1 1 #!/usr/bin/env python 2 2 # -*- coding: utf-8 -*- 3 3 4 + from operator import truediv 4 5 import sys 5 6 reload(sys) 6 7 7 - sys.setdefaultencoding('utf8') 8 + if (sys.version_info[0] == 2): 9 + sys.setdefaultencoding('utf8') 10 + 8 11 sys.path.append("..") 9 12 10 - from helpers.http import get_authorization_header_from_message, get_cookie_header_from_message, isStatusCodesReturned, makeMessage, makeRequest, getResponseContentLength , IHttpRequestResponseImplementation 13 + from helpers.http import get_authorization_header_from_message, get_cookie_header_from_message, isStatusCodesReturned, makeMessage, makeRequest, getResponseBody , IHttpRequestResponseImplementation 11 14 from gui.table import LogEntry, UpdateTableEDT 12 15 from javax.swing import SwingUtilities 13 16 from java.net import URL skipped 123 lines 137 140 if not re.search(regex_string, resStr, re.IGNORECASE) is None: 138 141 message_passed_filters = False 139 142 143 + if self.IFList.getModel().getElementAt(i).split(":")[0] == "Header contains": 144 + for header in list(resInfo.getHeaders()): 145 + if self.IFList.getModel().getElementAt(i)[17:] in header: 146 + message_passed_filters = False 147 + 148 + if self.IFList.getModel().getElementAt(i).split(":")[0] == "Header doesn't contain": 149 + for header in list(resInfo.getHeaders()): 150 + if not self.IFList.getModel().getElementAt(i)[17:] in header: 151 + message_passed_filters = False 152 + 140 153 if self.IFList.getModel().getElementAt(i).split(":")[0] == "Only HTTP methods (newline separated)": 141 154 filterMethods = self.IFList.getModel().getElementAt(i)[39:].split("\n") 142 155 filterMethods = [x.lower() for x in filterMethods] skipped 6 lines 149 162 filterMethods = [x.lower() for x in filterMethods] 150 163 reqMethod = str(self._helpers.analyzeRequest(messageInfo).getMethod()) 151 164 if reqMethod.lower() in filterMethods: 165 + message_passed_filters = False 166 + 167 + if self.IFList.getModel().getElementAt(i).split(":")[0] == "Ignore OPTIONS requests": 168 + reqMethod = str(self._helpers.analyzeRequest(messageInfo).getMethod()) 169 + if reqMethod == "OPTIONS": 152 170 message_passed_filters = False 153 171 154 172 return message_passed_filters skipped 46 lines 201 219 andEnforcementCheck = False 202 220 auth_enforced = False 203 221 204 - response = requestResponse.getResponse() 205 222 for filter in filters: 206 223 filter = self._helpers.bytesToString(bytes(filter)) 224 + inverse = "NOT" in filter 225 + filter = filter.replace(" NOT", "") 226 + 207 227 if filter.startswith("Status code equals: "): 208 228 statusCode = filter[20:] 209 - if andEnforcementCheck: 210 - if auth_enforced and not isStatusCodesReturned(self, requestResponse, statusCode): 211 - auth_enforced = False 212 - else: 213 - if not auth_enforced and isStatusCodesReturned(self, requestResponse, statusCode): 214 - auth_enforced = True 229 + filterMatched = inverse ^ isStatusCodesReturned(self, requestResponse, statusCode) 215 230 216 - if filter.startswith("Headers (simple string): "): 217 - if andEnforcementCheck: 218 - if auth_enforced and not filter[25:] in self._helpers.bytesToString(requestResponse.getResponse()[0:analyzedResponse.getBodyOffset()]): 219 - auth_enforced = False 220 - else: 221 - if not auth_enforced and filter[25:] in self._helpers.bytesToString(requestResponse.getResponse()[0:analyzedResponse.getBodyOffset()]): 222 - auth_enforced = True 231 + elif filter.startswith("Headers (simple string): "): 232 + filterMatched = inverse ^ (filter[25:] in