Class: Buby

Inherits:
Object
  • Object
show all
Defined in:
lib/buby.rb,
lib/buby/extends/scan_issue.rb,
lib/buby/extends/buby_array_wrapper.rb,
lib/buby/extends/http_request_response.rb

Overview

Buby is a mash-up of the commercial security testing web proxy PortSwigger Burp Suite(tm) allowing you to add scripting to Burp. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API.

The Buby class is an abstract implementation of a BurpExtender ruby handler. Included are several abstract event handlers used from the BurpExtender java implementation:

  • evt_extender_init

  • evt_proxy_message

  • evt_command_line_args

  • evt_register_callbacks

  • evt_application_closing

Buby also supports the newer event handlers available in Burp 1.2.09 and up:

  • evt_http_message

  • evt_scan_issue

This class also exposes several methods to access Burp functionality and user interfaces through the IBurpExtenderCallbacks interface (note, several abbreviated aliases also exist for each):

  • doActiveScan

  • doPassiveScan

  • excludeFromScope

  • includeInScope

  • isInScope

  • issueAlert

  • makeHttpRequest

  • sendToIntruder

  • sendToRepeater

  • sendToSpider

Buby also provides front-end ruby methods for the various callback methods supported by Burp. New callbacks have been cropping up in newer Burp versions frequently.

Available since Burp 1.2.09:

  • getProxyHistory

  • getSiteMap

  • restoreState

  • saveState

  • getParameters

  • getHeaders

Available since Burp 1.2.15:

  • getScanIssues

If you wish to access any of the IBurpExtenderCallbacks methods directly. You can use ‘burp_callbacks’ to obtain a reference.

Credit:

  • Burp and Burp Suite are trade-marks of PortSwigger Ltd.

    Copyright 2008 PortSwigger Ltd. All rights reserved.
See http://portswigger.net for license terms.

  • This ruby library and the accompanying BurpExtender.java implementation were written by Eric Monti @ Matasano Security.

    Matasano claims no professional or legal affiliation with PortSwigger LTD. nor do we sell or officially endorse any of their products.

    However, this author would like to express his personal and professional respect and appreciation for their making available the BurpExtender extension API. The availability of this interface in an already great tool goes a long way to make Burp Suite a truly first-class application.

  • Forgive the name. It won out over “Burb” and “BurpRub”. It’s just easier to type and say out-loud. Mike Tracy gets full credit as official Buby-namer.

Defined Under Namespace

Modules: HttpRequestResponseHelper, ScanIssueHelper Classes: BubyArrayWrapper, HttpRequestResponseList, ScanIssuesList

Constant Summary collapse

VERSION =

:stopdoc:

'1.1.4'
LIBPATH = 
::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
PATH = 
::File.dirname(LIBPATH) + ::File::SEPARATOR
ACTION_FOLLOW_RULES = 
BurpExtender::ACTION_FOLLOW_RULES
ACTION_DO_INTERCEPT = 
BurpExtender::ACTION_DO_INTERCEPT
ACTION_DONT_INTERCEPT = 
BurpExtender::ACTION_DONT_INTERCEPT
ACTION_DROP = 
BurpExtender::ACTION_DROP

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(other = nil) ⇒ Buby

:startdoc:



87
88
89
90
91
92
93
 
# File 'lib/buby.rb', line 87

def initialize(other=nil)
  if other
    raise "arg 0 must be another kind of Buby" unless other.is_a? Buby
    @burp_extender = other.burp_extender
    @burp_callbacks = other.burp_callbacks
  end
end

Class Method Details

.burp_loaded?Boolean

Checks the Java namespace to see if Burp has been loaded.

Returns:

  • (Boolean) 


699
700
701
702
703
704
705
706
 
# File 'lib/buby.rb', line 699

def self.burp_loaded?
  begin 
    include_class 'burp.StartBurp'
    return true
  rescue
    return false
  end
end

.libpath(*args) ⇒ Object

Returns the library path for the module. If any arguments are given, they will be joined to the end of the libray path using File.join.



