte[] payload);
166 |
167 | /**
168 | * This method returns the type of the insertion point.
169 | *
170 | * @return The type of the insertion point. Available types are defined in
171 | * this interface.
172 | */
173 | byte getInsertionPointType();
174 | }
175 |
--------------------------------------------------------------------------------
/api/burp/IScannerInsertionPointProvider.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScannerInsertionPointProvider.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 |
14 | /**
15 | * Extensions can implement this interface and then call
16 | * IBurpExtenderCallbacks.registerScannerInsertionPointProvider()
17 | * to register a factory for custom Scanner insertion points.
18 | */
19 | public interface IScannerInsertionPointProvider
20 | {
21 | /**
22 | * When a request is actively scanned, the Scanner will invoke this method,
23 | * and the provider should provide a list of custom insertion points that
24 | * will be used in the scan. Note: these insertion points are used in
25 | * addition to those that are derived from Burp Scanner's configuration, and
26 | * those provided by any other Burp extensions.
27 | *
28 | * @param baseRequestResponse The base request that will be actively
29 | * scanned.
30 | * @return A list of
31 | * IScannerInsertionPoint objects that should be used in the
32 | * scanning, or
33 | * null if no custom insertion points are applicable for this
34 | * request.
35 | */
36 | List getInsertionPoints(
37 | IHttpRequestResponse baseRequestResponse);
38 | }
39 |
--------------------------------------------------------------------------------
/api/burp/IScannerListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScannerListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerScannerListener() to register a
15 | * Scanner listener. The listener will be notified of new issues that are
16 | * reported by the Scanner tool. Extensions can perform custom analysis or
17 | * logging of Scanner issues by registering a Scanner listener.
18 | */
19 | public interface IScannerListener
20 | {
21 | /**
22 | * This method is invoked when a new issue is added to Burp Scanner's
23 | * results.
24 | *
25 | * @param issue An
26 | * IScanIssue object that the extension can query to obtain
27 | * details about the new issue.
28 | */
29 | void newScanIssue(IScanIssue issue);
30 | }
31 |
--------------------------------------------------------------------------------
/api/burp/IScopeChangeListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScopeChangeListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerScopeChangeListener() to register
15 | * a scope change listener. The listener will be notified whenever a change
16 | * occurs to Burp's suite-wide target scope.
17 | */
18 | public interface IScopeChangeListener
19 | {
20 | /**
21 | * This method is invoked whenever a change occurs to Burp's suite-wide
22 | * target scope.
23 | */
24 | void scopeChanged();
25 | }
26 |
--------------------------------------------------------------------------------
/api/burp/ISessionHandlingAction.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ISessionHandlingAction.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerSessionHandlingAction() to
15 | * register a custom session handling action. Each registered action will be
16 | * available within the session handling rule UI for the user to select as a
17 | * rule action. Users can choose to invoke an action directly in its own right,
18 | * or following execution of a macro.
19 | */
20 | public interface ISessionHandlingAction
21 | {
22 | /**
23 | * This method is used by Burp to obtain the name of the session handling
24 | * action. This will be displayed as an option within the session handling
25 | * rule editor when the user selects to execute an extension-provided
26 | * action.
27 | *
28 | * @return The name of the action.
29 | */
30 | String getActionName();
31 |
32 | /**
33 | * This method is invoked when the session handling action should be
34 | * executed. This may happen as an action in its own right, or as a
35 | * sub-action following execution of a macro.
36 | *
37 | * @param currentRequest The base request that is currently being processed.
38 | * The action can query this object to obtain details about the base
39 | * request. It can issue additional requests of its own if necessary, and
40 | * can use the setter methods on this object to update the base request.
41 | * @param macroItems If the action is invoked following execution of a
42 | * macro, this parameter contains the result of executing the macro.
43 | * Otherwise, it is
44 | * null. Actions can use the details of the macro items to
45 | * perform custom analysis of the macro to derive values of non-standard
46 | * session handling tokens, etc.
47 | */
48 | void performAction(
49 | IHttpRequestResponse currentRequest,
50 | IHttpRequestResponse[] macroItems);
51 | }
52 |
--------------------------------------------------------------------------------
/api/burp/ITab.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ITab.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.Component;
13 |
14 | /**
15 | * This interface is used to provide Burp with details of a custom tab that will
16 | * be added to Burp's UI, using a method such as
17 | * IBurpExtenderCallbacks.addSuiteTab().
18 | */
19 | public interface ITab
20 | {
21 | /**
22 | * Burp uses this method to obtain the caption that should appear on the
23 | * custom tab when it is displayed.
