crash.software
Projects
Pull Requests
Issues
Builds
burp-text4shell
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY burp-text4shell Commits 8709219f
🤬
  • ■ ■ ■ ■ ■ ■
    .github/ISSUE_TEMPLATE/bug_report.md
     1 +---
     2 +name: Bug report
     3 +about: Create a report to help us improve
     4 +title: ''
     5 +labels: ''
     6 +assignees: ''
     7 + 
     8 +---
     9 + 
     10 +**Describe the bug**
     11 +A clear and concise description of what the bug is.
     12 + 
     13 +**To Reproduce**
     14 +Steps to reproduce the behavior:
     15 +1. Go to '...'
     16 +2. Click on '....'
     17 +3. Scroll down to '....'
     18 +4. See error
     19 + 
     20 +**Expected behavior**
     21 +A clear and concise description of what you expected to happen.
     22 + 
     23 +**Screenshots**
     24 +If applicable, add screenshots to help explain your problem.
     25 + 
     26 +**Environment (please complete the following information):**
     27 + - OS: [e.g. iOS]
     28 + - Burp version: [e.g. 2.0]
     29 + 
     30 +**Additional context**
     31 +Add any other context about the problem here.
     32 + 
     33 +**Sanity Check**
     34 + 
     35 +- [ ] I'm not trying to blindly scan random hosts without any configuration and wait for free money from their bug bounty programs.
     36 + 
  • ■ ■ ■ ■ ■ ■
    .gitignore
     1 +#Eclipse
     2 +.classpath
     3 +.project
     4 +test-output
     5 +.settings
     6 + 
     7 +#IntelliJ
     8 +*.iml
     9 +*.ipr
     10 +*.iws
     11 +.idea/
     12 + 
     13 +#Gradle
     14 +.gradle
     15 +classes/
     16 + 
     17 + 
     18 +#Build directories
     19 +bin/
     20 +build/
     21 +target/
  • ■ ■ ■ ■ ■ ■
    LICENSE.md
     1 +### GNU GENERAL PUBLIC LICENSE
     2 + 
     3 +Version 3, 29 June 2007
     4 + 
     5 +Copyright (C) 2007 Free Software Foundation, Inc.
     6 +<https://fsf.org/>
     7 + 
     8 +Everyone is permitted to copy and distribute verbatim copies of this
     9 +license document, but changing it is not allowed.
     10 + 
     11 +### Preamble
     12 + 
     13 +The GNU General Public License is a free, copyleft license for
     14 +software and other kinds of works.
     15 + 
     16 +The licenses for most software and other practical works are designed
     17 +to take away your freedom to share and change the works. By contrast,
     18 +the GNU General Public License is intended to guarantee your freedom
     19 +to share and change all versions of a program--to make sure it remains
     20 +free software for all its users. We, the Free Software Foundation, use
     21 +the GNU General Public License for most of our software; it applies
     22 +also to any other work released this way by its authors. You can apply
     23 +it to your programs, too.
     24 + 
     25 +When we speak of free software, we are referring to freedom, not
     26 +price. Our General Public Licenses are designed to make sure that you
     27 +have the freedom to distribute copies of free software (and charge for
     28 +them if you wish), that you receive source code or can get it if you
     29 +want it, that you can change the software or use pieces of it in new
     30 +free programs, and that you know you can do these things.
     31 + 
     32 +To protect your rights, we need to prevent others from denying you
     33 +these rights or asking you to surrender the rights. Therefore, you
     34 +have certain responsibilities if you distribute copies of the
     35 +software, or if you modify it: responsibilities to respect the freedom
     36 +of others.
     37 + 
     38 +For example, if you distribute copies of such a program, whether
     39 +gratis or for a fee, you must pass on to the recipients the same
     40 +freedoms that you received. You must make sure that they, too, receive
     41 +or can get the source code. And you must show them these terms so they
     42 +know their rights.
     43 + 
     44 +Developers that use the GNU GPL protect your rights with two steps:
     45 +(1) assert copyright on the software, and (2) offer you this License
     46 +giving you legal permission to copy, distribute and/or modify it.
     47 + 
     48 +For the developers' and authors' protection, the GPL clearly explains
     49 +that there is no warranty for this free software. For both users' and
     50 +authors' sake, the GPL requires that modified versions be marked as
     51 +changed, so that their problems will not be attributed erroneously to
     52 +authors of previous versions.
     53 + 
     54 +Some devices are designed to deny users access to install or run
     55 +modified versions of the software inside them, although the
     56 +manufacturer can do so. This is fundamentally incompatible with the
     57 +aim of protecting users' freedom to change the software. The
     58 +systematic pattern of such abuse occurs in the area of products for
     59 +individuals to use, which is precisely where it is most unacceptable.
     60 +Therefore, we have designed this version of the GPL to prohibit the
     61 +practice for those products. If such problems arise substantially in
     62 +other domains, we stand ready to extend this provision to those
     63 +domains in future versions of the GPL, as needed to protect the
     64 +freedom of users.
     65 + 
     66 +Finally, every program is threatened constantly by software patents.
     67 +States should not allow patents to restrict development and use of
     68 +software on general-purpose computers, but in those that do, we wish
     69 +to avoid the special danger that patents applied to a free program
     70 +could make it effectively proprietary. To prevent this, the GPL
     71 +assures that patents cannot be used to render the program non-free.
     72 + 
     73 +The precise terms and conditions for copying, distribution and
     74 +modification follow.
     75 + 
     76 +### TERMS AND CONDITIONS
     77 + 
     78 +#### 0. Definitions.
     79 + 
     80 +"This License" refers to version 3 of the GNU General Public License.
     81 + 
     82 +"Copyright" also means copyright-like laws that apply to other kinds
     83 +of works, such as semiconductor masks.
     84 + 
     85 +"The Program" refers to any copyrightable work licensed under this
     86 +License. Each licensee is addressed as "you". "Licensees" and
     87 +"recipients" may be individuals or organizations.
     88 + 
     89 +To "modify" a work means to copy from or adapt all or part of the work
     90 +in a fashion requiring copyright permission, other than the making of
     91 +an exact copy. The resulting work is called a "modified version" of
     92 +the earlier work or a work "based on" the earlier work.
     93 + 
     94 +A "covered work" means either the unmodified Program or a work based
     95 +on the Program.
     96 + 
     97 +To "propagate" a work means to do anything with it that, without
     98 +permission, would make you directly or secondarily liable for
     99 +infringement under applicable copyright law, except executing it on a
     100 +computer or modifying a private copy. Propagation includes copying,
     101 +distribution (with or without modification), making available to the
     102 +public, and in some countries other activities as well.
     103 + 
     104 +To "convey" a work means any kind of propagation that enables other
     105 +parties to make or receive copies. Mere interaction with a user
     106 +through a computer network, with no transfer of a copy, is not
     107 +conveying.
