Add option to black hole public collaborator server for safety

build.gradle

@@ -2,7 +2,6 @@ group 'nccgroup'
 version '0.1-Beta'
 
 apply plugin: 'java'
-apply plugin: 'maven'
 apply plugin: 'application'
 
 sourceCompatibility = 1.8
@@ -22,13 +21,13 @@ repositories {
 }
 
 dependencies {
-    compile 'com.github.CoreyD97:BurpExtenderUtilities:a21b23481f'
+    compile 'com.github.CoreyD97:BurpExtenderUtilities:5e7d059bb5'
     compile 'net.portswigger.burp.extender:burp-extender-api:1.7.22'
     compile 'com.google.code.gson:gson:+'
     compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.6'
     compile group: 'commons-io', name: 'commons-io', version: '2.4'
     compile group: 'nu.studer', name: 'java-ordered-properties', version: '1.0.1'
-    testCompile files('/opt/BurpSuitePro/burpsuite_pro_v2.0.14beta.jar')
+    testCompile files('/opt/BurpSuitePro/burpsuite_pro.jar')
 }
 
 tasks.withType(Jar) {

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,6 @@
+#Mon Feb 18 12:31:08 GMT 2019
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-all.zip

gradlew.bat

@@ -1,84 +1,84 @@
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem  Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m"
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto init
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto init
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:init
+@rem Get command-line arguments, handling Windows variants
+
+if not "%OS%" == "Windows_NT" goto win9xME_args
+
+:win9xME_args
+@rem Slurp the command line arguments.
+set CMD_LINE_ARGS=
+set _SKIP=2
+
+:win9xME_args_slurp
+if "x%~1" == "x" goto execute
+
+set CMD_LINE_ARGS=%*
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega

src/main/java/com/nccgroup/collaboratorauth/extension/CollaboratorAuthenticator.java

@@ -6,7 +6,9 @@
 import burp.IExtensionStateListener;
 import com.coreyd97.BurpExtenderUtilities.DefaultGsonProvider;
 import com.coreyd97.BurpExtenderUtilities.Preferences;
+import com.google.gson.*;
 import com.nccgroup.collaboratorauth.extension.ui.ConfigUI;
+import static com.nccgroup.collaboratorauth.extension.Globals.*;
 
 import javax.swing.*;
 import java.io.IOException;
@@ -16,19 +18,9 @@
 
 public class CollaboratorAuthenticator implements IBurpExtender, IExtensionStateListener {
 
-    public static final String EXTENSION_NAME = "CollaboratorAuth";
-    public static final String PREF_COLLABORATOR_ADDRESS = "collaboratorAddress";
-    public static final String PREF_POLLING_ADDRESS = "pollingAddress";
-    public static final String PREF_POLLING_PORT = "remotePort";
-    public static final String PREF_REMOTE_SSL_ENABLED = "remoteSSLEnabled";
-    public static final String PREF_LOCAL_PORT = "localPort";
-    public static final String PREF_SECRET = "sharedSecret";
-    public static final String PREF_ORIGINAL_COLLABORATOR_SETTINGS = "origPollSettings";
-    public static final String COLLABORATOR_SERVER_CONFIG_PATH = "project_options.misc.collaborator_server";
-
     //Vars
     public static IBurpExtenderCallbacks callbacks;
-    private IExtensionHelpers helpers;
+    public static LogController logController;
     private ProxyService proxyService;
     private Preferences preferences;
 
@@ -38,33 +30,36 @@ public class CollaboratorAuthenticator implements IBurpExtender, IExtensionState
     @Override
     public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
         CollaboratorAuthenticator.callbacks = callbacks;
-        this.helpers = callbacks.getHelpers();
+        CollaboratorAuthenticator.logController = new LogController();
 
         //Setup preferences
         this.preferences = new Preferences(new DefaultGsonProvider(), callbacks);
         this.preferences.addSetting(PREF_COLLABORATOR_ADDRESS, String.class, "your.private.collaborator.instance");
         this.preferences.addSetting(PREF_POLLING_ADDRESS, String.class, "your.collaborator.authenticator.server");
         this.preferences.addSetting(PREF_POLLING_PORT, Integer.class, 5050);
         this.preferences.addSetting(PREF_REMOTE_SSL_ENABLED, Boolean.class, true);
-
         this.preferences.addSetting(PREF_LOCAL_PORT, Integer.class, 32541);
         this.preferences.addSetting(PREF_SECRET, String.class, "Your Secret String");
-
         this.preferences.addSetting(PREF_ORIGINAL_COLLABORATOR_SETTINGS, String.class, "");
+        this.preferences.addSetting(PREF_BLOCK_PUBLIC_COLLABORATOR, Boolean.class, true);
 
         SwingUtilities.invokeLater(() -> {
             CollaboratorAuthenticator.callbacks.addSuiteTab(new ConfigUI(this));
             CollaboratorAuthenticator.callbacks.registerExtensionStateListener(this);
         });
+
+        if((boolean) this.preferences.getSetting(PREF_BLOCK_PUBLIC_COLLABORATOR)){
+            Utilities.blockPublicCollaborator();
+        }
     }
 
     public void startCollaboratorProxy() throws IOException, URISyntaxException {
         boolean ssl = (boolean) this.preferences.getSetting(PREF_REMOTE_SSL_ENABLED);
 
