diff --git a/build.gradle b/build.gradle index bab84e1..d2637ec 100644 --- a/build.gradle +++ b/build.gradle @@ -3,7 +3,7 @@ plugins { } group 'com.synfron.reshaper.burp' -version '1.8.1' +version '1.8.2' targetCompatibility = '15' sourceCompatibility = '15' @@ -16,19 +16,19 @@ dependencies { testImplementation 'junit:junit:4.13.2' testImplementation 'org.mockito:mockito-core:4.2.0' implementation 'org.apache.httpcomponents:httpclient:4.5.13' - implementation 'org.mozilla:rhino:1.7.13' + implementation 'org.mozilla:rhino:1.7.14' implementation 'cat.inspiracio:rhino-js-engine:1.7.10' implementation 'org.apache.commons:commons-text:1.9' implementation 'commons-io:commons-io:2.11.0' implementation 'org.apache.commons:commons-lang3:3.12.0' implementation 'net.jodah:expiringmap:0.5.10' - implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.1' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2.2' implementation 'com.miglayout:miglayout-swing:11.0' implementation 'org.jsoup:jsoup:1.14.3' - implementation 'com.jayway.jsonpath:json-path:2.6.0' + implementation 'com.jayway.jsonpath:json-path:2.7.0' implementation 'net.portswigger.burp.extender:burp-extender-api:2.3' implementation 'org.rypt:f8:1.1-RC1' - implementation 'org.apache.commons:commons-csv:1.8' + implementation 'org.apache.commons:commons-csv:1.9.0' implementation files('libs/htmlchardet-1.0.2.1.jar') compileOnly 'org.projectlombok:lombok:1.18.22' annotationProcessor 'org.projectlombok:lombok:1.18.22' @@ -36,6 +36,7 @@ dependencies { jar { from { + duplicatesStrategy(DuplicatesStrategy.EXCLUDE) configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) } } } diff --git a/docs/ScriptingLibrary.md b/docs/ScriptingLibrary.md index 7da3a9e..6a0e136 100644 --- a/docs/ScriptingLibrary.md +++ b/docs/ScriptingLibrary.md @@ -35,6 +35,18 @@ value - The new value. Get all [Message Value](MessageValues.html) keys. +#### setRuleResponse(ruleResponse) + +Set whether further processing of Thens or Rules should continue after this script finishes executing. This provides the same functionality as Then Break. + +Continue - Continue processing as normal.
+BreakThens - Skip running any further Thens of the current Rule.
+BreakRules - Skip running any further Thens and Rules for this event. + +Parameters: + +ruleResponse - "Continue" | "BreakThens" | "BreakRules" + #### runThen(thenType, thenData) Run a Then action. @@ -59,12 +71,6 @@ BuildHttpMessage destinationVariableName: string } ``` -Break -``` -{ - breakType: "Continue" | "BreakThens" | "BreakRules" -} -``` Delete Value ``` { diff --git a/gradlew b/gradlew index 4f906e0..744e882 100644 --- a/gradlew +++ b/gradlew @@ -72,7 +72,7 @@ case "`uname`" in Darwin* ) darwin=true ;; - MINGW* ) + MSYS* | MINGW* ) msys=true ;; NONSTOP* ) diff --git a/src/main/java/synfron/reshaper/burp/core/rules/RulesEngine.java b/src/main/java/synfron/reshaper/burp/core/rules/RulesEngine.java index cd4bcd6..5ba3359 100644 --- a/src/main/java/synfron/reshaper/burp/core/rules/RulesEngine.java +++ b/src/main/java/synfron/reshaper/burp/core/rules/RulesEngine.java @@ -7,8 +7,6 @@ import synfron.reshaper.burp.core.rules.whens.When; import synfron.reshaper.burp.core.utils.Log; -import java.util.List; - public class RulesEngine { @Getter diff --git a/src/main/java/synfron/reshaper/burp/core/rules/thens/ThenRunScript.java b/src/main/java/synfron/reshaper/burp/core/rules/thens/ThenRunScript.java index c0609e7..1f55dc0 100644 --- a/src/main/java/synfron/reshaper/burp/core/rules/thens/ThenRunScript.java +++ b/src/main/java/synfron/reshaper/burp/core/rules/thens/ThenRunScript.java @@ -17,6 +17,7 @@ public class ThenRunScript extends Then { public RuleResponse perform(IEventInfo eventInfo) { boolean hasError = false; + RuleResponse ruleResponse = RuleResponse.Continue; try { Dispatcher dispatcher = new Dispatcher(); dispatcher.setMaxExecutionSeconds(maxExecutionSeconds); @@ -29,13 +30,15 @@ public RuleResponse perform(IEventInfo eventInfo) { 1, null )); + + ruleResponse = (RuleResponse)dispatcher.getDataBag().getOrDefault("ruleResponse", ruleResponse); } catch (Exception e) { hasError = true; throw e; } finally { if (eventInfo.getDiagnostics().isEnabled()) eventInfo.getDiagnostics().logValue(this, hasError, script); } - return RuleResponse.Continue; + return ruleResponse; } @Override diff --git a/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ConsoleObj.java b/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ConsoleObj.java index 607cfb6..3570514 100644 --- a/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ConsoleObj.java +++ b/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ConsoleObj.java @@ -1,13 +1,27 @@ package synfron.reshaper.burp.core.rules.thens.entities.script; +import org.mozilla.javascript.ScriptableObject; import synfron.reshaper.burp.core.utils.Log; +import java.util.Arrays; +import java.util.List; +import java.util.Objects; +import java.util.stream.Collectors; + public class ConsoleObj { public void log(Object... args) { - Log.get().withMessage("Script Log").withPayload(args.length == 1 ? args[0] : args).log(); + List values = getConsoleWritable(args); + Log.get().withMessage("Script Log").withPayload(values.size() == 1 ? values.get(0) : values).log(); } public void error(Object... args) { - Log.get().withMessage("Script Log").withPayload(args.length == 1 ? args[0] : args).logErr(); + List values = getConsoleWritable(args); + Log.get().withMessage("Script Log").withPayload(values.size() == 1 ? values.get(0) : values).logErr(); + } + + private List getConsoleWritable(Object[] values) { + return Arrays.stream(values) + .map(value -> value instanceof ScriptableObject ? Objects.toString(value) : value) + .collect(Collectors.toList()); } } diff --git a/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ReshaperObj.java b/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ReshaperObj.java index 2478375..b9cd7f0 100644 --- a/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ReshaperObj.java +++ b/src/main/java/synfron/reshaper/burp/core/rules/thens/entities/script/ReshaperObj.java @@ -8,6 +8,7 @@ import synfron.reshaper.burp.core.messages.MessageValue; import synfron.reshaper.burp.core.messages.MessageValueHandler; import synfron.reshaper.burp.core.rules.RuleOperationType; +import synfron.reshaper.burp.core.rules.RuleResponse; import synfron.reshaper.burp.core.rules.thens.Then; import synfron.reshaper.burp.core.rules.thens.ThenType; import synfron.reshaper.burp.core.utils.GetItemPlacement; @@ -112,7 +113,6 @@ public String runThen(String thenType, NativeObject thenData) { ThenType.DeleteValue, ThenType.DeleteVariable, ThenType.Drop, - ThenType.Break, ThenType.Log, ThenType.ParseHttpMessage, ThenType.SendRequest, @@ -138,5 +138,19 @@ public String runThen(String thenType, NativeObject thenData) { Then then = (Then)Serializer.deserialize(thenDataJson, thenClass); return then.perform((IEventInfo)Dispatcher.getCurrent().getDataBag().get("eventInfo")).toString(); } + + public void setRuleResponse(String ruleResponse) { + switch (ruleResponse.toUpperCase()) { + case "CONTINUE": + Dispatcher.getCurrent().getDataBag().put("ruleResponse", RuleResponse.Continue); + break; + case "BREAKTHENS": + Dispatcher.getCurrent().getDataBag().put("ruleResponse", RuleResponse.BreakThens); + break; + case "BREAKRULES": + Dispatcher.getCurrent().getDataBag().put("ruleResponse", RuleResponse.BreakRules); + break; + } + } } } diff --git a/src/main/java/synfron/reshaper/burp/core/vars/VariableString.java b/src/main/java/synfron/reshaper/burp/core/vars/VariableString.java index 24243eb..21142bc 100644 --- a/src/main/java/synfron/reshaper/burp/core/vars/VariableString.java +++ b/src/main/java/synfron/reshaper/burp/core/vars/VariableString.java @@ -250,7 +250,7 @@ public static boolean isPotentialInt(String formattedString) { return false; } String strippedText = formattedString.replaceAll(String.format("\\{\\{(%s):(.+?)\\}\\}", String.join("|", VariableSource.getSupportedNames())), ""); - return TextUtils.isInt(strippedText); + return TextUtils.isInt(strippedText) || strippedText.isEmpty(); } public static boolean hasTag(String text) {