24 | *
25 | * @return The caption that should appear on the custom tab when it is
26 | * displayed.
27 | */
28 | String getTabCaption();
29 |
30 | /**
31 | * Burp uses this method to obtain the component that should be used as the
32 | * contents of the custom tab when it is displayed.
33 | *
34 | * @return The component that should be used as the contents of the custom
35 | * tab when it is displayed.
36 | */
37 | Component getUiComponent();
38 | }
39 |
--------------------------------------------------------------------------------
/api/burp/ITempFile.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ITempFile.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to hold details of a temporary file that has been
14 | * created via a call to
15 | * IBurpExtenderCallbacks.saveToTempFile().
16 | *
17 | */
18 | public interface ITempFile
19 | {
20 | /**
21 | * This method is used to retrieve the contents of the buffer that was saved
22 | * in the temporary file.
23 | *
24 | * @return The contents of the buffer that was saved in the temporary file.
25 | */
26 | byte[] getBuffer();
27 |
28 | /**
29 | * This method is deprecated and no longer performs any action.
30 | */
31 | @Deprecated
32 | void delete();
33 | }
34 |
--------------------------------------------------------------------------------
/api/burp/ITextEditor.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ITextEditor.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Free Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.Component;
13 |
14 | /**
15 | * This interface is used to provide extensions with an instance of Burp's raw
16 | * text editor, for the extension to use in its own UI. Extensions should call
17 | * IBurpExtenderCallbacks.createTextEditor() to obtain an instance
18 | * of this interface.
19 | */
20 | public interface ITextEditor
21 | {
22 | /**
23 | * This method returns the UI component of the editor, for extensions to add
24 | * to their own UI.
25 | *
26 | * @return The UI component of the editor.
27 | */
28 | Component getComponent();
29 |
30 | /**
31 | * This method is used to control whether the editor is currently editable.
32 | * This status can be toggled on and off as required.
33 | *
34 | * @param editable Indicates whether the editor should be currently
35 | * editable.
36 | */
37 | void setEditable(boolean editable);
38 |
39 | /**
40 | * This method is used to update the currently displayed text in the editor.
41 | *
42 | * @param text The text to be displayed.
43 | */
44 | void setText(byte[] text);
45 |
46 | /**
47 | * This method is used to retrieve the currently displayed text.
48 | *
49 | * @return The currently displayed text.
50 | */
51 | byte[] getText();
52 |
53 | /**
54 | * This method is used to determine whether the user has modified the
55 | * contents of the editor.
56 | *
57 | * @return An indication of whether the user has modified the contents of
58 | * the editor since the last call to
59 | * setText().
60 | */
61 | boolean isTextModified();
62 |
63 | /**
64 | * This method is used to obtain the currently selected text.
65 | *
66 | * @return The currently selected text, or
67 | * null if the user has not made any selection.
68 | */
69 | byte[] getSelectedText();
70 |
71 | /**
72 | * This method can be used to retrieve the bounds of the user's selection
73 | * into the displayed text, if applicable.
74 | *
75 | * @return An int[2] array containing the start and end offsets of the
76 | * user's selection within the displayed text. If the user has not made any
77 | * selection in the current message, both offsets indicate the position of
78 | * the caret within the editor.
79 | */
80 | int[] getSelectionBounds();
81 |
82 | /**
83 | * This method is used to update the search expression that is shown in the
84 | * search bar below the editor. The editor will automatically highlight any
85 | * regions of the displayed text that match the search expression.
86 | *
87 | * @param expression The search expression.
88 | */
89 | void setSearchExpression(String expression);
90 | }
91 |
--------------------------------------------------------------------------------
/build.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
--------------------------------------------------------------------------------
/src/burp/BurpExtender.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | import oauth.signpost.basic.DefaultOAuthConsumer;
4 | import oauth.signpost.http.HttpRequest;
5 | import oauth.signpost.OAuthConsumer;
6 | import oauth.signpost.exception.OAuthException;
7 |
8 | public class BurpExtender implements IBurpExtender, IHttpListener
9 | {
10 | IBurpExtenderCallbacks callbacks;
11 | IExtensionHelpers helpers;
12 |
13 | @Override
14 | public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks)
15 | {
16 | callbacks.setExtensionName("OAuth");
17 | callbacks.registerHttpListener(this);
18 | this.helpers = callbacks.getHelpers();
19 | this.callbacks = callbacks;
20 | }
21 |
22 | @Override
23 | public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo)
24 | {
25 | if (messageIsRequest && shouldSign(messageInfo))
26 | {
27 | HttpRequest req = new BurpHttpRequestWrapper(messageInfo);
28 | OAuthConsumer consumer = new DefaultOAuthConsumer(
29 | OAuthConfig.getConsumerKey(),
30 | OAuthConfig.getConsumerSecret());
31 | consumer.setTokenWithSecret(OAuthConfig.getToken(),
32 | OAuthConfig.getTokenSecret());
33 | try {
34 | consumer.sign(req);
35 | } catch (OAuthException oae) {
36 | oae.printStackTrace();
37 | }
38 | }
39 | }
40 |
41 | private boolean shouldSign(final IHttpRequestResponse messageInfo) {
42 | final IRequestInfo ri = helpers.analyzeRequest(messageInfo.getHttpService(), messageInfo.getRequest());
43 | return !OAuthConfig.scopeOnly || callbacks.isInScope(ri.getUrl());
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/src/burp/BurpHttpRequestWrapper.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | import oauth.signpost.http.HttpRequest;
4 | import java.nio.charset.Charset;
5 | import java.util.*;
6 | import java.io.*;
7 |
8 | public class BurpHttpRequestWrapper implements HttpRequest {
9 |
10 | private IHttpRequestResponse request;
11 | private static final Charset UTF_8 = Charset.forName("UTF-8");
12 |
13 | public BurpHttpRequestWrapper(IHttpRequestResponse request) {
14 | this.request = request;
15 | }
16 |
17 | public String getMethod() {
18 | StringBuilder method = new StringBuilder();
19 | for (byte b : request.getRequest()) {
20 | if (b == ' ') {
21 | break;
22 | } else {
23 | method.append((char)b);
24 | }
25 | }
26 | return method.toString();
27 | }
28 |
29 | public String getRequestUrl() {
30 | IHttpService hs = request.getHttpService();
31 | StringBuilder url = new StringBuilder();
32 | url.append(hs.getProtocol());
33 | url.append("://");
34 | url.append(hs.getHost());
35 | url.append(":");
36 | url.append(hs.getPort());
37 | boolean capture = false;
38 | for (byte b : request.getRequest()) {
39 | if (b == ' ') {
40 | if (capture) {
41 | break;
42 | } else {
43 | capture = true;
44 | }
45 | } else if (capture) {
46 | url.append((char)b);
47 | }
48 | }
49 | return url.toString();
50 | }
51 |
52 | public String getContentType() {
53 | return getHeader("Content-Type");
54 | }
55 |
56 | public String getHeader(String name) {
57 | return getAllHeaders().get(name);
58 | }
59 |
60 | public Map getAllHeaders() {
61 | Map retval = new HashMap();
62 | byte state = 0; // 0 - first line, 1 - wait for \n, 2 - key, 3 - value
63 | StringBuilder key = null, value = null;
64 | byteloop:
65 | for (byte b : request.getRequest()) {
66 | switch (state) {
67 | case 0:
68 | if (b == '\r') state = 1;
69 | break;
70 | case 1:
71 | if (b == '\n') {
72 | state = 2;
73 | key = new StringBuilder();
74 | }
75 | break;
76 | case 2:
77 | if (b == ':') {
78 | state = 3;
79 | value = new StringBuilder();
80 | } else if (b == '\r' || b == '\n') {
81 | break byteloop;
82 | } else {
83 | key.append((char)b);
84 | }
85 | break;
86 | case 3:
87 | if (b == '\r') {
88 | state = 1;
89 | retval.put(key.toString(), value.substring(1)); // starts with a space
90 | } else {
91 | value.append((char)b);
92 | }
93 | break;
94 | }
95 | }
96 | return retval;
97 | }
98 |
99 | public void setHeader(String name, String value) {
100 | byte state = 0; // 0 - first/wrong line, 1 - wait for \n, 2 - key, 3 - value, 4 - append, 5 - overwrite
101 | int namePos = 0, valueStart = 0, valueEnd = 0; // start - ':', end - '\r'
102 | final byte[] req = request.getRequest();
103 | for (int pos = 0; pos < req.length; pos++) {
104 | char b = (char)req[pos];
105 | switch (state) {
106 | case 0:
107 | if (b == '\r') state = 1;
108 | break;
109 | case 1:
110 | if (b == '\n') {
111 | state = 2;
112 | namePos = 0;
113 | }
114 | break;
115 | case 2:
116 | if (b == ':') {
117 | state = 3;
118 | valueStart = pos;
119 | } else if (b == '\r' || b == '\n') {
120 | state = 4;
121 | valueStart = pos;
122 | } else if (name.charAt(namePos) != b) {
123 | state = 0;
124 | } else {
125 | namePos++;
126 | }
127 | break;
128 | case 3:
129 | if (b == '\r') {
130 | state = 5;
131 | valueEnd = pos;
132 | }
133 | break;
134 | }
135 | if (state > 3) break;
136 | }
137 | byte[] updated;
138 | if (state == 5) {
139 | byte[] toInsert = value.getBytes(UTF_8);
140 | updated = new byte[req.length - (valueEnd - valueStart - 2) + toInsert.length];
141 | System.arraycopy(req, 0, updated, 0, valueStart + 2);
142 | System.arraycopy(toInsert, 0, updated, valueStart + 2, toInsert.length);
143 | System.arraycopy(req, valueEnd, updated, valueStart + 2 + toInsert.length,
144 | req.length - valueEnd);
145 | } else {
146 | byte[] toInsert = String.format("%s: %s\r\n", name, value).getBytes(UTF_8);
147 | updated = new byte[req.length + toInsert.length];
148 | System.arraycopy(req, 0, updated, 0, valueStart);
149 | System.arraycopy(toInsert, 0, updated, valueStart, toInsert.length);
150 | System.arraycopy(req, valueStart, updated, valueStart + toInsert.length,
151 | req.length - valueStart);
152 | }
153 | request.setRequest(updated);
154 | }
155 |
156 | public InputStream getMessagePayload() throws IOException {
157 | final byte[] buf = request.getRequest();
158 | int newlines = 0;
159 | for (int offset = 0; offset < buf.length; offset++) {
160 | switch (newlines) {
161 | case 0:
162 | case 2:
163 | newlines = (buf[offset] == (byte)0x0d) ? newlines + 1 : 0;
164 | break;
165 | case 3:
166 | if (buf[offset] == (byte)0x0a) {
167 | offset++;
168 | return new ByteArrayInputStream(buf, offset, buf.length - offset);
169 | }
170 | case 1:
171 | newlines = (buf[offset] == (byte)0x0a) ? newlines + 1 : 0;
172 | break;
173 | }
174 | }
175 | return null;
176 | }
177 |
178 | public IHttpRequestResponse unwrap() {
179 | return request;
180 | }
181 |
182 | public void setRequestUrl(String url) {
183 | throw new RuntimeException("BurpHttpRequestWrapper.setRequestUrl is not implemented");
184 | }
185 | }
186 |
--------------------------------------------------------------------------------
/src/burp/OAuthTest.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | import java.io.*;
4 |
5 | import static org.junit.Assert.assertEquals;
6 |
7 | import org.junit.Test;
8 | import org.junit.Ignore;
9 | import org.junit.runner.RunWith;
10 | import org.junit.runners.JUnit4;
11 |
12 | import oauth.signpost.basic.DefaultOAuthConsumer;
13 | import oauth.signpost.http.HttpRequest;
14 | import oauth.signpost.OAuthConsumer;
15 |
16 | @RunWith(JUnit4.class)
17 | public class OAuthTest {
18 | @Test
19 | public void testGetMethod() throws IOException {
20 | HttpRequest hr;
21 | hr = reqWrapForTestInput(1);
22 | assertEquals(hr.getMethod(), "GET");
23 | hr = reqWrapForTestInput(2);
24 | assertEquals(hr.getMethod(), "POST");
25 | }
26 |
27 | @Test
28 | public void testGetContentType() throws IOException {
29 | HttpRequest hr;
30 | hr = reqWrapForTestInput(1);
31 | assertEquals(hr.getContentType(), null);
32 | hr = reqWrapForTestInput(2);
33 | assertEquals(hr.getContentType(), "text/xml; charset=utf-8");
34 | }
35 |
36 | @Test
37 | public void testGetHeader() throws IOException {
38 | HttpRequest hr;
39 | hr = reqWrapForTestInput(1);
40 | assertEquals(hr.getHeader("Accept"), "application/json");
41 | assertEquals(hr.getHeader("Host"), "silentsignal.hu");
42 | assertEquals(hr.getHeader("Connection"), "Keep-Alive");
43 | assertEquals(hr.getHeader("User-Agent"), "Silent Signal");
44 | assertEquals(hr.getHeader("Non-Existent"), null);
45 | hr = reqWrapForTestInput(2);
46 | assertEquals(hr.getHeader("Host"), "weirdport.foo.bar:8081");
47 | }
48 |
49 | private final static String INSERT_HEADER_NAME = "Inserted";
50 | private final static String INSERT_HEADER_VALUE = "foo bar";
51 |
52 | @Test
53 | public void testInsertHeader() throws IOException {
54 | HttpRequest hr = reqWrapForTestInput(1);
55 | assertEquals(hr.getHeader(INSERT_HEADER_NAME), null);
56 | hr.setHeader(INSERT_HEADER_NAME, INSERT_HEADER_VALUE);
57 | assertEquals(hr.getHeader(INSERT_HEADER_NAME), INSERT_HEADER_VALUE);
58 | }
59 |
60 | private final static String UPDATE_HEADER_NAME = "Host";
61 | private final static String UPDATE_HEADER_OLD = "silentsignal.hu";
62 | private final static String UPDATE_HEADER_VALUE = "silentsignal.eu";
63 |
64 | @Test
65 | public void testUpdateHeader() throws IOException {
66 | HttpRequest hr = reqWrapForTestInput(1);
67 | assertEquals(hr.getHeader(UPDATE_HEADER_NAME), UPDATE_HEADER_OLD);
68 | hr.setHeader(UPDATE_HEADER_NAME, UPDATE_HEADER_VALUE);
69 | assertEquals(hr.getHeader(UPDATE_HEADER_NAME), UPDATE_HEADER_VALUE);
70 | assertEquals(hr.getHeader("Connection"), "Keep-Alive"); // next one
71 | }
72 |
73 | @Test
74 | public void testGetRequestUrl() throws IOException {
75 | HttpRequest hr = reqWrapForTestInput(1);
76 | assertEquals(hr.getRequestUrl(), "http://silentsignal.hu:1337/foo/bar");
77 | }
78 |
79 | @Test
80 | public void testSignature() throws Exception {
81 | HttpRequest hr = reqWrapForTestInput(1);
82 | OAuthConsumer consumer = new DefaultOAuthConsumer("1234", "5678");
83 | consumer.setTokenWithSecret("9ABC", "DEF0");
84 | consumer.sign(hr);
85 | }
86 |
87 | private final static String SOAP_BODY = "\r\n";
88 |
89 | @Test
90 | public void testGetMessagePayload() throws IOException {
91 | HttpRequest hr;
92 | hr = reqWrapForTestInput(1);
93 | assertEquals(0, hr.getMessagePayload().available());
94 | hr = reqWrapForTestInput(2);
95 | final InputStream is = hr.getMessagePayload();
96 | final byte[] buf = new byte[is.available()];
97 | assertEquals(buf.length, is.read(buf));
98 | assertEquals(SOAP_BODY, new String(buf));
99 | }
100 |
101 | @Ignore
102 | public static HttpRequest reqWrapForTestInput(int num) throws IOException {
103 | RandomAccessFile f = new RandomAccessFile(String.format("test-inputs/%d.txt", num), "r");
104 | final byte[] req = new byte[(int)f.length()];
105 | f.read(req);
106 | IHttpRequestResponse request = new MockRequest(req);
107 | HttpRequest reqWrap = new BurpHttpRequestWrapper(request);
108 | request.setHttpService(new MockService(reqWrap.getHeader("Host")));
109 | return reqWrap;
110 | }
111 |
112 | private static class MockRequest implements IHttpRequestResponse {
113 | private byte[] request;
114 | private IHttpService httpService = null;
115 |
116 | public MockRequest(byte[] request) {
117 | this.request = request;
118 | }
119 |
120 | public String getComment() { return null; }
121 | public String getHighlight() { return null; }
122 | public IHttpService getHttpService() { return httpService; }
123 | public byte[] getRequest() { return request; }
124 | public byte[] getResponse() { return null; }
125 | public void setComment(String comment) {}
126 | public void setHighlight(String color) {}
127 | public void setHttpService(IHttpService httpService) { this.httpService = httpService; }
128 | public void setRequest(byte[] message) { this.request = message; }
129 | public void setResponse(byte[] message) {}
130 | }
131 |
132 | private static class MockService implements IHttpService {
133 | private final String host;
134 |
135 | public MockService(String host) {
136 | this.host = host;
137 | }
138 |
139 | public String getHost() { return host; }
140 | public int getPort() { return 1337; }
141 | public String getProtocol() { return "http"; }
142 | }
143 | }
144 |
--------------------------------------------------------------------------------
/test-inputs/1.txt:
--------------------------------------------------------------------------------
1 | GET /foo/bar HTTP/1.1
2 | Accept: application/json
3 | Host: silentsignal.hu
4 | Connection: Keep-Alive
5 | User-Agent: Silent Signal
6 |
7 |
--------------------------------------------------------------------------------
/test-inputs/2.txt:
--------------------------------------------------------------------------------
1 | POST /bar/qux HTTP/1.1
2 | Content-Length: 369
3 | Host: weirdport.foo.bar:8081
4 | Content-Type: text/xml; charset=utf-8
5 |
6 |
7 |
--------------------------------------------------------------------------------