self._helpers.bytesToString(requestResponse.getResponse()[0:analyzedResponse.getBodyOffset()])) 223 233 224 - if filter.startswith("Headers (regex): "): 234 + elif filter.startswith("Headers (regex): "): 225 235 regex_string = filter[17:] 226 236 p = re.compile(regex_string, re.IGNORECASE) 227 - if andEnforcementCheck: 228 - if auth_enforced and not p.search(self._helpers.bytesToString(requestResponse.getResponse()[0:analyzedResponse.getBodyOffset()])): 229 - auth_enforced = False 230 - else: 231 - if not auth_enforced and p.search(self._helpers.bytesToString(requestResponse.getResponse()[0:analyzedResponse.getBodyOffset()])): 232 - auth_enforced = True 237 + filterMatched = inverse ^ bool(p.search(self._helpers.bytesToString(requestResponse.getResponse()[0:analyzedResponse.getBodyOffset()]))) 233 238 234 - if filter.startswith("Body (simple string): "): 235 - if andEnforcementCheck: 236 - if auth_enforced and not filter[22:] in self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():]): 237 - auth_enforced = False 238 - else: 239 - if not auth_enforced and filter[22:] in self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():]): 240 - auth_enforced = True 239 + elif filter.startswith("Body (simple string): "): 240 + filterMatched = inverse ^ (filter[22:] in self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():])) 241 241 242 - if filter.startswith("Body (regex): "): 242 + elif filter.startswith("Body (regex): "): 243 243 regex_string = filter[14:] 244 244 p = re.compile(regex_string, re.IGNORECASE) 245 - if andEnforcementCheck: 246 - if auth_enforced and not p.search(self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():])): 247 - auth_enforced = False 248 - else: 249 - if not auth_enforced and p.search(self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():])): 250 - auth_enforced = True 245 + filterMatched = inverse ^ bool(p.search(self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():]))) 251 246 252 - if filter.startswith("Full response (simple string): "): 253 - if andEnforcementCheck: 254 - if auth_enforced and not filter[31:] in self._helpers.bytesToString(requestResponse.getResponse()): 255 - auth_enforced = False 256 - else: 257 - if not auth_enforced and filter[31:] in self._helpers.bytesToString(requestResponse.getResponse()): 258 - auth_enforced = True 247 + elif filter.startswith("Full response (simple string): "): 248 + filterMatched = inverse ^ (filter[31:] in self._helpers.bytesToString(requestResponse.getResponse())) 259 249 260 - if filter.startswith("Full response (regex): "): 250 + elif filter.startswith("Full response (regex): "): 261 251 regex_string = filter[23:] 262 252 p = re.compile(regex_string, re.IGNORECASE) 263 - if andEnforcementCheck: 264 - if auth_enforced and not p.search(self._helpers.bytesToString(requestResponse.getResponse())): 265 - auth_enforced = False 266 - else: 267 - if not auth_enforced and p.search(self._helpers.bytesToString(requestResponse.getResponse())): 268 - auth_enforced = True 253 + filterMatched = inverse ^ bool(p.search(self._helpers.bytesToString(requestResponse.getResponse()))) 269 254 270 - if filter.startswith("Full response length: "): 271 - if andEnforcementCheck: 272 - if auth_enforced and not str(len(response)) == filter[22:].strip(): 273 - auth_enforced = False 274 - else: 275 - if not auth_enforced and str(len(response)) == filter[22:].strip(): 276 - auth_enforced = True 277 - return auth_enforced 255 + elif filter.startswith("Full response length: "): 256 + filterMatched = inverse ^ (str(len(response)) == filter[22:].strip()) 278 257 279 - def