save_evidence.py

Pocket

from burp import IBurpExtender
from burp import IContextMenuFactory
from javax.swing import JMenuItem
from java.util import List, ArrayList
from java.net import URL
from urlparse import urlparse

class BurpExtender(IBurpExtender, IContextMenuFactory):
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self.context = None

# Set up new extension
callbacks.setExtensionName(“Save Evidence”)
callbacks.registerContextMenuFactory(self)
return

def createMenuItems(self, context_menu):
self.context = context_menu
menu_list = ArrayList()
menu_list.add(JMenuItem(“Save Evidence”, actionPerformed=self.save_log))
return menu_list

def save_log(self,packet):
#grab the details of what the user clicked
http_traffic = self.context.getSelectedMessages()
for traffic in http_traffic:
http_service = traffic.getHttpService()

# Get url, request, response
http_url = traffic.getUrl()
http_request = traffic.getRequest().tostring().replace(‘\r’,”)
http_response_header, http_response_body = traffic.getResponse().tostring().split(‘\r\n\r\n’,1)

# Parse and prepare vulnerable parameters
parse_url = urlparse(str(http_url))
filename = parse_url.path.replace(“/”,”_”)
params_prepare = parse_url.query.split(“&”) + http_request.split(‘\n\n’)[1].split(“&”)

params_vulnerable = [] params_vulnerable_split = [] for s in filter (lambda x: “!!” in x, params_prepare): params_vulnerable.append(s)
for elem in params_vulnerable: params_vulnerable_split.append(elem.split(“=”)[0])

if len(params_vulnerable_split) != 0:
log = str(http_url).replace(“!!”,””) + “\n”*3 + ‘\n’.join(str(p) for p in params_vulnerable_split) + “\n”*3 + http_request.replace(“!!”,””) + “\n”*3 + http_response_header.replace(‘\r’,”) + “\n”*2 + http_response_body
f = open(“/Users/jin.sato/Desktop/”+filename+”(“+ ‘,’.join(str(p) for p in params_vulnerable_split) +”).txt”,”w”)
f.write(log)
f.close()
else:
log = str(http_url).replace(“!!”,””) + “\n”*3 + http_request.replace(“!!”,””) + “\n”*3 + http_response_header.replace(‘\r’,”) + “\n”*2 + http_response_body
f = open(“/Users/jin.sato/Desktop/”+filename+”.txt”,”w”)
f.write(log)
f.close()

return