714
715
716
 
# File 'lib/buby.rb', line 714

def self.libpath( *args )
  args.empty? ? LIBPATH : ::File.join(LIBPATH, args.flatten)
end

.load_burp(jar_path) ⇒ Object

Attempts to load burp with require and confirm it provides the required class in the Java namespace.

Returns: true/false depending on whether the required jar provides us the required class

Raises: may raise the usual require exceptions if jar_path is bad.



693
694
695
696
 
# File 'lib/buby.rb', line 693

def self.load_burp(jar_path)
  require jar_path
  return burp_loaded?
end

.path(*args) ⇒ Object

Returns the lpath for the module. If any arguments are given, they will be joined to the end of the path using File.join.



722
723
724
 
# File 'lib/buby.rb', line 722

def self.path( *args )
  args.empty? ? PATH : ::File.join(PATH, args.flatten)
end

.require_all_libs_relative_to(fname, dir = nil) ⇒ Object

Utility method used to require all files ending in .rb that lie in the directory below this file that has the same name as the filename passed in. Optionally, a specific directory name can be passed in such that the filename does not have to be equivalent to the directory.



731
732
733
734
735
736
737
 
# File 'lib/buby.rb', line 731

def self.require_all_libs_relative_to( fname, dir = nil )
  dir ||= ::File.basename(fname, '.*')
  search_me = ::File.expand_path(
      ::File.join(::File.dirname(fname), dir, '**', '*.rb'))

  Dir.glob(search_me).sort.each {|rb| require rb}
end

.start_burp(h_class = nil, init_args = nil, args = nil) ⇒ Object

Starts burp using a supplied handler class,

h_class = Buby or a derived class. instance of which will become handler.
args = arguments to Burp
init_args = arguments to the handler constructor

Returns the handler instance



679
680
681
682
683
684
 
# File 'lib/buby.rb', line 679

def self.start_burp(h_class=nil, init_args=nil, args=nil)
  h_class ||= self
  init_args ||= []
  args ||= []
  h_class.new(*init_args).start_burp(args)
end

.versionObject

Returns the version string for the library.



741
742
743
 
# File 'lib/buby.rb', line 741

def self.version
  VERSION
end

Instance Method Details

#_check_and_callback(meth, *args) ⇒ Object

This method is a __send__ callback gate for the IBurpExtenderCallbacks reference. It first checks to see if a method is available before calling with the specified arguments, and raises an exception if it is unavailable.

This method was added for provisional calling of new callbacks added since Burp 1.2.09

  • meth = string or symbol name of method

  • args = variable length array of arguments to pass to meth



239
240
241
242
243
244
245
 
# File 'lib/buby.rb', line 239

def _check_and_callback(meth, *args)
  cb = _check_cb
  unless cb.respond_to?(meth)
    raise "#{meth} is not available in your version of Burp"
  end
  cb.__send__ meth, *args
end

#_check_cbObject

Internal method to check for the existence of the burp_callbacks reference before doing anything with it.



113
114
115
 
# File 'lib/buby.rb', line 113

def _check_cb
  @burp_callbacks or raise "Burp callbacks have not been set"
end

#activate!Object

Makes this handler the active Ruby handler object for the BurpExtender Java runtime. (there can be only one!)



97
98
99
 
# File 'lib/buby.rb', line 97

def activate!
  BurpExtender.set_handler(self)
end

#burp_callbacksObject

Returns the internal reference to the IBupExtenderCallbacks instance. This reference gets set from Java through the evt_register_callbacks method. It is exposed to allow you to access the IBurpExtenderCallbacks instance directly if you so choose.



109
 
# File 'lib/buby.rb', line 109

def burp_callbacks; @burp_callbacks; end

#burp_extenderObject

Returns the internal reference to the BurpExtender instance. This reference gets set from Java through the evt_extender_init method.



