Skip to content

Commit

Permalink
added Request, Response filter
Browse files Browse the repository at this point in the history
  • Loading branch information
@hvqzao
hvqzao committed Oct 13, 2017
1 parent f9c35e2 commit eb2c323
Show file tree
Hide file tree
Showing 3 changed files with 122 additions and 25 deletions.
69 changes: 61 additions & 8 deletions src/hvqzao/flow/FlowExtension.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,10 +72,13 @@

public class FlowExtension implements IBurpExtender, ITab, IHttpListener, IScopeChangeListener, IExtensionStateListener {

private final String version = "Flow v1.16 (2017-10-05)";
// Changes in v1.16:
// - added Regex filtering
// - table update enforced once PopulateWorker / FilterWorker finishes
private final String version = "Flow v1.17 (2017-10-13)";
// Changes in v1.17:
// - added Request, Response filter
// if none is selected, search string can be in request, response or both
// if one is selected (e.g. request, it must be found in request)
// if both are selected - search string must be found in both request and response
// - added info when populating log from burp proxy is completed
//private final String versionFull = "<html>" + version + ", <a href=\"https://github.com/hvqzao/burp-flow\">https://github.com/hvqzao/burp-flow</a>, MIT license</html>";
private static IBurpExtenderCallbacks callbacks;
private static IExtensionHelpers helpers;
Expand All @@ -98,6 +101,8 @@ public class FlowExtension implements IBurpExtender, ITab, IHttpListener, IScope
private JCheckBox flowFilterSearchCaseSensitive;
private JCheckBox flowFilterSearchNegative;
private JCheckBox flowFilterSearchRegex;
private JCheckBox flowFilterSearchRequest;
private JCheckBox flowFilterSearchResponse;
private JCheckBox flowFilterSourceProxy;
private JCheckBox flowFilterSourceProxyOnly;
private JCheckBox flowFilterSourceSpider;
Expand Down Expand Up @@ -260,6 +265,8 @@ public void actionPerformed(ActionEvent e) {
flowFilterSearchField = flowFilterPopup.getFlowFilterSearchField();
flowFilterSearchNegative = flowFilterPopup.getFlowFilterSearchNegative();
flowFilterSearchRegex = flowFilterPopup.getFlowFilterSearchRegex();
flowFilterSearchRequest = flowFilterPopup.getFlowFilterSearchRequest();
flowFilterSearchResponse = flowFilterPopup.getFlowFilterSearchResponse();
flowFilterSourceExtender = flowFilterPopup.getFlowFilterSourceExtender();
flowFilterSourceExtenderOnly = flowFilterPopup.getFlowFilterSourceExtenderOnly();
flowFilterSourceIntruder = flowFilterPopup.getFlowFilterSourceIntruder();
Expand Down Expand Up @@ -335,6 +342,8 @@ private void process() {
flowFilterSearchCaseSensitive.addActionListener(flowFilterScopeUpdateAction);
flowFilterSearchNegative.addActionListener(flowFilterScopeUpdateAction);
flowFilterSearchRegex.addActionListener(flowFilterScopeUpdateAction);
flowFilterSearchRequest.addActionListener(flowFilterScopeUpdateAction);
flowFilterSearchResponse.addActionListener(flowFilterScopeUpdateAction);

flowFilterSourceProxy.addActionListener(flowFilterScopeUpdateAction);
flowFilterSourceSpider.addActionListener(flowFilterScopeUpdateAction);
Expand Down Expand Up @@ -797,9 +806,13 @@ public void extensionUnloaded() {
class PopulateWorker extends SwingWorker<Object, FlowEntry> {

private final IHttpRequestResponse[] history;
private final PrintWriter stdout;

public PopulateWorker(IHttpRequestResponse[] history) {
this.history = history;
stdout = new PrintWriter(callbacks.getStdout(), true);
stdout.print("Populating log with Burp Proxy history, Please wait... ");
stdout.flush();
}

@Override
Expand Down Expand Up @@ -836,6 +849,7 @@ protected void process(List<FlowEntry> chunks) {
@Override
protected void done() {
flowTable.repaint();
stdout.println("done.");
}
}

