Method: Buby#doActiveScan

Defined in:
lib/buby.rb

#doActiveScan(host, port, useHttps, request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(url, insertionPointOffsets = nil) ⇒ IScanQueueItem Also known as: do_active_scan, active_scan

This method can be used to send an HTTP request to the Burp Scanner tool to perform an active vulnerability scan. If the request is not within the current active scanning scope, the user will be asked if they wish to proceed with the scan.

Overloads:

  • #doActiveScan(host, port, useHttps, request, insertionPointOffsets = nil) ⇒ IScanQueueItem

    Parameters:

    • host (String)

      The hostname of the remote HTTP server.

    • port (Fixnum)

      The port of the remote HTTP server.

    • useHttps (Boolean)

      Flags whether the protocol is HTTPS or HTTP.

    • request (String, Array<byte>)

      The full HTTP request.

    • insertionPointOffsets (Array<Array<Fixnum>>) (defaults to: nil)

      A list of index pairs representing the positions of the insertion points that should be scanned. Each item in the list must be an int array containing the start and end offsets for the insertion point.

  • #doActiveScan(request, insertionPointOffsets = nil) ⇒ IScanQueueItem

    Parameters:

    • request (IHttpRequestResponse)

      Request object containing details about the request to scan.

    • insertionPointOffsets (Array<Array<Fixnum>>) (defaults to: nil)

      A list of index pairs representing the positions of the insertion points that should be scanned. Each item in the list must be an int array containing the start and end offsets for the insertion point.

  • #doActiveScan(url, insertionPointOffsets = nil) ⇒ IScanQueueItem

    Parameters:

    • url (String, URI, java.net.URL)

      Build a GET request and scan url.

    • insertionPointOffsets (Array<Array<Fixnum>>) (defaults to: nil)

      A list of index pairs representing the positions of the insertion points that should be scanned. Each item in the list must be an int array containing the start and end offsets for the insertion point.

Returns:

  • (IScanQueueItem)

    The resulting scan queue item.



185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
 
# File 'lib/buby.rb', line 185

def doActiveScan(*args)
  host, port, https, req, ip_off = args
  case args.size
  when 1,2
    req = args.first
    ip_off = args[1]
    if req.kind_of? Java::Burp::IHttpRequestResponse
      serv = req.getHttpService
      https = serv.getProtocol == "https"
      host = serv.getHost
      port = serv.getPort
      req = req.request
    else
      url = (req.kind_of?(URI) || req.kind_of?(Java::JavaNet::URL)) ? req : Java::JavaNet::URL.new(req.to_s)
      req = getHelpers.buildHttpRequest req
      host = url.host
      port = url.port
      if url.scheme.downcase == "https"
        https = true
        port = 443 if port == -1
      else
        https = false
        port = 80 if port == -1
      end
    end
  when 4,5
    host, port, https, req, ip_off = args
  else
    raise ArgumentError
  end
  req = req.to_java_bytes if req.respond_to? :to_java_bytes
  scanq = if getBurpVersion
    _check_cb.doActiveScan(host, port, https, req, ip_off)
  else
    _check_cb.doActiveScan(host, port, https, req)
  end
  Buby::Implants::ScanQueueItem.implant scanq
end