Method: Buby#doActiveScan
- Defined in:
- lib/buby.rb
#doActiveScan(host, port, useHttps, request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(service, request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(url, insertionPointOffsets = nil) ⇒ IScanQueueItem Also known as: do_active_scan, active_scan
This method can be used to send an HTTP request to the Burp Scanner tool to perform an active vulnerability scan. If the request is not within the current active scanning scope, the user will be asked if they wish to proceed with the scan.
193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 |
# File 'lib/buby.rb', line 193 def doActiveScan(*args) raise ArgumentError, "wrong number of arguments calling '#{__callee__}' (#{args.size} for 1..5)" unless (1..5).include?(args.size) host, port, https, req, ip_off = *args if args.size < 4 case args.first when Java::Burp::IHttpRequestResponse raise ArgumentError, "wrong number/type of arguments calling '#{__callee__}' (#{args.size} for 1..5)" unless args.size < 3 req, ip_off = *args host = req.host port = req.port https = req.protocol when Java::Burp::IHttpService raise ArgumentError, "wrong number/type of arguments calling '#{__callee__}' (#{args.size} for 1..5)" unless args.size serv, req, ip_off = *args https = serv.getProtocol host = serv.getHost port = serv.getPort req = req.request else url = (req.kind_of?(URI) || req.kind_of?(Java::JavaNet::URL)) ? req : Java::JavaNet::URL.new(req.to_s) req = helpers.buildHttpRequest req host = url.host port = url.port https = url.respond_to? :scheme ? url.scheme : url.protocol end end https = case https.to_s.downcase when 'https' true when 'http' false else !!https end port ||= https ? 443 : 80 port = https ? 443 : 80 if port < 0 host = host.host if host.respond_to? :host req = req.request if req.respond_to? :request req = req.to_java_bytes if req.respond_to? :to_java_bytes scanq = if getBurpVersion _check_and_callback :doActiveScan, host, port, https, req, ip_off else _check_and_callback :doActiveScan, host, port, https, req end Buby::Implants::ScanQueueItem.implant scanq end |