카테고리 없음

ㄴㄴ

1231. 2025. 4. 15. 13:58 
from burp import IBurpExtender, ITab
from java.awt import BorderLayout
from javax.swing import JPanel, JTable, JScrollPane, JTextArea, JSplitPane, JButton
from javax.swing.table import DefaultTableModel
from java.util import Date
from java.text import SimpleDateFormat
from java.net import URL

class BurpExtender(IBurpExtender, ITab):

    def registerExtenderCallbacks(self, callbacks):
        self.callbacks = callbacks
        self.helpers = callbacks.getHelpers()
        self.callbacks.setExtensionName("Dir Index Checker (Jython)")

        self._request_responses = []

        # UI 구성
        self._panel = JPanel(BorderLayout())
        self._table_model = DefaultTableModel(["URL", "Status", "Indexed", "Time"], 0)
        self._table = JTable(self._table_model)
        self._panel.add(JScrollPane(self._table), BorderLayout.CENTER)

        # 요청/응답 뷰어
        self._request_viewer = JTextArea()
        self._response_viewer = JTextArea()
        self._request_viewer.setEditable(False)
        self._response_viewer.setEditable(False)
        split = JSplitPane(JSplitPane.HORIZONTAL_SPLIT, JScrollPane(self._request_viewer), JScrollPane(self._response_viewer))
        split.setDividerLocation(400)
        self._panel.add(split, BorderLayout.SOUTH)

        # 버튼
        self._button = JButton("Scan Site Map", actionPerformed=self.scanSiteMap)
        self._panel.add(self._button, BorderLayout.NORTH)

        callbacks.addSuiteTab(self)

    def getTabCaption(self):
        return "Dir Index Checker"

    def getUiComponent(self):
        return self._panel

    def scanSiteMap(self, event):
        self._table_model.setRowCount(0)
        self._request_responses = []
        seen = set()

        for item in self.callbacks.getSiteMap(None):
            try:
                req_info = self.helpers.analyzeRequest(item)
                url = req_info.getUrl()
                if not url.getPath().endswith("/"):
                    continue

                full_url = url.toString()
                if full_url in seen:
                    continue
                seen.add(full_url)

                # 직접 요청 전송
                request = self.helpers.buildHttpRequest(url)
                service = item.getHttpService()
                new_response = self.callbacks.makeHttpRequest(service, request)
                analyzed_response = self.helpers.analyzeResponse(new_response.getResponse())

                body_offset = analyzed_response.getBodyOffset()
                body = self.helpers.bytesToString(new_response.getResponse())[body_offset:].lower()

                indexed = "YES" if "index of" in body or "<a href=" in body else "NO"
                status = analyzed_response.getStatusCode()
                time_str = SimpleDateFormat("HH:mm:ss").format(Date())

                self._table_model.addRow([full_url, status, indexed, time_str])
                self._request_responses.append(new_response)

            except Exception as e:
                print("Error: %s" % e)

    def onRowSelect(self):
        row = self._table.getSelectedRow()
        if 0 <= row < len(self._request_responses):
            rr = self._request_responses[row]
            req = self.helpers.bytesToString(rr.getRequest())
            res = self.helpers.bytesToString(rr.getResponse())
            self._request_viewer.setText(req)
            self._response_viewer.setText(res)

'카테고리 없음'의 다른글

  • 현재글ㄴㄴ

티스토리툴바