| 1 | + | package burp; |
| 2 | + | |
| 3 | + | /* |
| 4 | + | * @(#)IBurpExtenderCallbacks.java |
| 5 | + | * |
| 6 | + | * Copyright PortSwigger Ltd. All rights reserved. |
| 7 | + | * |
| 8 | + | * This code may be used to extend the functionality of Burp Suite Community Edition |
| 9 | + | * and Burp Suite Professional, provided that this usage does not violate the |
| 10 | + | * license terms for those products. |
| 11 | + | */ |
| 12 | + | |
| 13 | + | import java.awt.Component; |
| 14 | + | import java.io.OutputStream; |
| 15 | + | import java.util.List; |
| 16 | + | import java.util.Map; |
| 17 | + | |
| 18 | + | /** |
| 19 | + | * This interface is used by Burp Suite to pass to extensions a set of callback |
| 20 | + | * methods that can be used by extensions to perform various actions within |
| 21 | + | * Burp. |
| 22 | + | * <p> |
| 23 | + | * When an extension is loaded, Burp invokes its |
| 24 | + | * <code>registerExtenderCallbacks()</code> method and passes an instance of the |
| 25 | + | * <code>IBurpExtenderCallbacks</code> interface. The extension may then invoke |
| 26 | + | * the methods of this interface as required in order to extend Burp's |
| 27 | + | * functionality. |
| 28 | + | */ |
| 29 | + | public interface IBurpExtenderCallbacks { |
| 30 | + | |
| 31 | + | /** |
| 32 | + | * Flag used to identify Burp Suite as a whole. |
| 33 | + | */ |
| 34 | + | int TOOL_SUITE = 0x00000001; |
| 35 | + | /** |
| 36 | + | * Flag used to identify the Burp Target tool. |
| 37 | + | */ |
| 38 | + | int TOOL_TARGET = 0x00000002; |
| 39 | + | /** |
| 40 | + | * Flag used to identify the Burp Proxy tool. |
| 41 | + | */ |
| 42 | + | int TOOL_PROXY = 0x00000004; |
| 43 | + | /** |
| 44 | + | * Flag used to identify the Burp Spider tool. |
| 45 | + | */ |
| 46 | + | int TOOL_SPIDER = 0x00000008; |
| 47 | + | /** |
| 48 | + | * Flag used to identify the Burp Scanner tool. |
| 49 | + | */ |
| 50 | + | int TOOL_SCANNER = 0x00000010; |
| 51 | + | /** |
| 52 | + | * Flag used to identify the Burp Intruder tool. |
| 53 | + | */ |
| 54 | + | int TOOL_INTRUDER = 0x00000020; |
| 55 | + | /** |
| 56 | + | * Flag used to identify the Burp Repeater tool. |
| 57 | + | */ |
| 58 | + | int TOOL_REPEATER = 0x00000040; |
| 59 | + | /** |
| 60 | + | * Flag used to identify the Burp Sequencer tool. |
| 61 | + | */ |
| 62 | + | int TOOL_SEQUENCER = 0x00000080; |
| 63 | + | /** |
| 64 | + | * Flag used to identify the Burp Decoder tool. |
| 65 | + | */ |
| 66 | + | int TOOL_DECODER = 0x00000100; |
| 67 | + | /** |
| 68 | + | * Flag used to identify the Burp Comparer tool. |
| 69 | + | */ |
| 70 | + | int TOOL_COMPARER = 0x00000200; |
| 71 | + | /** |
| 72 | + | * Flag used to identify the Burp Extender tool. |
| 73 | + | */ |
| 74 | + | int TOOL_EXTENDER = 0x00000400; |
| 75 | + | |
| 76 | + | /** |
| 77 | + | * This method is used to set the display name for the current extension, |
| 78 | + | * which will be displayed within the user interface for the Extender tool. |
| 79 | + | * |
| 80 | + | * @param name The extension name. |
| 81 | + | */ |
| 82 | + | void setExtensionName(String name); |
| 83 | + | |
| 84 | + | /** |
| 85 | + | * This method is used to obtain an <code>IExtensionHelpers</code> object, |
| 86 | + | * which can be used by the extension to perform numerous useful tasks. |
| 87 | + | * |
| 88 | + | * @return An object containing numerous helper methods, for tasks such as |
| 89 | + | * building and analyzing HTTP requests. |
| 90 | + | */ |
| 91 | + | IExtensionHelpers getHelpers(); |
| 92 | + | |
| 93 | + | /** |
| 94 | + | * This method is used to obtain the current extension's standard output |
| 95 | + | * stream. Extensions should write all output to this stream, allowing the |
| 96 | + | * Burp user to configure how that output is handled from within the UI. |
| 97 | + | * |
| 98 | + | * @return The extension's standard output stream. |
| 99 | + | */ |
| 100 | + | OutputStream getStdout(); |
| 101 | + | |
| 102 | + | /** |
| 103 | + | * This method is used to obtain the current extension's standard error |
| 104 | + | * stream. Extensions should write all error messages to this stream, |
| 105 | + | * allowing the Burp user to configure how that output is handled from |
| 106 | + | * within the UI. |
| 107 | + | * |
| 108 | + | * @return The extension's standard error stream. |
| 109 | + | */ |
| 110 | + | OutputStream getStderr(); |
| 111 | + | |
| 112 | + | /** |
| 113 | + | * This method prints a line of output to the current extension's standard |
| 114 | + | * output stream. |
| 115 | + | * |
| 116 | + | * @param output The message to print. |
| 117 | + | */ |
| 118 | + | void printOutput(String output); |
| 119 | + | |
| 120 | + | /** |
| 121 | + | * This method prints a line of output to the current extension's standard |
| 122 | + | * error stream. |
| 123 | + | * |
| 124 | + | * @param error The message to print. |
| 125 | + | */ |
| 126 | + | void printError(String error); |
| 127 | + | |
| 128 | + | /** |
| 129 | + | * This method is used to register a listener which will be notified of |
| 130 | + | * changes to the extension's state. <b>Note:</b> Any extensions that start |
| 131 | + | * background threads or open system resources (such as files or database |
| 132 | + | * connections) should register a listener and terminate threads / close |
| 133 | + | * resources when the extension is unloaded. |
| 134 | + | * |
| 135 | + | * @param listener An object created by the extension that implements the |
| 136 | + | * <code>IExtensionStateListener</code> interface. |
| 137 | + | */ |
| 138 | + | void registerExtensionStateListener(IExtensionStateListener listener); |
| 139 | + | |
| 140 | + | /** |
| 141 | + | * This method is used to retrieve the extension state listeners that are |
| 142 | + | * registered by the extension. |
| 143 | + | * |
| 144 | + | * @return A list of extension state listeners that are currently registered |
| 145 | + | * by this extension. |
| 146 | + | */ |
| 147 | + | List<IExtensionStateListener> getExtensionStateListeners(); |
| 148 | + | |
| 149 | + | /** |
| 150 | + | * This method is used to remove an extension state listener that has been |
| 151 | + | * registered by the extension. |
| 152 | + | * |
| 153 | + | * @param listener The extension state listener to be removed. |
| 154 | + | */ |
| 155 | + | void removeExtensionStateListener(IExtensionStateListener listener); |
| 156 | + | |
| 157 | + | /** |
| 158 | + | * This method is used to register a listener which will be notified of |
| 159 | + | * requests and responses made by any Burp tool. Extensions can perform |
| 160 | + | * custom analysis or modification of these messages by registering an HTTP |
| 161 | + | * listener. |
| 162 | + | * |
| 163 | + | * @param listener An object created by the extension that implements the |
