CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/rex/parser/burp_issue_document.rb
Views: 1904
# -*- coding: binary -*-1require "rex/parser/nokogiri_doc_mixin"2require 'uri'34module Rex5module Parser67# If Nokogiri is available, define Burp Issue document class.8load_nokogiri && class BurpIssueDocument < Nokogiri::XML::SAX::Document910include NokogiriDocMixin1112def start_element(name=nil,attrs=[])13attrs = normalize_attrs(attrs)14block = @block15@state[:current_tag][name] = true16case name17when "host", "name", "info", "issueDetail", "references"18@state[:has_text] = true19end20end2122def end_element(name=nil)23block = @block24case name25when "issue"26report_web_host_info27report_web_service_info28report_vuln29# Reset the state once we close a host30@state = @state.select {|k| [:current_tag].include? k}31when "host"32@state[:has_text] = false33collect_host_info34@text = nil35when "name"36@state[:has_text] = false37collect_name38@text = nil39when "issueDetail"40@state[:has_text] = false41collect_issue_detail42@text = nil43when "references"44@state[:has_text] = false45collect_references46@text = nil47end48@state[:current_tag].delete name49end5051def collect_host_info52return unless in_issue53return unless has_text54uri = URI(@text)5556@state[:host] = uri.host57@state[:service_name] = uri.scheme58@state[:proto] = "tcp"5960case @state[:service_name]61when "http"62@state[:port] = 8063when "https"64@state[:port] = 44365end66end6768def collect_name69return unless in_issue70return unless has_text71@state[:vuln_name] = @text72end7374def collect_issue_detail75return unless in_issue76return unless has_text77@state[:issue_detail] = @text78end7980def collect_references81return unless in_issue82return unless has_text83uri = @text.match('href=[\'"]?([^\'" >]+)')[1]84@state[:refs] = ["URI-#{uri}"]85end8687def report_web_host_info88return unless @state[:host]89address = Rex::Socket.resolv_to_dotted(@state[:host]) rescue nil90host_info = {workspace: @args[:workspace]}91host_info[:address] = address92host_info[:name] = @state[:host]93db_report(:host, host_info)94end9596def report_web_service_info97return unless @state[:host]98return unless @state[:port]99return unless @state[:proto]100return unless @state[:service_name]101service_info = {workspace: @args[:workspace]}102service_info[:host] = @state[:host]103service_info[:port] = @state[:port]104service_info[:proto] = @state[:proto]105service_info[:name] = @state[:service_name]106@state[:service_object] = db_report(:service, service_info)107end108109def report_vuln110return unless @state[:service_object]111return unless @state[:vuln_name]112return unless @state[:issue_detail]113vuln_info = {workspace: @args[:workspace]}114vuln_info[:service_id] = @state[:service_object].id115vuln_info[:host] = @state[:host]116vuln_info[:name] = @state[:vuln_name]117vuln_info[:info] = @state[:issue_detail]118vuln_info[:refs] = @state[:refs]119@state[:vuln_object] = db_report(:vuln, vuln_info)120end121122def in_issue123return false unless in_tag("issue")124return false unless in_tag("issues")125return true126end127128def has_text129return false unless @text130return false if @text.strip.empty?131@text = @text.strip132end133end134135end136end137138139140