Switched to the Montoya API. Added support for WebSockets. Added new …

…When constraints: Message Type (WebSockets only). Added new Then actions: Intercept, Send Message (WebSockets ony). Added ignore case to When Matches Text. Added more details to Then and When lists. Added variable tags for annotations (i.e. comments and highlights). Added Session variable type for WebSockets. Added supported for exporting and importing data as YAML. Added right-click option for Rules in the Rules List to enable debug logging for specific Rules.

.gitignore

@@ -2,3 +2,4 @@
 .idea/
 build/
 gradle/
+reshaperTest.txt

build.gradle

@@ -3,7 +3,7 @@ plugins {
 }
 
 group 'com.synfron.reshaper.burp'
-version '1.8.3'
+version '2.0.0'
 
 targetCompatibility = '15'
 sourceCompatibility = '15'
@@ -14,25 +14,26 @@ repositories {
 
 dependencies {
     testImplementation 'junit:junit:4.13.2'
-    testImplementation 'org.mockito:mockito-core:4.2.0'
     implementation 'org.apache.httpcomponents:httpclient:4.5.13'
     implementation 'org.mozilla:rhino:1.7.14'
     implementation 'cat.inspiracio:rhino-js-engine:1.7.10'
-    implementation 'org.apache.commons:commons-text:1.9'
     implementation 'commons-io:commons-io:2.11.0'
     implementation 'org.apache.commons:commons-lang3:3.12.0'
     implementation 'net.jodah:expiringmap:0.5.10'
-    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2.2'
     implementation 'com.miglayout:miglayout-swing:11.0'
-    implementation 'org.jsoup:jsoup:1.14.3'
     implementation 'com.jayway.jsonpath:json-path:2.7.0'
-    implementation 'net.portswigger.burp.extender:burp-extender-api:2.3'
     implementation 'org.rypt:f8:1.1-RC1'
     implementation 'org.apache.commons:commons-csv:1.9.0'
     implementation 'com.alexandriasoftware.swing:jsplitbutton:1.3.1'
     implementation files('libs/htmlchardet-1.0.2.1.jar')
-    compileOnly 'org.projectlombok:lombok:1.18.22'
-    annotationProcessor 'org.projectlombok:lombok:1.18.22'
+    implementation 'org.jsoup:jsoup:1.15.3'
+    compileOnly 'org.projectlombok:lombok:1.18.24'
+    annotationProcessor 'org.projectlombok:lombok:1.18.24'
+    implementation 'net.portswigger.burp.extensions:montoya-api:0.10.1'
+    implementation 'com.fasterxml.jackson.core:jackson-databind:2.14.0'
+    implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.14.0'
+    testImplementation 'org.mockito:mockito-core:4.8.0'
+    implementation 'org.apache.commons:commons-text:1.10.0'
 }
 
 jar {

docs/Examples.md

@@ -4,15 +4,15 @@
 - [Redirect a request to a different server](#tip2)
 - [Change a value in a returned response](#tip3)
 - [Auto-respond to requests without first sending a request to an external server (response mocking)](#tip4)
-- [Drop a request so it is not sent to an external server (Works on all supported tools: Proxy, Repeater, Intruder, Scanner, Spider, Target, Extender (other extensions))](#tip5)
+- [Drop a request so it is not sent to an external server (Works on all supported tools: Proxy, Repeater, Intruder, Scanner, Target, Extender (other extensions))](#tip5)
 - [Share or backup/restore Global Variables and Rules](#tip6)
 
 <a href="#" id="tip1"></a>
 **Use a value from one HTTP message in a following HTTP message:**
 
 In the example below, we are taking the `Authorization` header from `www.example.org` requests, storing it in a variable, and setting it on `www.example.com` requests.
 