| 164 | + | * <code>IHttpListener</code> interface. |
| 165 | + | */ |
| 166 | + | void registerHttpListener(IHttpListener listener); |
| 167 | + | |
| 168 | + | /** |
| 169 | + | * This method is used to retrieve the HTTP listeners that are registered by |
| 170 | + | * the extension. |
| 171 | + | * |
| 172 | + | * @return A list of HTTP listeners that are currently registered by this |
| 173 | + | * extension. |
| 174 | + | */ |
| 175 | + | List<IHttpListener> getHttpListeners(); |
| 176 | + | |
| 177 | + | /** |
| 178 | + | * This method is used to remove an HTTP listener that has been registered |
| 179 | + | * by the extension. |
| 180 | + | * |
| 181 | + | * @param listener The HTTP listener to be removed. |
| 182 | + | */ |
| 183 | + | void removeHttpListener(IHttpListener listener); |
| 184 | + | |
| 185 | + | /** |
| 186 | + | * This method is used to register a listener which will be notified of |
| 187 | + | * requests and responses being processed by the Proxy tool. Extensions can |
| 188 | + | * perform custom analysis or modification of these messages, and control |
| 189 | + | * in-UI message interception, by registering a proxy listener. |
| 190 | + | * |
| 191 | + | * @param listener An object created by the extension that implements the |
| 192 | + | * <code>IProxyListener</code> interface. |
| 193 | + | */ |
| 194 | + | void registerProxyListener(IProxyListener listener); |
| 195 | + | |
| 196 | + | /** |
| 197 | + | * This method is used to retrieve the Proxy listeners that are registered |
| 198 | + | * by the extension. |
| 199 | + | * |
| 200 | + | * @return A list of Proxy listeners that are currently registered by this |
| 201 | + | * extension. |
| 202 | + | */ |
| 203 | + | List<IProxyListener> getProxyListeners(); |
| 204 | + | |
| 205 | + | /** |
| 206 | + | * This method is used to remove a Proxy listener that has been registered |
| 207 | + | * by the extension. |
| 208 | + | * |
| 209 | + | * @param listener The Proxy listener to be removed. |
| 210 | + | */ |
| 211 | + | void removeProxyListener(IProxyListener listener); |
| 212 | + | |
| 213 | + | /** |
| 214 | + | * This method is used to register a listener which will be notified of new |
| 215 | + | * issues that are reported by the Scanner tool. Extensions can perform |
| 216 | + | * custom analysis or logging of Scanner issues by registering a Scanner |
| 217 | + | * listener. |
| 218 | + | * |
| 219 | + | * @param listener An object created by the extension that implements the |
| 220 | + | * <code>IScannerListener</code> interface. |
| 221 | + | */ |
| 222 | + | void registerScannerListener(IScannerListener listener); |
| 223 | + | |
| 224 | + | /** |
| 225 | + | * This method is used to retrieve the Scanner listeners that are registered |
| 226 | + | * by the extension. |
| 227 | + | * |
| 228 | + | * @return A list of Scanner listeners that are currently registered by this |
| 229 | + | * extension. |
| 230 | + | */ |
| 231 | + | List<IScannerListener> getScannerListeners(); |
| 232 | + | |
| 233 | + | /** |
| 234 | + | * This method is used to remove a Scanner listener that has been registered |
| 235 | + | * by the extension. |
| 236 | + | * |
| 237 | + | * @param listener The Scanner listener to be removed. |
| 238 | + | */ |
| 239 | + | void removeScannerListener(IScannerListener listener); |
| 240 | + | |
| 241 | + | /** |
| 242 | + | * This method is used to register a listener which will be notified of |
| 243 | + | * changes to Burp's suite-wide target scope. |
| 244 | + | * |
| 245 | + | * @param listener An object created by the extension that implements the |
| 246 | + | * <code>IScopeChangeListener</code> interface. |
| 247 | + | */ |
| 248 | + | void registerScopeChangeListener(IScopeChangeListener listener); |
| 249 | + | |
| 250 | + | /** |
| 251 | + | * This method is used to retrieve the scope change listeners that are |
| 252 | + | * registered by the extension. |
| 253 | + | * |
| 254 | + | * @return A list of scope change listeners that are currently registered by |
| 255 | + | * this extension. |
| 256 | + | */ |
| 257 | + | List<IScopeChangeListener> getScopeChangeListeners(); |
| 258 | + | |
| 259 | + | /** |
| 260 | + | * This method is used to remove a scope change listener that has been |
| 261 | + | * registered by the extension. |
| 262 | + | * |
| 263 | + | * @param listener The scope change listener to be removed. |
| 264 | + | */ |
| 265 | + | void removeScopeChangeListener(IScopeChangeListener listener); |
| 266 | + | |
| 267 | + | /** |
| 268 | + | * This method is used to register a factory for custom context menu items. |
| 269 | + | * When the user invokes a context menu anywhere within Burp, the factory |
| 270 | + | * will be passed details of the invocation event, and asked to provide any |
| 271 | + | * custom context menu items that should be shown. |
| 272 | + | * |
| 273 | + | * @param factory An object created by the extension that implements the |
| 274 | + | * <code>IContextMenuFactory</code> interface. |
| 275 | + | */ |
| 276 | + | void registerContextMenuFactory(IContextMenuFactory factory); |
| 277 | + | |
| 278 | + | /** |
| 279 | + | * This method is used to retrieve the context menu factories that are |
| 280 | + | * registered by the extension. |
| 281 | + | * |
| 282 | + | * @return A list of context menu factories that are currently registered by |
| 283 | + | * this extension. |
| 284 | + | */ |
| 285 | + | List<IContextMenuFactory> getContextMenuFactories(); |
| 286 | + | |
| 287 | + | /** |
| 288 | + | * This method is used to remove a context menu factory that has been |
| 289 | + | * registered by the extension. |
| 290 | + | * |
| 291 | + | * @param factory The context menu factory to be removed. |
| 292 | + | */ |
| 293 | + | void removeContextMenuFactory(IContextMenuFactory factory); |
| 294 | + | |
| 295 | + | /** |
| 296 | + | * This method is used to register a factory for custom message editor tabs. |
| 297 | + | * For each message editor that already exists, or is subsequently created, |
| 298 | + | * within Burp, the factory will be asked to provide a new instance of an |
| 299 | + | * <code>IMessageEditorTab</code> object, which can provide custom rendering |
| 300 | + | * or editing of HTTP messages. |
| 301 | + | * |
| 302 | + | * @param factory An object created by the extension that implements the |
| 303 | + | * <code>IMessageEditorTabFactory</code> interface. |
| 304 | + | */ |
| 305 | + | void registerMessageEditorTabFactory(IMessageEditorTabFactory factory); |
| 306 | + | |
| 307 | + | /** |
| 308 | + | * This method is used to retrieve the message editor tab factories that are |
| 309 | + | * registered by the extension. |
| 310 | + | * |
| 311 | + | * @return A list of message editor tab factories that are currently |