103
 
# File 'lib/buby.rb', line 103

def burp_extender; @burp_extender; end

#doActiveScan(host, port, https, req) ⇒ Object Also known as: do_active_scan, active_scan

Send an HTTP request to the Burp Scanner tool to perform an active vulnerability scan.

* host = The hostname of the remote HTTP server.
* port = The port of the remote HTTP server.
* https = Flags whether the protocol is HTTPS or HTTP.
* req  = The full HTTP request. (String or Java bytes[])



123
124
125
126
 
# File 'lib/buby.rb', line 123

def doActiveScan(host, port, https, req)
  req = req.to_java_bytes if req.is_a? String
  _check_cb.doActiveScan(host, port, https, req)
end

#doPassiveScan(host, port, https, req, rsp) ⇒ Object Also known as: do_passive_scan, passive_scan

Send an HTTP request and response to the Burp Scanner tool to perform a passive vulnerability scan.

* host = The hostname of the remote HTTP server.
* port = The port of the remote HTTP server.
* https = Flags whether the protocol is HTTPS or HTTP.
* req  = The full HTTP request. (String or Java bytes[])
* rsp  = The full HTTP response. (String or Java bytes[])



137
138
139
140
141
 
# File 'lib/buby.rb', line 137

def doPassiveScan(host, port, https, req, rsp)
  req = req.to_java_bytes if req.is_a? String
  rsp = rsp.to_java_bytes if rsp.is_a? String
  _check_cb.doPassiveScan(host, port, https, req, rsp)
end

#evt_application_closingObject

This method is called by BurpExtender right before closing the application. Implementations can use this method to perform cleanup tasks such as closing files or databases before exit.



560
561
562
 
# File 'lib/buby.rb', line 560

def evt_application_closing 
  pp([:got_app_close]) if $DEBUG
end

#evt_command_line_args(args) ⇒ Object

This method is called by the BurpExtender implementation Burp startup. The args parameter contains main()‘s argv command-line arguments array.

Note: This maps to the ‘setCommandLineArgs’ method in the java implementation of BurpExtender.

The return value is ignored.



351
352
353
 
# File 'lib/buby.rb', line 351

def evt_command_line_args args
  pp([:got_args, args]) if $DEBUG
end

#evt_extender_init(ext) ⇒ Object

This method is called by the BurpExtender java implementation upon initialization of the BurpExtender instance for Burp. The args parameter is passed with a instance of the newly initialized BurpExtender instance so that implementations can access and extend its public interfaces.

The return value is ignored.



339
340
341
342
 
# File 'lib/buby.rb', line 339

def evt_extender_init ext
  @burp_extender = ext
  pp([:got_extender, ext]) if $DEBUG
end

#evt_http_message(tool_name, is_request, message_info) ⇒ Object

This method is invoked whenever any of Burp’s tools makes an HTTP request or receives a response. This is effectively a generalised version of the pre-existing evt_proxy_message method, and can be used to intercept and modify the HTTP traffic of all Burp tools.

IMPORTANT: This event handler is only used in Burp version 1.2.09 and higher.

Note: this method maps to the processHttpMessage BurpExtender Java method.

This method should be overridden if you wish to implement functionality relating to generalized requests and responses from any BurpSuite tool.

You may want to use evt_proxy_message if you only intend to work on proxied messages. Note, however, the IHttpRequestResponse Java object is not used in evt_proxy_message and gives evt_http_message a somewhat nicer interface to work with.

Parameters:

  • tool_name = a string name of the tool that generated the message

  • is_request = boolean true = request / false = response

  • message_info = an instance of the IHttpRequestResponse Java class with methods for accessing and manipulating various attributes of the message.



535
536
537
538
 
# File 'lib/buby.rb', line 535

def evt_http_message(tool_name, is_request, message_info)
  HttpRequestResponseHelper.implant(message_info)
  pp([:got_http_message, tool_name, is_request, message_info]) if $DEBUG
end

#evt_proxy_message(msg_ref, is_req, rhost, rport, is_https, http_meth, url, resourceType, status, req_content_type, message, action) ⇒ Object

This method is called by BurpExtender while proxying HTTP messages and before passing them through the Burp proxy. Implementations can use this method to implement arbitrary processing upon HTTP requests and responses such as interception, logging, modification, and so on.

