diff --git a/pom.xml b/pom.xml
index f3bf2ac..06bb015 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
burp-vulners-scanner
burp-vulners-scanner
- 1.2
+ 1.3
UTF-8
@@ -37,12 +37,13 @@
org.jtwig
jtwig-core
- 5.85.3.RELEASE
+ 5.87.0.RELEASE
+
org.json
json
- 20160810
+ 20231013
diff --git a/src/main/java/burp/HttpClient.java b/src/main/java/burp/HttpClient.java
index 509fd51..1cdfdb8 100644
--- a/src/main/java/burp/HttpClient.java
+++ b/src/main/java/burp/HttpClient.java
@@ -8,8 +8,8 @@
public class HttpClient {
- private static String VULNERS_API_HOST = "vulners.com";
- private static String VULNERS_API_PATH = "/api/v3/burp/";
+ private static final String VULNERS_API_HOST = "vulners.com";
+ private static final String VULNERS_API_PATH = "/api/v3/burp/";
private final IBurpExtenderCallbacks callbacks;
private final IExtensionHelpers helpers;
@@ -21,21 +21,31 @@ public class HttpClient {
this.helpers = helpers;
}
+ public JSONObject post(String action, Map params) {
+ return request("POST", action, params);
+ }
+
public JSONObject get(String action, Map params) {
+ return request("GET", action, params);
+ }
+
+ public JSONObject request(String method, String action, Map params) {
List headers = new ArrayList<>();
- headers.add("POST " + VULNERS_API_PATH + action + "/ HTTP/1.1");
+ headers.add( method + " " + VULNERS_API_PATH + action + "/ HTTP/1.1");
headers.add("Host: " + VULNERS_API_HOST);
- headers.add("User-Agent: vulners-burpscanner-v-1.2");
+ headers.add("User-Agent: vulners-burpscanner-v-1.3");
headers.add("Content-type: application/json");
JSONObject jsonBody = new JSONObject();
- if (burpExtender.getApiKey() != null) {
- jsonBody = jsonBody.put("apiKey", burpExtender.getApiKey());
- }
+ if (!method.equals("GET")) {
+ if (burpExtender.getApiKey() != null) {
+ jsonBody = jsonBody.put("apiKey", burpExtender.getApiKey());
+ }
- for (Map.Entry p: params.entrySet()) {
- jsonBody = jsonBody.put(p.getKey(), p.getValue());
+ for (Map.Entry p: params.entrySet()) {
+ jsonBody = jsonBody.put(p.getKey(), p.getValue());
+ }
}
byte[] request = helpers.buildHttpMessage(headers, helpers.stringToBytes(jsonBody.toString()));
diff --git a/src/main/java/burp/gui/TabComponent.java b/src/main/java/burp/gui/TabComponent.java
index 8414832..a44dc37 100644
--- a/src/main/java/burp/gui/TabComponent.java
+++ b/src/main/java/burp/gui/TabComponent.java
@@ -7,23 +7,18 @@
import burp.gui.rules.RulesTableListener;
import burp.gui.software.SoftwareTable;
import burp.models.Domain;
-import burp.models.Software;
-import burp.models.Vulnerability;
import com.intellij.uiDesigner.core.GridConstraints;
import com.intellij.uiDesigner.core.GridLayoutManager;
import com.intellij.uiDesigner.core.Spacer;
import javax.swing.*;
import java.awt.*;
-import java.awt.event.ActionEvent;
-import java.awt.event.ActionListener;
import java.awt.event.MouseAdapter;
import java.awt.event.MouseEvent;
import java.io.IOException;
import java.net.URI;
import java.util.HashMap;
import java.util.Map;
-import java.util.Set;
public class TabComponent {
private JPanel rootPanel;
@@ -148,6 +143,7 @@ public RulesTable getRulesTable() {
}
public void setAPIKey(String apiKey) {
+ System.out.println("Setting API key: " + apiKey);
if (apiKey != null) {
txtApi.setText(apiKey);
}
diff --git a/src/main/java/burp/gui/path/PathsTable.java b/src/main/java/burp/gui/path/PathsTable.java
index 7598af3..2c4d407 100644
--- a/src/main/java/burp/gui/path/PathsTable.java
+++ b/src/main/java/burp/gui/path/PathsTable.java
@@ -15,7 +15,7 @@ public boolean isCellEditable(int row, int column) {
}
};
model.addColumn("Domain");
- model.addColumn("path");
+ model.addColumn("Path");
model.addColumn("CVSS Score");
model.addColumn("Vulnerabilities");
diff --git a/src/main/java/burp/tasks/PathScanTask.java b/src/main/java/burp/tasks/PathScanTask.java
index f727194..a7312ae 100644
--- a/src/main/java/burp/tasks/PathScanTask.java
+++ b/src/main/java/burp/tasks/PathScanTask.java
@@ -25,7 +25,7 @@ public PathScanTask(VulnersRequest vulnersRequest, HttpClient httpClient, Consum
@Override
public void run() {
- JSONObject data = httpClient.get("path", new HashMap() {{
+ JSONObject data = httpClient.post("path", new HashMap() {{
put("path", vulnersRequest.getPath());
}});
diff --git a/src/main/java/burp/tasks/SoftwareScanTask.java b/src/main/java/burp/tasks/SoftwareScanTask.java
index e3e8b6b..55ec797 100644
--- a/src/main/java/burp/tasks/SoftwareScanTask.java
+++ b/src/main/java/burp/tasks/SoftwareScanTask.java
@@ -28,7 +28,7 @@ public void run() {
Software software = vulnersRequest.getSoftware();
- JSONObject data = httpClient.get("software", new HashMap(){{
+ JSONObject data = httpClient.post("software", new HashMap() {{
put("software", software.getAlias());
put("version", software.getVersion());
put("type", software.getMatchType());