| 312 | + | * registered by this extension. |
| 313 | + | */ |
| 314 | + | List<IMessageEditorTabFactory> getMessageEditorTabFactories(); |
| 315 | + | |
| 316 | + | /** |
| 317 | + | * This method is used to remove a message editor tab factory that has been |
| 318 | + | * registered by the extension. |
| 319 | + | * |
| 320 | + | * @param factory The message editor tab factory to be removed. |
| 321 | + | */ |
| 322 | + | void removeMessageEditorTabFactory(IMessageEditorTabFactory factory); |
| 323 | + | |
| 324 | + | /** |
| 325 | + | * This method is used to register a provider of Scanner insertion points. |
| 326 | + | * For each base request that is actively scanned, Burp will ask the |
| 327 | + | * provider to provide any custom scanner insertion points that are |
| 328 | + | * appropriate for the request. |
| 329 | + | * |
| 330 | + | * @param provider An object created by the extension that implements the |
| 331 | + | * <code>IScannerInsertionPointProvider</code> interface. |
| 332 | + | */ |
| 333 | + | void registerScannerInsertionPointProvider( |
| 334 | + | IScannerInsertionPointProvider provider); |
| 335 | + | |
| 336 | + | /** |
| 337 | + | * This method is used to retrieve the Scanner insertion point providers |
| 338 | + | * that are registered by the extension. |
| 339 | + | * |
| 340 | + | * @return A list of Scanner insertion point providers that are currently |
| 341 | + | * registered by this extension. |
| 342 | + | */ |
| 343 | + | List<IScannerInsertionPointProvider> getScannerInsertionPointProviders(); |
| 344 | + | |
| 345 | + | /** |
| 346 | + | * This method is used to remove a Scanner insertion point provider that has |
| 347 | + | * been registered by the extension. |
| 348 | + | * |
| 349 | + | * @param provider The Scanner insertion point provider to be removed. |
| 350 | + | */ |
| 351 | + | void removeScannerInsertionPointProvider( |
| 352 | + | IScannerInsertionPointProvider provider); |
| 353 | + | |
| 354 | + | /** |
| 355 | + | * This method is used to register a custom Scanner check. When performing |
| 356 | + | * scanning, Burp will ask the check to perform active or passive scanning |
| 357 | + | * on the base request, and report any Scanner issues that are identified. |
| 358 | + | * |
| 359 | + | * @param check An object created by the extension that implements the |
| 360 | + | * <code>IScannerCheck</code> interface. |
| 361 | + | */ |
| 362 | + | void registerScannerCheck(IScannerCheck check); |
| 363 | + | |
| 364 | + | /** |
| 365 | + | * This method is used to retrieve the Scanner checks that are registered by |
| 366 | + | * the extension. |
| 367 | + | * |
| 368 | + | * @return A list of Scanner checks that are currently registered by this |
| 369 | + | * extension. |
| 370 | + | */ |
| 371 | + | List<IScannerCheck> getScannerChecks(); |
| 372 | + | |
| 373 | + | /** |
| 374 | + | * This method is used to remove a Scanner check that has been registered by |
| 375 | + | * the extension. |
| 376 | + | * |
| 377 | + | * @param check The Scanner check to be removed. |
| 378 | + | */ |
| 379 | + | void removeScannerCheck(IScannerCheck check); |
| 380 | + | |
| 381 | + | /** |
| 382 | + | * This method is used to register a factory for Intruder payloads. Each |
| 383 | + | * registered factory will be available within the Intruder UI for the user |
| 384 | + | * to select as the payload source for an attack. When this is selected, the |
| 385 | + | * factory will be asked to provide a new instance of an |
| 386 | + | * <code>IIntruderPayloadGenerator</code> object, which will be used to |
| 387 | + | * generate payloads for the attack. |
| 388 | + | * |
| 389 | + | * @param factory An object created by the extension that implements the |
| 390 | + | * <code>IIntruderPayloadGeneratorFactory</code> interface. |
| 391 | + | */ |
| 392 | + | void registerIntruderPayloadGeneratorFactory( |
| 393 | + | IIntruderPayloadGeneratorFactory factory); |
| 394 | + | |
| 395 | + | /** |
| 396 | + | * This method is used to retrieve the Intruder payload generator factories |
| 397 | + | * that are registered by the extension. |
| 398 | + | * |
| 399 | + | * @return A list of Intruder payload generator factories that are currently |
| 400 | + | * registered by this extension. |
| 401 | + | */ |
| 402 | + | List<IIntruderPayloadGeneratorFactory> |
| 403 | + | getIntruderPayloadGeneratorFactories(); |
| 404 | + | |
| 405 | + | /** |
| 406 | + | * This method is used to remove an Intruder payload generator factory that |
| 407 | + | * has been registered by the extension. |
| 408 | + | * |
| 409 | + | * @param factory The Intruder payload generator factory to be removed. |
| 410 | + | */ |
| 411 | + | void removeIntruderPayloadGeneratorFactory( |
| 412 | + | IIntruderPayloadGeneratorFactory factory); |
| 413 | + | |
| 414 | + | /** |
| 415 | + | * This method is used to register a custom Intruder payload processor. Each |
| 416 | + | * registered processor will be available within the Intruder UI for the |
| 417 | + | * user to select as the action for a payload processing rule. |
| 418 | + | * |
| 419 | + | * @param processor An object created by the extension that implements the |
| 420 | + | * <code>IIntruderPayloadProcessor</code> interface. |
| 421 | + | */ |
| 422 | + | void registerIntruderPayloadProcessor(IIntruderPayloadProcessor processor); |
| 423 | + | |
| 424 | + | /** |
| 425 | + | * This method is used to retrieve the Intruder payload processors that are |
| 426 | + | * registered by the extension. |
| 427 | + | * |
| 428 | + | * @return A list of Intruder payload processors that are currently |
| 429 | + | * registered by this extension. |
| 430 | + | */ |
| 431 | + | List<IIntruderPayloadProcessor> getIntruderPayloadProcessors(); |
| 432 | + | |
| 433 | + | /** |
| 434 | + | * This method is used to remove an Intruder payload processor that has been |
| 435 | + | * registered by the extension. |
| 436 | + | * |
| 437 | + | * @param processor The Intruder payload processor to be removed. |
| 438 | + | */ |
| 439 | + | void removeIntruderPayloadProcessor(IIntruderPayloadProcessor processor); |
| 440 | + | |
| 441 | + | /** |
| 442 | + | * This method is used to register a custom session handling action. Each |
| 443 | + | * registered action will be available within the session handling rule UI |
| 444 | + | * for the user to select as a rule action. Users can choose to invoke an |
| 445 | + | * action directly in its own right, or following execution of a macro. |
| 446 | + | * |
| 447 | + | * @param action An object created by the extension that implements the |
| 448 | + | * <code>ISessionHandlingAction</code> interface. |
| 449 | + | */ |
| 450 | + | void registerSessionHandlingAction(ISessionHandlingAction action); |
