burp 的后缀过滤可以通过后缀控制(这个过滤是指，前端界面不会再显示该后缀的所有流量)

yhy0 · May 24, 2023 · 431d5ed · 431d5ed
1 parent edd919b
commit 431d5ed
Show file tree

Hide file tree

Showing 8 changed files with 70 additions and 51 deletions.
diff --git a/app.go b/app.go
@@ -148,6 +148,7 @@ func (a *App) startup(ctx context.Context) {
 	runtime.EventsEmit(ctx, "ProxyPort", burpSuite.Settings.ProxyPort)
 	runtime.EventsEmit(ctx, "Exclude", burpSuite.Settings.Exclude)
 	runtime.EventsEmit(ctx, "Include", burpSuite.Settings.Include)
+	runtime.EventsEmit(ctx, "FilterSuffix", burpSuite.Settings.FilterSuffix)
 	// 通知前端各种数据更改
 	go func() {
 		for {
@@ -289,10 +290,12 @@ func (a *App) Settings(setting burpSuite.SettingUI) string {
 		burpSuite.Settings.ProxyPort = setting.ProxyPort
 		burpSuite.Settings.Exclude = utils.SplitStringByLines(setting.Exclude)
 		burpSuite.Settings.Include = utils.SplitStringByLines(setting.Include)
+		burpSuite.Settings.FilterSuffix = strings.Split(setting.FilterSuffix, ",")
 
 		runtime.EventsEmit(a.ctx, "ProxyPort", burpSuite.Settings.ProxyPort)
 		runtime.EventsEmit(a.ctx, "Exclude", strings.Join(burpSuite.Settings.Exclude, "\r\n"))
 		runtime.EventsEmit(a.ctx, "Include", strings.Join(burpSuite.Settings.Include, "\r\n"))
+		runtime.EventsEmit(a.ctx, "FilterSuffix", strings.Join(burpSuite.Settings.FilterSuffix, ","))
 
 		// 更改配置文件
 		exclude := ""
@@ -312,9 +315,22 @@ func (a *App) Settings(setting burpSuite.SettingUI) string {
 				include += fmt.Sprintf("  - %s\r\n", i)
 			}
 		}
-		var defaultYamlByte = []byte(fmt.Sprintf("port: %d\r\nexclude:\r\n%sinclude:\r\n%s", burpSuite.Settings.ProxyPort, exclude, include))
+		filterSuffix := ""
+		if len(burpSuite.Settings.FilterSuffix) == 0 {
+			filterSuffix = "  - \r\n"
+		} else {
+			for _, i := range burpSuite.Settings.FilterSuffix {
+				filterSuffix += fmt.Sprintf("  - %s\r\n", i)
+			}
+		}
+
+		var defaultYamlByte = []byte(fmt.Sprintf("port: %d\r\nexclude:\r\n%sinclude:\r\n%s\r\nfilterSuffix:\r\n%s", burpSuite.Settings.ProxyPort, exclude, include, filterSuffix))
 
-		burpSuite.WriteYamlConfig(defaultYamlByte)
+		err := burpSuite.WriteYamlConfig(defaultYamlByte)
+		if err != nil {
+			a.diag(err.Error(), true)
+			return err.Error()
+		}
 
 		return ""
 	}

diff --git a/frontend/src/components/burpsuite/Settings.vue b/frontend/src/components/burpsuite/Settings.vue
@@ -9,10 +9,18 @@
                 <n-button type="primary">
                     Port
                 </n-button>
-                <n-input-number v-model:value="formValue.port">
+                <n-input-number v-model:value="formValue.port" style="width: 110px">
                 </n-input-number>
             </n-input-group>
         </n-form-item>
+
+        <n-form-item label="过滤后缀" >
+            <n-button type="error">
+                FilterSuffix
+            </n-button>
+            <n-input v-model:value="formValue.filterSuffix" status="error" autosize style="min-width: 50%" />
+        </n-form-item>
+
         <n-form-item style="display: flex;">
             <n-card title="Exclude" :bordered="false">
                 <n-input v-model:value="formValue.exclude" type="textarea" status="error" placeholder="可以清除" round clearable style="width: 200px; height: 200px;"/>
@@ -43,16 +51,19 @@ const formValue = ref({
     port: 9080,
     exclude: '',
     include: '',
+    filterSuffix: '',
 });
 
