zaproxy · thc202 · Jun 3, 2022 · May 31, 2022
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Changed
 - standalone/enableDebugLogging.js > Updated for more recent logging funtionality.
+- Update JS scripts to use passed singleton variables (control, model, view) if available (>= ZAP 2.12.0).
 
 ## [14] - 2021-11-01
 ### Added

diff --git a/extender/Simple Reverse Proxy.js b/extender/Simple Reverse Proxy.js
@@ -1,6 +1,10 @@
 // An extender script that adds a simple reverse proxy.
 // Requires a ZAP version greater than 2.7.0.
 
+var control, model
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 // To where the requests are sent.
 var remoteAddress = "example.com"
 var remotePort = 80
@@ -10,12 +14,11 @@ var proxyAddress = "127.0.0.1"
 var proxyPort = 8081
 
 var ProxyServer = Java.type("org.parosproxy.paros.core.proxy.ProxyServer")
-var Model = Java.type("org.parosproxy.paros.model.Model")
 var ProxyListener = Java.type("org.parosproxy.paros.core.proxy.ProxyListener")
 var ZapXmlConfiguration = Java.type("org.zaproxy.zap.utils.ZapXmlConfiguration")
 var URI = Java.type("org.apache.commons.httpclient.URI")
 
-var extLoader = Java.type("org.parosproxy.paros.control.Control").getSingleton().getExtensionLoader()
+var extLoader = control.getExtensionLoader()
 var proxy
 
 function install(helper) {
@@ -26,7 +29,7 @@ function install(helper) {
     proxyParam.setBehindNat(false);
     proxyParam.setRemoveUnsupportedEncodings(true);
 
-    proxy.setConnectionParam(Model.getSingleton().getOptionsParam().getConnectionParam());
+    proxy.setConnectionParam(model.getOptionsParam().getConnectionParam());
     proxy.setEnableApi(false);
 
     extLoader.addProxyServer(proxy)

diff --git a/httpfuzzerprocessor/add_msgs_sites_tree.js b/httpfuzzerprocessor/add_msgs_sites_tree.js
@@ -2,7 +2,10 @@
 // with messages sent by the fuzzer (by default the fuzz result/messages
 // are not shown in the Fuzzer tab).
 
-var session = org.parosproxy.paros.model.Model.getSingleton().getSession();
+var model;
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton();
+
+var session = model.getSession();
 
 function processMessage(utils, message) {}
 

diff --git a/httpsender/Alert on HTTP Response Code Errors.js b/httpsender/Alert on HTTP Response Code Errors.js
@@ -2,8 +2,11 @@
 // By default it will raise 'Info' level alerts for Client Errors (4xx) (apart from 404s) and 'Low' Level alerts for Server Errors (5xx)
 // But it can be easily changed.
 
+var control, model
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 var Pattern = Java.type("java.util.regex.Pattern")
-var model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
 pluginid = 100000	// https://github.com/zaproxy/zaproxy/blob/main/docs/scanners.md
 
 function sendingRequest(msg, initiator, helper) {
@@ -15,7 +18,7 @@ function responseReceived(msg, initiator, helper) {
 		// Not of interest.
 		return
 	}
-	var extensionAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(
+	var extensionAlert = control.getExtensionLoader().getExtension(
 		org.zaproxy.zap.extension.alert.ExtensionAlert.NAME)
 	if (extensionAlert != null) {
 		var code = msg.getResponseHeader().getStatusCode()
@@ -69,8 +72,7 @@ function responseReceived(msg, initiator, helper) {
 						type = 15 // User - fallback
 						break
 				}
-				ref = new org.parosproxy.paros.model.HistoryReference(
-					org.parosproxy.paros.model.Model.getSingleton().getSession(), type, msg)
+				ref = new org.parosproxy.paros.model.HistoryReference(model.getSession(), type, msg)
 			}
 			alert.setMessage(msg)
 			alert.setUri(msg.getRequestHeader().getURI().toString())

diff --git a/httpsender/Alert on Unexpected Content Types.js b/httpsender/Alert on Unexpected Content Types.js
@@ -2,12 +2,15 @@
 // By default it will raise 'Low' level alerts for content types that are not expected to be returned by APIs.
 // But it can be easily changed.
 