| 451 | + | |
| 452 | + | /** |
| 453 | + | * This method is used to retrieve the session handling actions that are |
| 454 | + | * registered by the extension. |
| 455 | + | * |
| 456 | + | * @return A list of session handling actions that are currently registered |
| 457 | + | * by this extension. |
| 458 | + | */ |
| 459 | + | List<ISessionHandlingAction> getSessionHandlingActions(); |
| 460 | + | |
| 461 | + | /** |
| 462 | + | * This method is used to remove a session handling action that has been |
| 463 | + | * registered by the extension. |
| 464 | + | * |
| 465 | + | * @param action The extension session handling action to be removed. |
| 466 | + | */ |
| 467 | + | void removeSessionHandlingAction(ISessionHandlingAction action); |
| 468 | + | |
| 469 | + | /** |
| 470 | + | * This method is used to unload the extension from Burp Suite. |
| 471 | + | */ |
| 472 | + | void unloadExtension(); |
| 473 | + | |
| 474 | + | /** |
| 475 | + | * This method is used to add a custom tab to the main Burp Suite window. |
| 476 | + | * |
| 477 | + | * @param tab An object created by the extension that implements the |
| 478 | + | * <code>ITab</code> interface. |
| 479 | + | */ |
| 480 | + | void addSuiteTab(ITab tab); |
| 481 | + | |
| 482 | + | /** |
| 483 | + | * This method is used to remove a previously-added tab from the main Burp |
| 484 | + | * Suite window. |
| 485 | + | * |
| 486 | + | * @param tab An object created by the extension that implements the |
| 487 | + | * <code>ITab</code> interface. |
| 488 | + | */ |
| 489 | + | void removeSuiteTab(ITab tab); |
| 490 | + | |
| 491 | + | /** |
| 492 | + | * This method is used to customize UI components in line with Burp's UI |
| 493 | + | * style, including font size, colors, table line spacing, etc. The action |
| 494 | + | * is performed recursively on any child components of the passed-in |
| 495 | + | * component. |
| 496 | + | * |
| 497 | + | * @param component The UI component to be customized. |
| 498 | + | */ |
| 499 | + | void customizeUiComponent(Component component); |
| 500 | + | |
| 501 | + | /** |
| 502 | + | * This method is used to create a new instance of Burp's HTTP message |
| 503 | + | * editor, for the extension to use in its own UI. |
| 504 | + | * |
| 505 | + | * @param controller An object created by the extension that implements the |
| 506 | + | * <code>IMessageEditorController</code> interface. This parameter is |
| 507 | + | * optional and may be <code>null</code>. If it is provided, then the |
| 508 | + | * message editor will query the controller when required to obtain details |
| 509 | + | * about the currently displayed message, including the |
| 510 | + | * <code>IHttpService</code> for the message, and the associated request or |
| 511 | + | * response message. If a controller is not provided, then the message |
| 512 | + | * editor will not support context menu actions, such as sending requests to |
| 513 | + | * other Burp tools. |
| 514 | + | * @param editable Indicates whether the editor created should be editable, |
| 515 | + | * or used only for message viewing. |
| 516 | + | * @return An object that implements the <code>IMessageEditor</code> |
| 517 | + | * interface, and which the extension can use in its own UI. |
| 518 | + | */ |
| 519 | + | IMessageEditor createMessageEditor(IMessageEditorController controller, |
| 520 | + | boolean editable); |
| 521 | + | |
| 522 | + | /** |
| 523 | + | * This method returns the command line arguments that were passed to Burp |
| 524 | + | * on startup. |
| 525 | + | * |
| 526 | + | * @return The command line arguments that were passed to Burp on startup. |
| 527 | + | */ |
| 528 | + | String[] getCommandLineArguments(); |
| 529 | + | |
| 530 | + | /** |
| 531 | + | * This method is used to save configuration settings for the extension in a |
| 532 | + | * persistent way that survives reloads of the extension and of Burp Suite. |
| 533 | + | * Saved settings can be retrieved using the method |
| 534 | + | * <code>loadExtensionSetting()</code>. |
| 535 | + | * |
| 536 | + | * @param name The name of the setting. |
| 537 | + | * @param value The value of the setting. If this value is <code>null</code> |
| 538 | + | * then any existing setting with the specified name will be removed. |
| 539 | + | */ |
| 540 | + | void saveExtensionSetting(String name, String value); |
| 541 | + | |
| 542 | + | /** |
| 543 | + | * This method is used to load configuration settings for the extension that |
| 544 | + | * were saved using the method <code>saveExtensionSetting()</code>. |
| 545 | + | * |
| 546 | + | * @param name The name of the setting. |
| 547 | + | * @return The value of the setting, or <code>null</code> if no value is |
| 548 | + | * set. |
| 549 | + | */ |
| 550 | + | String loadExtensionSetting(String name); |
| 551 | + | |
| 552 | + | /** |
| 553 | + | * This method is used to create a new instance of Burp's plain text editor, |
| 554 | + | * for the extension to use in its own UI. |
| 555 | + | * |
| 556 | + | * @return An object that implements the <code>ITextEditor</code> interface, |
| 557 | + | * and which the extension can use in its own UI. |
| 558 | + | */ |
| 559 | + | ITextEditor createTextEditor(); |
| 560 | + | |
| 561 | + | /** |
| 562 | + | * This method can be used to send an HTTP request to the Burp Repeater |
| 563 | + | * tool. The request will be displayed in the user interface, but will not |
| 564 | + | * be issued until the user initiates this action. |
| 565 | + | * |
| 566 | + | * @param host The hostname of the remote HTTP server. |
| 567 | + | * @param port The port of the remote HTTP server. |
| 568 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 569 | + | * @param request The full HTTP request. |
| 570 | + | * @param tabCaption An optional caption which will appear on the Repeater |
| 571 | + | * tab containing the request. If this value is <code>null</code> then a |
| 572 | + | * default tab index will be displayed. |
| 573 | + | */ |
| 574 | + | void sendToRepeater( |
| 575 | + | String host, |
| 576 | + | int port, |
| 577 | + | boolean useHttps, |
| 578 | + | byte[] request, |
| 579 | + | String tabCaption); |
| 580 | + | |
| 581 | + | /** |
| 582 | + | * This method can be used to send an HTTP request to the Burp Intruder |
| 583 | + | * tool. The request will be displayed in the user interface, and markers |
| 584 | + | * for attack payloads will be placed into default locations within the |
| 585 | + | * request. |
| 586 | + | * |
| 587 | + | * @param host The hostname of the remote HTTP server. |
| 588 | + | * @param port The port of the remote HTTP server. |
| 589 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 590 | + | * @param request The full HTTP request. |
| 591 | + | */ |
| 592 | + | void sendToIntruder( |