-1. Open the `Rules` tab.
+1. Open the `HTTP Rules` tab.
 2. Create a Rule.
 3. Set the `Rule Name` to `Get www.example.org Authorization`.
 4. Add When -> `Event Direction` (if not already added).
@@ -43,7 +43,7 @@ In the example below, we are taking the `Authorization` header from `www.example
 
 In the example below, we are redirecting from `www.example.org` to `www.example.com` by setting the URL and using a message variable to make sure we keep the page path.
 
-1. Open the `Rules` tab.
+1. Open the `HTTP Rules` tab.
 2. Create or open a Rule.
 3. Set a `Rule Name` and add other Whens and Thens as needed.
 4. Add When -> `Event Direction` (if not already added).
@@ -59,7 +59,7 @@ In the example below, we are redirecting from `www.example.org` to `www.example.
 
 In the example below, we tell the browser to allow any origin by overriding the `Access-Control-Allow-Origin` response header.
 
-1. Open the `Rules` tab.
+1. Open the `HTTP Rules` tab.
 2. Create or open a Rule.
 3. Set a `Rule Name` and add other Whens and Thens as needed.
 4. Add When -> `Event Direction` (if not already added).
@@ -78,7 +78,7 @@ In the example below, we tell the browser to allow any origin by overriding the
 2. Add a new Variable.
 3. Set a `Variable Name`. We will use `mockResponse` for this example.
 4. Paste the full response text (including headers and body) in `Variable Text`.
-4. Open the `Rules` tab.
+4. Open the `HTTP Rules` tab.
 5. Create or open a Rule.
 6. Set a `Rule Name` and add other Whens and Thens as needed.
 7. Add When -> `Event Direction` (if not already added).
@@ -93,11 +93,11 @@ In the example below, we tell the browser to allow any origin by overriding the
 <a href="#" id="tip5"></a>
 **Drop a request so that it is not sent to an external server:**
 
-The example of drop requests below works on all supported tools: Proxy, Repeater, Intruder, Scanner, Spider, Target, Extender (other extensions).
+The example of drop requests below works on all supported tools: Proxy, Repeater, Intruder, Scanner, Target, Extender (other extensions).
 
 1. Open the `Settings` tab.
 2. Ensure the tool is selected under `Capture Traffic From:`
-3. Open the `Rules` tab.
+3. Open the `HTTP Rules` tab.
 4. Create or open a Rule.
 5. Set a `Rule Name` and add other Whens and Thens as needed.
 6. Add When -> `Event Direction` (if not already added).

docs/MessageValues.md

@@ -1,12 +1,18 @@
 # Message Values
 
+Message values are values that are extracted from components of the HTTP message, WebSocket message, or connection details associated with an event that is being processed by Rules.
+
+Note: HTTP message values that are accessible by WebSocket Rule operations refer to components of the originating ws:// or wss:// request that triggered the establishment of the WebSocket connection.
+
 * auto-gen TOC:
   {:toc}
 
 ## Source Address 
 
 Key: SourceAddress
 
+Rule Availability: HTTP
+
 Example: `127.0.0.1`
 
 ## Destination Address 
@@ -15,12 +21,16 @@ Host name without port.
 
 Key: DestinationAddress
 
+Rule Availability: HTTP, WebSocket
+
 Example: `www.example.com`
 
 ## Destination Port 
 
 Key: DestinationPort
 
+Rule Availability: HTTP, WebSocket
+
 Example: `80`
 
 ## Protocol 
@@ -29,16 +39,28 @@ Example: `80`
 
 Key: HttpProtocol
 
+Rule Availability: HTTP, WebSocket
+
 ## URL 
 
 Key: URL
 
+Rule Availability: HTTP, WebSocket
+
 Example: `http://www.example.com/index.html?query=test`
 
+## WebSocket Message
+
+Key: WebSocketMessage
+
+Rule Availability: WebSocket
+
 ## Request Message 
 
