bit4woo
diff --git a/‎src/burp/BurpExtender.java‎
Lines changed: 11 additions & 149 deletions b/‎src/burp/BurpExtender.java‎
Lines changed: 11 additions & 149 deletions
diff --git a/‎src/config/Config.java‎
Lines changed: 18 additions & 7 deletions b/‎src/config/Config.java‎
Lines changed: 18 additions & 7 deletions
diff --git a/‎src/knife/Cookie.java‎
Lines changed: 0 additions & 11 deletions b/‎src/knife/Cookie.java‎
Lines changed: 0 additions & 11 deletions
diff --git a/‎src/knife/CookieUtils.java‎
Lines changed: 19 additions & 12 deletions b/‎src/knife/CookieUtils.java‎
Lines changed: 19 additions & 12 deletions
@@ -101,7 +101,7 @@ public List<JMenuItem> createMenuItems(IContextMenuInvocation invocation) {
 		if (context == IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST) {
 
 			menu_list.add(new UpdateCookieMenu(this));
-			if (this.config.getTmpMap().containsKey("UsedCookie")){
+			if (this.config.getUsedCookie()!=null){
 				menu_list.add(new UpdateCookieWithHistoryMenu(this));
 			}
 
@@ -114,7 +114,7 @@ public List<JMenuItem> createMenuItems(IContextMenuInvocation invocation) {
 		}
 
 		menu_list.add(new SetCookieMenu(this));
-		if (this.config.getTmpMap().containsKey("cookieToSetHistory")){
+		if (this.config.getUsedCookie() != null){
 			menu_list.add(new SetCookieWithHistoryMenu(this));
 		}
 
@@ -195,17 +195,19 @@ public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessa
 		}
 
 		//当函数第一次被调用时，还没来得及设置cookie，获取到的cookieToSet必然为空。
-		String cookieToSet = config.getTmpMap().get("cookieToSet");
+		HashMap<String, HeaderEntry> cookieToSetMap = config.getSetCookieMap();
 		//stderr.println("called"+cookieToSet);
-		if (cookieToSet != null){//第二次调用如果cookie不为空，就走到这里
-			String targetUrl = cookieToSet.split(CookieUtils.SPLITER)[0];
-			String originUrl = cookieToSet.split(CookieUtils.SPLITER)[1];
-			String cookieValue = cookieToSet.split(CookieUtils.SPLITER)[2];
+		if (cookieToSetMap != null && !cookieToSetMap.isEmpty()){//第二次调用如果cookie不为空，就走到这里
 
 			IHttpRequestResponse messageInfo = message.getMessageInfo();
 			String CurrentUrl = messageInfo.getHttpService().toString();
 			//stderr.println(CurrentUrl+" "+targetUrl);
-			if (targetUrl.equalsIgnoreCase(CurrentUrl)){
+			HeaderEntry cookieToSet = cookieToSetMap.get(CurrentUrl);
+			if (cookieToSet != null){
+				
+				String targetUrl = cookieToSet.getTargetUrl();
+				String cookieValue = cookieToSet.getHeaderValue();
+				
 				if (messageIsRequest) {
 					byte[] newRequest = CookieUtils.updateCookie(messageInfo,cookieValue);
 					messageInfo.setRequest(newRequest);
@@ -219,9 +221,7 @@ public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessa
 					byte[] response = helpers.buildHttpMessage(responseHeaders,responseBody);
 
 					messageInfo.setResponse(response);
-					config.getTmpMap().remove("cookieToSet");//only need to set once
-					config.getTmpMap().put("cookieToSetHistory",cookieToSet);//store used cookie, change name to void change every request of host
-					//临时换名称存储，避免这个参数影响这里的逻辑，导致域名下的每个请求都会进行该操作。
+					cookieToSetMap.remove(CurrentUrl);//only need to set once
 				}
 			}
 
@@ -363,144 +363,6 @@ public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequ
 		}
 	}
 