| 593 | + | String host, |
| 594 | + | int port, |
| 595 | + | boolean useHttps, |
| 596 | + | byte[] request); |
| 597 | + | |
| 598 | + | /** |
| 599 | + | * This method can be used to send an HTTP request to the Burp Intruder |
| 600 | + | * tool. The request will be displayed in the user interface, and markers |
| 601 | + | * for attack payloads will be placed into the specified locations within |
| 602 | + | * the request. |
| 603 | + | * |
| 604 | + | * @param host The hostname of the remote HTTP server. |
| 605 | + | * @param port The port of the remote HTTP server. |
| 606 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 607 | + | * @param request The full HTTP request. |
| 608 | + | * @param payloadPositionOffsets A list of index pairs representing the |
| 609 | + | * payload positions to be used. Each item in the list must be an int[2] |
| 610 | + | * array containing the start and end offsets for the payload position. |
| 611 | + | */ |
| 612 | + | void sendToIntruder( |
| 613 | + | String host, |
| 614 | + | int port, |
| 615 | + | boolean useHttps, |
| 616 | + | byte[] request, |
| 617 | + | List<int[]> payloadPositionOffsets); |
| 618 | + | |
| 619 | + | /** |
| 620 | + | * This method can be used to send data to the Comparer tool. |
| 621 | + | * |
| 622 | + | * @param data The data to be sent to Comparer. |
| 623 | + | */ |
| 624 | + | void sendToComparer(byte[] data); |
| 625 | + | |
| 626 | + | /** |
| 627 | + | * This method can be used to send a seed URL to the Burp Spider tool. If |
| 628 | + | * the URL is not within the current Spider scope, the user will be asked if |
| 629 | + | * they wish to add the URL to the scope. If the Spider is not currently |
| 630 | + | * running, it will be started. The seed URL will be requested, and the |
| 631 | + | * Spider will process the application's response in the normal way. |
| 632 | + | * |
| 633 | + | * @param url The new seed URL to begin spidering from. |
| 634 | + | */ |
| 635 | + | void sendToSpider( |
| 636 | + | java.net.URL url); |
| 637 | + | |
| 638 | + | /** |
| 639 | + | * This method can be used to send an HTTP request to the Burp Scanner tool |
| 640 | + | * to perform an active vulnerability scan. If the request is not within the |
| 641 | + | * current active scanning scope, the user will be asked if they wish to |
| 642 | + | * proceed with the scan. |
| 643 | + | * |
| 644 | + | * @param host The hostname of the remote HTTP server. |
| 645 | + | * @param port The port of the remote HTTP server. |
| 646 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 647 | + | * @param request The full HTTP request. |
| 648 | + | * @return The resulting scan queue item. |
| 649 | + | */ |
| 650 | + | IScanQueueItem doActiveScan( |
| 651 | + | String host, |
| 652 | + | int port, |
| 653 | + | boolean useHttps, |
| 654 | + | byte[] request); |
| 655 | + | |
| 656 | + | /** |
| 657 | + | * This method can be used to send an HTTP request to the Burp Scanner tool |
| 658 | + | * to perform an active vulnerability scan, based on a custom list of |
| 659 | + | * insertion points that are to be scanned. If the request is not within the |
| 660 | + | * current active scanning scope, the user will be asked if they wish to |
| 661 | + | * proceed with the scan. |
| 662 | + | * |
| 663 | + | * @param host The hostname of the remote HTTP server. |
| 664 | + | * @param port The port of the remote HTTP server. |
| 665 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 666 | + | * @param request The full HTTP request. |
| 667 | + | * @param insertionPointOffsets A list of index pairs representing the |
| 668 | + | * positions of the insertion points that should be scanned. Each item in |
| 669 | + | * the list must be an int[2] array containing the start and end offsets for |
| 670 | + | * the insertion point. |
| 671 | + | * @return The resulting scan queue item. |
| 672 | + | */ |
| 673 | + | IScanQueueItem doActiveScan( |
| 674 | + | String host, |
| 675 | + | int port, |
| 676 | + | boolean useHttps, |
| 677 | + | byte[] request, |
| 678 | + | List<int[]> insertionPointOffsets); |
| 679 | + | |
| 680 | + | /** |
| 681 | + | * This method can be used to send an HTTP request to the Burp Scanner tool |
| 682 | + | * to perform a passive vulnerability scan. |
| 683 | + | * |
| 684 | + | * @param host The hostname of the remote HTTP server. |
| 685 | + | * @param port The port of the remote HTTP server. |
| 686 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 687 | + | * @param request The full HTTP request. |
| 688 | + | * @param response The full HTTP response. |
| 689 | + | */ |
| 690 | + | void doPassiveScan( |
| 691 | + | String host, |
| 692 | + | int port, |
| 693 | + | boolean useHttps, |
| 694 | + | byte[] request, |
| 695 | + | byte[] response); |
| 696 | + | |
| 697 | + | /** |
| 698 | + | * This method can be used to issue HTTP requests and retrieve their |
| 699 | + | * responses. |
| 700 | + | * |
| 701 | + | * @param httpService The HTTP service to which the request should be sent. |
| 702 | + | * @param request The full HTTP request. |
| 703 | + | * @return An object that implements the <code>IHttpRequestResponse</code> |
| 704 | + | * interface, and which the extension can query to obtain the details of the |
| 705 | + | * response. |
| 706 | + | */ |
| 707 | + | IHttpRequestResponse makeHttpRequest(IHttpService httpService, |
| 708 | + | byte[] request); |
| 709 | + | |
| 710 | + | /** |
| 711 | + | * This method can be used to issue HTTP requests and retrieve their |
| 712 | + | * responses. |
| 713 | + | * |
| 714 | + | * @param httpService The HTTP service to which the request should be sent. |
| 715 | + | * @param request The full HTTP request. |
| 716 | + | * @param forceHttp1 If true then HTTP/1 will be used. |
| 717 | + | * @return An object that implements the <code>IHttpRequestResponse</code> |
| 718 | + | * interface, and which the extension can query to obtain the details of the |
| 719 | + | * response. |
| 720 | + | */ |
| 721 | + | IHttpRequestResponse makeHttpRequest(IHttpService httpService, |
| 722 | + | byte[] request, |
| 723 | + | boolean forceHttp1); |
| 724 | + | |
| 725 | + | |
| 726 | + | /** |
| 727 | + | * This method can be used to issue HTTP requests and retrieve their |
| 728 | + | * responses. |
| 729 | + | * |
| 730 | + | * @param host The hostname of the remote HTTP server. |
| 731 | + | * @param port The port of the remote HTTP server. |
| 732 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 733 | + | * @param request The full HTTP request. |
| 734 | + | * @return The full response retrieved from the remote server. |
| 735 | + | */ |
| 736 | + | byte[] makeHttpRequest( |
| 737 | + | String host, |
| 738 | + | int port, |
| 739 | + | boolean useHttps, |
| 740 | + | byte[] request); |