 EventsOn("ProxyPort", result => {
     formValue.value.port = result
 });
-
 EventsOn("Exclude", result => {
     formValue.value.exclude = result
-    console.log(formValue.value.exclude)
 });
+EventsOn("FilterSuffix", result => {
+    formValue.value.filterSuffix = result
+});
+
 EventsOn("Include", result => {
     formValue.value.include = result
 });
@@ -67,6 +78,9 @@ GetBurpSettings().then((res)=> {
         formValue.value.include += res.include[i] + "\r\n"
     }
 
+    for (let i = 0; i < res.filterSuffix.length; i++) {
+        formValue.value.filterSuffix += res.filterSuffix[i] + ","
+    }
 })
 
 const rules = {
@@ -93,7 +107,6 @@ const submitForm = () => {
     formRef.value?.validate((valid) => {
         if (!valid) {
             // 表单验证通过
-            console.log(formValue.value)
             Settings(formValue.value).then((result) => {
                 if(result === "") {
                     message.success('设置成功');

diff --git a/frontend/wailsjs/go/models.ts b/frontend/wailsjs/go/models.ts
@@ -22,6 +22,7 @@ export namespace burpSuite {
 	    port: number;
 	    exclude: string[];
 	    include: string[];
+	    filterSuffix: string[];
 
 	    static createFrom(source: any = {}) {
 	        return new Setting(source);
@@ -32,12 +33,14 @@ export namespace burpSuite {
 	        this.port = source["port"];
 	        this.exclude = source["exclude"];
 	        this.include = source["include"];
+	        this.filterSuffix = source["filterSuffix"];
 	    }
 	}
 	export class SettingUI {
 	    port: number;
 	    exclude: string;
 	    include: string;
+	    filterSuffix: string;
 
 	    static createFrom(source: any = {}) {
 	        return new SettingUI(source);
@@ -48,6 +51,7 @@ export namespace burpSuite {
 	        this.port = source["port"];
 	        this.exclude = source["exclude"];
 	        this.include = source["include"];
+	        this.filterSuffix = source["filterSuffix"];
 	    }
 	}
 

diff --git a/test/test_test.go b/test/test_test.go
@@ -13,15 +13,12 @@ import (
 	"time"
 )
 
-/*
-*
-
+/**
 	@author: yhy
 	@since: 2023/5/7
 	@desc: //TODO
+**/
 
-*
-*/
 func Test(t *testing.T) {
 	pattern := `www.google.com`
 
@@ -40,7 +37,7 @@ func Test(t *testing.T) {
 	fmt.Println(match3)
 	fmt.Println(match4)
 
-	logging.New(true, "test")
+	logging.New(true, "", "test")
 	burpSuite.Init()
 	fmt.Println(burpSuite.Settings)
 	burpSuite.HotConf()

diff --git a/tools/burpSuite/BurpSuite.go b/tools/burpSuite/BurpSuite.go
@@ -78,7 +78,7 @@ func Run(port int) {
 
 	// 这种不错，通过添加插件的形式，这样只要实现了接口,p.AddAddon(xxxx), 然后就会自动执行相应的操作
 	// 添加一个日志记录插件
-	Proxy.AddAddon(&proxy.LogAddon{})
+	//Proxy.AddAddon(&proxy.LogAddon{})
 
