diff --git a/README.md b/README.md index 0146941..e767bcb 100644 --- a/README.md +++ b/README.md @@ -54,9 +54,10 @@ scan面板用来展示请求的内容以及扫描的内容,此面板不会自 ## 提示 -​ Recursion-Scan功能一定要注意PATH中的路由数量,没用的删一删再扫,递归扫描的请求数量是根据目录层级而指数级增长的哦。 +​ Recursion-Scan功能一定要注意PATH中的路由数量,没用的删一删再扫,递归扫描的请求数量是 目录层级*路由数量 的哦。 ## 更新计划 -* 2024-04-10 自定义head头 √ +* 自定义head头 2024-04-10 √ +* 添加自定义post或get参数 * 配置文件在线更新? ## 开心值 diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java index a49b864..c406c12 100644 --- a/src/main/java/burp/BurpExtender.java +++ b/src/main/java/burp/BurpExtender.java @@ -17,7 +17,7 @@ public class BurpExtender implements IBurpExtender { public static String EXPAND_NAME = "JsRouteScan"; public static String AUTHOR = "F6JO"; public static String LINK = "https://github.com/F6JO/JsRouteScan"; - public static String VERSION = "1.0"; + public static String VERSION = "1.1"; public static String CONFIGPATH = System.getProperty("user.home") + "/.config/JsRouteScan/config.yaml"; public LaunchRequest launchRequest; @@ -29,6 +29,7 @@ private void printBanner(){ this.call.printOutput("@Version: " + EXPAND_NAME + " v" + VERSION); this.call.printOutput("@From: Code by " + AUTHOR); this.call.printOutput("@Github: " + LINK); + this.call.printOutput(""); } @Override public void registerExtenderCallbacks(IBurpExtenderCallbacks iBurpExtenderCallbacks) { diff --git a/src/main/java/common/BurpListening.java b/src/main/java/common/BurpListening.java index ce0536b..a718de0 100644 --- a/src/main/java/common/BurpListening.java +++ b/src/main/java/common/BurpListening.java @@ -31,6 +31,7 @@ public void processHttpMessage(int i, boolean b, IHttpRequestResponse iHttpReque boolean contains = this.burpExtender.config.ExSuffix.stream().anyMatch(url::endsWith); // Determine whether the blacklist suffix is not included in the request path if (!contains) { + boolean isFirstMatch = true; for (String regex : this.burpExtender.config.REGEXS) { Pattern p = Pattern.compile(regex, Pattern.DOTALL); @@ -40,6 +41,7 @@ public void processHttpMessage(int i, boolean b, IHttpRequestResponse iHttpReque int findStart = 0; while (m.find(findStart)) { if (isFirstMatch) { + this.burpExtender.call.printOutput("Route found in: " + url); if (findhost == null) { findhost = (HostContent) this.burpExtender.tab.reqDisplay.hosttab.add(host); } @@ -66,12 +68,6 @@ public void processHttpMessage(int i, boolean b, IHttpRequestResponse iHttpReque if (burpExtender.config.PassiveScan) { this.burpExtender.launchRequest.fuckGO(iHttpRequestResponse.getHttpService(), route, headers, findhost, this.burpExtender.config.PassiveScanPath); } -// try { -// Thread.sleep(1000); -// } catch (InterruptedException ignored) { -// -// } - } } diff --git a/src/main/java/ui/ConfigTag.java b/src/main/java/ui/ConfigTag.java index 1bca787..8df0404 100644 --- a/src/main/java/ui/ConfigTag.java +++ b/src/main/java/ui/ConfigTag.java @@ -6,15 +6,7 @@ import ui.tab.RightConfigTab; import javax.swing.*; -import javax.swing.event.ChangeEvent; -import javax.swing.event.ChangeListener; -import javax.swing.event.DocumentEvent; -import javax.swing.event.DocumentListener; import java.awt.*; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.awt.event.ItemEvent; -import java.awt.event.ItemListener; public class ConfigTag implements TagInterface { private BurpExtender burp; diff --git a/src/main/java/ui/MainTag.java b/src/main/java/ui/MainTag.java index 5bc80f7..dc0d94f 100644 --- a/src/main/java/ui/MainTag.java +++ b/src/main/java/ui/MainTag.java @@ -6,25 +6,6 @@ import javax.swing.*; import java.awt.