     108 + 
     109 +An interactive user interface displays "Appropriate Legal Notices" to
     110 +the extent that it includes a convenient and prominently visible
     111 +feature that (1) displays an appropriate copyright notice, and (2)
     112 +tells the user that there is no warranty for the work (except to the
     113 +extent that warranties are provided), that licensees may convey the
     114 +work under this License, and how to view a copy of this License. If
     115 +the interface presents a list of user commands or options, such as a
     116 +menu, a prominent item in the list meets this criterion.
     117 + 
     118 +#### 1. Source Code.
     119 + 
     120 +The "source code" for a work means the preferred form of the work for
     121 +making modifications to it. "Object code" means any non-source form of
     122 +a work.
     123 + 
     124 +A "Standard Interface" means an interface that either is an official
     125 +standard defined by a recognized standards body, or, in the case of
     126 +interfaces specified for a particular programming language, one that
     127 +is widely used among developers working in that language.
     128 + 
     129 +The "System Libraries" of an executable work include anything, other
     130 +than the work as a whole, that (a) is included in the normal form of
     131 +packaging a Major Component, but which is not part of that Major
     132 +Component, and (b) serves only to enable use of the work with that
     133 +Major Component, or to implement a Standard Interface for which an
     134 +implementation is available to the public in source code form. A
     135 +"Major Component", in this context, means a major essential component
     136 +(kernel, window system, and so on) of the specific operating system
     137 +(if any) on which the executable work runs, or a compiler used to
     138 +produce the work, or an object code interpreter used to run it.
     139 + 
     140 +The "Corresponding Source" for a work in object code form means all
     141 +the source code needed to generate, install, and (for an executable
     142 +work) run the object code and to modify the work, including scripts to
     143 +control those activities. However, it does not include the work's
     144 +System Libraries, or general-purpose tools or generally available free
     145 +programs which are used unmodified in performing those activities but
     146 +which are not part of the work. For example, Corresponding Source
     147 +includes interface definition files associated with source files for
     148 +the work, and the source code for shared libraries and dynamically
     149 +linked subprograms that the work is specifically designed to require,
     150 +such as by intimate data communication or control flow between those
     151 +subprograms and other parts of the work.
     152 + 
     153 +The Corresponding Source need not include anything that users can
     154 +regenerate automatically from other parts of the Corresponding Source.
     155 + 
     156 +The Corresponding Source for a work in source code form is that same
     157 +work.
     158 + 
     159 +#### 2. Basic Permissions.
     160 + 
     161 +All rights granted under this License are granted for the term of
     162 +copyright on the Program, and are irrevocable provided the stated
     163 +conditions are met. This License explicitly affirms your unlimited
     164 +permission to run the unmodified Program. The output from running a
     165 +covered work is covered by this License only if the output, given its
     166 +content, constitutes a covered work. This License acknowledges your
     167 +rights of fair use or other equivalent, as provided by copyright law.
     168 + 
     169 +You may make, run and propagate covered works that you do not convey,
     170 +without conditions so long as your license otherwise remains in force.
     171 +You may convey covered works to others for the sole purpose of having
     172 +them make modifications exclusively for you, or provide you with
     173 +facilities for running those works, provided that you comply with the
     174 +terms of this License in conveying all material for which you do not
     175 +control copyright. Those thus making or running the covered works for
     176 +you must do so exclusively on your behalf, under your direction and
     177 +control, on terms that prohibit them from making any copies of your
     178 +copyrighted material outside their relationship with you.
     179 + 
     180 +Conveying under any other circumstances is permitted solely under the
     181 +conditions stated below. Sublicensing is not allowed; section 10 makes
     182 +it unnecessary.
     183 + 
     184 +#### 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
     185 + 
     186 +No covered work shall be deemed part of an effective technological
     187 +measure under any applicable law fulfilling obligations under article
     188 +11 of the WIPO copyright treaty adopted on 20 December 1996, or
     189 +similar laws prohibiting or restricting circumvention of such
     190 +measures.
     191 + 
     192 +When you convey a covered work, you waive any legal power to forbid
     193 +circumvention of technological measures to the extent such
     194 +circumvention is effected by exercising rights under this License with
     195 +respect to the covered work, and you disclaim any intention to limit
     196 +operation or modification of the work as a means of enforcing, against
     197 +the work's users, your or third parties' legal rights to forbid
     198 +circumvention of technological measures.
     199 + 
     200 +#### 4. Conveying Verbatim Copies.
     201 + 
     202 +You may convey verbatim copies of the Program's source code as you
     203 +receive it, in any medium, provided that you conspicuously and
     204 +appropriately publish on each copy an appropriate copyright notice;
     205 +keep intact all notices stating that this License and any
     206 +non-permissive terms added in accord with section 7 apply to the code;
     207 +keep intact all notices of the absence of any warranty; and give all
     208 +recipients a copy of this License along with the Program.
     209 + 
     210 +You may charge any price or no price for each copy that you convey,
     211 +and you may offer support or warranty protection for a fee.
     212 + 
     213 +#### 5. Conveying Modified Source Versions.
     214 + 
     215 +You may convey a work based on the Program, or the modifications to
     216 +produce it from the Program, in the form of source code under the
     217 +terms of section 4, provided that you also meet all of these
     218 +conditions:
     219 + 
     220 +- a) The work must carry prominent notices stating that you modified
     221 + it, and giving a relevant date.
     222 +- b) The work must carry prominent notices stating that it is
     223 + released under this License and any conditions added under
     224 + section 7. This requirement modifies the requirement in section 4
     225 + to "keep intact all notices".
     226 +- c) You must license the entire work, as a whole, under this
     227 + License to anyone who comes into possession of a copy. This
     228 + License will therefore apply, along with any applicable section 7
     229 + additional terms, to the whole of the work, and all its parts,
     230 + regardless of how they are packaged. This License gives no
     231 + permission to license the work in any other way, but it does not
     232 + invalidate such permission if you have separately received it.
     233 +- d) If the work has interactive user interfaces, each must display
     234 + Appropriate Legal Notices; however, if the Program has interactive
     235 + interfaces that do not display Appropriate Legal Notices, your
     236 + work need not make them do so.
     237 + 
     238 +A compilation of a covered work with other separate and independent
     239 +works, which are not by their nature extensions of the covered work,
     240 +and which are not combined with it such as to form a larger program,
     241 +in or on a volume of a storage or distribution medium, is called an
     242 +"aggregate" if the compilation and its resulting copyright are not
     243 +used to limit the access or legal rights of the compilation's users
     244 +beyond what the individual works permit. Inclusion of a covered work
     245 +in an aggregate does not cause this License to apply to the other
     246 +parts of the aggregate.
     247 + 
     248 +#### 6. Conveying Non-Source Forms.