The ‘is_req’ parameter indicates whether it is a response or request.

Note: This method maps to the ‘processProxyMessage’ method in the java implementation of BurpExtender.

Below are the parameters descriptions based on the IBurpExtender javadoc. Where applicable, decriptions have been modified for local parameter naming and other ruby-specific details added.

  • msg_ref: An identifier which is unique to a single request/response pair. This can be used to correlate details of requests and responses and perform processing on the response message accordingly. This number also corresponds to the Burp UI’s proxy “history” # column.

  • is_req: (true/false) Flags whether the message is a client request or a server response.

  • rhost: The hostname of the remote HTTP server.

  • rport: The port of the remote HTTP server.

  • is_https: Flags whether the protocol is HTTPS or HTTP.

  • http_meth: The method verb used in the client request.

  • url: The requested URL. Set in both the request and response.

  • resourceType: The filetype of the requested resource, or nil if the resource has no filetype.

  • status: The HTTP status code returned by the server. This value is nil for request messages.

  • req_content_type: The content-type string returned by the server. This value is nil for request messages.

  • message: The full HTTP message.

    **Ruby note:

    For convenience, the message is received and returned as a ruby 
String object. Internally within Burp it is handled as a java byte[] 
array. See also the notes about the return object below.

  • action: An array containing a single integer, allowing the implementation to communicate back to Burp Proxy a non-default interception action for the message. The default value is ACTION_FOLLOW_RULES (or 0). Possible values include:

    ACTION_FOLLOW_RULES = 0
ACTION_DO_INTERCEPT = 1
ACTION_DONT_INTERCEPT = 2
ACTION_DROP = 3

    Refer to the BurpExtender.java source comments for more details.

Return Value:

Implementations should return either (a) the same object received
in the message paramater, or (b) a different object containing a 
modified message.

**IMPORTANT RUBY NOTE: Always be sure to return a new object if making modifications to messages.

Explanation: The (a) and (b) convention above is followed rather literally during type conversion on the return value back into the java BurpExtender.

When determining whether a change has been made in the message or not, the decision is made based on whether the object returned is the same as the object submitted in the call to evt_proxy_message.

So, for example, using in-place modification of the message using range substring assignments or destructive method variations like String.sub!() and String.gsub! alone won’t work because the same object gets returned to BurpExtender.

In short, this means that if you want modifications to be made, be sure to return a different String than the one you got in your handler.

So for example this code won’t do anything at all:

...
message.sub!(/^GET /, "HEAD ")
return message

Nor this:

message[0..4] = "HEAD "
return message

But this will

...
return message.sub(/^GET /, "HEAD ")

And so will this

...
message[0..4] = "HEAD "
return message.dup



490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
 
# File 'lib/buby.rb', line 490

def evt_proxy_message msg_ref, is_req, rhost, rport, is_https, http_meth, url, resourceType, status, req_content_type, message, action
  pp([ (is_req)? :got_proxy_request : :got_proxy_response,
       [:msg_ref, msg_ref], 
       [:is_req, is_req], 
       [:rhost, rhost], 
       [:rport, rport], 
       [:is_https, is_https], 
       [:http_meth, http_meth], 
       [:url, url], 
       [:resourceType, resourceType], 
       [:status, status], 
       [:req_content_type, req_content_type], 
       [:message, message], 
       [:action, action[0]] ]) if $DEBUG
  
  return message
end

#evt_register_callbacks(cb) ⇒ Object

This method is called by BurpExtender on startup to register Burp’s IBurpExtenderCallbacks interface object.

This maps to the ‘registerExtenderCallbacks’ method in the Java implementation of BurpExtender.

The return value is ignored.