checkBypass(self, oldStatusCode, newStatusCode, oldContentLen, 280 - newContentLen, filters, requestResponse, andOrEnforcement): 258 + if andEnforcementCheck: 259 + if auth_enforced and not filterMatched: 260 + auth_enforced = False 261 + else: 262 + if not auth_enforced and filterMatched: 263 + auth_enforced = True 264 + 265 + return auth_enforced 266 + 267 + def checkBypass(self, oldStatusCode, newStatusCode, oldContent, 268 + newContent, filters, requestResponse, andOrEnforcement): 281 269 if oldStatusCode == newStatusCode: 282 270 auth_enforced = 0 283 271 if len(filters) > 0: 284 272 auth_enforced = auth_enforced_via_enforcement_detectors(self, filters, requestResponse, andOrEnforcement) 285 273 if auth_enforced: 286 274 return self.ENFORCED_STR 287 - elif oldContentLen == newContentLen: 275 + elif oldContent == newContent: 288 276 return self.BYPASSSED_STR 289 277 else: 290 278 return self.IS_ENFORCED_STR skipped 1 lines 292 280 return self.ENFORCED_STR 293 281 294 282 def checkAuthorization(self, messageInfo, originalHeaders, checkUnauthorized): 295 - oldResponse = messageInfo.getResponse() 296 283 message = makeMessage(self, messageInfo, True, True) 297 284 requestResponse = makeRequest(self, messageInfo, message) 298 285 newResponse = requestResponse.getResponse() skipped 1 lines 300 287 301 288 oldStatusCode = originalHeaders[0] 302 289 newStatusCode = analyzedResponse.getHeaders()[0] 303 - oldContentLen = getResponseContentLength(self, oldResponse) 304 - newContentLen = getResponseContentLength(self, newResponse) 290 + oldContent = getResponseBody(self, messageInfo) 291 + newContent = getResponseBody(self, requestResponse) 305 292 306 293 # Check unauthorized request 307 294 if checkUnauthorized: skipped 2 lines 310 297 unauthorizedResponse = requestResponseUnauthorized.getResponse() 311 298 analyzedResponseUnauthorized = self._helpers.analyzeResponse(unauthorizedResponse) 312 299 statusCodeUnauthorized = analyzedResponseUnauthorized.getHeaders()[0] 313 - contentLenUnauthorized = getResponseContentLength(self, unauthorizedResponse) 300 + contentUnauthorized = getResponseBody(self, requestResponseUnauthorized) 314 301 315 302 EDFilters = self.EDModel.toArray() 316 303 317 - impression = checkBypass(self, oldStatusCode,newStatusCode,oldContentLen ,newContentLen ,EDFilters,requestResponse,self.AndOrType.getSelectedItem()) 304 + impression = checkBypass(self, oldStatusCode, newStatusCode, oldContent , newContent , EDFilters, requestResponse, self.AndOrType.getSelectedItem()) 318 305 319 306 if checkUnauthorized: 320 307 EDFiltersUnauth = self.EDModelUnauth.toArray() 321 - impressionUnauthorized = checkBypass(self, oldStatusCode,statusCodeUnauthorized,oldContentLen ,contentLenUnauthorized ,EDFiltersUnauth,requestResponseUnauthorized,self.AndOrTypeUnauth.getSelectedItem()) 308 + impressionUnauthorized = checkBypass(self, oldStatusCode, statusCodeUnauthorized, oldContent , contentUnauthorized , EDFiltersUnauth, requestResponseUnauthorized, self.AndOrTypeUnauth.getSelectedItem()) 322 309 323 310 self._lock.acquire() 324 311 skipped 13 lines 338 325 checkAuthorization(self, messageInfo, self._extender._helpers.analyzeResponse(messageInfo.getResponse()).getHeaders(), self._extender.doUnauthorizedRequest.isSelected()) 339 326 340 327 def retestAllRequests(self): 328 + self.logTable.setAutoCreateRowSorter(True) 341 329 for i in range(self.tableModel.getRowCount()): 342 330 logEntry = self._log.get(self.logTable.convertRowIndexToModel(i)) 343 331 handle_message(self, "AUTORIZE", False, logEntry._originalrequestResponse) 332 +