Skip to content

Commit

Permalink
burp的 history 添加一些过滤条件控制
Browse files Browse the repository at this point in the history
  • Loading branch information
@yhy0
yhy0 committed May 23, 2023
1 parent 407cc05 commit 1ed3091
Show file tree
Hide file tree
Showing 7 changed files with 251 additions and 46 deletions.
2 changes: 1 addition & 1 deletion conf/conf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ var Proxy string
var Description = fmt.Sprintf("将旦昧爽之交,日夕昏明之际,\n北面而察之,淡淡焉若有物存,莫识其状。\n其所触也,窃窃然有声,经物而物不疾也。\n\n© %d https://github.com/yhy0", time.Now().Year())

const (
Version = "v0.8.0"
Version = "v0.9.5"
Title = "承影 " + Version
VersionNewMsg = "当前已经是最新版本!"
VersionOldMsg = "最新版本: %s, 是否立即更新?"
Expand Down
14 changes: 7 additions & 7 deletions frontend/src/components/Home.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,12 @@ const activeTabs = ref(['Fuzz', 'Swagger', 'TWJ', 'Decoder', 'BurpSuite', 'About
<template>
<n-card>
<n-tabs type="line" animated v-model="activeTabs">
<n-tab-pane name="BurpSuite" display-directive="show:lazy" tab="BurpSuite">
<n-message-provider>
<BurpSuite/>
</n-message-provider>
</n-tab-pane>

<!-- display-directive="show:lazy" ,切换不会情况数据,并且切换时懒加载 -->
<n-tab-pane name="Fuzz" display-directive="show:lazy" tab="Fuzz">
<n-message-provider>
Expand All @@ -29,14 +35,8 @@ const activeTabs = ref(['Fuzz', 'Swagger', 'TWJ', 'Decoder', 'BurpSuite', 'About
</n-tab-pane>

<n-tab-pane name="TWJ" display-directive="show:lazy" tab="TWJ">
<n-message-provider>
<Twj/>
</n-message-provider>
</n-tab-pane>

<n-tab-pane name="BurpSuite" display-directive="show:lazy" tab="BurpSuite">
<n-message-provider>
<BurpSuite/>
<Twj/>
</n-message-provider>
</n-tab-pane>

Expand Down
214 changes: 191 additions & 23 deletions frontend/src/components/burpsuite/proxy/httpHisroty/HTTPHistory.vue
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,49 @@
<template>
<n-card >
<n-collapse>
<n-collapse-item title="Filter">
<n-grid x-gap="12" :cols="2">
<n-gi>
<n-card title="Filter by MIME type">
<n-checkbox-group v-model:value="filter.mime" @update:value="handleCheckedMime">
<n-space >
<n-checkbox value="HTML">HTML</n-checkbox>
<n-checkbox value="Script">Script</n-checkbox>
<n-checkbox value="XML">XML</n-checkbox>
<n-checkbox value="CSS">CSS</n-checkbox>
<n-checkbox value="Other text">Other text</n-checkbox>
<n-checkbox value="Images">Images</n-checkbox>
<n-checkbox value="Flash">Flash</n-checkbox>
<n-checkbox value="Other binary">Other binary</n-checkbox>
</n-space>
</n-checkbox-group>
</n-card>
</n-gi>
<n-gi>
<n-card title="Filter by status type">
<n-checkbox-group v-model:value="filter.status" @update:value="handleCheckedStatus">
<n-space>
<n-checkbox value="2xx">2xx</n-checkbox>
<n-checkbox value="3xx">3xx</n-checkbox>
<n-checkbox value="4xx">4xx</n-checkbox>
<n-checkbox value="5xx">5xx</n-checkbox>
</n-space>
</n-checkbox-group>
</n-card>
</n-gi>
</n-grid>