*; -//class MyRunnable implements Runnable { -// private MainTag myClass; -// -// public MyRunnable(MainTag myClass) { -// this.myClass = myClass; -// } -// -// @Override -// public void run() { -// while (true) { -// myClass.updateUI(); -// try { -// Thread.sleep(1000); -// } catch (InterruptedException ignored) { -// -// } -// } -// } -//} public class MainTag implements ITab { private BurpExtender burp; @@ -72,6 +53,12 @@ public void prompt(String message){ JOptionPane.showMessageDialog(this.getUiComponent(), message); } + public Boolean promptSelect(String message){ + int result = JOptionPane.showConfirmDialog(this.getUiComponent(), message, "title", JOptionPane.OK_CANCEL_OPTION); + return result == JOptionPane.OK_OPTION; + + } + @Override public String getTabCaption() { return this.TAGNAME; diff --git a/src/main/java/ui/tab/LeftConfigTab.java b/src/main/java/ui/tab/LeftConfigTab.java index ab44d0b..eba2c99 100644 --- a/src/main/java/ui/tab/LeftConfigTab.java +++ b/src/main/java/ui/tab/LeftConfigTab.java @@ -112,7 +112,8 @@ public void stateChanged(ChangeEvent e) { intSpinner.setValue(10); }else { burp.config.RequestThread = (int) value; - burp.launchRequest.updateThreadPoolSize(); + new Thread(() -> burp.launchRequest.updateThreadPoolSize()).start(); +// burp.launchRequest.updateThreadPoolSize(); } } }); diff --git a/src/main/java/ui/tab/path/RightTab.java b/src/main/java/ui/tab/path/RightTab.java index f876dee..f6782d9 100644 --- a/src/main/java/ui/tab/path/RightTab.java +++ b/src/main/java/ui/tab/path/RightTab.java @@ -130,6 +130,7 @@ public JPanel packaging(Component... components){ public void scanButtonFunc(){ this.scanButton.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { + burp.tab.prompt(burp.launchRequest.executor.getMaximumPoolSize() + ""); String scanRootPathText = scanRootPathField.getText(); if (scanRootPathText.equals("")){ burp.tab.prompt("Wrong scan root path!"); diff --git a/src/main/java/utils/LaunchRequest.java b/src/main/java/utils/LaunchRequest.java index 1cd9cd4..d95244d 100644 --- a/src/main/java/utils/LaunchRequest.java +++ b/src/main/java/utils/LaunchRequest.java @@ -12,9 +12,7 @@ import java.net.URL; import java.util.ArrayList; import java.util.List; -import java.util.concurrent.Executors; -import java.util.concurrent.Future; -import java.util.concurrent.ThreadPoolExecutor; +import java.util.concurrent.*; public class LaunchRequest { private BurpExtender burp; @@ -22,12 +20,27 @@ public class LaunchRequest { public LaunchRequest(BurpExtender burpExtender) { this.burp = burpExtender; - this.executor = (ThreadPoolExecutor) Executors.newFixedThreadPool(this.burp.config.RequestThread);; + BlockingQueue workQueue = new LinkedBlockingQueue<>(); + this.executor = new ThreadPoolExecutor(this.burp.config.RequestThread, this.burp.config.RequestThread, 0L, TimeUnit.MILLISECONDS, workQueue); +// this.executor = (ThreadPoolExecutor) Executors.newFixedThreadPool(this.burp.config.RequestThread);; } public void updateThreadPoolSize() { - int newSize = this.burp.config.RequestThread; - this.executor.setMaximumPoolSize(newSize); - this.executor.setCorePoolSize(newSize); + synchronized (this.executor) { + try { + int newSize = this.burp.config.RequestThread; + if (newSize > this.executor.getMaximumPoolSize()) { + this.executor.setMaximumPoolSize(newSize); + this.executor.setCorePoolSize(newSize); + }else if (newSize < this.executor.getCorePoolSize()) { + this.executor.setCorePoolSize(newSize); + this.executor.setMaximumPoolSize(newSize); + } + + }catch (Exception e) { + this.burp.call.printError("ThreadPool Size Error: " + e.getMessage()); + } + + } } @@ -104,11 +117,14 @@ public void recursionScan(HostContent hostContent, List iH } } - burp.tab.prompt(hostContent.routeContents.size() * paths.size() + " requests in total"); - for (String i : paths) { - for (RouteContent routeContent : hostContent.routeContents) { - this.fuckGO(hostContent.getHttpService(), routeContent.getRoute(), hostContent.getHeaders(), hostContent, i); + Boolean aBoolean = burp.tab.promptSelect("A total of " + hostContent.routeContents.size() * paths.size() + " requests, are you sure?"); + if (aBoolean){ + for (String i : paths) { + for (RouteContent routeContent : hostContent.routeContents) { + this.fuckGO(hostContent.getHttpService(), routeContent.getRoute(), hostContent.getHeaders(), hostContent, i); + } } } + } }