     249 + 
     250 +You may convey a covered work in object code form under the terms of
     251 +sections 4 and 5, provided that you also convey the machine-readable
     252 +Corresponding Source under the terms of this License, in one of these
     253 +ways:
     254 + 
     255 +- a) Convey the object code in, or embodied in, a physical product
     256 + (including a physical distribution medium), accompanied by the
     257 + Corresponding Source fixed on a durable physical medium
     258 + customarily used for software interchange.
     259 +- b) Convey the object code in, or embodied in, a physical product
     260 + (including a physical distribution medium), accompanied by a
     261 + written offer, valid for at least three years and valid for as
     262 + long as you offer spare parts or customer support for that product
     263 + model, to give anyone who possesses the object code either (1) a
     264 + copy of the Corresponding Source for all the software in the
     265 + product that is covered by this License, on a durable physical
     266 + medium customarily used for software interchange, for a price no
     267 + more than your reasonable cost of physically performing this
     268 + conveying of source, or (2) access to copy the Corresponding
     269 + Source from a network server at no charge.
     270 +- c) Convey individual copies of the object code with a copy of the
     271 + written offer to provide the Corresponding Source. This
     272 + alternative is allowed only occasionally and noncommercially, and
     273 + only if you received the object code with such an offer, in accord
     274 + with subsection 6b.
     275 +- d) Convey the object code by offering access from a designated
     276 + place (gratis or for a charge), and offer equivalent access to the
     277 + Corresponding Source in the same way through the same place at no
     278 + further charge. You need not require recipients to copy the
     279 + Corresponding Source along with the object code. If the place to
     280 + copy the object code is a network server, the Corresponding Source
     281 + may be on a different server (operated by you or a third party)
     282 + that supports equivalent copying facilities, provided you maintain
     283 + clear directions next to the object code saying where to find the
     284 + Corresponding Source. Regardless of what server hosts the
     285 + Corresponding Source, you remain obligated to ensure that it is
     286 + available for as long as needed to satisfy these requirements.
     287 +- e) Convey the object code using peer-to-peer transmission,
     288 + provided you inform other peers where the object code and
     289 + Corresponding Source of the work are being offered to the general
     290 + public at no charge under subsection 6d.
     291 + 
     292 +A separable portion of the object code, whose source code is excluded
     293 +from the Corresponding Source as a System Library, need not be
     294 +included in conveying the object code work.
     295 + 
     296 +A "User Product" is either (1) a "consumer product", which means any
     297 +tangible personal property which is normally used for personal,
     298 +family, or household purposes, or (2) anything designed or sold for
     299 +incorporation into a dwelling. In determining whether a product is a
     300 +consumer product, doubtful cases shall be resolved in favor of
     301 +coverage. For a particular product received by a particular user,
     302 +"normally used" refers to a typical or common use of that class of
     303 +product, regardless of the status of the particular user or of the way
     304 +in which the particular user actually uses, or expects or is expected
     305 +to use, the product. A product is a consumer product regardless of
     306 +whether the product has substantial commercial, industrial or
     307 +non-consumer uses, unless such uses represent the only significant
     308 +mode of use of the product.
     309 + 
     310 +"Installation Information" for a User Product means any methods,
     311 +procedures, authorization keys, or other information required to
     312 +install and execute modified versions of a covered work in that User
     313 +Product from a modified version of its Corresponding Source. The
     314 +information must suffice to ensure that the continued functioning of
     315 +the modified object code is in no case prevented or interfered with
     316 +solely because modification has been made.
     317 + 
     318 +If you convey an object code work under this section in, or with, or
     319 +specifically for use in, a User Product, and the conveying occurs as
     320 +part of a transaction in which the right of possession and use of the
     321 +User Product is transferred to the recipient in perpetuity or for a
     322 +fixed term (regardless of how the transaction is characterized), the
     323 +Corresponding Source conveyed under this section must be accompanied
     324 +by the Installation Information. But this requirement does not apply
     325 +if neither you nor any third party retains the ability to install
     326 +modified object code on the User Product (for example, the work has
     327 +been installed in ROM).
     328 + 
     329 +The requirement to provide Installation Information does not include a
     330 +requirement to continue to provide support service, warranty, or
     331 +updates for a work that has been modified or installed by the
     332 +recipient, or for the User Product in which it has been modified or
     333 +installed. Access to a network may be denied when the modification
     334 +itself materially and adversely affects the operation of the network
     335 +or violates the rules and protocols for communication across the
     336 +network.
     337 + 
     338 +Corresponding Source conveyed, and Installation Information provided,
     339 +in accord with this section must be in a format that is publicly
     340 +documented (and with an implementation available to the public in
     341 +source code form), and must require no special password or key for
     342 +unpacking, reading or copying.
     343 + 
     344 +#### 7. Additional Terms.
     345 + 
     346 +"Additional permissions" are terms that supplement the terms of this
     347 +License by making exceptions from one or more of its conditions.
     348 +Additional permissions that are applicable to the entire Program shall
     349 +be treated as though they were included in this License, to the extent
     350 +that they are valid under applicable law. If additional permissions
     351 +apply only to part of the Program, that part may be used separately
     352 +under those permissions, but the entire Program remains governed by
     353 +this License without regard to the additional permissions.
     354 + 
     355 +When you convey a copy of a covered work, you may at your option
     356 +remove any additional permissions from that copy, or from any part of
     357 +it. (Additional permissions may be written to require their own
     358 +removal in certain cases when you modify the work.) You may place
     359 +additional permissions on material, added by you to a covered work,
     360 +for which you have or can give appropriate copyright permission.
     361 + 
     362 +Notwithstanding any other provision of this License, for material you
     363 +add to a covered work, you may (if authorized by the copyright holders
     364 +of that material) supplement the terms of this License with terms:
     365 + 
     366 +- a) Disclaiming warranty or limiting liability differently from the
     367 + terms of sections 15 and 16 of this License; or
     368 +- b) Requiring preservation of specified reasonable legal notices or
     369 + author attributions in that material or in the Appropriate Legal
     370 + Notices displayed by works containing it; or
     371 +- c) Prohibiting misrepresentation of the origin of that material,
     372 + or requiring that modified versions of such material be marked in
     373 + reasonable ways as different from the original version; or
     374 +- d) Limiting the use for publicity purposes of names of licensors
     375 + or authors of the material; or
     376 +- e) Declining to grant rights under trademark law for use of some
     377 + trade names, trademarks, or service marks; or
     378 +- f) Requiring indemnification of licensors and authors of that
     379 + material by anyone who conveys the material (or modified versions
     380 + of it) with contractual assumptions of liability to the recipient,
     381 + for any liability that these contractual assumptions directly
     382 + impose on those licensors and authors.
     383 + 
     384 +All other non-permissive additional terms are considered "further
     385 +restrictions" within the meaning of section 10. If the Program as you
     386 +received it, or any part of it, contains a notice stating that it is
     387 +governed by this License along with a term that is a further
     388 +restriction, you may remove that term. If a license document contains
     389 +a further restriction but permits relicensing or conveying under this
     390 +License, you may add to a covered work material governed by the terms
     391 +of that license document, provided that the further restriction does
     392 +not survive such relicensing or conveying.
