-
Notifications
You must be signed in to change notification settings - Fork 2
/
SuperTags.py
68 lines (53 loc) · 2.7 KB
/
SuperTags.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#! -*- coding:utf-8 -*-
from burp import IBurpExtender
from burp import IHttpListener
from burp import IHttpRequestResponse
from burp import IResponseInfo
import sys
import re
reload(sys)
sys.setdefaultencoding('utf8')
class BurpExtender(IBurpExtender,IHttpListener):
def registerExtenderCallbacks(self,callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self._pattern = r'<[i|b|a|s|f|l|p|m|e|o|d|v].*?>'
self._callbacks.setExtensionName("SuperTags")
print "Load SuperTags plugin success"
print "Created by Hpdoger"
print "Blog: Hpdoger.me"
print "============================================="
print ""
self._callbacks.registerHttpListener(self)
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
if toolFlag == 4 or toolFlag == 8:
if not messageIsRequest:
# 获得请求体
request = messageInfo.getRequest()
analyzedRequest = self._helpers.analyzeRequest(request) # 用来获取请求头一类的对象
analyzedRequest2 = self._helpers.analyzeRequest(messageInfo) # 用来获取url的对象
# reqHeaders = analyzedRequest.getHeaders()
reqParaList = analyzedRequest.getParameters()
reqUrl = analyzedRequest2.getUrl()
Allparams = {}
for para in reqParaList:
if para.getType() != para.PARAM_COOKIE:
Allparams[para.getName()] = para.getValue()
# 获得响应体
response = messageInfo.getResponse() # get response
analyzedResponse = self._helpers.analyzeResponse(response)
body = response[analyzedResponse.getBodyOffset():]
response_body = body.tostring() # get response_body
# print response_body
tags = re.findall(self._pattern,response_body.encode('utf-8'))
# print tags
self.ChecktheSame(Allparams,tags,reqUrl)
def ChecktheSame(self,Allparams,tags,reqUrl):
for param_key in Allparams:
if Allparams[param_key]:
for tag in tags:
if tag.find(Allparams[param_key]) != -1:
print "Found Available tag %s" % (tag)
print "Variable param is \"%s\" and the Vulnerable url is : %s\n" % (param_key,reqUrl)
else:
continue