-	@Deprecated
-	public void processHttpMessageWithEditor(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) {
-		//messageeditor
-		synchronized (messageInfo) {
-			if (messageIsRequest) {
-
-				boolean isRequestChanged = false;
-				MessageEditor editer = new MessageEditor(messageIsRequest, messageInfo, helpers);
-
-				URL url = editer.getURL();
-				String path = url.getPath();
-				String host = editer.getHost();
-				byte[] body = editer.getBody();
-				LinkedHashMap<String, String> headers = editer.getHeaderMap();//this will lost the first line
-
-
-				//remove header
-				List<ConfigEntry> configEntries = tableModel.getConfigByType(ConfigEntry.Action_Remove_From_Headers);
-				for (ConfigEntry entry : configEntries) {
-					String key = entry.getKey();
-					if (headers.remove(key) != null) {
-						isRequestChanged = true;
-					}
-				}
-
-				if (config.getTmpMap().containsKey(host)) {//自动更新cookie
-					String cookieValue = config.getTmpMap().get(host);
-					String[] values = cookieValue.split("::::");
-					String trueCookie = values[1];
-					headers.put("Cookie", trueCookie);
-					isRequestChanged = true;
-				}
-
-				//add/update/append header
-				if (toolFlag == (toolFlag & checkEnabledFor())) {
-					//if ((config.isOnlyForScope() && callbacks.isInScope(url))|| !config.isOnlyForScope()) {
-					if (!config.isOnlyForScope()||callbacks.isInScope(url)){
-						try {
-							List<ConfigEntry> updateOrAddEntries = tableModel.getConfigEntries();
-							for (ConfigEntry entry : updateOrAddEntries) {
-								String key = entry.getKey();
-								String value = entry.getValue();
-
-								if (value.contains("%host")) {
-									value = value.replaceAll("%host", host);
-									//stdout.println("3333"+value);
-								}
-
-								if (value.toLowerCase().contains("%dnslogserver")) {
-									String dnslog = tableModel.getConfigByKey("DNSlogServer");
-									Pattern p = Pattern.compile("(?u)%dnslogserver");
-									Matcher m = p.matcher(value);
-
-									while (m.find()) {
-										String found = m.group(0);
-										value = value.replaceAll(found, dnslog);
-									}
-								}
-
-								if (entry.getType().equals(ConfigEntry.Action_Add_Or_Replace_Header) && entry.isEnable()) {
-									headers.put(key, value);
-									isRequestChanged = true;
-
-								} else if (entry.getType().equals(ConfigEntry.Action_Append_To_header_value) && entry.isEnable()) {
-									value = headers.get(key) + value;
-									headers.put(key, value);
-									isRequestChanged = true;
-									//stdout.println("2222"+value);
-								} else if (entry.getKey().equalsIgnoreCase("Chunked-AutoEnable") && entry.isEnable()) {
-									headers.put("Transfer-Encoding", "chunked");
-									isRequestChanged = true;
-
-									try {
-										boolean useComment = false;
-										if (this.tableModel.getConfigByKey("Chunked-UseComment") != null) {
-											useComment = true;
-										}
-										String lenStr = this.tableModel.getConfigByKey("Chunked-Length");
-										int len = 10;
-										if (lenStr != null) {
-											len = Integer.parseInt(lenStr);
-										}
-										body = Methods.encoding(body, len, useComment);
-										editer.setBody(body);
-									} catch (UnsupportedEncodingException e) {
-										e.printStackTrace(stderr);
-									}
-								}
-							}
-
-
-							///proxy function should be here
-							//reference https://support.portswigger.net/customer/portal/questions/17350102-burp-upstream-proxy-settings-and-sethttpservice
-							String proxy = this.tableModel.getConfigByKey("Proxy-ServerList");
-							String mode = this.tableModel.getConfigByKey("Proxy-UseRandomMode");
-
-							if (proxy != null) {//if enable is false, will return null.
-								List<String> proxyList = Arrays.asList(proxy.split(";"));//如果字符串是以;结尾，会被自动丢弃
-
-								if (mode != null) {//random mode
-									proxyServerIndex = (int) (Math.random() * proxyList.size());
-									//proxyServerIndex = new Random().nextInt(proxyList.size());
-								} else {
-									proxyServerIndex = (proxyServerIndex + 1) % proxyList.size();
-								}
-								String proxyhost = proxyList.get(proxyServerIndex).split(":")[0].trim();
-								int port = Integer.parseInt(proxyList.get(proxyServerIndex).split(":")[1].trim());
-								editer.setService(
-										helpers.buildHttpService(proxyhost, port, messageInfo.getHttpService().getProtocol()));
-								String firstrline = editer.getFirstLineOfHeader().replaceFirst(path, url.toString().split("\\?",0)[0]);
-								editer.setFirstLineOfHeader(firstrline);
-								isRequestChanged = true;
-								//success or failed,need to check?
-							}
-						} catch (Exception e) {
-							e.printStackTrace(stderr);
-						}
-					}
-				}
-				//set final request
-				editer.setHeaderMap(headers);
-				messageInfo = editer.getMessageInfo();
-
-				if (isRequestChanged) {
-					//debug
-					List<String> finalheaders = helpers.analyzeRequest(messageInfo).getHeaders();
-					//List<String> finalheaders = editer.getHeaderList();//error here:bodyOffset getted twice are different
-					stdout.println(System.lineSeparator() + "//////////edited request by knife//////////////" + System.lineSeparator());
-					for (String entry : finalheaders) {
-						stdout.println(entry);
-					}
-				}
-			}
-		}//sync
-	}
-
-
-
 	public List<String> GetSetCookieHeaders(String cookies){
 		if (cookies.startsWith("Cookie: ")){
 			cookies = cookies.replaceFirst("Cookie: ","");
 
@@ -9,14 +9,16 @@
 import com.alibaba.fastjson.annotation.JSONField;
 
 import burp.IBurpExtenderCallbacks;
+import knife.HeaderEntry;
 
 public class Config {
 
 	private String ConfigName = "";
 	private List<String> stringConfigEntries = new ArrayList<String>();// get from configTableModel
 	private int enableStatus = IBurpExtenderCallbacks.TOOL_PROXY;
 	private boolean onlyForScope = true;
-	private HashMap<String,String> tmpMap = new HashMap<String,String>();
+	private HashMap<String,HeaderEntry> setCookieMap = new HashMap<String,HeaderEntry>();
+	private HeaderEntry usedCookie = null;
 
