-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathadd_csrf.clj
107 lines (98 loc) · 4.27 KB
/
add_csrf.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
(ns add-csrf
"自动添加csrf token,还不完善,需要针对不同的目标进行修正"
(:require [clojure.string :as str]
[taoensso.timbre :as log]
[seesaw.swingx :as guix]
[seesaw.rsyntax :as rsyntax]
[seesaw.font :as font]
[seesaw.table :as table]
[seesaw.bind :as bind]
[seesaw.mig :refer [mig-panel]]
[seesaw.keymap :as keymap]
[seesaw.border :as border]
[burp-clj.utils :as utils]
[burp-clj.helper :as helper]
[burp-clj.extender :as extender]
[burp-clj.http-message :as http-message]
[burp-clj.ui :as ui]
[burp-clj.http :refer [make-http-proc]]
[burp-clj.context-menu :as context-menu]
[burp-clj.scripts :as scripts]
[burp-clj.message-viewer :as message-viewer]
[burp-clj.proxy :as proxy]
[seesaw.core :as gui]))
(defn extract-csrf-token
"按自己需求修改"
[body]
(some->> body
;; (re-find #"name=\"csrf-token\"\scontent=\"(.*)\"")
(re-find #"name=\"csrf\"\svalue=\"(.*)\"")
second))
(defn parse-target [req-resp]
(let [req (-> (.getRequest req-resp)
(http-message/parse-request {:key-fn identity
:val-fn identity}))
service (-> (.getHttpService req-resp)
(helper/parse-http-service))]
(merge req service)))
(defn set-csrf-token
"设置`curr-req` csrf token"
[curr-req csrf-target]
(let [target (parse-target curr-req)]
(when (and (= (:host target)
(:host csrf-target))
(not= (:url target)
(:url csrf-target)))
(log/info "start csrf-token request.")
(let [csrf-token (-> (assoc csrf-target :headers (:headers target))
;; 使用当前请求的headers进行替换
(http-message/build-request-raw {:key-fn identity
:val-fn identity})
(helper/send-http-raw2 target)
utils/->string
(extract-csrf-token))]
(if csrf-token
(do (log/info :set-csrf-token "url:" (:url target) "csrf token:" csrf-token)
(-> (update target :headers http-message/assoc-header "X-CSRF-Token" csrf-token)
(http-message/build-request-raw {:key-fn identity
:val-fn identity})
(->> (.setRequest curr-req))))
(log/warn :set-csrf-token "not found csrf token for:" (:url target)))))))
(def tool-scope #{:extender
:repeater
:scanner
:target
:sequencer
:intruder
})
(def csrf-target (atom nil))
(defn add-csrf-proc
[{:keys [tool is-request msg]}]
(when (and is-request
(tool-scope tool))
(when-let [target @csrf-target]
(set-csrf-token msg target))))
(def menu-context #{:message-editor-request
:message-editor-response
:proxy-history
:target-site-map-tree
:message-viewer-request
:message-viewer-response})
(defn set-url-menu []
(context-menu/make-context-menu
menu-context
(fn [invocation]
(when-let [msgs (context-menu/get-selected-messge invocation)]
[(gui/menu-item :text "Set CSRF URL"
:listen [:action (fn [e]
(when-let [data (-> (first msgs)
parse-target)]
(reset! csrf-target data)))])]))))
(def reg (scripts/reg-script! :add-csrf
{:name "add csrf header from body"
:version "0.2.0"
:min-burp-clj-version "0.5.0"
:http-listener {:add-csrf/http-listener
(make-http-proc add-csrf-proc)}
:context-menu {:add-csrf/context-menu (set-url-menu)}
}))