+var control, model
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 var Pattern = Java.type("java.util.regex.Pattern")
-var model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
 
 var pluginid = 100001	// https://github.com/zaproxy/zaproxy/blob/main/docs/scanners.md
 
-var extensionAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(
+var extensionAlert = control.getExtensionLoader().getExtension(
 		org.zaproxy.zap.extension.alert.ExtensionAlert.NAME)
 
 var expectedTypes = [
@@ -85,8 +88,7 @@ function responseReceived(msg, initiator, helper) {
 							type = 15 // User - fallback
 							break
 					}
-					ref = new org.parosproxy.paros.model.HistoryReference(
-						org.parosproxy.paros.model.Model.getSingleton().getSession(), type, msg)
+					ref = new org.parosproxy.paros.model.HistoryReference(model.getSession(), type, msg)
 				}
 				alert.setMessage(msg)
 				alert.setUri(msg.getRequestHeader().getURI().toString())

diff --git a/standalone/Active scan rule list.js b/standalone/Active scan rule list.js
@@ -1,8 +1,10 @@
 // This script gives details about all of the active scan rules installed
 
-extAscan = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
-        org.zaproxy.zap.extension.ascan.ExtensionActiveScan.NAME);
+var control;
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton();
+
+extAscan = control.getExtensionLoader().getExtension(
+    org.zaproxy.zap.extension.ascan.ExtensionActiveScan.NAME);
 
 plugins = extAscan.getPolicyManager().getDefaultScanPolicy().getPluginFactory().getAllPlugin().toArray();
 

diff --git a/standalone/Juice shop authentication by form.js b/standalone/Juice shop authentication by form.js
@@ -4,15 +4,17 @@
 // a user with a name of test@test.com and a password of test123
 // You can change any of the variables to match your environment if needed.
 
+var control;
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton();
+
 var By = Java.type('org.openqa.selenium.By');
 var Thread = Java.type('java.lang.Thread');
 var juiceshop = 'http://localhost:3000/';
 var username = 'test@test.com';
 var password = 'test123';
 
-var extSel = org.parosproxy.paros.control.Control.getSingleton().
-				getExtensionLoader().getExtension(
-					org.zaproxy.zap.extension.selenium.ExtensionSelenium.class) 
+var extSel = control.getExtensionLoader().getExtension(
+				org.zaproxy.zap.extension.selenium.ExtensionSelenium.class) 
 
 var wd = extSel.getWebDriverProxyingViaZAP(1, "firefox");
 wd.get(juiceshop);

diff --git a/standalone/Juice shop authentication by google.js b/standalone/Juice shop authentication by google.js
@@ -3,15 +3,17 @@
 // Juice Shop will need to be accessible via http://localhost:3000/ and you will need to change the 
 // username and password to match a valid Google account.
 
+var control
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+
 var By = Java.type('org.openqa.selenium.By');
 var Thread = Java.type('java.lang.Thread');
 var juiceshop = 'http://localhost:3000/';
 var username = 'zap.addo.sb@gmail.com'; // Change this to an account you own
 var password = 'nottherealpassword';	// Change this to the right password for your account
 
-var extSel = org.parosproxy.paros.control.Control.getSingleton().
-				getExtensionLoader().getExtension(
-					org.zaproxy.zap.extension.selenium.ExtensionSelenium.class) 
+var extSel = control.getExtensionLoader().getExtension(
+				org.zaproxy.zap.extension.selenium.ExtensionSelenium.class) 
 
 var wd = extSel.getWebDriverProxyingViaZAP(1, "firefox");
 wd.get(juiceshop);

diff --git a/standalone/Loop through alerts.js b/standalone/Loop through alerts.js
@@ -2,8 +2,10 @@
 //
 // This is a standalone script which you can run from the Script Console
 
-extAlert = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
+var control
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+
+extAlert = control.getExtensionLoader().getExtension(
         org.zaproxy.zap.extension.alert.ExtensionAlert.NAME) 
 if (extAlert != null) {
 	var Alert = org.parosproxy.paros.core.scanner.Alert

diff --git a/standalone/Loop through history table.js b/standalone/Loop through history table.js
@@ -3,9 +3,11 @@
 // Standalone scripts have no template.
 // They are only evaluated when you run them. 
 