 
         URI destination = new URI(ssl ? "https" : "http", null,
-                (String) this.preferences.getSetting(PREF_POLLING_ADDRESS), (Integer) this.preferences.getSetting(PREF_POLLING_PORT),
-                null, null, null);
+                (String) this.preferences.getSetting(PREF_POLLING_ADDRESS),
+                (Integer) this.preferences.getSetting(PREF_POLLING_PORT), null, null, null);
 
         startCollaboratorProxy((Integer) this.preferences.getSetting(PREF_LOCAL_PORT), destination,
                 (String) this.preferences.getSetting(PREF_SECRET));
@@ -75,22 +70,8 @@ public void startCollaboratorProxy(Integer listenPort, URI destinationURI, Strin
         if(proxyService != null) proxyService.stop();
 
         proxyService = new ProxyService(this, listenPort, true, true, destinationURI, secret);
-        proxyService.addProxyServiceListener(new ProxyServiceListener() {
-            @Override
-            public void onFail(String message) {
-                callbacks.printError(message);
-            }
-
-            @Override
-            public void onSuccess(String message) {
-                callbacks.printOutput(message);
-            }
-        });
-
         proxyService.start();
 
-//        System.out.println("Polling Listener Started on Port: " + listenPort);
-        callbacks.printOutput("Polling Listener Started on Port: " + listenPort);
         saveCollaboratorConfig();
         callbacks.loadConfigFromJson(buildConfig(listenPort));
     }
@@ -100,7 +81,7 @@ public void stopCollaboratorProxy(){
             proxyService.stop();
             proxyService = null;
             //System.out.println("Polling Listener Stopped...");
-            callbacks.printOutput("Polling Listener Stopped...");
+            logController.logInfo("Polling Listener Stopped...");
         }
         restoreCollaboratorConfig();
     }
@@ -136,4 +117,8 @@ public void extensionUnloaded() {
     public Preferences getPreferences() {
         return this.preferences;
     }
+
+    public LogController getLogController() {
+        return logController;
+    }
 }

src/main/java/com/nccgroup/collaboratorauth/extension/Globals.java

@@ -0,0 +1,18 @@
+package com.nccgroup.collaboratorauth.extension;
+
+public class Globals {
+
+    public static final String EXTENSION_NAME = "Collaborator Auth";
+    public static final String PREF_COLLABORATOR_ADDRESS = "collaboratorAddress";
+    public static final String PREF_POLLING_ADDRESS = "pollingAddress";
+    public static final String PREF_POLLING_PORT = "remotePort";
+    public static final String PREF_REMOTE_SSL_ENABLED = "remoteSSLEnabled";
+    public static final String PREF_LOCAL_PORT = "localPort";
+    public static final String PREF_SECRET = "sharedSecret";
+    public static final String PREF_ORIGINAL_COLLABORATOR_SETTINGS = "origPollSettings";
+    public static final String PREF_BLOCK_PUBLIC_COLLABORATOR = "blockPublicCollaborator";
+    public static final String COLLABORATOR_SERVER_CONFIG_PATH = "project_options.misc.collaborator_server";
+    public static final String HOSTNAME_RESOLUTION_CONFIG_PATH = "project_options.connections.hostname_resolution";
+    public static final String PUBLIC_COLLABORATOR_HOSTNAME = "burpcollaborator.net";
+
+}

src/main/java/com/nccgroup/collaboratorauth/extension/LogController.java

@@ -0,0 +1,42 @@
+package com.nccgroup.collaboratorauth.extension;
+
+import com.nccgroup.collaboratorauth.extension.ui.ConfigUI;
+
+import java.util.ArrayList;
+
+public class LogController {
+
+    private final ArrayList<LogListener> logListeners;
+
+    enum LogLevel {INFO, ERROR, DEBUG}
+
+    public LogController(){
+        this.logListeners = new ArrayList();
+    }
+
+    public void addLogListener(LogListener logListener) {
+        this.logListeners.add(logListener);
+    }
+
+    public void removeLogListener(LogListener logListener){
+        this.logListeners.remove(logListener);
+    }
+
+    public void logError(String message){
+        for (LogListener logListener : this.logListeners) {
+            logListener.onError(message);
+        }
+    }
+
+    public void logInfo(String message){
+        for (LogListener logListener : this.logListeners) {
+            logListener.onInfo(message);
+        }
+    }
+
+    public void logDebug(String message){
+        for (LogListener logListener : this.logListeners) {
+            logListener.onDebug(message);
+        }
+    }
+}

src/main/java/com/nccgroup/collaboratorauth/extension/LogListener.java

@@ -0,0 +1,7 @@
+package com.nccgroup.collaboratorauth.extension;
+
+public interface LogListener {
+    void onInfo(String message);
+    void onError(String message);
+    void onDebug(String message);
+}