<n-space align="center" style="margin-top: 10px">
<n-input v-model:value="filter.ext" placeholder="Filter by file extension" @input="filterExt" />
<n-input v-model:value="filter.term" placeholder="Filter by search term" @input="filterTerm" />
<n-tag type="success" size="small">
多个过滤条件以空格分开
</n-tag>
</n-space>

</n-collapse-item>
</n-collapse>

<n-data-table
size="small"
:columns="columns"
Expand All @@ -8,7 +52,9 @@
:max-height="300"
:scroll-x="1800"
:rowClassName="rowClassName"
@update:filters="handleUpdateFilter"
striped
style="margin-bottom: 16px; margin-top: 10px"
>
</n-data-table>

Expand Down Expand Up @@ -48,7 +94,7 @@

<script setup>
import {NCard, NDataTable, useMessage} from "naive-ui";
import {ref, h, nextTick } from "vue";
import {ref, h, nextTick, reactive} from "vue";
import {EventsOn} from "../../../../../wailsjs/runtime/runtime.js";
import {GetHistoryDump, SendToRepeater, SendToIntruder} from "../../../../../wailsjs/go/main/App.js";
Expand Down Expand Up @@ -123,6 +169,145 @@ const rowProps = (row) => {
};
};
const StatusColumn = reactive({
title: "Status",
key: "Status",
filterMultiple: true,
filterOptionValue: null,
resizable: true,
sorter: "default",
filter(value, row) {
const status = parseInt(row.Status)
if(filter.value.status.includes('2xx')) {
if(status >= 200 && status < 300) {
return true;
}
} else if(filter.value.status.includes('3xx')) {
if(status >= 300 && status < 400) {
return true;
}
} else if(filter.value.status.includes('4xx')) {
if(status >= 400 && status < 500) {
return true;
}
} else if(filter.value.status.includes('5xx')) {
if(status >= 500) {
return true;
}
}
return false;
}
});
const MIMEColumn = reactive({
title: "MIMEType",
key: "MIMEType",
filterMultiple: true,
filterOptionValue: null,
resizable: true,
ellipsis: {
tooltip: true
},
sorter: "default",
filter(value, row) {
const mime = parseInt(row.MIMEType)
if(filter.value.mime.includes('HTML')) {
if(mime === "html") {
return true;
}
} else if(filter.value.mime.includes('Script')) {
if(mime === "script" || mime === "json") {
return true;
}
} else if(filter.value.mime.includes('XML')) {
if(mime === "xml") {
return true;
}
} else if(filter.value.mime.includes('css')) {
if(mime === "CSS") {
return true;
}
} else if(filter.value.mime.includes('Other text')) {
if(mime === "text" || mime === "") {
return true;
}
} else if(filter.value.mime.includes('Images')) {
if(mime === "image") {
return true;
}
} else if(filter.value.mime.includes('Flash')) {
if(mime === "Flash") {
return true;
}
} else if(filter.value.mime.includes('Other binary')) {
if(mime === "Other binary") {
return true;
}
}
return false;
}
});
const ExtColumn = reactive({
title: "Extension",
key: "Extension",
filterMultiple: true,
filterOptionValue: null,
resizable: true,
ellipsis: {
tooltip: true
},
sorter: "default",
filter(value, row) {
const exts = filter.value.ext.split(' ');
for (const ext of exts) {
if (row.Extension === ext) {
return true;
}
}
return false;
}
});
// filter
const filter = ref({
status: ["3xx", "4xx", "5xx", "2xx"],
mime: ["HTML", "Script", "XML", "Other text"],
ext: null,
term: null,
});
function handleCheckedStatus(checked) {
filter.value.status = checked;
StatusColumn.filterOptionValue = checked;
}
function handleCheckedMime(checked) {
filter.value.mime = checked;
MIMEColumn.filterOptionValue = checked;
}
const filterExt = () => {
ExtColumn.filterOptionValue = filter.value.ext;
};
const filterTerm = () => {
ExtColumn.filterOptionValue = filter.value.term;
};
const handleUpdateFilter = (filters, sourceColumn) => {
StatusColumn.filterOptionValue = filters[sourceColumn.key];
filter.value.status = filters[sourceColumn.key];
MIMEColumn.filterOptionValue = filters[sourceColumn.key];
filter.value.mime = filters[sourceColumn.key];
ExtColumn.filterOptionValue = filters[sourceColumn.key];
filter.value.ext = filters[sourceColumn.key];
};
const columns = [
{
title: "Id",
Expand Down Expand Up @@ -167,32 +352,14 @@ const columns = [
key: "Edited",
resizable: true
},
{
title: "Status",
key: "Status",
resizable: true
},
StatusColumn,
{
title: "Length",
key: "Length",
resizable: true
},
{
title: "MIMEType",
key: "MIMEType",
resizable: true,
ellipsis: {
tooltip: true
}
},
{
title: "Extension",
key: "Extension",
resizable: true,
ellipsis: {
tooltip: true
}
},
MIMEColumn,
ExtColumn,
{
title: "Title",
key: "Title",
Expand Down Expand Up @@ -243,6 +410,7 @@ const columns = [
},
];
EventsOn("HttpHistory", HttpHistory => {
data.value.push({
Id: HttpHistory["id"],
Expand Down Expand Up @@ -274,6 +442,6 @@ const rowClassName = (row) => {