Expand Down Expand Up @@ -1224,6 +1238,8 @@ private void flowFilterSetDefaults() {
flowFilterSearchCaseSensitive.setSelected(false);
flowFilterSearchNegative.setSelected(false);
flowFilterSearchRegex.setSelected(false);
flowFilterSearchRequest.setSelected(false);
flowFilterSearchResponse.setSelected(false);
// flowFilter
flowFilterSourceProxy.setSelected(true);
flowFilterSourceProxy.setEnabled(true);
Expand Down Expand Up @@ -1307,6 +1323,28 @@ private void flowFilterUpdateDescription() {
searchAttrib.append("regex");
searchHasAttr = true;
}
if (flowFilterSearchRequest.isSelected() && flowFilterSearchResponse.isSelected()) {
if (searchHasAttr) {
searchAttrib.append(", ");
}
searchAttrib.append("in request & response");
searchHasAttr = true;
} else {
if (flowFilterSearchRequest.isSelected()) {
if (searchHasAttr) {
searchAttrib.append(", ");
}
searchAttrib.append("in request");
searchHasAttr = true;
}
if (flowFilterSearchResponse.isSelected()) {
if (searchHasAttr) {
searchAttrib.append(", ");
}
searchAttrib.append("in response");
searchHasAttr = true;
}
}
if (flowFilterSearchNegative.isSelected()) {
if (searchHasAttr) {
searchAttrib.append(", ");
Expand Down Expand Up @@ -1444,6 +1482,8 @@ public boolean include(javax.swing.RowFilter.Entry<? extends FlowTableModel, ? e
// search
if (result && flowFilterSearchField.getText().length() != 0) {
boolean found;
boolean foundInReq;
boolean foundInResp;
String text = flowFilterSearchField.getText();
String req = new String(flowEntry.messageInfoPersisted.getRequest());
byte[] response = flowEntry.messageInfoPersisted.getResponse();
Expand All @@ -1455,17 +1495,30 @@ public boolean include(javax.swing.RowFilter.Entry<? extends FlowTableModel, ? e
}
if (flowFilterSearchRegex.isSelected()) {
if (flowFilterSearchCaseSensitive.isSelected()) {
found = Pattern.compile(text).matcher(req).find() || Pattern.compile(text).matcher(resp).find();
foundInReq = Pattern.compile(text).matcher(req).find();
foundInResp = Pattern.compile(text).matcher(resp).find();
} else {
found = Pattern.compile(text, Pattern.CASE_INSENSITIVE).matcher(req).find() || Pattern.compile(text, Pattern.CASE_INSENSITIVE).matcher(resp).find();
foundInReq = Pattern.compile(text, Pattern.CASE_INSENSITIVE).matcher(req).find();
foundInResp = Pattern.compile(text, Pattern.CASE_INSENSITIVE).matcher(resp).find();
}
} else {
if (flowFilterSearchCaseSensitive.isSelected()) {
found = Pattern.compile(Pattern.quote(text)).matcher(req).find() || Pattern.compile(Pattern.quote(text)).matcher(resp).find();
foundInReq = Pattern.compile(Pattern.quote(text)).matcher(req).find();
foundInResp = Pattern.compile(Pattern.quote(text)).matcher(resp).find();
} else {
found = Pattern.compile(Pattern.quote(text), Pattern.CASE_INSENSITIVE).matcher(req).find() || Pattern.compile(Pattern.quote(text), Pattern.CASE_INSENSITIVE).matcher(resp).find();
foundInReq = Pattern.compile(Pattern.quote(text), Pattern.CASE_INSENSITIVE).matcher(req).find();
foundInResp = Pattern.compile(Pattern.quote(text), Pattern.CASE_INSENSITIVE).matcher(resp).find();
}
}
if (flowFilterSearchRequest.isSelected() && flowFilterSearchResponse.isSelected()) {
found = foundInReq && foundInResp;
} else if (flowFilterSearchRequest.isSelected()) {
found = foundInReq;
} else if (flowFilterSearchResponse.isSelected()) {
found = foundInResp;
} else {
found = foundInReq || foundInResp;
}
if (flowFilterSearchNegative.isSelected()) {
if (found) {
result = false;
Expand Down
37 changes: 28 additions & 9 deletions src/hvqzao/flow/FlowFilterPopup.form
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@
</Group>
<EmptySpace type="unrelated" max="-2" attributes="0"/>
<Group type="103" groupAlignment="0" attributes="0">
<Component id="FlowFilterBySearch" alignment="0" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterByReqType" alignment="0" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterBySearch" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterByReqType" max="32767" attributes="0"/>