362
363
364
365
366
 
# File 'lib/buby.rb', line 362

def evt_register_callbacks cb
  @burp_callbacks = cb
  cb.issueAlert("[JRuby::#{self.class}] registered callback")
  pp([:got_callbacks, cb]) if $DEBUG
end

#evt_scan_issue(issue) ⇒ Object

This method is invoked whenever Burp Scanner discovers a new, unique issue, and can be used to perform customised reporting or logging of detected issues.

IMPORTANT: This event handler is only used in Burp version 1.2.09 and higher.

Note: this method maps to the newScanIssue BurpExtender Java method.

Parameters:

  • issue = an instance of the IScanIssue Java class with methods for viewing information on the scan issue that was generated.



552
553
554
555
 
# File 'lib/buby.rb', line 552

def evt_scan_issue(issue)
  ScanIssueHelper.implant(issue)
  pp([:got_scan_issue, issue]) if $DEBUG
end

#excludeFromScope(url) ⇒ Object Also known as: exclude_from_scope, exclude_scope

Exclude the specified URL from the Suite-wide scope.

* url = The URL to exclude from the Suite-wide scope.



147
148
149
150
 
# File 'lib/buby.rb', line 147

def excludeFromScope(url)
  url = java.net.URL.new(url) if url.is_a? String
  _check_cb.excludeFromScope(url)
end

#getHeaders(msg) ⇒ Object Also known as: headers, get_headers

Parses a raw HTTP message (request or response ) and returns an associative array containing the headers as they are structured in the ‘Headers’ tab in the Burp request/response viewer UI.

IMPORTANT: This method is only available with Burp 1.2.09 and higher.

msg = raw request/response (String or Java bytes[])



323
324
325
326
 
# File 'lib/buby.rb', line 323

def getHeaders(msg)
  msg = msg.to_java_bytes if msg.is_a? String
  _check_and_callback(:getHeaders, msg)
end

#getParameters(req) ⇒ Object Also known as: parameters, get_parameters

Parses a raw HTTP request message and returns an associative array containing parameters as they are structured in the ‘Parameters’ tab in the Burp request UI.

IMPORTANT: This method is only available with Burp 1.2.09 and higher.

req = raw request (String or Java bytes[])



308
309
310
311
 
# File 'lib/buby.rb', line 308

def getParameters(req)
  req = req.to_java_bytes if req.is_a? String
  _check_and_callback(:getParameters, req)
end

#getProxyHistoryObject Also known as: proxy_history, get_proxy_history

Returns a Java array of IHttpRequestResponse objects pulled directly from the Burp proxy history.



250
251
252
 
# File 'lib/buby.rb', line 250

def getProxyHistory
  HttpRequestResponseList.new(_check_and_callback(:getProxyHistory))
end

#getScanIssues(urlprefix = nil) ⇒ Object Also known as: scan_issues, get_scan_issues

This method returns all of the current scan issues for URLs matching the specified literal prefix. The prefix can be nil to match all issues.

IMPORTANT: This method is only available with Burp 1.2.15 and higher.



271
272
273
 
# File 'lib/buby.rb', line 271

def getScanIssues(urlprefix=nil)
  ScanIssuesList.new( _check_and_callback(:getScanIssues, urlprefix) )
end

#getSiteMap(urlprefix = nil) ⇒ Object Also known as: site_map, get_site_map

Returns a Java array of IHttpRequestResponse objects pulled directly from the Burp site map for all urls matching the specified literal prefix. The prefix can be nil to return all objects.



260
261
262
 
# File 'lib/buby.rb', line 260

def getSiteMap(urlprefix=nil)
  HttpRequestResponseList.new(_check_and_callback(:getSiteMap, urlprefix))
end

#harvest_cookies_from_history(cookie = nil, urlrx = nil, statefile = nil) ⇒ Object

Harvest cookies from a session’s proxy history.

Params:

cookie    = optional: name of cookie to harvest
urlrx     = optional: regular expression to match urls against
statefile = optional: filename for a burp session file to temporarily load
            and harvest from.

