Skip to content

Commit

Permalink
Removed Utils class, moved all the enums to proper class
Browse files Browse the repository at this point in the history
  • Loading branch information
@mattebit
mattebit committed Jul 19, 2023
1 parent 04a389e commit c2eb517
Show file tree
Hide file tree
Showing 26 changed files with 1,711 additions and 1,789 deletions.
5 changes: 3 additions & 2 deletions doc/language.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -489,15 +489,15 @@ The Checks tag is a list of Check elements, which can be defined with:
- `in` says were to check the given parameter, can be _head_, _body_, _url_
- `check` checks if the given string is present in the specified message section
- `check param` specifies the name of the parameter to be checked, depending on the section choosed, the tool will search for the parameter using a pattern. (for the url, it will search for a query parameter, for the head, it will search for a head parameter)
- `check regex` specify a regex that checks the selected content by matching it.
- The actual check on the value, which are self explanatory. (if none of these are specified, the check will only check if the given parameter is present)
- `is`
- `not is`
- `contains`
- `not contains`
- `is present` specifying true or false, to check whether is present or not
- `regex` specify a regex that checks the selected content by matching it.

Note that you can use `regex` OR (`check` OR `check param`). If you use the `check` tag, you can use all the other tags to verify the value, otherwise, if you use `check param` you can just use `is present`.
Note that you can use `check regex` OR `check` OR `check param`. If you use the `check` or `check param` tag, you can use all the other tags to verify the value, otherwise, if you use `check regex` you can just use `is present`.

In passive tests the checks's result are intended as the entire test result, so all the checks has to pass to have a successfull test.

Expand Down Expand Up @@ -864,3 +864,4 @@ Examples: <br>
- Removed `raw header` `raw payload` `raw signature` from `jwt from` tag in Decode Operation
- Added supprot of regex in checks (in future they will substitute existing regex)
- Remove support for hardcoded standard message types such as oauth request and oauth response
- Removed support for hardcoded identification of OAuth flow
2 changes: 1 addition & 1 deletion tool/.idea/compiler.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

18 changes: 9 additions & 9 deletions tool/src/main/java/migt/BurpExtender.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
import java.util.regex.PatternSyntaxException;

import static migt.Tools.executeDecodeOps;
import static migt.Utils.getVariableByName;
import static migt.Tools.getVariableByName;

/**
* Main class executed by Burp
Expand Down Expand Up @@ -232,7 +232,7 @@ public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessa
if (matchMessage) {
processMatchedMsg(msg_type, messageInfo);
if (mainPane.act_active_op.then != null &
mainPane.act_active_op.then == Utils.Then.DROP) {
mainPane.act_active_op.then == Operation.Then.DROP) {
message.setInterceptAction(IInterceptedProxyMessage.ACTION_DROP);
}
}
Expand Down Expand Up @@ -424,7 +424,7 @@ public Operation executeMessageOps(Operation op,
byte[] new_message;

try {
if (mop.type == Utils.MessageOpType.GENERATE_POC) {
if (mop.type == MessageOperation.MessageOpType.GENERATE_POC) {
if (!isRequest) {
throw new ParsingException("Invalid POC generation, message should be a request");
}
Expand All @@ -433,7 +433,7 @@ public Operation executeMessageOps(Operation op,
continue; // other templates not supported yet
}

String poc = Utils.generate_CSRF_POC(messageInfo, helpers);
String poc = Tools.generate_CSRF_POC(messageInfo, helpers);

try {
File myObj = new File(mop.output_path);
Expand Down Expand Up @@ -527,7 +527,7 @@ public Operation executeMessageOps(Operation op,
break;

case EDIT:
op.processed_message = Utils.editMessageParam(
op.processed_message = Tools.editMessageParam(
helpers,
mop.what,
mop.from,
Expand All @@ -538,7 +538,7 @@ public Operation executeMessageOps(Operation op,
break;

case EDIT_REGEX:
op.processed_message = Utils.editMessage(
op.processed_message = Tools.editMessage(
helpers,
mop.what,
mop,
Expand Down Expand Up @@ -594,7 +594,7 @@ public Operation executeMessageOps(Operation op,
switch (mop.from) {
case HEAD: {
String value = "";
if (mop.action == Utils.MessageOperationActions.SAVE) {
if (mop.action == MessageOperation.MessageOperationActions.SAVE) {
value = messageInfo.getHeadParam(isRequest, mop.what).trim();
} else {
List<String> headers = messageInfo.getHeaders(isRequest);
Expand Down Expand Up @@ -642,7 +642,7 @@ public Operation executeMessageOps(Operation op,
}
String header_0 = messageInfo.getUrlHeader();

pattern = mop.action == Utils.MessageOperationActions.SAVE ?
pattern = mop.action == MessageOperation.MessageOperationActions.SAVE ?
Pattern.compile(mop.what + "=[^& ]*(?=(&| ))") :
Pattern.compile(mop.what);

Expand All @@ -651,7 +651,7 @@ public Operation executeMessageOps(Operation op,

if (matcher.find()) {
String matched = matcher.group();
value = mop.action == Utils.MessageOperationActions.SAVE ?
value = mop.action == MessageOperation.MessageOperationActions.SAVE ?
matched.split("=")[1] :
matched;

Expand Down
Loading

0 comments on commit c2eb517

Please sign in to comment.