-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathc2_custom_tab.py
148 lines (112 loc) · 4.92 KB
/
c2_custom_tab.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# References
# https://github.com/PortSwigger/example-custom-editor-tab/
# https://github.com/PortSwigger/example-custom-editor-tab/blob/master/python/CustomEditorTab.py
# https://github.com/securityMB/burp-exceptions
from burp import IBurpExtender
from burp import IMessageEditorTab
from burp import IMessageEditorTabFactory
from burp import IParameter
from exceptions_fix import FixBurpExceptions
import datetime
class BurpExtender(IBurpExtender, IMessageEditorTabFactory):
#
# Implement IBurpExtender Methods
#
def registerExtenderCallbacks(self, callbacks):
self._extensionName = "C2 Custom Tab"
# todo: set the parameter that you are interested in
# probably can build a UI to set some options/parameter names
self._parameterName ="TODO"
# save helper functions to use in other methods in class
# keep a reference to our callbacks object
# obtain an extension helpers object
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
# set our extension name
callbacks.setExtensionName(self._extensionName)
# register ourselves as a message editor tab factory
callbacks.registerMessageEditorTabFactory(self)
# print out for extension loaded
print(self._extensionName + " Loaded")
return
def createNewInstance(self, controller, editable):
# create a new instance of our custom editor tab
return CustomTab(self, controller, editable)
#
# class implementing IMessageEditorTab
#
class CustomTab(IMessageEditorTab):
def __init__(self, extender, controller, editable):
self._extender = extender
self._editable = editable
# create an instance of Burp's text editor, to display our processed data
self._txtInput = extender._callbacks.createTextEditor()
self._txtInput.setEditable(editable)
# get helpers class for current class
self._helpers = extender._helpers
self._currentMessage = ""
# get parameterName defined in BurpExtender
self._parameterName = extender._parameterName
#
# implement IMessageEditorTab
#
def getTabCaption(self):
# returns the name of the custom tab
return "Decoded Tab"
def getUiComponent(self):
# burp uses this to retrieve component
# for the content of the custom tab
return self._txtInput.getComponent()
def isEnabled(self, content, isRequest):
# todo: check whether custom tab should be enabled based on..
# whether it's a request and is the parameter name in the request?
# probably can build ui to set request/response, parameter name
paramFound = False
if isRequest == True:
requestInfo = self._extender._helpers.analyzeRequest(content)
parameters = requestInfo.getParameters()
return isRequest and paramFound
def setMessage(self, content, isRequest):
# set the content in the custom tab
# if no content, just display nothing
if (content is None):
self._txtInput.setText(None)
self._txtInput.setEditable(False)
else:
# todo: decode
# content to be processed and displayed using setText()
# set whether the content can be modified
# dodgy encoding 11 + base64
parameter = self._helpers.getRequestParameter(content, self._parameterName)
parameterValue = parameter.getValue()
# todo: set text to decoded varaible
self._txtInput.setText("TODO")
self._txtInput.setEditable(self._editable)
# remember the displayed content
self._currentMessage = content
def getMessage(self):
# determine whether the user modified the deserialized data
if self._txtInput.isTextModified():
# todo: encode the decoded value s
# get the text in textbox
# add 11 for dodgy encoding
text = self._txtInput.getText()
parameterValue = self._helpers.bytesToString(text)
# todo: update the request with the new parameter value
# IParameter buildParameter(PARAMETER NAME,
# PARAMETER VALUE,
# IParameter.PARAM_BODY)
updatedRequest = self._helpers.updateParameter(
self._currentMessage,
self._helpers.buildParameter(TODO,
TODO,
IParameter.PARAM_BODY)
)
return updatedRequest
else:
return self._currentMessage
def isModified(self):
return self._txtInput.isTextModified()
def getSelectedData(self):
return self._txtInput.getSelectedText()
FixBurpExceptions()