     393 + 
     394 +If you add terms to a covered work in accord with this section, you
     395 +must place, in the relevant source files, a statement of the
     396 +additional terms that apply to those files, or a notice indicating
     397 +where to find the applicable terms.
     398 + 
     399 +Additional terms, permissive or non-permissive, may be stated in the
     400 +form of a separately written license, or stated as exceptions; the
     401 +above requirements apply either way.
     402 + 
     403 +#### 8. Termination.
     404 + 
     405 +You may not propagate or modify a covered work except as expressly
     406 +provided under this License. Any attempt otherwise to propagate or
     407 +modify it is void, and will automatically terminate your rights under
     408 +this License (including any patent licenses granted under the third
     409 +paragraph of section 11).
     410 + 
     411 +However, if you cease all violation of this License, then your license
     412 +from a particular copyright holder is reinstated (a) provisionally,
     413 +unless and until the copyright holder explicitly and finally
     414 +terminates your license, and (b) permanently, if the copyright holder
     415 +fails to notify you of the violation by some reasonable means prior to
     416 +60 days after the cessation.
     417 + 
     418 +Moreover, your license from a particular copyright holder is
     419 +reinstated permanently if the copyright holder notifies you of the
     420 +violation by some reasonable means, this is the first time you have
     421 +received notice of violation of this License (for any work) from that
     422 +copyright holder, and you cure the violation prior to 30 days after
     423 +your receipt of the notice.
     424 + 
     425 +Termination of your rights under this section does not terminate the
     426 +licenses of parties who have received copies or rights from you under
     427 +this License. If your rights have been terminated and not permanently
     428 +reinstated, you do not qualify to receive new licenses for the same
     429 +material under section 10.
     430 + 
     431 +#### 9. Acceptance Not Required for Having Copies.
     432 + 
     433 +You are not required to accept this License in order to receive or run
     434 +a copy of the Program. Ancillary propagation of a covered work
     435 +occurring solely as a consequence of using peer-to-peer transmission
     436 +to receive a copy likewise does not require acceptance. However,
     437 +nothing other than this License grants you permission to propagate or
     438 +modify any covered work. These actions infringe copyright if you do
     439 +not accept this License. Therefore, by modifying or propagating a
     440 +covered work, you indicate your acceptance of this License to do so.
     441 + 
     442 +#### 10. Automatic Licensing of Downstream Recipients.
     443 + 
     444 +Each time you convey a covered work, the recipient automatically
     445 +receives a license from the original licensors, to run, modify and
     446 +propagate that work, subject to this License. You are not responsible
     447 +for enforcing compliance by third parties with this License.
     448 + 
     449 +An "entity transaction" is a transaction transferring control of an
     450 +organization, or substantially all assets of one, or subdividing an
     451 +organization, or merging organizations. If propagation of a covered
     452 +work results from an entity transaction, each party to that
     453 +transaction who receives a copy of the work also receives whatever
     454 +licenses to the work the party's predecessor in interest had or could
     455 +give under the previous paragraph, plus a right to possession of the
     456 +Corresponding Source of the work from the predecessor in interest, if
     457 +the predecessor has it or can get it with reasonable efforts.
     458 + 
     459 +You may not impose any further restrictions on the exercise of the
     460 +rights granted or affirmed under this License. For example, you may
     461 +not impose a license fee, royalty, or other charge for exercise of
     462 +rights granted under this License, and you may not initiate litigation
     463 +(including a cross-claim or counterclaim in a lawsuit) alleging that
     464 +any patent claim is infringed by making, using, selling, offering for
     465 +sale, or importing the Program or any portion of it.
     466 + 
     467 +#### 11. Patents.
     468 + 
     469 +A "contributor" is a copyright holder who authorizes use under this
     470 +License of the Program or a work on which the Program is based. The
     471 +work thus licensed is called the contributor's "contributor version".
     472 + 
     473 +A contributor's "essential patent claims" are all patent claims owned
     474 +or controlled by the contributor, whether already acquired or
     475 +hereafter acquired, that would be infringed by some manner, permitted
     476 +by this License, of making, using, or selling its contributor version,
     477 +but do not include claims that would be infringed only as a
     478 +consequence of further modification of the contributor version. For
     479 +purposes of this definition, "control" includes the right to grant
     480 +patent sublicenses in a manner consistent with the requirements of
     481 +this License.
     482 + 
     483 +Each contributor grants you a non-exclusive, worldwide, royalty-free
     484 +patent license under the contributor's essential patent claims, to
     485 +make, use, sell, offer for sale, import and otherwise run, modify and
     486 +propagate the contents of its contributor version.
     487 + 
     488 +In the following three paragraphs, a "patent license" is any express
     489 +agreement or commitment, however denominated, not to enforce a patent
     490 +(such as an express permission to practice a patent or covenant not to
     491 +sue for patent infringement). To "grant" such a patent license to a
     492 +party means to make such an agreement or commitment not to enforce a
     493 +patent against the party.
     494 + 
     495 +If you convey a covered work, knowingly relying on a patent license,
     496 +and the Corresponding Source of the work is not available for anyone
     497 +to copy, free of charge and under the terms of this License, through a
     498 +publicly available network server or other readily accessible means,
     499 +then you must either (1) cause the Corresponding Source to be so
     500 +available, or (2) arrange to deprive yourself of the benefit of the
     501 +patent license for this particular work, or (3) arrange, in a manner
     502 +consistent with the requirements of this License, to extend the patent
     503 +license to downstream recipients. "Knowingly relying" means you have
     504 +actual knowledge that, but for the patent license, your conveying the
     505 +covered work in a country, or your recipient's use of the covered work
     506 +in a country, would infringe one or more identifiable patents in that
     507 +country that you have reason to believe are valid.
     508 + 
     509 +If, pursuant to or in connection with a single transaction or
     510 +arrangement, you convey, or propagate by procuring conveyance of, a
     511 +covered work, and grant a patent license to some of the parties
     512 +receiving the covered work authorizing them to use, propagate, modify
     513 +or convey a specific copy of the covered work, then the patent license
     514 +you grant is automatically extended to all recipients of the covered
     515 +work and works based on it.
     516 + 
     517 +A patent license is "discriminatory" if it does not include within the
     518 +scope of its coverage, prohibits the exercise of, or is conditioned on
     519 +the non-exercise of one or more of the rights that are specifically
     520 +granted under this License. You may not convey a covered work if you
     521 +are a party to an arrangement with a third party that is in the
     522 +business of distributing software, under which you make payment to the
     523 +third party based on the extent of your activity of conveying the
     524 +work, and under which the third party grants, to any of the parties
     525 +who would receive the covered work from you, a discriminatory patent
     526 +license (a) in connection with copies of the covered work conveyed by
     527 +you (or copies made from those copies), or (b) primarily for and in
     528 +connection with specific products or compilations that contain the
     529 +covered work, unless you entered into that arrangement, or that patent
     530 +license was granted, prior to 28 March 2007.