| 741 | + | |
| 742 | + | /** |
| 743 | + | * This method can be used to issue HTTP requests and retrieve their |
| 744 | + | * responses. |
| 745 | + | * |
| 746 | + | * @param host The hostname of the remote HTTP server. |
| 747 | + | * @param port The port of the remote HTTP server. |
| 748 | + | * @param useHttps Flags whether the protocol is HTTPS or HTTP. |
| 749 | + | * @param request The full HTTP request. |
| 750 | + | * @param forceHttp1 If true then HTTP/1 will be used. |
| 751 | + | * @return The full response retrieved from the remote server. |
| 752 | + | */ |
| 753 | + | byte[] makeHttpRequest( |
| 754 | + | String host, |
| 755 | + | int port, |
| 756 | + | boolean useHttps, |
| 757 | + | byte[] request, |
| 758 | + | boolean forceHttp1); |
| 759 | + | |
| 760 | + | /** |
| 761 | + | * This method can be used to issue HTTP/2 requests and retrieve their |
| 762 | + | * responses. |
| 763 | + | * |
| 764 | + | * @param httpService The HTTP service to which the request should be sent. |
| 765 | + | * @param headers The headers of the request. |
| 766 | + | * @param body The body of the request. |
| 767 | + | * @return The full response retrieved from the remote server. |
| 768 | + | */ |
| 769 | + | byte[] makeHttp2Request( |
| 770 | + | IHttpService httpService, |
| 771 | + | List<IHttpHeader> headers, |
| 772 | + | byte[] body); |
| 773 | + | |
| 774 | + | /** |
| 775 | + | * This method can be used to issue HTTP/2 requests and retrieve their |
| 776 | + | * responses. You can use this to force the network stack to send this |
| 777 | + | * request using HTTP/2. |
| 778 | + | * |
| 779 | + | * @param httpService The HTTP service to which the request should be sent. |
| 780 | + | * @param headers The headers of the request. |
| 781 | + | * @param body The body of the request. |
| 782 | + | * @param forceHttp2 Whether or not to force HTTP/2 for this request. |
| 783 | + | * @return The full response retrieved from the remote server. |
| 784 | + | */ |
| 785 | + | byte[] makeHttp2Request( |
| 786 | + | IHttpService httpService, |
| 787 | + | List<IHttpHeader> headers, |
| 788 | + | byte[] body, |
| 789 | + | boolean forceHttp2); |
| 790 | + | |
| 791 | + | /** |
| 792 | + | * This method can be used to query whether a specified URL is within the |
| 793 | + | * current Suite-wide scope. |
| 794 | + | * |
| 795 | + | * @param url The URL to query. |
| 796 | + | * @return Returns <code>true</code> if the URL is within the current |
| 797 | + | * Suite-wide scope. |
| 798 | + | */ |
| 799 | + | boolean isInScope(java.net.URL url); |
| 800 | + | |
| 801 | + | /** |
| 802 | + | * This method can be used to include the specified URL in the Suite-wide |
| 803 | + | * scope. |
| 804 | + | * |
| 805 | + | * @param url The URL to include in the Suite-wide scope. |
| 806 | + | */ |
| 807 | + | void includeInScope(java.net.URL url); |
| 808 | + | |
| 809 | + | /** |
| 810 | + | * This method can be used to exclude the specified URL from the Suite-wide |
| 811 | + | * scope. |
| 812 | + | * |
| 813 | + | * @param url The URL to exclude from the Suite-wide scope. |
| 814 | + | */ |
| 815 | + | void excludeFromScope(java.net.URL url); |
| 816 | + | |
| 817 | + | /** |
| 818 | + | * This method can be used to display a specified message in the Burp Suite |
| 819 | + | * alerts tab. |
| 820 | + | * |
| 821 | + | * @param message The alert message to display. |
| 822 | + | */ |
| 823 | + | void issueAlert(String message); |
| 824 | + | |
| 825 | + | /** |
| 826 | + | * This method returns details of all items in the Proxy history. |
| 827 | + | * |
| 828 | + | * @return The contents of the Proxy history. |
| 829 | + | */ |
| 830 | + | IHttpRequestResponse[] getProxyHistory(); |
| 831 | + | |
| 832 | + | /** |
| 833 | + | * This method returns details of items in the site map. |
| 834 | + | * |
| 835 | + | * @param urlPrefix This parameter can be used to specify a URL prefix, in |
| 836 | + | * order to extract a specific subset of the site map. The method performs a |
| 837 | + | * simple case-sensitive text match, returning all site map items whose URL |
| 838 | + | * begins with the specified prefix. If this parameter is null, the entire |
| 839 | + | * site map is returned. |
| 840 | + | * @return Details of items in the site map. |
| 841 | + | */ |
| 842 | + | IHttpRequestResponse[] getSiteMap(String urlPrefix); |
| 843 | + | |
| 844 | + | /** |
| 845 | + | * This method returns all of the current scan issues for URLs matching the |
| 846 | + | * specified literal prefix. |
| 847 | + | * |
| 848 | + | * @param urlPrefix This parameter can be used to specify a URL prefix, in |
| 849 | + | * order to extract a specific subset of scan issues. The method performs a |
| 850 | + | * simple case-sensitive text match, returning all scan issues whose URL |
| 851 | + | * begins with the specified prefix. If this parameter is null, all issues |
| 852 | + | * are returned. |
| 853 | + | * @return Details of the scan issues. |
| 854 | + | */ |
| 855 | + | IScanIssue[] getScanIssues(String urlPrefix); |
| 856 | + | |
| 857 | + | /** |
| 858 | + | * This method is used to generate a report for the specified Scanner |
| 859 | + | * issues. The report format can be specified. For all other reporting |
| 860 | + | * options, the default settings that appear in the reporting UI wizard are |
| 861 | + | * used. |
| 862 | + | * |
| 863 | + | * @param format The format to be used in the report. Accepted values are |
| 864 | + | * HTML and XML. |
| 865 | + | * @param issues The Scanner issues to be reported. |
| 866 | + | * @param file The file to which the report will be saved. |
| 867 | + | */ |
| 868 | + | void generateScanReport(String format, IScanIssue[] issues, |
| 869 | + | java.io.File file); |
| 870 | + | |
| 871 | + | /** |
| 872 | + | * This method is used to retrieve the contents of Burp's session handling |
| 873 | + | * cookie jar. Extensions that provide an |
| 874 | + | * <code>ISessionHandlingAction</code> can query and update the cookie jar |
| 875 | + | * in order to handle unusual session handling mechanisms. |
| 876 | + | * |
| 877 | + | * @return A list of <code>ICookie</code> objects representing the contents |
| 878 | + | * of Burp's session handling cookie jar. |
| 879 | + | */ |
| 880 | + | List<ICookie> getCookieJarContents(); |
| 881 | + | |
| 882 | + | /** |
| 883 | + | * This method is used to update the contents of Burp's session handling |
| 884 | + | * cookie jar. Extensions that provide an |
| 885 | + | * <code>ISessionHandlingAction</code> can query and update the cookie jar |
| 886 | + | * in order to handle unusual session handling mechanisms. |
| 887 | + | * |
| 888 | + | * @param cookie An <code>ICookie</code> object containing details of the |