</Group>
<EmptySpace max="-2" attributes="0"/>
<Component id="FlowFilterBySource" min="-2" max="-2" attributes="0"/>
Expand Down Expand Up @@ -145,7 +145,7 @@
<Component id="FlowFilterInscope" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterParametrized" min="-2" max="-2" attributes="0"/>
</Group>
<EmptySpace min="0" pref="30" max="32767" attributes="0"/>
<EmptySpace min="0" pref="0" max="32767" attributes="0"/>
</Group>
</Group>
</DimensionLayout>
Expand Down Expand Up @@ -191,14 +191,19 @@
<Group type="102" alignment="0" attributes="0">
<EmptySpace min="-2" pref="1" max="-2" attributes="0"/>
<Group type="103" groupAlignment="0" attributes="0">
<Component id="FlowFilterSearchRegex" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterSearchCaseSensitive" alignment="0" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterSearchRegex" alignment="0" min="-2" max="-2" attributes="0"/>
</Group>
<EmptySpace max="-2" attributes="0"/>
<Group type="103" groupAlignment="0" attributes="0">
<Group type="102" attributes="0">
<Component id="FlowFilterSearchCaseSensitive" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterSearchRequest" min="-2" max="-2" attributes="0"/>
<EmptySpace max="-2" attributes="0"/>
<Component id="FlowFilterSearchNegative" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterSearchResponse" min="-2" max="-2" attributes="0"/>
</Group>
<Component id="FlowFilterSearchNegative" min="-2" max="-2" attributes="0"/>
</Group>
<EmptySpace pref="16" max="32767" attributes="0"/>
<EmptySpace max="32767" attributes="0"/>
</Group>
</Group>
</DimensionLayout>
Expand All @@ -212,7 +217,11 @@
<Component id="FlowFilterSearchNegative" alignment="3" min="-2" max="-2" attributes="0"/>
</Group>
<EmptySpace max="-2" attributes="0"/>
<Component id="FlowFilterSearchRegex" min="-2" max="-2" attributes="0"/>
<Group type="103" groupAlignment="3" attributes="0">
<Component id="FlowFilterSearchRegex" alignment="3" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterSearchRequest" alignment="3" min="-2" max="-2" attributes="0"/>
<Component id="FlowFilterSearchResponse" alignment="3" min="-2" max="-2" attributes="0"/>
</Group>
</Group>
</Group>
</DimensionLayout>
Expand All @@ -235,6 +244,16 @@
<Property name="text" type="java.lang.String" value="Regex search"/>
</Properties>
</Component>
<Component class="javax.swing.JCheckBox" name="FlowFilterSearchRequest">
<Properties>
<Property name="text" type="java.lang.String" value="Request"/>
</Properties>
</Component>
<Component class="javax.swing.JCheckBox" name="FlowFilterSearchResponse">
<Properties>
<Property name="text" type="java.lang.String" value="Response"/>
</Properties>
</Component>
</SubComponents>
</Container>
<Container class="javax.swing.JPanel" name="FlowFilterBySource">
Expand Down Expand Up @@ -531,7 +550,7 @@
<Layout>
<DimensionLayout dim="0">
<Group type="103" groupAlignment="0" attributes="0">
<EmptySpace min="0" pref="0" max="32767" attributes="0"/>
<EmptySpace min="0" pref="10" max="32767" attributes="0"/>
</Group>
</DimensionLayout>
<DimensionLayout dim="1">
Expand Down
41 changes: 33 additions & 8 deletions src/hvqzao/flow/FlowFilterPopup.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ public FlowFilterPopup() {
callbacks.customizeUiComponent(FlowFilterSearchField);
callbacks.customizeUiComponent(FlowFilterSearchNegative);
callbacks.customizeUiComponent(FlowFilterSearchRegex);
callbacks.customizeUiComponent(FlowFilterSearchRequest);
callbacks.customizeUiComponent(FlowFilterSearchResponse);
callbacks.customizeUiComponent(FlowFilterSourceExtender);
callbacks.customizeUiComponent(FlowFilterSourceExtenderOnly);
callbacks.customizeUiComponent(FlowFilterSourceIntruder);
Expand Down Expand Up @@ -156,6 +158,14 @@ public JCheckBox getFlowFilterSearchRegex() {
return FlowFilterSearchRegex;
}