     531 + 
     532 +Nothing in this License shall be construed as excluding or limiting
     533 +any implied license or other defenses to infringement that may
     534 +otherwise be available to you under applicable patent law.
     535 + 
     536 +#### 12. No Surrender of Others' Freedom.
     537 + 
     538 +If conditions are imposed on you (whether by court order, agreement or
     539 +otherwise) that contradict the conditions of this License, they do not
     540 +excuse you from the conditions of this License. If you cannot convey a
     541 +covered work so as to satisfy simultaneously your obligations under
     542 +this License and any other pertinent obligations, then as a
     543 +consequence you may not convey it at all. For example, if you agree to
     544 +terms that obligate you to collect a royalty for further conveying
     545 +from those to whom you convey the Program, the only way you could
     546 +satisfy both those terms and this License would be to refrain entirely
     547 +from conveying the Program.
     548 + 
     549 +#### 13. Use with the GNU Affero General Public License.
     550 + 
     551 +Notwithstanding any other provision of this License, you have
     552 +permission to link or combine any covered work with a work licensed
     553 +under version 3 of the GNU Affero General Public License into a single
     554 +combined work, and to convey the resulting work. The terms of this
     555 +License will continue to apply to the part which is the covered work,
     556 +but the special requirements of the GNU Affero General Public License,
     557 +section 13, concerning interaction through a network will apply to the
     558 +combination as such.
     559 + 
     560 +#### 14. Revised Versions of this License.
     561 + 
     562 +The Free Software Foundation may publish revised and/or new versions
     563 +of the GNU General Public License from time to time. Such new versions
     564 +will be similar in spirit to the present version, but may differ in
     565 +detail to address new problems or concerns.
     566 + 
     567 +Each version is given a distinguishing version number. If the Program
     568 +specifies that a certain numbered version of the GNU General Public
     569 +License "or any later version" applies to it, you have the option of
     570 +following the terms and conditions either of that numbered version or
     571 +of any later version published by the Free Software Foundation. If the
     572 +Program does not specify a version number of the GNU General Public
     573 +License, you may choose any version ever published by the Free
     574 +Software Foundation.
     575 + 
     576 +If the Program specifies that a proxy can decide which future versions
     577 +of the GNU General Public License can be used, that proxy's public
     578 +statement of acceptance of a version permanently authorizes you to
     579 +choose that version for the Program.
     580 + 
     581 +Later license versions may give you additional or different
     582 +permissions. However, no additional obligations are imposed on any
     583 +author or copyright holder as a result of your choosing to follow a
     584 +later version.
     585 + 
     586 +#### 15. Disclaimer of Warranty.
     587 + 
     588 +THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
     589 +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
     590 +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT
     591 +WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
     592 +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
     593 +A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
     594 +PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE
     595 +DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
     596 +CORRECTION.
     597 + 
     598 +#### 16. Limitation of Liability.
     599 + 
     600 +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
     601 +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
     602 +CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
     603 +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
     604 +ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
     605 +NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
     606 +LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
     607 +TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
     608 +PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
     609 + 
     610 +#### 17. Interpretation of Sections 15 and 16.
     611 + 
     612 +If the disclaimer of warranty and limitation of liability provided
     613 +above cannot be given local legal effect according to their terms,
     614 +reviewing courts shall apply local law that most closely approximates
     615 +an absolute waiver of all civil liability in connection with the
     616 +Program, unless a warranty or assumption of liability accompanies a
     617 +copy of the Program in return for a fee.
     618 + 
     619 +END OF TERMS AND CONDITIONS
     620 + 
     621 +### How to Apply These Terms to Your New Programs
     622 + 
     623 +If you develop a new program, and you want it to be of the greatest
     624 +possible use to the public, the best way to achieve this is to make it
     625 +free software which everyone can redistribute and change under these
     626 +terms.
     627 + 
     628 +To do so, attach the following notices to the program. It is safest to
     629 +attach them to the start of each source file to most effectively state
     630 +the exclusion of warranty; and each file should have at least the
     631 +"copyright" line and a pointer to where the full notice is found.
     632 + 
     633 + <one line to give the program's name and a brief idea of what it does.>
     634 + Copyright (C) <year> <name of author>
     635 + 
     636 + This program is free software: you can redistribute it and/or modify
     637 + it under the terms of the GNU General Public License as published by
     638 + the Free Software Foundation, either version 3 of the License, or
     639 + (at your option) any later version.
     640 + 
     641 + This program is distributed in the hope that it will be useful,
     642 + but WITHOUT ANY WARRANTY; without even the implied warranty of
     643 + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
     644 + GNU General Public License for more details.
     645 + 
     646 + You should have received a copy of the GNU General Public License
     647 + along with this program. If not, see <https://www.gnu.org/licenses/>.
     648 + 
     649 +Also add information on how to contact you by electronic and paper
     650 +mail.
     651 + 
     652 +If the program does terminal interaction, make it output a short
     653 +notice like this when it starts in an interactive mode:
     654 + 
     655 + <program> Copyright (C) <year> <name of author>
     656 + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
     657 + This is free software, and you are welcome to redistribute it
     658 + under certain conditions; type `show c' for details.
     659 + 
     660 +The hypothetical commands \`show w' and \`show c' should show the
     661 +appropriate parts of the General Public License. Of course, your
     662 +program's commands might be different; for a GUI interface, you would
     663 +use an "about box".
     664 + 
     665 +You should also get your employer (if you work as a programmer) or
     666 +school, if any, to sign a "copyright disclaimer" for the program, if
     667 +necessary. For more information on this, and how to apply and follow
     668 +the GNU GPL, see <https://www.gnu.org/licenses/>.
     669 + 
     670 +The GNU General Public License does not permit incorporating your
     671 +program into proprietary programs. If your program is a subroutine
     672 +library, you may consider it more useful to permit linking proprietary
     673 +applications with the library. If this is what you want to do, use the
     674 +GNU Lesser General Public License instead of this License. But first,
     675 +please read <https://www.gnu.org/licenses/why-not-lgpl.html>.
     676 + 
  • ■ ■ ■ ■ ■ ■
    README.md
     1 +Text4Shell scanner for Burp Suite
     2 +================================
     3 + 
     4 +Note about detection capabilities: this plugin will only supply the built-in
     5 +active scanner with payloads, thus for optimal coverage vs. performance, you'll
     6 +have to configure your scan properly – just as with any other built-in or
     7 +extension-provided scan.
     8 + 
     9 +Single-issue scan
     10 +-----------------
     11 + 
     12 +If you'd like to scan only for CVE-2022-42889 (and not other things such as
     13 +XSS or SQLi), this plugin makes it possible.