-extHist = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
-        org.parosproxy.paros.extension.history.ExtensionHistory.NAME) 
+var control
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+
+extHist = control.getExtensionLoader().getExtension(
+    org.parosproxy.paros.extension.history.ExtensionHistory.NAME) 
 if (extHist != null) {
     i=1
     lastRef=extHist.getLastHistoryId();// Get current max history reference 

diff --git a/standalone/Run report.js b/standalone/Run report.js
@@ -1,7 +1,9 @@
 // Script for generating a ZAP report in xml of html format
 
 // set up some useful vars
-model = org.parosproxy.paros.model.Model.getSingleton();
+
+var model
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
 rls = new org.parosproxy.paros.extension.report.ReportLastScan();
 
 // code for generating an xml report and storing it in a var

diff --git a/standalone/SecurityCrawlMazeScore.js b/standalone/SecurityCrawlMazeScore.js
@@ -2,6 +2,9 @@
 //
 // You will need to have run one or both of the ZAP spiders against https://security-crawl-maze.app/
 
+var model
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 // Expected results sourced from:
 // https://raw.githubusercontent.com/google/security-crawl-maze/master/blueprints/utils/resources/expected-results.json
 
@@ -106,7 +109,7 @@ var foundAjax = 0;
 var total = expectedResults.length;
 
 var target = 'security-crawl-maze.app';
-var siteTree = org.parosproxy.paros.model.Model.getSingleton().getSession().getSiteTree();
+var siteTree = model.getSession().getSiteTree();
 
 print('Security crawl Maze Results\t\t\tScheme\tStandard\tAjax');
 print('----\t\t\t\t---\t---');

diff --git a/standalone/Traverse sites tree.js b/standalone/Traverse sites tree.js
@@ -3,6 +3,9 @@
 // Standalone scripts have no template.
 // They are only evaluated when you run them. 
 
+var model
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 function listChildren(node, level) {
     var j;
     for (j=0;j<node.getChildCount();j++) {
@@ -11,8 +14,7 @@ function listChildren(node, level) {
     }
 }
 
-root = org.parosproxy.paros.model.Model.getSingleton().
-        getSession().getSiteTree().getRoot();
+root = model.getSession().getSiteTree().getRoot();
 
 listChildren(root, 0);
 

diff --git a/standalone/alertAndPluginDetails.js b/standalone/alertAndPluginDetails.js
@@ -5,13 +5,14 @@
  * It's tab separated so you can simply copy/paste it into Excel (or whatever).
  */
 
-extAlert = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
-        org.zaproxy.zap.extension.alert.ExtensionAlert.NAME) 
+var control
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
 
-extPscan = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
-        org.zaproxy.zap.extension.pscan.ExtensionPassiveScan.NAME);
+extAlert = control.getExtensionLoader().getExtension(
+    org.zaproxy.zap.extension.alert.ExtensionAlert.NAME) 
+
+extPscan = control.getExtensionLoader().getExtension(
+    org.zaproxy.zap.extension.pscan.ExtensionPassiveScan.NAME);
 
 var pf = Java.type("org.parosproxy.paros.core.scanner.PluginFactory");
 

diff --git a/standalone/historySourceTagger.js b/standalone/historySourceTagger.js
@@ -6,8 +6,11 @@
 // Author: kingthorin+owaspzap@gmail.com
 // 20160207: Initial release
 
-extHist = org.parosproxy.paros.control.Control.getSingleton().
-      getExtensionLoader().getExtension(org.parosproxy.paros.extension.history.ExtensionHistory.NAME);
+var control, model
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+
+extHist = control.getExtensionLoader().
+    getExtension(org.parosproxy.paros.extension.history.ExtensionHistory.NAME);
 
 TAG_PREFIX='SRC_';
 

diff --git a/standalone/scan_rule_list.js b/standalone/scan_rule_list.js
@@ -1,7 +1,9 @@
 // This script gives details about all of the scan rules installed
 
-extAscan = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
+var control, model
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+
+extAscan = control.getExtensionLoader().getExtension(
         org.zaproxy.zap.extension.ascan.ExtensionActiveScan.NAME);
 
 plugins = extAscan.getPolicyManager().getDefaultScanPolicy().getPluginFactory().getAllPlugin().toArray();
@@ -15,8 +17,7 @@ for (var i=0; i < plugins.length; i++) {
   }
 }
 