<style scoped>
:deep(.table-tr-row-id) td {
background-color: #fffa65;
background-color: rgba(255, 165, 101, 0.98);
}
</style>
18 changes: 18 additions & 0 deletions pkg/httpx/title.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
package httpx

import "regexp"

/**
@author: yhy
@since: 2023/5/24
@desc: //TODO
**/

func GetTitle(body string) string {
titleReg := regexp.MustCompile(`<title>([\s\S]{1,200})</title>`)
title := titleReg.FindStringSubmatch(body)
if len(title) > 1 {
return title[1]
}
return ""
}
34 changes: 31 additions & 3 deletions tools/burpSuite/burpAddon.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,14 @@ import (
"context"
"fmt"
urlutil "github.com/projectdiscovery/utils/url"
"github.com/thoas/go-funk"
"github.com/wailsapp/wails/v2/pkg/runtime"
"github.com/yhy0/ChYing/pkg/httpx"
"github.com/yhy0/ChYing/tools/burpSuite/mitmproxy/proxy"
"github.com/yhy0/logging"
"io/ioutil"
"net/http"
"path/filepath"
"strconv"
"strings"
"time"
Expand Down Expand Up @@ -73,6 +75,32 @@ func (b *Burp) Requestheaders(f *proxy.Flow) {
remoteAddr = ""
}

ct := f.Response.Header.Get("Content-Type")
var MIMEType string

if funk.Contains(ct, "json") {
MIMEType = "json"
} else if funk.Contains(ct, "javascript") {
MIMEType = "script"
} else if funk.Contains(ct, "html") {
MIMEType = "html"
} else if funk.Contains(ct, "css") {
MIMEType = "css"
} else if funk.Contains(ct, "text/plain") {
MIMEType = "text"
} else if funk.Contains(ct, "image") {
MIMEType = "image"
} else if ct == "" {
MIMEType = ""
}

ext := ""

uri := strings.Split(f.Request.URL.RequestURI(), "?")
if len(uri) > 0 {
ext = filepath.Ext(uri[0])
}

HttpHistory <- HTTPHistory{
Id: f.Id,
Host: f.Request.URL.Host,
Expand All @@ -82,9 +110,9 @@ func (b *Burp) Requestheaders(f *proxy.Flow) {
Edited: "",
Status: strconv.Itoa(statusCode),
Length: strconv.Itoa(contentLen),
MIMEType: "",
Extension: "",
Title: "",
MIMEType: MIMEType,
Extension: ext,
Title: httpx.GetTitle(string(f.Response.Body)),
Comment: "",
TLS: "√",
IP: remoteAddr,
Expand Down

0 comments on commit 1ed3091

Please sign in to comment.