     14 + 
     15 +By following the instructions below, the scanner will only
     16 +perform Text4Shell checks on all insertion points if the scan configuration
     17 +created as a result is used.
     18 + 
     19 +1. When creating a new scan, click `Select from library` on the `Scan configuration` tab
     20 +2. Pick `Audit checks - extensions only` which is built into Burp Suite Pro 2.x
     21 +3. Disable every other extension (if applicable) that have an active scan check registered (such as ActiveScan++, Backslash powered scanning, Burp Bounty, etc.) so that only the Text4Shell scanner runs
     22 + 
     23 +Building
     24 +--------
     25 + 
     26 +Execute `./gradlew build` and you'll have the plugin ready in
     27 +`build/libs/burp-text4shell.jar`
     28 + 
     29 +License
     30 +-------
     31 + 
     32 +The whole project is available under the GNU General Public License v3.0,
     33 +see `LICENSE.md`.
     34 + 
  • ■ ■ ■ ■ ■ ■
    build.gradle
     1 +/*
     2 + * This file is part of Piper for Burp Suite (https://github.com/silentsignal/burp-piper)
     3 + * Copyright (c) 2018 Andras Veres-Szentkiralyi
     4 + *
     5 + * This program is free software: you can redistribute it and/or modify
     6 + * it under the terms of the GNU General Public License as published by
     7 + * the Free Software Foundation, version 3 of the License, or
     8 + * (at your option) any later version.
     9 + *
     10 + * This program is distributed in the hope that it will be useful,
     11 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
     12 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
     13 + * GNU General Public License for more details.
     14 + *
     15 + * You should have received a copy of the GNU General Public License
     16 + * along with this program. If not, see <http://www.gnu.org/licenses/>.
     17 + */
     18 + 
     19 +apply plugin: 'java'
     20 +apply plugin: 'kotlin'
     21 +sourceCompatibility = 1.8
     22 +targetCompatibility = 1.8
     23 + 
     24 +buildscript {
     25 + ext.kotlin_version = '1.4.10'
     26 + 
     27 + repositories {
     28 + mavenCentral()
     29 + }
     30 + dependencies {
     31 + classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
     32 + }
     33 +}
     34 + 
     35 + 
     36 +repositories {
     37 + mavenCentral()
     38 +}
     39 + 
     40 +dependencies {
     41 + compile "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
     42 + 
     43 + compile 'net.portswigger.burp.extender:burp-extender-api:1.7.22'
     44 + compile 'com.esotericsoftware:minlog:1.3'
     45 + 
     46 + testCompile "org.testng:testng:6.9.10"
     47 +}
     48 + 
     49 +jar {
     50 + from {
     51 + configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }
     52 + }
     53 +}
     54 + 
  • ■ ■ ■ ■ ■ ■
    gradle/wrapper/gradle-wrapper.properties
     1 +distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.1-bin.zip
     2 +distributionBase=GRADLE_USER_HOME
     3 +distributionPath=wrapper/dists
     4 +zipStorePath=wrapper/dists
     5 +zipStoreBase=GRADLE_USER_HOME
     6 + 
  • ■ ■ ■ ■ ■ ■
    gradlew
     1 +#!/usr/bin/env sh
     2 + 
     3 +##############################################################################
     4 +##
     5 +## Gradle start up script for UN*X
     6 +##
     7 +##############################################################################
     8 + 
     9 +# Attempt to set APP_HOME
     10 +# Resolve links: $0 may be a link
     11 +PRG="$0"
     12 +# Need this for relative symlinks.
     13 +while [ -h "$PRG" ] ; do
     14 + ls=`ls -ld "$PRG"`
     15 + link=`expr "$ls" : '.*-> \(.*\)$'`
     16 + if expr "$link" : '/.*' > /dev/null; then
     17 + PRG="$link"
     18 + else
     19 + PRG=`dirname "$PRG"`"/$link"
     20 + fi
     21 +done
     22 +SAVED="`pwd`"
     23 +cd "`dirname \"$PRG\"`/" >/dev/null
     24 +APP_HOME="`pwd -P`"
     25 +cd "$SAVED" >/dev/null
     26 + 
     27 +APP_NAME="Gradle"
     28 +APP_BASE_NAME=`basename "$0"`
     29 + 
     30 +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
     31 +DEFAULT_JVM_OPTS=""
     32 + 
     33 +# Use the maximum available, or set MAX_FD != -1 to use that value.
     34 +MAX_FD="maximum"
     35 + 
     36 +warn () {
     37 + echo "$*"
     38 +}
     39 + 
     40 +die () {
     41 + echo
     42 + echo "$*"
     43 + echo
     44 + exit 1
     45 +}
     46 + 
     47 +# OS specific support (must be 'true' or 'false').
     48 +cygwin=false
     49 +msys=false
     50 +darwin=false
     51 +nonstop=false
     52 +case "`uname`" in
     53 + CYGWIN* )
     54 + cygwin=true
     55 + ;;
     56 + Darwin* )
     57 + darwin=true
     58 + ;;
     59 + MINGW* )
     60 + msys=true
     61 + ;;
     62 + NONSTOP* )
     63 + nonstop=true
     64 + ;;
     65 +esac
     66 + 
     67 +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
     68 + 
     69 +# Determine the Java command to use to start the JVM.
     70 +if [ -n "$JAVA_HOME" ] ; then
     71 + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
     72 + # IBM's JDK on AIX uses strange locations for the executables
     73 + JAVACMD="$JAVA_HOME/jre/sh/java"
     74 + else
     75 + JAVACMD="$JAVA_HOME/bin/java"
     76 + fi
     77 + if [ ! -x "$JAVACMD" ] ; then
     78 + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
     79 + 
     80 +Please set the JAVA_HOME variable in your environment to match the
     81 +location of your Java installation."
     82 + fi
     83 +else
     84 + JAVACMD="java"
     85 + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
     86 + 
     87 +Please set the JAVA_HOME variable in your environment to match the
     88 +location of your Java installation."
     89 +fi
     90 + 
     91 +# Increase the maximum file descriptors if we can.
