Initial commit, setting up repository.

README.md

@@ -1,4 +1,69 @@
-BurpNotesExtension
-==================
+Burp Notes Extension
+January 2013
+Austin Lane<alane@trustwave.com>
+http://www.trustwave.com
 
-Burp Notes Extension
+INTRODUCTION
+============
+
+Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The 
+tool aims to better organize external files that are created during 
+penetration testing.
+
+Features:
+o Create text documents and spreadsheets directly within the Burp interface
+o Send HTTP requests and responses directly to new or existing files
+
+REQUIREMENTS
+============
+
+Burp Suite Pro 1.5.0.1+
+OpenCSV (if building from source) - http://opencsv.sourceforge.net
+
+BUILDING FROM SOURCE
+====================
+
+1. Drop Burp Suite Pro and the latest OpenCSV JARs in ./lib
+2. ant clean; ant compile; ant jar;
+
+USAGE
+=====
+
+In Burp Suite navigate to the Extender tab. 
+Select "Add".
+Leave Extension Type as "Java" and choose "Select file…".
+Navigate to the included "BurpNotesExtension.jar" file or your JAR compiled 
+from source, then click "Open".
+Click "Next" to load the plugin. 
+
+Within the Notes tab, there are four options:
+o Save Notes: Save any currently open documents to a file.
+o Load Notes: Load a previously saved set of notes from a file.
+o Add Text: Add a tab with a new text document.
+o Add Spreadsheet: Add a tab with a new spreadsheet.
+
+From other tabs in Burp, right clicking in areas where a user can normally 
+interact with HTTP Responses and Requests, such as the Proxy History or 
+Site Map Table, will present options to send those items directly to the 
+Notes Tab, either in a new document or appended to an existing one.
+
+COPYRIGHT
+=========
+
+Burp Notes Extension - A plugin for Burp Suite that adds text documents and 
+spreadsheets.
+Austin Lane
+Copyright (C) 2013 Trustwave
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>

build.xml

@@ -0,0 +1,21 @@
+<project>
+    <path id="classpath">
+        <fileset dir="lib" includes="*.jar"/>
+    </path>
+    <target name="clean">
+        <delete dir="build"/>
+    </target>
+    <target name="compile">
+        <mkdir dir="build/classes"/>
+        <javac srcdir="src" destdir="build/classes" classpathref="classpath" />
+    </target>
+    <target name="jar">
+        <mkdir dir="build/jar"/>
+        <jar destfile="build/jar/BurpNotesExtension.jar" basedir="build/classes">
+            <zipfileset includes="**/*.class" src="lib/opencsv-2.3.jar"/>
+            <manifest>
+                <attribute name="Main-Class" value="burp.BurpExtender"/>
+            </manifest>
+        </jar>
+    </target>
+</project>

src/burp/BurpExtender.java

@@ -0,0 +1,138 @@
+/*
+ *	Burp Notes Extension - A plugin for Burp Suite that adds text documents and spreadsheets.
+ *	Austin Lane<alane@trustwave.com>
+ *	Copyright (C) 2013 Trustwave Holdings, Inc.
+ *	
+ *	This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+ *	
+ *	This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package burp;
+
+import java.awt.Component;
+import java.awt.GridLayout;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
+import java.io.PrintWriter;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.swing.JButton;
+import javax.swing.JMenuItem;
+import javax.swing.JOptionPane;
+import javax.swing.JPanel;
+import javax.swing.JTabbedPane;
+import javax.swing.SwingUtilities;
+
+import com.trustwave.burp.NotesExtensionOperations;
+
+import burp.IBurpExtender;
+import burp.IBurpExtenderCallbacks;
+import burp.IContextMenuFactory;
+import burp.IContextMenuInvocation;
+import burp.IExtensionStateListener;
+import burp.ITab;
+
+public class BurpExtender implements IBurpExtender, ITab, ActionListener, IExtensionStateListener, IContextMenuFactory
+{
+	private NotesExtensionOperations ops;
+    private JButton btnAddText, btnAddSpreadsheet, btnLoadNotes, btnSaveNotes;
+
+    public final String TAB_NAME = "Notes";
+
+    @Override
+    public void registerExtenderCallbacks(final IBurpExtenderCallbacks Callbacks)
+    {
+    	//Set up our extension operations
+    	this.ops = new NotesExtensionOperations(Callbacks);
+
+        //name our extension
+        ops.callbacks.setExtensionName("Burp Notes Extension");
+
+        //Our main and error output
+        ops.stdout = new PrintWriter(ops.callbacks.getStdout(), true);
+        ops.errout = new PrintWriter(ops.callbacks.getStderr(), true);
+
+        // register ourselves as an extension state listener
+        ops.callbacks.registerExtensionStateListener(this);
+
+        //register to produce options for the context menu
+        ops.callbacks.registerContextMenuFactory(this);
+
+        //Keep track of our documents and types
+        ops.tabTypes = new HashMap<String, String>();
+
+        SwingUtilities.invokeLater(new Runnable(){
+        	@Override
+        	public void run(){
+        		//Create our initial UI components
+        		ops.tabbedPane = new JTabbedPane();
+        		JPanel panel = new JPanel();
+        		//Add the save,load, and document buttons
+                btnAddText = new JButton("Add Text");
+                btnAddText.setActionCommand(NotesExtensionOperations.COMMAND_ADD_TEXT);
+                btnAddText.addActionListener(BurpExtender.this);
+                btnAddSpreadsheet = new JButton("Add Spreadsheet");
+                btnAddSpreadsheet.setActionCommand(NotesExtensionOperations.COMMAND_ADD_SPREADSHEET);
+                btnAddSpreadsheet.addActionListener(BurpExtender.this);
+                btnSaveNotes = new JButton("Save Notes");
+                btnSaveNotes.setActionCommand(NotesExtensionOperations.COMMAND_SAVE_NOTES);
+                btnSaveNotes.addActionListener(BurpExtender.this);
+                btnLoadNotes = new JButton("Load Notes");
+                btnLoadNotes.setActionCommand(NotesExtensionOperations.COMMAND_LOAD_NOTES);
+                btnLoadNotes.addActionListener(BurpExtender.this);
+
+                //Make our panel with a grid layout for arranging the buttons
+                panel.setLayout(new GridLayout(3, 3));
+                panel.add(btnSaveNotes);
+                panel.add(btnLoadNotes);
+                panel.add(btnAddText);
+                panel.add(btnAddSpreadsheet);
+        		ops.tabbedPane.addTab("Main", panel);
+        		ops.callbacks.customizeUiComponent(ops.tabbedPane);
+
+                //Add our tab to the suite
+                ops.callbacks.addSuiteTab(BurpExtender.this);
+        	}
+        });
+    }
+
+	@Override
+	public String getTabCaption() {
+		return TAB_NAME;
+	}
+
+	@Override
+	public Component getUiComponent() {
+		return ops.tabbedPane;
+	}
+
+	@Override
+	public void actionPerformed(ActionEvent e) {
+		String cmd = e.getActionCommand();
+		ops.ParseAction(cmd);
+
+	}
+
+	@Override
+	public void extensionUnloaded() {
+		//Unloading extension, prompt user to save data if they have any tabs
+		if(ops.tabbedPane.getTabCount() > 1){
+			Object[] options = {"Yes", "No"};
+			int n = JOptionPane.showOptionDialog(getUiComponent(), "Would you like to save your notes?", "Notes Tab", JOptionPane.YES_NO_OPTION, JOptionPane.QUESTION_MESSAGE, null, options, options[0]);
+			if(n == JOptionPane.YES_OPTION){
+				ops.SaveNotes();
+			}
+		}
+        ops.stdout.println("Extension was unloaded");
+	}
+
+	@Override
+	public List<JMenuItem> createMenuItems(IContextMenuInvocation invocation) {
+		return ops.CreateMenuItems(invocation, this);
+	}
+}
+

src/com/trustwave/burp/ButtonTabComponent.java

@@ -0,0 +1,157 @@
+/*
+ * Copyright (c) 1995, 2008, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *   - Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *
+ *   - Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in the
+ *     documentation and/or other materials provided with the distribution.
+ *
+ *   - Neither the name of Oracle or the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.trustwave.burp;
+
+import javax.swing.AbstractButton;
+import javax.swing.BorderFactory;
+import javax.swing.JButton;
+import javax.swing.JLabel;
+import javax.swing.JOptionPane;
+import javax.swing.JPanel;
+import javax.swing.JTabbedPane;
+import javax.swing.plaf.basic.BasicButtonUI;
+import java.awt.*;
+import java.awt.event.*;
+
+/**
+ * Component to be used as tabComponent;
+ * Contains a JLabel to show the text and 
+ * a JButton to close the tab it belongs to 
+ */
+@SuppressWarnings("serial")
+public class ButtonTabComponent extends JPanel {
+    private final JTabbedPane pane;
+
+    public ButtonTabComponent(final JTabbedPane pane) {
+        //unset default FlowLayout' gaps
+        super(new FlowLayout(FlowLayout.LEFT, 0, 0));
+        if (pane == null) {
+            throw new NullPointerException("TabbedPane is null");
+        }
+        this.pane = pane;
+        setOpaque(false);
+
+        //make JLabel read titles from JTabbedPane
+        JLabel label = new JLabel() {
+            public String getText() {
+                int i = pane.indexOfTabComponent(ButtonTabComponent.this);
+                if (i != -1) {
+                    return pane.getTitleAt(i);
+                }
+                return null;
+            }
+        };
+
+        add(label);
+        //add more space between the label and the button
+        label.setBorder(BorderFactory.createEmptyBorder(0, 0, 0, 5));
+        //tab button
+        JButton button = new TabButton();
+        add(button);
+        //add more space to the top of the component
+        setBorder(BorderFactory.createEmptyBorder(2, 0, 0, 0));
+    }
+
+    private class TabButton extends JButton implements ActionListener {
+        public TabButton() {
+            int size = 17;
+            setPreferredSize(new Dimension(size, size));
+            setToolTipText("close this tab");
+            //Make the button looks the same for all Laf's
+            setUI(new BasicButtonUI());
+            //Make it transparent
+            setContentAreaFilled(false);
+            //No need to be focusable
+            setFocusable(false);
+            setBorder(BorderFactory.createEtchedBorder());
+            setBorderPainted(false);
+            //Making nice rollover effect
+            //we use the same listener for all buttons
+            addMouseListener(buttonMouseListener);
+            setRolloverEnabled(true);
+            //Close the proper tab by clicking the button
+            addActionListener(this);
+        }
+
+        public void actionPerformed(ActionEvent e) {
+            int i = pane.indexOfTabComponent(ButtonTabComponent.this);
+            if (i != -1) {
+            	Object[] options = {"OK", "Cancel"};
+    			int n = JOptionPane.showOptionDialog(pane, "If you close this tab you will lose any unsaved data.", "Notes Tab", JOptionPane.OK_CANCEL_OPTION, JOptionPane.WARNING_MESSAGE, null, options, options[0]);
+    			if(n == JOptionPane.OK_OPTION){
+                    pane.remove(i);
+    			}
+            }
+        }
+
+        //we don't want to update UI for this button
+        public void updateUI() {
+        }
+
+        //paint the cross
+        protected void paintComponent(Graphics g) {
+            super.paintComponent(g);
+            Graphics2D g2 = (Graphics2D) g.create();
+            //shift the image for pressed buttons
+            if (getModel().isPressed()) {
+                g2.translate(1, 1);
+            }
+            g2.setStroke(new BasicStroke(2));
+            g2.setColor(Color.BLACK);
+            if (getModel().isRollover()) {
+                g2.setColor(Color.MAGENTA);
+            }
+            int delta = 6;
+            g2.drawLine(delta, delta, getWidth() - delta - 1, getHeight() - delta - 1);
+            g2.drawLine(getWidth() - delta - 1, delta, delta, getHeight() - delta - 1);
+            g2.dispose();
+        }
+    }
+
+    private final static MouseListener buttonMouseListener = new MouseAdapter() {
+        public void mouseEntered(MouseEvent e) {
+            Component component = e.getComponent();
+            if (component instanceof AbstractButton) {
+                AbstractButton button = (AbstractButton) component;
+                button.setBorderPainted(true);
+            }
+        }
+
+        public void mouseExited(MouseEvent e) {
+            Component component = e.getComponent();
+            if (component instanceof AbstractButton) {
+                AbstractButton button = (AbstractButton) component;
+                button.setBorderPainted(false);
+            }
+        }
+    };
+}