Takes an optional block as additional ‘select’ criteria for cookies. The block return value of true/false will determine whether a cookie is string is selected.



651
652
653
654
655
656
657
658
659
660
661
 
# File 'lib/buby.rb', line 651

def harvest_cookies_from_history(cookie=nil, urlrx=nil, statefile=nil)
  ret = []
  search_proxy_history(statefile, urlrx) do |hrr|
    if heads=hrr.rsp_headers
      ret += heads.select do |h| 
        h[0].downcase == 'set-cookie' and (not block_given? or yield(h[1]))
      end.map{|h| h[1]}
    end
  end
  return ret
end

#includeInScope(url) ⇒ Object Also known as: include_in_scope, include_scope

Include the specified URL in the Suite-wide scope.

* url = The URL to exclude in the Suite-wide scope.



156
157
158
159
 
# File 'lib/buby.rb', line 156

def includeInScope(url)
  url = java.net.URL.new(url) if url.is_a? String
  _check_cb.includeInScope(url)
end

#isInScope(url) ⇒ Object Also known as: is_in_scope, in_scope?

Query whether a specified URL is within the current Suite-wide scope.

* url = The URL to query

Returns: true / false



167
168
169
170
 
# File 'lib/buby.rb', line 167

def isInScope(url)
  url = java.net.URL.new(url) if url.is_a? String
  _check_cb.isInScope(url)
end

#issueAlert(msg) ⇒ Object Also known as: issue_alert, alert

Display a message in the Burp Suite alerts tab.

* msg =  The alert message to display.



176
177
178
 
# File 'lib/buby.rb', line 176

def issueAlert(msg)
  _check_cb.issueAlert(msg.to_s)
end

#makeHttpRequest(host, port, https, req) ⇒ Object Also known as: make_http_request, make_request

Issue an arbitrary HTTP request and retrieve its response

* host  = The hostname of the remote HTTP server.
* port  = The port of the remote HTTP server.
* https = Flags whether the protocol is HTTPS or HTTP.
* req   = The full HTTP request. (String or Java bytes[])

Returns: The full response retrieved from the remote server.



189
190
191
192
 
# File 'lib/buby.rb', line 189

def makeHttpRequest(host, port, https, req)
  req = req.to_java_bytes if req.is_a? String
  String.from_java_bytes( _check_cb.makeHttpRequest(host, port, https, req) )
end

#restoreState(filename) ⇒ Object Also known as: restore_state

Restores Burp session state from a previously saved state file. See also: saveState

IMPORTANT: This method is only available with Burp 1.2.09 and higher.

  • filename = path and filename of the file to restore from



284
285
286
 
# File 'lib/buby.rb', line 284

def restoreState(filename)
  _check_and_callback(:restoreState, java.io.File.new(filename))
end

#saveState(filename) ⇒ Object Also known as: save_state

Saves the current Burp session to a state file. See also restoreState.

IMPORTANT: This method is only available with Burp 1.2.09 and higher.

  • filename = path and filename of the file to save to



295
296
297
 
# File 'lib/buby.rb', line 295

def saveState(filename)
  _check_and_callback(:saveState, java.io.File.new(filename))
end

#search_proxy_history(statefile = nil, urlrx = nil) ⇒ Object

Searches the proxy history for the url’s matched by the specified regular expression (returns them all if urlrx is nil).

A statefile to search in can optionally be specified or the existing state will be used if statefile is nil.

This method also accepts an optional block which is passed each of the matched history members.