     92 +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
     93 + MAX_FD_LIMIT=`ulimit -H -n`
     94 + if [ $? -eq 0 ] ; then
     95 + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
     96 + MAX_FD="$MAX_FD_LIMIT"
     97 + fi
     98 + ulimit -n $MAX_FD
     99 + if [ $? -ne 0 ] ; then
     100 + warn "Could not set maximum file descriptor limit: $MAX_FD"
     101 + fi
     102 + else
     103 + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
     104 + fi
     105 +fi
     106 + 
     107 +# For Darwin, add options to specify how the application appears in the dock
     108 +if $darwin; then
     109 + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
     110 +fi
     111 + 
     112 +# For Cygwin, switch paths to Windows format before running java
     113 +if $cygwin ; then
     114 + APP_HOME=`cygpath --path --mixed "$APP_HOME"`
     115 + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
     116 + JAVACMD=`cygpath --unix "$JAVACMD"`
     117 + 
     118 + # We build the pattern for arguments to be converted via cygpath
     119 + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
     120 + SEP=""
     121 + for dir in $ROOTDIRSRAW ; do
     122 + ROOTDIRS="$ROOTDIRS$SEP$dir"
     123 + SEP="|"
     124 + done
     125 + OURCYGPATTERN="(^($ROOTDIRS))"
     126 + # Add a user-defined pattern to the cygpath arguments
     127 + if [ "$GRADLE_CYGPATTERN" != "" ] ; then
     128 + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
     129 + fi
     130 + # Now convert the arguments - kludge to limit ourselves to /bin/sh
     131 + i=0
     132 + for arg in "$@" ; do
     133 + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
     134 + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
     135 + 
     136 + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
     137 + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
     138 + else
     139 + eval `echo args$i`="\"$arg\""
     140 + fi
     141 + i=$((i+1))
     142 + done
     143 + case $i in
     144 + (0) set -- ;;
     145 + (1) set -- "$args0" ;;
     146 + (2) set -- "$args0" "$args1" ;;
     147 + (3) set -- "$args0" "$args1" "$args2" ;;
     148 + (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
     149 + (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
     150 + (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
     151 + (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
     152 + (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
     153 + (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
     154 + esac
     155 +fi
     156 + 
     157 +# Escape application args
     158 +save () {
     159 + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
     160 + echo " "
     161 +}
     162 +APP_ARGS=$(save "$@")
     163 + 
     164 +# Collect all arguments for the java command, following the shell quoting and substitution rules
     165 +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
     166 + 
     167 +# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
     168 +if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
     169 + cd "$(dirname "$0")"
     170 +fi
     171 + 
     172 +exec "$JAVACMD" "$@"
     173 + 
  • ■ ■ ■ ■ ■ ■
    gradlew.bat
     1 +@if "%DEBUG%" == "" @echo off
     2 +@rem ##########################################################################
     3 +@rem
     4 +@rem Gradle startup script for Windows
     5 +@rem
     6 +@rem ##########################################################################
     7 +
     8 +@rem Set local scope for the variables with windows NT shell
     9 +if "%OS%"=="Windows_NT" setlocal
     10 +
     11 +set DIRNAME=%~dp0
     12 +if "%DIRNAME%" == "" set DIRNAME=.
     13 +set APP_BASE_NAME=%~n0
     14 +set APP_HOME=%DIRNAME%
     15 +
     16 +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
     17 +set DEFAULT_JVM_OPTS=
     18 +
     19 +@rem Find java.exe
     20 +if defined JAVA_HOME goto findJavaFromJavaHome
     21 +
     22 +set JAVA_EXE=java.exe
     23 +%JAVA_EXE% -version >NUL 2>&1
     24 +if "%ERRORLEVEL%" == "0" goto init
     25 +
     26 +echo.
     27 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
     28 +echo.
     29 +echo Please set the JAVA_HOME variable in your environment to match the
     30 +echo location of your Java installation.
     31 +
     32 +goto fail
     33 +
     34 +:findJavaFromJavaHome
     35 +set JAVA_HOME=%JAVA_HOME:"=%
     36 +set JAVA_EXE=%JAVA_HOME%/bin/java.exe
     37 +
     38 +if exist "%JAVA_EXE%" goto init
     39 +
     40 +echo.
     41 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
     42 +echo.
     43 +echo Please set the JAVA_HOME variable in your environment to match the
     44 +echo location of your Java installation.
     45 +
     46 +goto fail
     47 +
     48 +:init
     49 +@rem Get command-line arguments, handling Windows variants
     50 +
     51 +if not "%OS%" == "Windows_NT" goto win9xME_args
     52 +
     53 +:win9xME_args
     54 +@rem Slurp the command line arguments.
     55 +set CMD_LINE_ARGS=
     56 +set _SKIP=2
     57 +
     58 +:win9xME_args_slurp
     59 +if "x%~1" == "x" goto execute
     60 +
     61 +set CMD_LINE_ARGS=%*
     62 +
     63 +:execute
     64 +@rem Setup the command line
     65 +
     66 +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
     67 +
     68 +@rem Execute Gradle
     69 +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
     70 +
     71 +:end
     72 +@rem End local scope for the variables with windows NT shell
     73 +if "%ERRORLEVEL%"=="0" goto mainEnd
     74 +
     75 +:fail
     76 +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
     77 +rem the _cmd.exe /c_ return code!
     78 +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
     79 +exit /b 1
     80 +
     81 +:mainEnd
     82 +if "%OS%"=="Windows_NT" endlocal
     83 +
     84 +:omega
     85 + 
  • screenshot.png
  • ■ ■ ■ ■ ■ ■
    src/main/kotlin/burp/BurpExtender.kt
     1 +/*
     2 + * This file is part of Text4Shell scanner for Burp Suite (https://github.com/silentsignal/burp-piper)
     3 + * Copyright (c) 2022 Andras Veres-Szentkiralyi
     4 + *
     5 + * This program is free software: you can redistribute it and/or modify
     6 + * it under the terms of the GNU General Public License as published by
     7 + * the Free Software Foundation, version 3 of the License, or
     8 + * (at your option) any later version.
     9 + *
     10 + * This program is distributed in the hope that it will be useful,
     11 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
     12 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
     13 + * GNU General Public License for more details.
     14 + *
     15 + * You should have received a copy of the GNU General Public License
     16 + * along with this program. If not, see <http://www.gnu.org/licenses/>.