-extPscan = org.parosproxy.paros.control.Control.getSingleton().
-    getExtensionLoader().getExtension(
+extPscan = control.getExtensionLoader().getExtension(
         org.zaproxy.zap.extension.pscan.ExtensionPassiveScan.NAME);
 
 plugins = extPscan.getPluginPassiveScanners().toArray();

diff --git a/targeted/ElasticSearchExploit.js b/targeted/ElasticSearchExploit.js
@@ -4,6 +4,9 @@
 // Shoutout to /u/cartogram for the POC rce command
 // Requires elasticsearch running, default port is 9200 check via nmap/portscanner
 
+var model
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 function invokeWith(msg) {
 	// give the user some info
 	print('Testing the follwing URL=' + msg.getRequestHeader().getURI().toString()); 
@@ -24,7 +27,7 @@ function invokeWith(msg) {
 	// update the length to take in account of the changes
 	msg.getRequestHeader().setContentLength(msg.getRequestBody().length());
 	// create a new sender
-	var sender = new org.parosproxy.paros.network.HttpSender(org.parosproxy.paros.model.Model.getSingleton().getOptionsParam().getConnectionParam(), true, 6)
+	var sender = new org.parosproxy.paros.network.HttpSender(model.getOptionsParam().getConnectionParam(), true, 6)
 	// send our new request
 	sender.sendAndReceive(msg)
 

diff --git a/targeted/Find largest subtree.js b/targeted/Find largest subtree.js
@@ -6,6 +6,9 @@ tot = 0
 maxparent = ""
 maxsub = 0
 
+var model
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 function recurseDown(node) {
 	//print('recurseDown node: ' + node.getHierarchicNodeName() + " " + node.getChildCount())
 	tot++
@@ -24,7 +27,7 @@ function invokeWith(msg) {
 	// Debugging can be done using print like this
 	//print('invokeWith called for url=' + msg.getRequestHeader().getURI().toString())
 
-	var sitestree = org.parosproxy.paros.model.Model.getSingleton().getSession().getSiteTree()
+	var sitestree = model.getSession().getSiteTree()
 	var node = sitestree.findNode(msg, true)
 
 	if (node != null) {

diff --git a/targeted/Remove 302s.js b/targeted/Remove 302s.js
@@ -3,6 +3,9 @@
 // The default criteria is leaf nodes with a response code of 302 but you can change that to anything you need
 // Targeted scripts can only be invoked by you, the user, eg via a right-click option on the Sites or History tabs
 
+var model
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton()
+
 function recurseDown(sitestree, node) {
 	//print('recurseDown node: ' + node.getHierarchicNodeName() + " " + node.getChildCount())
 	// Loop down through the children first
@@ -39,7 +42,7 @@ function invokeWith(msg) {
 	// Debugging can be done using print like this
 	//print('invokeWith called for url=' + msg.getRequestHeader().getURI().toString())
 
-	var sitestree = org.parosproxy.paros.model.Model.getSingleton().getSession().getSiteTree()
+	var sitestree = model.getSession().getSiteTree()
 	var node = sitestree.findNode(msg, true)
 
 	if (node != null) {

diff --git a/targeted/WordPress User Enumeration.js b/targeted/WordPress User Enumeration.js
@@ -5,17 +5,19 @@
 
 var pluginid = 100032;
 
+var control, model
+if (!control) control = Java.type("org.parosproxy.paros.control.Control").getSingleton()
+if (!model) model = Java.type("org.parosproxy.paros.model.Model").getSingleton() 
+
 var URI = Java.type("org.apache.commons.httpclient.URI");
 var HttpSender = Java.type("org.parosproxy.paros.network.HttpSender");
-var Model = Java.type("org.parosproxy.paros.model.Model");
 var HistoryReference = Java.type("org.parosproxy.paros.model.HistoryReference");
-var Control = Java.type("org.parosproxy.paros.control.Control");
 var ExtensionAlert = Java.type("org.zaproxy.zap.extension.alert.ExtensionAlert");
 var Alert = Java.type("org.parosproxy.paros.core.scanner.Alert");
 
-var session = Model.getSingleton().getSession();
-var connectionParams = Model.getSingleton().getOptionsParam().getConnectionParam();
-var extLoader = Control.getSingleton().getExtensionLoader();
+var session = model.getSession();
+var connectionParams = model.getOptionsParam().getConnectionParam();
+var extLoader = control.getExtensionLoader();
 
 // Print statements using script name
 function logger() {