 Key: HttpRequestMessage
 
+Rule Availability: HTTP, WebSocket
+
 Example:
 ```
 GET / HTTP/1.1
@@ -57,42 +79,56 @@ Cache-Control: no-cache
 
 Key: HttpRequestStatusLine
 
+Rule Availability: HTTP, WebSocket
+
 Example: `GET /path/to/page/index.html?claim=reset&type=plain HTTP/1.1`
 
 ## Request Method 
 
 Key: HttpRequestMethod
 
+Rule Availability: HTTP, WebSocket
+
 Example: `GET`
 
 ## Request URI 
 
 Key: HttpRequestUri
 
+Rule Availability: HTTP, WebSocket
+
 Example: `/path/to/page/index.html?claim=reset&type=plain`
 
 ## Request URI Path 
 
 Key: HttpRequestUriPath
 
+Rule Availability: HTTP, WebSocket
+
 Example: `/path/to/page/index.html` from `/path/to/page/index.html?claim=reset&type=plain`
 
 ## Request URI Query Parameters 
 
 Key: HttpRequestUriQueryParameters
 
+Rule Availability: HTTP, WebSocket
+
 Example: `claim=reset&type=plain` from `/path/to/page/index.html?claim=reset&type=plain`
 
 ## Request URI Query Parameter 
 
 Key: HttpRequestUriQueryParameter
 
+Rule Availability: HTTP, WebSocket
+
 Example: Returns `plain` using identifier `type` given the request URI `/path/to/page/index.html?claim=reset&type=plain`
 
 ## Request Headers 
 
 Key: HttpRequestHeaders
 
+Rule Availability: HTTP, WebSocket
+
 Example:
 ```
 Host: www.example.com
@@ -111,6 +147,8 @@ Cache-Control: no-cache
 
 Key: HttpRequestHeader
 
+Rule Availability: HTTP, WebSocket
+
 Example: Based request header `Accept-Encoding: gzip, deflate`, this returns `gzip, deflate` using identifier `Accept-Encoding`
 
 Example: `gzip, deflate` at identifier `Accept-Encoding`
@@ -119,16 +157,22 @@ Example: `gzip, deflate` at identifier `Accept-Encoding`
 
 Key: HttpRequestCookie
 
+Rule Availability: HTTP, WebSocket
+
 Example: For cookie header `Cookie: AID=2Zy8`, this returns `2Zy8` using identifier `AID`
 
 ## Request Body 
 
 Key: HttpRequestBody
 
+Rule Availability: HTTP, WebSocket
+
 ## Response Message 
 
 Key: HttpResponseMessage
 
+Rule Availability: HTTP
+
 Example:
 ```
 HTTP/1.1 404 Not Found
@@ -150,23 +194,33 @@ Connection: close
 
 Key: HttpResponseStatusLine
 
+Rule Availability: HTTP
+
 Example: `HTTP/1.1 404 Not Found`
 
 ## Response Status Code 
 
 Key: HttpResponseStatusCode
 
+Rule Availability: HTTP
+
 Example: `404`
 
 ## Response Status Message 
 
 Key: HttpResponseStatusMessage
 
+Rule Availability: HTTP
+
 Example: `Not Found`
 
 ## Response Headers 
 
-Key: HttpResponseHeaders - Example:
+Key: HttpResponseHeaders
+
+Rule Availability: HTTP
+
+Example:
 ```
 HTTP/1.1 404 Not Found
 Accept-Ranges: bytes
@@ -188,14 +242,20 @@ Connection: close
 
 Key: HttpResponseHeader
 
+Rule Availability: HTTP
+
 Example: Based response header `Cache-Control: max-age=604800`, this returns `max-age=604800` using identifier `Cache-Control`
 
 ## Response Cookie 
 
-Key: HttpResponseCookie 
+Key: HttpResponseCookie
+
+Rule Availability: HTTP
 
 Example: For cookie header `Set-Cookie: AID=2Zy8`, this returns `2Zy8` using identifier `AID`
 
 ## Response Body 
 
-Key: HttpResponseBody
+Key: HttpResponseBody
+
+Rule Availability: HTTP