     17 + */
     18 + 
     19 +package burp
     20 + 
     21 +import java.io.PrintWriter
     22 + 
     23 +import java.net.URL
     24 +import java.util.*
     25 +import java.util.concurrent.ConcurrentHashMap
     26 + 
     27 +const val NAME = "Text4Shell scanner"
     28 +const val QUERY_HOSTNAME = 'h'
     29 +const val QUERY_HOSTUSER = 'u'
     30 + 
     31 +class BurpExtender : IBurpExtender, IScannerCheck, IExtensionStateListener {
     32 + 
     33 + private lateinit var callbacks: IBurpExtenderCallbacks
     34 + private lateinit var helpers: IExtensionHelpers
     35 + private lateinit var collaborator: IBurpCollaboratorClientContext
     36 + 
     37 + private val crontab: ConcurrentHashMap<String, Pair<IHttpRequestResponse, IntArray>> = ConcurrentHashMap()
     38 + private val thread: Thread = object : Thread() {
     39 + override fun run() {
     40 + try {
     41 + while (true) {
     42 + sleep(60 * 1000) // 60 seconds -- poll every minute
     43 + val interactions = collaborator.fetchAllCollaboratorInteractions().groupBy { it.getProperty("interaction_id") }
     44 + for (entry in interactions.entries) {
     45 + val payload = entry.key
     46 + val (hrr, poff) = crontab[payload] ?: continue
     47 + handleInteractions(listOf(Pair(hrr, poff)), entry.value, sync = false).forEach(callbacks::addScanIssue)
     48 + }
     49 + }
     50 + } catch (ex: InterruptedException) {
     51 + return
     52 + }
     53 + }
     54 + }
     55 + 
     56 + override fun registerExtenderCallbacks(callbacks: IBurpExtenderCallbacks) {
     57 + this.callbacks = callbacks
     58 + helpers = callbacks.helpers
     59 + collaborator = callbacks.createBurpCollaboratorClientContext()
     60 + 
     61 + callbacks.setExtensionName(NAME)
     62 + callbacks.registerScannerCheck(this)
     63 + callbacks.registerExtensionStateListener(this)
     64 + 
     65 + PrintWriter(callbacks.stdout, true).use { stdout ->
     66 + stdout.println("$NAME loaded")
     67 + }
     68 + }
     69 + 
     70 + override fun doPassiveScan(baseRequestResponse: IHttpRequestResponse?): MutableList<IScanIssue> =
     71 + Collections.emptyList() // not relevant
     72 + 
     73 + override fun doActiveScan(baseRequestResponse: IHttpRequestResponse?, insertionPoint: IScannerInsertionPoint?): MutableList<IScanIssue> {
     74 + val context = mutableListOf<Pair<IHttpRequestResponse, IntArray>>()
     75 + val collabResults = mutableListOf<IBurpCollaboratorInteraction>()
     76 + val payload = collaborator.generatePayload(false)
     77 + val bytes = "\${dns:address|$payload.${collaborator.collaboratorServerLocation}}".toByteArray()
     78 + val request = insertionPoint!!.buildRequest(bytes)
     79 + val poff = insertionPoint.getPayloadOffsets(bytes)
     80 + val hs = baseRequestResponse!!.httpService
     81 + crontab[payload] = Pair(EarlyHttpRequestResponse(hs, request), poff) // fallback in case of timeout
     82 + val hrr = callbacks.makeHttpRequest(hs, request)
     83 + val contextPair = Pair(hrr, poff)
     84 + context.add(contextPair)
     85 + collabResults.addAll(collaborator.fetchCollaboratorInteractionsFor(payload))
     86 + crontab[payload] = contextPair
     87 + val interactions = handleInteractions(context, collabResults, sync = true)
     88 + synchronized(thread) {
     89 + if (!thread.isAlive) thread.start()
     90 + }
     91 + return interactions
     92 + }
     93 + 
     94 + class EarlyHttpRequestResponse(private val hs: IHttpService, private val sentRequest: ByteArray) : IHttpRequestResponse {
     95 + override fun getComment(): String = ""
     96 + override fun getHighlight(): String = ""
     97 + override fun getHttpService(): IHttpService = hs
     98 + override fun getRequest(): ByteArray? = sentRequest
     99 + override fun getResponse(): ByteArray? = null
     100 + override fun setComment(comment: String?) {}
     101 + override fun setHighlight(color: String?) {}
     102 + override fun setHttpService(httpService: IHttpService?) {}
     103 + override fun setRequest(message: ByteArray?) {}
     104 + override fun setResponse(message: ByteArray?) {}
     105 + }
     106 + 
     107 + private fun handleInteractions(context: List<Pair<IHttpRequestResponse, IntArray>>,
     108 + interactions: List<IBurpCollaboratorInteraction>,
     109 + sync: Boolean): MutableList<IScanIssue> {
     110 + if (interactions.isEmpty()) return Collections.emptyList()
     111 + val hrr = context[0].first
     112 + val iri = helpers.analyzeRequest(hrr)
     113 + val markers = context.map { (hrr, poff) ->
     114 + callbacks.applyMarkers(hrr, Collections.singletonList(poff), Collections.emptyList()) as IHttpRequestResponse
     115 + }.toTypedArray()
     116 + return Collections.singletonList(object : IScanIssue {
     117 + override fun getUrl(): URL = iri.url
     118 + override fun getIssueName(): String = "Text4Shell (CVE-2022-42889) - " + (if (sync) "synchronous" else "asynchronous")
     119 + override fun getIssueType(): Int = 0x08000000
     120 + override fun getSeverity(): String = "High"
     121 + override fun getConfidence(): String = "Tentative"
     122 + override fun getIssueBackground(): String = "See <a href=\"https://securitylab.github.com/advisories/GHSL-2022-018_Apache_Commons_Text/\">CVE-2022-42889</a>"
     123 + override fun getRemediationBackground(): String? = null
     124 + override fun getRemediationDetail(): String = "Version 1.10.0 of Apache Commons Text has been released without the vulnerability."
     125 + override fun getHttpMessages(): Array<IHttpRequestResponse> = markers
     126 + override fun getHttpService(): IHttpService = hrr.httpService
     127 + override fun getIssueDetail(): String {
     128 + val sb = StringBuilder("<p>The application interacted with the Collaborator server <b>")
     129 + if (sync) {
     130 + sb.append("in response to")
     131 + } else {
     132 + sb.append("some time after")
     133 + }
     134 + sb.append("</b> a request with a Text4Shell payload</p><ul>")
     135 + 
     136 + interactions.map(this::formatInteraction).toSortedSet().forEach { sb.append(it) }
     137 + 
     138 + sb.append("</ul><p>This means that the web service (or another node in the network) is affected by this vulnerability.</p>")
     139 + if (!sync) {
     140 + sb.append("<p>Since this interaction occurred <b>some time after the original request</b> (compare " +
     141 + "the <code>Date</code> header of the HTTP response vs. the interactions timestamps above), " +
     142 + "<b>the vulnerable code might be in another process/codebase or a completely different " +
     143 + "host</b> (e.g. batch processing). There might even be multiple instances of " +
     144 + "this vulnerability on different pieces of infrastructure given the nature of the bug.</p>")
     145 + }
     146 + return sb.toString()
     147 + }
     148 + 
     149 + private fun formatInteraction(interaction: IBurpCollaboratorInteraction): String {
     150 + val sb = StringBuilder()
     151 + val type = interaction.getProperty("type")
     152 + sb.append("<li><b>")
     153 + sb.append(type)
     154 + sb.append("</b> at <b>")
     155 + sb.append(interaction.getProperty("time_stamp"))
     156 + sb.append("</b> from <b>")
     157 + sb.append(interaction.getProperty("client_ip"))
     158 + sb.append("</b></li>")
     159 + return sb.toString()
     160 + }
     161 + })
     162 + }
     163 + 
     164 + override fun consolidateDuplicateIssues(existingIssue: IScanIssue?, newIssue: IScanIssue?): Int = 0 // TODO could be better
     165 + 
     166 + override fun extensionUnloaded() {
     167 + synchronized(thread) {
     168 + if (thread.isAlive) {
     169 + thread.interrupt()
     170 + }
     171 + }
     172 + }
     173 +}
     174 + 
Please wait...
Page is in error, reload to recover