630
631
632
633
634
635
636
637
638
 
# File 'lib/buby.rb', line 630

def search_proxy_history(statefile=nil, urlrx=nil)
  ret = []
  with_proxy_history(statefile) do |r|
    if (not urlrx) or r.url.to_s =~ urlrx
      ret << r if (not block_given?) or yield(r)
    end
  end
  return ret
end

#sendToIntruder(host, port, https, req) ⇒ Object Also known as: send_to_intruder, intruder

Send an HTTP request to the Burp Intruder tool

* host  = The hostname of the remote HTTP server.
* port  = The port of the remote HTTP server.
* https = Flags whether the protocol is HTTPS or HTTP.
* req   = The full HTTP request.  (String or Java bytes[])



201
202
203
204
 
# File 'lib/buby.rb', line 201

def sendToIntruder(host, port, https, req)
  req = req.to_java_bytes if req.is_a? String
  _check_cb.sendToIntruder(host, port, https, req)
end

#sendToRepeater(host, port, https, req, tab = nil) ⇒ Object Also known as: send_to_repeater, repeater

Send an HTTP request to the Burp Repeater tool.

* host  = The hostname of the remote HTTP server.
* port  = The port of the remote HTTP server.
* https = Flags whether the protocol is HTTPS or HTTP.
* req   = The full HTTP request. (String or Java bytes[])
* tab   = The tab caption displayed in Repeater. (default: auto-generated)



214
215
216
217
 
# File 'lib/buby.rb', line 214

def sendToRepeater(host, port, https, req, tab=nil)
  req = req.to_java_bytes if req.is_a? String
  _check_cb.sendToRepeater(host, port, https, req, tab)
end

#sendToSpider(url) ⇒ Object Also known as: send_to_spider, spider

Send a seed URL to the Burp Spider tool.

* url = The new seed URL to begin spidering from.



223
224
225
226
 
# File 'lib/buby.rb', line 223

def sendToSpider(url)
  url = java.net.URL.new(url) if url.is_a? String
  _check_cb.includeInScope(url)
end

#start_burp(args = []) ⇒ Object

Prepares the java BurpExtender implementation with a reference to self as the module handler and launches burp suite.



667
668
669
670
671
 
# File 'lib/buby.rb', line 667

def start_burp(args=[])
  activate!()
  Java::Burp::StartBurp.main(args.to_java(:string))
  return self
end

#with_proxy_history(statefile = nil) ⇒ Object

This is a convenience wrapper which can load a given burp state file and lets its caller to perform actions inside of a block on the proxy history contained in the loaded session.

If a statefile argument isn’t specified current burp session state is used.

Yields each entry in the proxy history to a block (which is required)



586
587
588
589
590
 
# File 'lib/buby.rb', line 586

def with_proxy_history(statefile=nil)
  with_statefile(statefile) do |this|
    this.proxy_history.each {|h| yield h }
  end
end

#with_site_map(urlprefix = nil, statefile = nil) ⇒ Object

This is a convenience wrapper which can load a given burp state file and lets its caller to perform actions inside of a block on the site map contained in the loaded session.

If a statefile argument isn’t specified current burp session state is used.

Yields each entry in the site map to a block (which is required)



573
574
575
576
577
 
# File 'lib/buby.rb', line 573

def with_site_map(urlprefix=nil, statefile=nil)
  with_statefile(statefile) do |this|
    this.site_map(urlprefix).each {|h| yield h }
  end
end

#with_statefile(statefile = nil) {|_self| ... } ⇒ Object

This is a convenience wrapper which loads a given burp statefile and lets its caller perform actions via burp while its loaded on it inside of a block. The old state is restored after the block completes.

It can safely be used without a statefile argument, in which case the current session state is used.

It can safely be run without a statefile argument in which the current burp session state is used.

Yields:

  • (_self)

Yield Parameters:

  • _self (Buby)

    the object that the method was called on



601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
 
# File 'lib/buby.rb', line 601

def with_statefile(statefile=nil)
  if statefile
    # save current state:
    old_state=".#{$$}.#{Time.now.to_i}.state.bak"
    self.alert "Saving current state to temp statefile: #{old_state}"
    self.save_state(old_state)
    self.alert "Restoring state: #{statefile}"
    self.restore_state(statefile)
  end

  yield self

  if statefile
    # restore original state
    self.alert "Restoring temp statefile: #{old_state}"
    self.restore_state old_state
    self.alert "Deleting temp state file: #{old_state}"
    File.unlink old_state
  end
end