public JCheckBox getFlowFilterSearchRequest() {
return FlowFilterSearchRequest;
}

public JCheckBox getFlowFilterSearchResponse() {
return FlowFilterSearchResponse;
}

public JCheckBox getFlowFilterSourceExtender() {
return FlowFilterSourceExtender;
}
Expand Down Expand Up @@ -227,6 +237,8 @@ private void initComponents() {
FlowFilterSearchCaseSensitive = new javax.swing.JCheckBox();
FlowFilterSearchNegative = new javax.swing.JCheckBox();
FlowFilterSearchRegex = new javax.swing.JCheckBox();
FlowFilterSearchRequest = new javax.swing.JCheckBox();
FlowFilterSearchResponse = new javax.swing.JCheckBox();
FlowFilterBySource = new javax.swing.JPanel();
FlowFilterSourceProxy = new javax.swing.JCheckBox();
FlowFilterSourceSpider = new javax.swing.JCheckBox();
Expand Down Expand Up @@ -282,7 +294,7 @@ private void initComponents() {
.addGroup(FlowFilterByReqTypeLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
.addComponent(FlowFilterInscope)
.addComponent(FlowFilterParametrized))
.addGap(0, 30, Short.MAX_VALUE))
.addGap(0, 0, Short.MAX_VALUE))
);
FlowFilterByReqTypeLayout.setVerticalGroup(
FlowFilterByReqTypeLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
Expand All @@ -302,6 +314,10 @@ private void initComponents() {

FlowFilterSearchRegex.setText("Regex search");

FlowFilterSearchRequest.setText("Request");

FlowFilterSearchResponse.setText("Response");

javax.swing.GroupLayout FlowFilterBySearchLayout = new javax.swing.GroupLayout(FlowFilterBySearch);
FlowFilterBySearch.setLayout(FlowFilterBySearchLayout);
FlowFilterBySearchLayout.setHorizontalGroup(
Expand All @@ -310,12 +326,16 @@ private void initComponents() {
.addGroup(FlowFilterBySearchLayout.createSequentialGroup()
.addGap(1, 1, 1)
.addGroup(FlowFilterBySearchLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
.addComponent(FlowFilterSearchRegex)
.addComponent(FlowFilterSearchCaseSensitive)
.addComponent(FlowFilterSearchRegex))
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
.addGroup(FlowFilterBySearchLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
.addGroup(FlowFilterBySearchLayout.createSequentialGroup()
.addComponent(FlowFilterSearchCaseSensitive)
.addComponent(FlowFilterSearchRequest)
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
.addComponent(FlowFilterSearchNegative)))
.addContainerGap(16, Short.MAX_VALUE))
.addComponent(FlowFilterSearchResponse))
.addComponent(FlowFilterSearchNegative))
.addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
);
FlowFilterBySearchLayout.setVerticalGroup(
FlowFilterBySearchLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
Expand All @@ -326,7 +346,10 @@ private void initComponents() {
.addComponent(FlowFilterSearchCaseSensitive)
.addComponent(FlowFilterSearchNegative))
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
.addComponent(FlowFilterSearchRegex))
.addGroup(FlowFilterBySearchLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
.addComponent(FlowFilterSearchRegex)
.addComponent(FlowFilterSearchRequest)
.addComponent(FlowFilterSearchResponse)))
);

FlowFilterBySource.setBorder(javax.swing.BorderFactory.createTitledBorder("Filter search"));
Expand Down Expand Up @@ -499,7 +522,7 @@ private void initComponents() {
FlowFilterBottom.setLayout(FlowFilterBottomLayout);
FlowFilterBottomLayout.setHorizontalGroup(
FlowFilterBottomLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
.addGap(0, 0, Short.MAX_VALUE)
.addGap(0, 10, Short.MAX_VALUE)
);
FlowFilterBottomLayout.setVerticalGroup(
FlowFilterBottomLayout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
Expand All @@ -518,7 +541,7 @@ private void initComponents() {
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
.addComponent(FlowFilterBySearch, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
.addComponent(FlowFilterByReqType, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))
.addComponent(FlowFilterByReqType, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
.addComponent(FlowFilterBySource, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
Expand Down Expand Up @@ -576,6 +599,8 @@ private void initComponents() {
private javax.swing.JTextField FlowFilterSearchField;
private javax.swing.JCheckBox FlowFilterSearchNegative;
private javax.swing.JCheckBox FlowFilterSearchRegex;
private javax.swing.JCheckBox FlowFilterSearchRequest;
private javax.swing.JCheckBox FlowFilterSearchResponse;
private javax.swing.JCheckBox FlowFilterSourceExtender;
private javax.swing.JCheckBox FlowFilterSourceExtenderOnly;
private javax.swing.JCheckBox FlowFilterSourceIntruder;
Expand Down

0 comments on commit eb2c323

Please sign in to comment.