| 889 | + | * cookie to be updated. If the cookie jar already contains a cookie that |
| 890 | + | * matches the specified domain and name, then that cookie will be updated |
| 891 | + | * with the new value and expiration, unless the new value is |
| 892 | + | * <code>null</code>, in which case the cookie will be removed. If the |
| 893 | + | * cookie jar does not already contain a cookie that matches the specified |
| 894 | + | * domain and name, then the cookie will be added. |
| 895 | + | */ |
| 896 | + | void updateCookieJar(ICookie cookie); |
| 897 | + | |
| 898 | + | /** |
| 899 | + | * This method can be used to add an item to Burp's site map with the |
| 900 | + | * specified request/response details. This will overwrite the details of |
| 901 | + | * any existing matching item in the site map. |
| 902 | + | * |
| 903 | + | * @param item Details of the item to be added to the site map |
| 904 | + | */ |
| 905 | + | void addToSiteMap(IHttpRequestResponse item); |
| 906 | + | |
| 907 | + | /** |
| 908 | + | * This method can be used to restore Burp's state from a specified saved |
| 909 | + | * state file. This method blocks until the restore operation is completed, |
| 910 | + | * and must not be called from the event dispatch thread. |
| 911 | + | * |
| 912 | + | * @param file The file containing Burp's saved state. |
| 913 | + | * @deprecated State files have been replaced with Burp project files. |
| 914 | + | */ |
| 915 | + | @Deprecated |
| 916 | + | void restoreState(java.io.File file); |
| 917 | + | |
| 918 | + | /** |
| 919 | + | * This method can be used to save Burp's state to a specified file. This |
| 920 | + | * method blocks until the save operation is completed, and must not be |
| 921 | + | * called from the event dispatch thread. |
| 922 | + | * |
| 923 | + | * @param file The file to save Burp's state in. |
| 924 | + | * @deprecated State files have been replaced with Burp project files. |
| 925 | + | */ |
| 926 | + | @Deprecated |
| 927 | + | void saveState(java.io.File file); |
| 928 | + | |
| 929 | + | /** |
| 930 | + | * This method is no longer supported. Please use saveConfigAsJson() instead. |
| 931 | + | * |
| 932 | + | * @return A Map of name/value Strings reflecting Burp's current |
| 933 | + | * configuration. |
| 934 | + | * @deprecated Use <code>saveConfigAsJson()</code> instead. |
| 935 | + | */ |
| 936 | + | @Deprecated |
| 937 | + | Map<String, String> saveConfig(); |
| 938 | + | |
| 939 | + | /** |
| 940 | + | * This method is no longer supported. Please use loadConfigFromJson() instead. |
| 941 | + | * |
| 942 | + | * @param config A map of name/value Strings to use as Burp's new |
| 943 | + | * configuration. |
| 944 | + | * @deprecated Use <code>loadConfigFromJson()</code> instead. |
| 945 | + | */ |
| 946 | + | @Deprecated |
| 947 | + | void loadConfig(Map<String, String> config); |
| 948 | + | |
| 949 | + | /** |
| 950 | + | * This method causes Burp to save its current project-level configuration |
| 951 | + | * in JSON format. This is the same format that can be saved and loaded via |
| 952 | + | * the Burp user interface. To include only certain sections of the |
| 953 | + | * configuration, you can optionally supply the path to each section that |
| 954 | + | * should be included, for example: "project_options.connections". If no |
| 955 | + | * paths are provided, then the entire configuration will be saved. |
| 956 | + | * |
| 957 | + | * @param configPaths A list of Strings representing the path to each |
| 958 | + | * configuration section that should be included. |
| 959 | + | * @return A String representing the current configuration in JSON format. |
| 960 | + | */ |
| 961 | + | String saveConfigAsJson(String... configPaths); |
| 962 | + | |
| 963 | + | /** |
| 964 | + | * This method causes Burp to load a new project-level configuration from |
| 965 | + | * the JSON String provided. This is the same format that can be saved and |
| 966 | + | * loaded via the Burp user interface. Partial configurations are |
| 967 | + | * acceptable, and any settings not specified will be left unmodified. |
| 968 | + | * <p> |
| 969 | + | * Any user-level configuration options contained in the input will be |
| 970 | + | * ignored. |
| 971 | + | * |
| 972 | + | * @param config A JSON String containing the new configuration. |
| 973 | + | */ |
| 974 | + | void loadConfigFromJson(String config); |
| 975 | + | |
| 976 | + | /** |
| 977 | + | * This method sets the master interception mode for Burp Proxy. |
| 978 | + | * |
| 979 | + | * @param enabled Indicates whether interception of Proxy messages should be |
| 980 | + | * enabled. |
| 981 | + | */ |
| 982 | + | void setProxyInterceptionEnabled(boolean enabled); |
| 983 | + | |
| 984 | + | /** |
| 985 | + | * This method retrieves information about the version of Burp in which the |
| 986 | + | * extension is running. It can be used by extensions to dynamically adjust |
| 987 | + | * their behavior depending on the functionality and APIs supported by the |
| 988 | + | * current version. |
| 989 | + | * |
| 990 | + | * @return An array of Strings comprised of: the product name (e.g. Burp |
| 991 | + | * Suite Professional), the major version (e.g. 1.5), the minor version |
| 992 | + | * (e.g. 03) |
| 993 | + | */ |
| 994 | + | String[] getBurpVersion(); |
| 995 | + | |
| 996 | + | /** |
| 997 | + | * This method retrieves the absolute path name of the file from which the |
| 998 | + | * current extension was loaded. |
| 999 | + | * |
| 1000 | + | * @return The absolute path name of the file from which the current |
| 1001 | + | * extension was loaded. |
| 1002 | + | */ |
| 1003 | + | String getExtensionFilename(); |
| 1004 | + | |
| 1005 | + | /** |
| 1006 | + | * This method determines whether the current extension was loaded as a BApp |
| 1007 | + | * (a Burp App from the BApp Store). |
| 1008 | + | * |
| 1009 | + | * @return Returns true if the current extension was loaded as a BApp. |
| 1010 | + | */ |
| 1011 | + | boolean isExtensionBapp(); |
| 1012 | + | |
| 1013 | + | /** |
| 1014 | + | * This method can be used to shut down Burp programmatically, with an |
| 1015 | + | * optional prompt to the user. If the method returns, the user canceled the |
| 1016 | + | * shutdown prompt. |
| 1017 | + | * |
| 1018 | + | * @param promptUser Indicates whether to prompt the user to confirm the |
| 1019 | + | * shutdown. |
| 1020 | + | */ |
| 1021 | + | void exitSuite(boolean promptUser); |
| 1022 | + | |
| 1023 | + | /** |
| 1024 | + | * This method is used to create a temporary file on disk containing the |
| 1025 | + | * provided data. Extensions can use temporary files for long-term storage |
| 1026 | + | * of runtime data, avoiding the need to retain that data in memory. |
| 1027 | + | * |
| 1028 | + | * @param buffer The data to be saved to a temporary file. |
