Method: Buby#doActiveScan

Defined in:
lib/buby.rb

#doActiveScan(host, port, useHttps, request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(service, request, insertionPointOffsets = nil) ⇒ IScanQueueItem #doActiveScan(url, insertionPointOffsets = nil) ⇒ IScanQueueItem Also known as: do_active_scan, active_scan

This method can be used to send an HTTP request to the Burp Scanner tool to perform an active vulnerability scan. If the request is not within the current active scanning scope, the user will be asked if they wish to proceed with the scan.

Raises:

  • (ArgumentError) 


193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
 
# File 'lib/buby.rb', line 193

def doActiveScan(*args)
  raise ArgumentError, "wrong number of arguments calling '#{__callee__}' (#{args.size} for 1..5)" unless (1..5).include?(args.size)
  host, port, https, req, ip_off = *args
  if args.size < 4
    case args.first
    when Java::Burp::IHttpRequestResponse
      raise ArgumentError, "wrong number/type of arguments calling '#{__callee__}' (#{args.size} for 1..5)" unless args.size < 3
      req, ip_off = *args
      host = req.host
      port = req.port
      https = req.protocol
    when Java::Burp::IHttpService
      raise ArgumentError, "wrong number/type of arguments calling '#{__callee__}' (#{args.size} for 1..5)" unless args.size
      serv, req, ip_off = *args
      https = serv.getProtocol
      host = serv.getHost
      port = serv.getPort
      req = req.request
    else
      url = (req.kind_of?(URI) || req.kind_of?(Java::JavaNet::URL)) ? req : Java::JavaNet::URL.new(req.to_s)
      req = helpers.buildHttpRequest req
      host = url.host
      port = url.port
      https = url.respond_to? :scheme ? url.scheme : url.protocol
    end
  end

  https = case https.to_s.downcase
  when 'https'
    true
  when 'http'
    false
  else
    !!https
  end

  port ||= https ? 443 : 80
  port = https ? 443 : 80 if port < 0
  host = host.host if host.respond_to? :host

  req = req.request if req.respond_to? :request
  req = req.to_java_bytes if req.respond_to? :to_java_bytes
  scanq = if getBurpVersion
    _check_and_callback :doActiveScan, host, port, https, req, ip_off
  else
    _check_and_callback :doActiveScan, host, port, https, req
  end
  Buby::Implants::ScanQueueItem.implant scanq
end