 	Config(){
     	//to resolve "default constructor not found" error
@@ -58,14 +60,23 @@ public void setOnlyForScope(boolean onlyForScope) {
 		this.onlyForScope = onlyForScope;
 	}
 
-	public HashMap<String, String> getTmpMap() {
-		return tmpMap;
+	@JSONField(serialize=false)//表明不序列号该字段
+	public HashMap<String, HeaderEntry> getSetCookieMap() {
+		return setCookieMap;
+	}
+	@JSONField(serialize=false)//表明不序列号该字段
+	public void setSetCookieMap(HashMap<String, HeaderEntry> setCookieMap) {
+		this.setCookieMap = setCookieMap;
+	}
+	@JSONField(serialize=false)//表明不序列号该字段
+	public HeaderEntry getUsedCookie() {
+		return usedCookie;
+	}
+	@JSONField(serialize=false)//表明不序列号该字段
+	public void setUsedCookie(HeaderEntry usedCookie) {
+		this.usedCookie = usedCookie;
 	}
 
-	public void setTmpMap(HashMap<String, String> tmpMap) {
-		this.tmpMap = tmpMap;
-	}	
-	
 	@JSONField(serialize=false)//表明不序列号该字段
 	public String ToJson(){//注意函数名称，如果是get set开头，会被认为是Getter和Setter函数，会在序列化过程中被调用。
 		return JSONObject.toJSONString(this);
 
@@ -1,10 +1,13 @@
 package knife;
 
-import burp.*;
-
 import java.util.LinkedHashMap;
 import java.util.List;
 
+import burp.BurpExtender;
+import burp.Getter;
+import burp.IHttpRequestResponse;
+import burp.Methods;
+
 public class CookieUtils {
 
     //////////////////////////////////////////common methods for cookie handle///////////////////////////////
@@ -25,7 +28,7 @@ public static IHttpRequestResponse[] Reverse(IHttpRequestResponse[] input){
 	return a String url_which_cookie_from+SPLITER+cookievalue
 	 */
 
-    public static String getLatestHeaderFromHistory(String shortUrl,String headerName){
+    public static HeaderEntry getLatestHeaderFromHistory(String shortUrl,String headerName){
         //还是草粉师傅说得对，直接从history里面拿最好
 
         IHttpRequestResponse[]  historyMessages = Reverse(BurpExtender.callbacks.getProxyHistory());
@@ -53,36 +56,40 @@ public static String getLatestHeaderFromHistory(String shortUrl,String headerNam
             if (hisShortUrl.equalsIgnoreCase(shortUrl)) {
                 String cookieValue = getter.getHeaderValueOf(true,historyMessage,headerName);
                 if (cookieValue != null){
-                    return shortUrl+SPLITER+cookieValue;
+                	HeaderEntry entry = new HeaderEntry(shortUrl,headerName,cookieValue, null);
+                	return entry;
+                    //return shortUrl+SPLITER+cookieValue;
                 }
             }
         }
 
         return null;
     }
 
-    public static String getLatestCookieFromHistory(String shortUrl){
+    public static HeaderEntry getLatestCookieFromHistory(String shortUrl){
         return getLatestHeaderFromHistory(shortUrl,"Cookie");
     }
 
     /*
     return a String url_which_cookie_from+SPLITER+cookievalue
      */
-    public static String getLatestCookieFromSpeicified() {
-        String latestCookie = null;
+    public static HeaderEntry getLatestCookieFromSpeicified() {
+        HeaderEntry latestCookie = null;
         String domainOrCookie = Methods.prompt_and_validate_input("cookie OR cookie of ", null);
         String url1 = "";
         String url2 = "";
         try{
             if (domainOrCookie == null){
                 return null;
             }else if (domainOrCookie.contains("=") && !domainOrCookie.contains("?") && !domainOrCookie.contains("/")){//直接是cookie
-                latestCookie = domainOrCookie.trim();
-                if (latestCookie.startsWith("Cookie:")){
-                    latestCookie = latestCookie.replaceFirst("Cookie:","").trim();
+                String cookieValue = domainOrCookie.trim();
+                
+                if (cookieValue.startsWith("Cookie:")){
+                	cookieValue = cookieValue.replaceFirst("Cookie:","").trim();
                 }
-                String tips = "Cookie: "+latestCookie.substring(0,latestCookie.indexOf("="))+"...";
-                latestCookie = tips+SPLITER+latestCookie;
+                String tips = "Cookie: "+cookieValue.substring(0,cookieValue.indexOf("="))+"...";
+                latestCookie = new HeaderEntry(tips,"Cookie",cookieValue, null);
+              
                 return latestCookie;
             }else if (domainOrCookie.startsWith("http://") || domainOrCookie.startsWith("https://")) {//不包含协议头的域名或url
                 url1 = domainOrCookie;