| 1029 | + | * @return An object that implements the <code>ITempFile</code> interface. |
| 1030 | + | */ |
| 1031 | + | ITempFile saveToTempFile(byte[] buffer); |
| 1032 | + | |
| 1033 | + | /** |
| 1034 | + | * This method is used to save the request and response of an |
| 1035 | + | * <code>IHttpRequestResponse</code> object to temporary files, so that they |
| 1036 | + | * are no longer held in memory. Extensions can used this method to convert |
| 1037 | + | * <code>IHttpRequestResponse</code> objects into a form suitable for |
| 1038 | + | * long-term storage. |
| 1039 | + | * |
| 1040 | + | * @param httpRequestResponse The <code>IHttpRequestResponse</code> object |
| 1041 | + | * whose request and response messages are to be saved to temporary files. |
| 1042 | + | * @return An object that implements the |
| 1043 | + | * <code>IHttpRequestResponsePersisted</code> interface. |
| 1044 | + | */ |
| 1045 | + | IHttpRequestResponsePersisted saveBuffersToTempFiles( |
| 1046 | + | IHttpRequestResponse httpRequestResponse); |
| 1047 | + | |
| 1048 | + | /** |
| 1049 | + | * This method is used to apply markers to an HTTP request or response, at |
| 1050 | + | * offsets into the message that are relevant for some particular purpose. |
| 1051 | + | * Markers are used in various situations, such as specifying Intruder |
| 1052 | + | * payload positions, Scanner insertion points, and highlights in Scanner |
| 1053 | + | * issues. |
| 1054 | + | * |
| 1055 | + | * @param httpRequestResponse The <code>IHttpRequestResponse</code> object |
| 1056 | + | * to which the markers should be applied. |
| 1057 | + | * @param requestMarkers A list of index pairs representing the offsets of |
| 1058 | + | * markers to be applied to the request message. Each item in the list must |
| 1059 | + | * be an int[2] array containing the start and end offsets for the marker. |
| 1060 | + | * The markers in the list should be in sequence and not overlapping. This |
| 1061 | + | * parameter is optional and may be <code>null</code> if no request markers |
| 1062 | + | * are required. |
| 1063 | + | * @param responseMarkers A list of index pairs representing the offsets of |
| 1064 | + | * markers to be applied to the response message. Each item in the list must |
| 1065 | + | * be an int[2] array containing the start and end offsets for the marker. |
| 1066 | + | * The markers in the list should be in sequence and not overlapping. This |
| 1067 | + | * parameter is optional and may be <code>null</code> if no response markers |
| 1068 | + | * are required. |
| 1069 | + | * @return An object that implements the |
| 1070 | + | * <code>IHttpRequestResponseWithMarkers</code> interface. |
| 1071 | + | */ |
| 1072 | + | IHttpRequestResponseWithMarkers applyMarkers( |
| 1073 | + | IHttpRequestResponse httpRequestResponse, |
| 1074 | + | List<int[]> requestMarkers, |
| 1075 | + | List<int[]> responseMarkers); |
| 1076 | + | |
| 1077 | + | /** |
| 1078 | + | * This method is used to obtain the descriptive name for the Burp tool |
| 1079 | + | * identified by the tool flag provided. |
| 1080 | + | * |
| 1081 | + | * @param toolFlag A flag identifying a Burp tool ( <code>TOOL_PROXY</code>, |
| 1082 | + | * <code>TOOL_SCANNER</code>, etc.). Tool flags are defined within this |
| 1083 | + | * interface. |
| 1084 | + | * @return The descriptive name for the specified tool. |
| 1085 | + | */ |
| 1086 | + | String getToolName(int toolFlag); |
| 1087 | + | |
| 1088 | + | /** |
| 1089 | + | * This method is used to register a new Scanner issue. <b>Note:</b> |
| 1090 | + | * Wherever possible, extensions should implement custom Scanner checks |
| 1091 | + | * using <code>IScannerCheck</code> and report issues via those checks, so |
| 1092 | + | * as to integrate with Burp's user-driven workflow, and ensure proper |
| 1093 | + | * consolidation of duplicate reported issues. This method is only designed |
| 1094 | + | * for tasks outside of the normal testing workflow, such as importing |
| 1095 | + | * results from other scanning tools. |
| 1096 | + | * |
| 1097 | + | * @param issue An object created by the extension that implements the |
| 1098 | + | * <code>IScanIssue</code> interface. |
| 1099 | + | */ |
| 1100 | + | void addScanIssue(IScanIssue issue); |
| 1101 | + | |
| 1102 | + | /** |
| 1103 | + | * This method is used to create a new Burp Collaborator client context, |
| 1104 | + | * which can be used to generate Burp Collaborator payloads and poll the |
| 1105 | + | * Collaborator server for any network interactions that result from using |
| 1106 | + | * those payloads. |
| 1107 | + | * |
| 1108 | + | * @return A new instance of <code>IBurpCollaboratorClientContext</code> |
| 1109 | + | * that can be used to generate Collaborator payloads and retrieve |
| 1110 | + | * interactions. |
| 1111 | + | */ |
| 1112 | + | IBurpCollaboratorClientContext createBurpCollaboratorClientContext(); |
| 1113 | + | |
| 1114 | + | /** |
| 1115 | + | * This method parses the specified request and returns details of each |
| 1116 | + | * request parameter. |
| 1117 | + | * |
| 1118 | + | * @param request The request to be parsed. |
| 1119 | + | * @return An array of: <code>String[] { name, value, type }</code> |
| 1120 | + | * containing details of the parameters contained within the request. |
| 1121 | + | * @deprecated Use <code>IExtensionHelpers.analyzeRequest()</code> instead. |
| 1122 | + | */ |
| 1123 | + | @Deprecated |
| 1124 | + | String[][] getParameters(byte[] request); |
| 1125 | + | |
| 1126 | + | /** |
| 1127 | + | * This method parses the specified request and returns details of each HTTP |
| 1128 | + | * header. |
| 1129 | + | * |
| 1130 | + | * @param message The request to be parsed. |
| 1131 | + | * @return An array of HTTP headers. |
| 1132 | + | * @deprecated Use <code>IExtensionHelpers.analyzeRequest()</code> or |
| 1133 | + | * <code>IExtensionHelpers.analyzeResponse()</code> instead. |
| 1134 | + | */ |
| 1135 | + | @Deprecated |
| 1136 | + | String[] getHeaders(byte[] message); |
| 1137 | + | |
| 1138 | + | /** |
| 1139 | + | * This method can be used to register a new menu item which will appear on |
| 1140 | + | * the various context menus that are used throughout Burp Suite to handle |
| 1141 | + | * user-driven actions. |
| 1142 | + | * |
| 1143 | + | * @param menuItemCaption The caption to be displayed on the menu item. |
| 1144 | + | * @param menuItemHandler The handler to be invoked when the user clicks on |
| 1145 | + | * the menu item. |
| 1146 | + | * @deprecated Use <code>registerContextMenuFactory()</code> instead. |
| 1147 | + | */ |
| 1148 | + | @Deprecated |
| 1149 | + | void registerMenuItem( |
| 1150 | + | String menuItemCaption, |
| 1151 | + | IMenuItemHandler menuItemHandler); |
| 1152 | + | } |
| 1153 | + | |