 	Proxy.AddAddon(&Burp{})
 

diff --git a/tools/burpSuite/burpAddon.go b/tools/burpSuite/burpAddon.go
@@ -104,7 +104,10 @@ func (b *Burp) Requestheaders(f *proxy.Flow) {
 			ext = filepath.Ext(uri[0])
 		}
 		// 过滤一些后缀，不显示
-		var flag = funk.Contains(FilterSuffix, ext)
+		var flag = false
+		if ext != "" {
+			flag = funk.Contains(Settings.FilterSuffix, ext)
+		}
 		if !flag {
 			HttpHistory <- HTTPHistory{
 				Id:        f.Id,

diff --git a/tools/burpSuite/data.go b/tools/burpSuite/data.go
@@ -40,14 +40,16 @@ type IntruderRes struct {
 }
 
 type Setting struct {
-	ProxyPort int      `mapstructure:"port" json:"port"`
-	Exclude   []string `mapstructure:"exclude" json:"exclude"` // Exclude 排除显示的域名
-	Include   []string `mapstructure:"include" json:"include"`
+	ProxyPort    int      `mapstructure:"port" json:"port"`
+	Exclude      []string `mapstructure:"exclude" json:"exclude"` // Exclude 排除显示的域名
+	Include      []string `mapstructure:"include" json:"include"`
+	FilterSuffix []string `mapstructure:"filterSuffix" json:"filterSuffix"`
 }
 
 // SettingUI 前端映射使用
 type SettingUI struct {
-	ProxyPort int    `json:"port"`
-	Exclude   string `json:"exclude"` // Exclude 排除显示的域名
-	Include   string `json:"include"`
+	ProxyPort    int    `json:"port"`
+	Exclude      string `json:"exclude"` // Exclude 排除显示的域名
+	Include      string `json:"include"`
+	FilterSuffix string `json:"filterSuffix"`
 }
diff --git a/tools/burpSuite/setting.go b/tools/burpSuite/setting.go
@@ -17,8 +17,6 @@ import (
   @desc: //TODO
 **/
 
-var FilterSuffix = []string{".woff2", ".woff", ".ttf", ".mkv", ".mov", ".mp3", ".mp4", ".m4a", ".m4v"}
-
 var Settings *Setting
 
 var defaultYamlByte = []byte(`
@@ -30,6 +28,16 @@ exclude:
   - ^.*\.mozilla.*$
 include:
   - 
+filterSuffix: 
+  - .woff2
+  - .woff
+  - .ttf
+  - .mkv
+  - .mov
+  - .mp3
+  - .mp4
+  - .m4a
+  - .m4v
 `)
 
 var configFileName = "burpsuite.yaml"
@@ -86,7 +94,7 @@ func ReadYamlConfig() {
 	}
 }
 
-func WriteYamlConfig(str []byte) {
+func WriteYamlConfig(str []byte) error {
 	if str == nil {
 		str = defaultYamlByte
 	}
@@ -95,38 +103,14 @@ func WriteYamlConfig(str []byte) {
 	viper.SetConfigType("yaml")
 	err := viper.ReadConfig(bytes.NewBuffer(str))
 	if err != nil {
-		logging.Logger.Fatalf("setting.Setup, fail to read default config bytes: %v", err)
+		logging.Logger.Errorln("setting.Setup, fail to read default config bytes: %v", err)
+		return err
 	}
 	// 写文件
 	err = viper.WriteConfigAs(configFile)
 	if err != nil {
 		logging.Logger.Fatalf("setting.Setup, fail to write 'config.yaml': %v", err)
+		return err
 	}
+	return nil
 }
-
-//func (s *Setting) SetPort(value int) {
-//	s.ProxyPort = value
-//	updateConfigFile(s)
-//}
-//
-//func (s *Setting) SetExclude(value []string) {
-//	s.Exclude = value
-//	updateConfigFile(s)
-//}
-//
-//func (s *Setting) SetInclude(value []string) {
-//	s.Include = value
-//	updateConfigFile(s)
-//}
-//
-//func updateConfigFile(s *Setting) {
-//	// 将结构体 写入配置文件
-//	viper.Set("port", s.ProxyPort)
-//	viper.Set("exclude", s.Exclude)
-//	viper.Set("include", s.Include)
-//	err := viper.WriteConfig()
-//	if err != nil {
-//		logging.Logger.Errorln(err)
-//		return
-//	}
-//}