Class: Buby::IntruderPayloadGenerator

Inherits:
Object
  • Object
show all
Includes:
Java::Burp::IIntruderPayloadGenerator, Java::Burp::IIntruderPayloadGeneratorFactory
Defined in:
lib/buby/intruder_payload_generator.rb

Overview

This interface is used for custom Intruder payload generators. Extensions that have registered an IIntruderPayloadGeneratorFactory must return a new instance of this interface when required as part of a new Intruder attack.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(attack) ⇒ IntruderPayloadGenerator

Returns a new instance of IntruderPayloadGenerator.

Parameters:

  • attack (IIntruderAttack)

    object that can be queried to obtain details about the attack in which the payload generator will be used.



22
23
24
 
# File 'lib/buby/intruder_payload_generator.rb', line 22

def initialize(attack)
  @attack = attack
end

Class Method Details

.createNewInstance(attack) ⇒ Buby

Parameters:

  • attack (IIntruderAttack)

    object that can be queried to obtain details about the attack in which the payload generator will be used.

Returns:

  • (Buby)

    a new instance of Buby



16
17
18
19
 
# File 'lib/buby/intruder_payload_generator.rb', line 16

def self.createNewInstance(attack)
  Buby::Implants::IntruderAttack.implant(attack)
  self.new(attack)
end

.getGeneratorNameString

This method is used by Burp to obtain the name of the payload generator. This will be displayed as an option within the Intruder UI when the user selects to use extension-generated payloads.

Returns:

  • (String)

    The name of the payload generator.



11
 
# File 'lib/buby/intruder_payload_generator.rb', line 11

def self.getGeneratorName; self.name.to_java_string; end

Instance Method Details

#getNextPayload(baseValue) ⇒ Array<byte>

Deprecated.

This will become a raw version/proxied version pair like ContextMenuFactory#createMenuItems in 2.0.

This method is abstract.

Call super to get baseValue as a String. Implementation’s responsibility to return byte array.

This method is used by Burp to obtain the value of the next payload.

Parameters:

  • baseValue (Array<byte>)

    The base value of the current payload position. This value may be nil if the concept of a base value is not applicable (e.g. in a battering ram attack).

Returns:

  • (Array<byte>)

    The next payload to use in the attack.



47
48
49
50
51
 
# File 'lib/buby/intruder_payload_generator.rb', line 47

def getNextPayload(baseValue)
  ret = baseValue
  baseValue = String.from_java_bytes(baseValue) if baseValue
  ret
end

#hasMorePayloadsBoolean

This method is abstract.

This method is used by Burp to determine whether the payload generator is able to provide any further payloads.

Returns:

  • (Boolean)

    Extensions should return false when all the available payloads have been used up, otherwise true.



33
 
# File 'lib/buby/intruder_payload_generator.rb', line 33

def hasMorePayloads; end

#more_payloads?Boolean

This method is abstract.

This method is used by Burp to determine whether the payload generator is able to provide any further payloads.

Returns:

  • (Boolean)

    Extensions should return false when all the available payloads have been used up, otherwise true.



35
 
# File 'lib/buby/intruder_payload_generator.rb', line 35

def more_payloads?; hasMorePayloads; end

#resetObject

This method is abstract.

This method is used by Burp to reset the state of the payload generator so that the next call to #getNextPayload returns the first payload again. This method will be invoked when an attack uses the same payload generator for more than one payload position, for example in a sniper attack.



59
 
# File 'lib/buby/intruder_payload_generator.rb', line 59

def reset; end