private void secondPass(IExtensionHelpers helpers) { publish("Second Pass..."); publish(0); Set<Map<String, CorrelatedParam>> allStats = new HashSet<>(); allStats.add(urlParameters); allStats.add(bodyParameters); allStats.add(cookieParameters); int x = 0; for (IHttpRequestResponse message : inScopeMessagesWithResponses) { publish(100 * x / inScopeMessagesWithResponses.size()); x += 1; String responseString = helpers.bytesToString(message.getResponse()); for (Map<String, CorrelatedParam> paramMap : allStats) { for (String paramName : paramMap.keySet()) { publish("Analyzing " + paramName + "..."); for (CorrelatedParam param : paramMap.values()) { for (String value : param.getUniqueValues()) { if (responseString.contains(value)) { param.putSeenParam(value, message); } } } } } } }
public static byte[] convertToJSON( IExtensionHelpers helpers, IHttpRequestResponse requestResponse) { byte[] request = requestResponse.getRequest(); if (Objects.equals(helpers.analyzeRequest(request).getMethod(), "GET")) { request = helpers.toggleRequestMethod(request); } IRequestInfo requestInfo = helpers.analyzeRequest(request); int bodyOffset = requestInfo.getBodyOffset(); byte content_type = requestInfo.getContentType(); String body = new String(request, bodyOffset, request.length - bodyOffset); String json = ""; Boolean success = true; try { if (content_type == 3) { JSONObject xmlJSONObject = XML.toJSONObject(body); json = xmlJSONObject.toString(2); } else if (content_type == 0 || content_type == 1) { Map<String, String> params = splitQuery(body); Gson gson = new Gson(); json = gson.toJson(params); } else { json = body; } } catch (Exception e) { success = false; } if (!success) { return request; } else { List<String> headers; headers = helpers.analyzeRequest(request).getHeaders(); Iterator<String> iter = headers.iterator(); while (iter.hasNext()) { if (iter.next().contains("Content-Type")) iter.remove(); } headers.add("Content-Type: application/json;charset=UTF-8"); return helpers.buildHttpMessage(headers, json.getBytes()); } }
public static byte[] convertToXML(IExtensionHelpers helpers, IHttpRequestResponse requestResponse) throws Exception { byte[] request = requestResponse.getRequest(); if (Objects.equals(helpers.analyzeRequest(request).getMethod(), "GET")) { request = helpers.toggleRequestMethod(request); } IRequestInfo requestInfo = helpers.analyzeRequest(request); int bodyOffset = requestInfo.getBodyOffset(); byte content_type = requestInfo.getContentType(); String body = new String(request, bodyOffset, request.length - bodyOffset, "UTF-8"); DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); Document doc = new Document() { public String getNodeName() { return null; } public String getNodeValue() throws DOMException { return null; } public void setNodeValue(String nodeValue) throws DOMException {} public short getNodeType() { return 0; } public Node getParentNode() { return null; } public NodeList getChildNodes() { return null; } public Node getFirstChild() { return null; } public Node getLastChild() { return null; } public Node getPreviousSibling() { return null; } public Node getNextSibling() { return null; } public NamedNodeMap getAttributes() { return null; } public Document getOwnerDocument() { return null; } public Node insertBefore(Node newChild, Node refChild) throws DOMException { return null; } public Node replaceChild(Node newChild, Node oldChild) throws DOMException { return null; } public Node removeChild(Node oldChild) throws DOMException { return null; } public Node appendChild(Node newChild) throws DOMException { return null; } public boolean hasChildNodes() { return false; } public Node cloneNode(boolean deep) { return null; } public void normalize() {} public boolean isSupported(String feature, String version) { return false; } public String getNamespaceURI() { return null; } public String getPrefix() { return null; } public void setPrefix(String prefix) throws DOMException {} public String getLocalName() { return null; } public boolean hasAttributes() { return false; } public String getBaseURI() { return null; } public short compareDocumentPosition(Node other) throws DOMException { return 0; } public String getTextContent() throws DOMException { return null; } public void setTextContent(String textContent) throws DOMException {} public boolean isSameNode(Node other) { return false; } public String lookupPrefix(String namespaceURI) { return null; } public boolean isDefaultNamespace(String namespaceURI) { return false; } public String lookupNamespaceURI(String prefix) { return null; } public boolean isEqualNode(Node arg) { return false; } public Object getFeature(String feature, String version) { return null; } public Object setUserData(String key, Object data, UserDataHandler handler) { return null; } public Object getUserData(String key) { return null; } public DocumentType getDoctype() { return null; } public DOMImplementation getImplementation() { return null; } public Element getDocumentElement() { return null; } public Element createElement(String tagName) throws DOMException { return null; } public DocumentFragment createDocumentFragment() { return null; } public Text createTextNode(String data) { return null; } public Comment createComment(String data) { return null; } public CDATASection createCDATASection(String data) throws DOMException { return null; } public ProcessingInstruction createProcessingInstruction(String target, String data) throws DOMException { return null; } public Attr createAttribute(String name) throws DOMException { return null; } public EntityReference createEntityReference(String name) throws DOMException { return null; } public NodeList getElementsByTagName(String tagname) { return null; } public Node importNode(Node importedNode, boolean deep) throws DOMException { return null; } public Element createElementNS(String namespaceURI, String qualifiedName) throws DOMException { return null; } public Attr createAttributeNS(String namespaceURI, String qualifiedName) throws DOMException { return null; } public NodeList getElementsByTagNameNS(String namespaceURI, String localName) { return null; } public Element getElementById(String elementId) { return null; } public String getInputEncoding() { return null; } public String getXmlEncoding() { return null; } public boolean getXmlStandalone() { return false; } public void setXmlStandalone(boolean xmlStandalone) throws DOMException {} public String getXmlVersion() { return null; } public void setXmlVersion(String xmlVersion) throws DOMException {} public boolean getStrictErrorChecking() { return false; } public void setStrictErrorChecking(boolean strictErrorChecking) {} public String getDocumentURI() { return null; } public void setDocumentURI(String documentURI) {} public Node adoptNode(Node source) throws DOMException { return null; } public DOMConfiguration getDomConfig() { return null; } public void normalizeDocument() {} public Node renameNode(Node n, String namespaceURI, String qualifiedName) throws DOMException { return null; } }; StringBuilder xml = new StringBuilder(); xml.append("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>"); xml.append("<root>"); if (content_type == 0 || content_type == 1) { Map<String, String> params = splitQuery(body); Gson gson = new Gson(); body = gson.toJson(params); } Boolean success = true; try { JSONObject json = new JSONObject(body); xml.append(XML.toString(json)); xml.append("</root>"); DocumentBuilder builder = factory.newDocumentBuilder(); ByteArrayInputStream input = new ByteArrayInputStream(xml.toString().getBytes("UTF-8")); doc = builder.parse(input); } catch (Exception e) { success = false; } if (!success) { return null; } else { List<String> headers; headers = helpers.analyzeRequest(request).getHeaders(); Iterator<String> iter = headers.iterator(); while (iter.hasNext()) { if (iter.next().contains("Content-Type")) iter.remove(); } headers.add("Content-Type: application/xml;charset=UTF-8"); return helpers.buildHttpMessage(headers, prettyPrint(doc).getBytes()); } }