Created
January 31, 2020 17:23
-
-
Save Leoid/6498306c3f8e8f2ac9e04c7b3a296eb4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): | |
| for i in range(0, self.IFList.getModel().getSize()): | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "Ignore spider requests": | |
| if (toolFlag == self._callbacks.TOOL_SPIDER): | |
| return | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "Ignore proxy requests": | |
| if (toolFlag == self._callbacks.TOOL_PROXY): | |
| return | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "Ignore target requests": | |
| if (toolFlag == self._callbacks.TOOL_TARGET): | |
| return | |
| cookies = self.getCookieFromMessage(messageInfo) | |
| if cookies: | |
| self.lastCookies = cookies | |
| self.fetchButton.setEnabled(True) | |
| if self.intercept == 1 and (toolFlag == self._callbacks.TOOL_PROXY or (toolFlag == self._callbacks.TOOL_REPEATER and self.interceptRequestsfromRepeater.isSelected())): | |
| if self.prevent304.isSelected(): | |
| if messageIsRequest: | |
| requestHeaders = list(self._helpers.analyzeRequest(messageInfo).getHeaders()) | |
| newHeaders = list() | |
| found = 0 | |
| for header in requestHeaders: | |
| if not "If-None-Match:" in header and not "If-Modified-Since:" in header: | |
| newHeaders.append(header) | |
| found = 1 | |
| if found == 1: | |
| requestInfo = self._helpers.analyzeRequest(messageInfo) | |
| bodyBytes = messageInfo.getRequest()[requestInfo.getBodyOffset():] | |
| bodyStr = self._helpers.bytesToString(bodyBytes) | |
| messageInfo.setRequest(self._helpers.buildHttpMessage(newHeaders, bodyStr)) | |
| if not messageIsRequest: | |
| # Requests with the same headers of the RegexAllThings headers are | |
| # not intercepted | |
| if not self.replaceString.getText() in self._helpers.analyzeRequest(messageInfo).getHeaders(): | |
| if self.ignore304.isSelected(): | |
| if self.isStatusCodesReturned(messageInfo, ["304", "204"]): | |
| return | |
| if self.IFList.getModel().getSize() == 0: | |
| self.checkAuthorization(messageInfo,self._helpers.analyzeResponse(messageInfo.getResponse()).getHeaders(), | |
| self.doUnauthorizedRequest.isSelected()) | |
| else: | |
| urlString = str(self._helpers.analyzeRequest(messageInfo).getUrl()) | |
| do_the_check = 1 | |
| for i in range(0, self.IFList.getModel().getSize()): | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "Scope items only": | |
| currentURL = URL(urlString) | |
| if not self._callbacks.isInScope(currentURL): | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "URL Contains (simple string)": | |
| if self.IFList.getModel().getElementAt(i)[30:] not in urlString: | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "URL Contains (regex)": | |
| regex_string = self.IFList.getModel().getElementAt(i)[22:] | |
| if re.search(regex_string, urlString, re.IGNORECASE) is None: | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "URL Not Contains (simple string)": | |
| if self.IFList.getModel().getElementAt(i)[34:] in urlString: | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "URL Not Contains (regex)": | |
| regex_string = self.IFList.getModel().getElementAt(i)[26:] | |
| if not re.search(regex_string, urlString, re.IGNORECASE) is None: | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "URL Not Contains (regex)": | |
| regex_string = self.IFList.getModel().getElementAt(i)[26:] | |
| if not re.search(regex_string, urlString, re.IGNORECASE) is None: | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "Only HTTP methods (newline separated)": | |
| filterMethods = self.IFList.getModel().getElementAt(i)[39:].split("\n") | |
| filterMethods = [x.lower() for x in filterMethods] | |
| reqMethod = str(self._helpers.analyzeRequest(messageInfo).getMethod()) | |
| if reqMethod.lower() not in filterMethods: | |
| do_the_check = 0 | |
| if self.IFList.getModel().getElementAt(i).split(":")[0] == "Ignore HTTP methods (newline separated)": | |
| filterMethods = self.IFList.getModel().getElementAt(i)[41:].split("\n") | |
| filterMethods = [x.lower() for x in filterMethods] | |
| reqMethod = str(self._helpers.analyzeRequest(messageInfo).getMethod()) | |
| if reqMethod.lower() in filterMethods: | |
| do_the_check = 0 | |
| if do_the_check: | |
| self.checkAuthorization(messageInfo,self._helpers.analyzeResponse(messageInfo.getResponse()).getHeaders(),self.doUnauthorizedRequest.isSelected()) | |
| def isStatusCodesReturned(self, messageInfo, statusCodes): | |
| firstHeader = self._helpers.analyzeResponse(messageInfo.getResponse()).getHeaders()[0] | |
| if type(statusCodes) == list: | |
| for statusCode in statusCodes: | |
| if statusCode in firstHeader: | |
| return True | |
| elif type(statusCodes) == str or type(statusCodes) == unicode: | |
| # single status code | |
| if statusCodes in firstHeader: | |
| return True | |
| return False |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment