mwielgoszewski/WcfBinaryBurpPlugin.py

## WcfBinaryBurpPlugin.py
# -*- coding: utf-8 -*-
"""
Created on Fri Dec 28 14:16:12 2012

@author: Nick Coblentz
Some of this code is borrowed from Brian Holyfield's Burp plugin located here: https://github.com/GDSSecurity/WCF-Binary-SOAP-Plug-In
It is also fully dependent on having NBFS.exe from his plugin in the same directory as Burp.
"""

from burp import IBurpExtender
from burp import IMessageEditorTabFactory
from burp import IMessageEditorTab
from java.io import PrintWriter
from xml.dom import minidom
import subprocess
import base64
from subprocess import CalledProcessError
import sys


class BurpExtender(IBurpExtender, IMessageEditorTabFactory):
    def registerExtenderCallbacks(self, callbacks):
        self.callbacks = callbacks
        self.stdout = PrintWriter(callbacks.getStdout(), True)
        self.stderr = PrintWriter(callbacks.getStderr(), True)
        self.helpers = callbacks.getHelpers()
        callbacks.setExtensionName("WCF Binary Helper")
        callbacks.registerMessageEditorTabFactory(self)
        return

    def createNewInstance(self, controller, editable):
        return WCFBinaryHelperTab(self, controller, editable)

class WCFBinaryHelperTab(IMessageEditorTab):
    def __init__(self, extender, controller, editable):
        self.extender = extender
        self.editable = editable
        self.controller = controller

        self.txtInput = extender.callbacks.createTextEditor()
        self.txtInput.setEditable(editable)

        self.httpHeaders = None
        self.body = None
        self.content = None
        return

    def getTabCaption(self):
        return "WCF Binary Helper"

    def getUiComponent(self):
        return self.txtInput.getComponent()

    def isModified(self):
        return self.txtInput.isTextModified()

    def getSelectedData(self):
        return self.txtInput.getSelectedText()

    def isEnabled(self, content, isRequest):
        #Content-Type: application/msbin1
        self.content = content

        if isRequest:
            info = self.extender.helpers.analyzeRequest(content)
        else:
            info = self.extender.helpers.analyzeResponse(content)

        self.httpHeaders = headers = info.getHeaders()
        self.body = self.extender.helpers.bytesToString(content[info.getBodyOffset():])

        for header in headers:
            if header.lower().startswith('content-type:'):
                return 'msbin1' in header.lower()

        return False

    def getPrettyXML(self,xmldata):
        try:
            return minidom.parseString(xmldata).toprettyxml(encoding="utf-8")
        except:
            return xmldata

    def decodeWCF(self, base64EncodedBody):
        try:
            #NBFS.exe must be in the same directory as Burp
            proc = subprocess.Popen(['NBFS.exe', 'decode', base64EncodedBody],
                                    stdout=subprocess.PIPE, stderr=subprocess.PIPE)
            output = proc.stdout.read()
            self.extender.stdout.println(output)
            self.extender.stdout.println(proc.stderr.read())
            return output
        except CalledProcessError as e:
            self.extender.stdout.println("error({0}): {1}".format(e.errno, e.strerror))
        except:
            self.extender.stdout.println("Unexpected error: %s: %s\n%s" % (sys.exc_info()[0],sys.exc_info()[1],sys.exc_info()[2]))
        return None

    def encodeWCF(self,xmlContent):
        xmlStringContent = self.extender.helpers.bytesToString(xmlContent)
        base64EncodedXML = base64.b64encode(xmlStringContent.replace("\n", '').replace("\t", ''))

        try:
            #NBFS.exe must be in the same directory as Burp
            proc = subprocess.Popen(['NBFS.exe', 'encode', base64EncodedXML],
                                    stdout=subprocess.PIPE, stderr=subprocess.PIPE)
            output = proc.stdout.read()
            self.extender.stdout.println(output)
            self.extender.stdout.println(proc.stderr.read())
            return self.extender.helpers.stringToBytes(base64.b64decode(output))
        except CalledProcessError, e:
            self.extender.stdout.println("error({0}): {1}".format(e.errno, e.strerror))
        except:
            self.extender.stdout.println("Unexpected error: %s: %s\n%s" % (sys.exc_info()[0],sys.exc_info()[1],sys.exc_info()[2]))
        return None

    def setMessage(self, content, isRequest):
        self.txtInput.setText(
                self.getPrettyXML(
                    base64.b64decode(
                        self.decodeWCF(
                            base64.b64encode(self.body)))))
        return

    def getMessage(self):
        if self.txtInput.isTextModified():
            return self.extender.helpers.buildHttpMessage(self.httpHeaders, self.encodeWCF(self.txtInput.getText()))
        else:
            return self.content
	# -- coding: utf-8 --
	"""
	Created on Fri Dec 28 14:16:12 2012

	@author: Nick Coblentz
	Some of this code is borrowed from Brian Holyfield's Burp plugin located here: https://github.com/GDSSecurity/WCF-Binary-SOAP-Plug-In
	It is also fully dependent on having NBFS.exe from his plugin in the same directory as Burp.
	"""

	from burp import IBurpExtender
	from burp import IMessageEditorTabFactory
	from burp import IMessageEditorTab
	from java.io import PrintWriter
	from xml.dom import minidom
	import subprocess
	import base64
	from subprocess import CalledProcessError
	import sys


	class BurpExtender(IBurpExtender, IMessageEditorTabFactory):
	def registerExtenderCallbacks(self, callbacks):
	self.callbacks = callbacks
	self.stdout = PrintWriter(callbacks.getStdout(), True)
	self.stderr = PrintWriter(callbacks.getStderr(), True)
	self.helpers = callbacks.getHelpers()
	callbacks.setExtensionName("WCF Binary Helper")
	callbacks.registerMessageEditorTabFactory(self)
	return

	def createNewInstance(self, controller, editable):
	return WCFBinaryHelperTab(self, controller, editable)

	class WCFBinaryHelperTab(IMessageEditorTab):
	def __init__(self, extender, controller, editable):
	self.extender = extender
	self.editable = editable
	self.controller = controller

	self.txtInput = extender.callbacks.createTextEditor()
	self.txtInput.setEditable(editable)

	self.httpHeaders = None
	self.body = None
	self.content = None
	return

	def getTabCaption(self):
	return "WCF Binary Helper"

	def getUiComponent(self):
	return self.txtInput.getComponent()

	def isModified(self):
	return self.txtInput.isTextModified()

	def getSelectedData(self):
	return self.txtInput.getSelectedText()

	def isEnabled(self, content, isRequest):
	#Content-Type: application/msbin1
	self.content = content

	if isRequest:
	info = self.extender.helpers.analyzeRequest(content)
	else:
	info = self.extender.helpers.analyzeResponse(content)

	self.httpHeaders = headers = info.getHeaders()
	self.body = self.extender.helpers.bytesToString(content[info.getBodyOffset():])

	for header in headers:
	if header.lower().startswith('content-type:'):
	return 'msbin1' in header.lower()

	return False

	def getPrettyXML(self,xmldata):
	try:
	return minidom.parseString(xmldata).toprettyxml(encoding="utf-8")
	except:
	return xmldata

	def decodeWCF(self, base64EncodedBody):
	try:
	#NBFS.exe must be in the same directory as Burp
	proc = subprocess.Popen(['NBFS.exe', 'decode', base64EncodedBody],
	stdout=subprocess.PIPE, stderr=subprocess.PIPE)
	output = proc.stdout.read()
	self.extender.stdout.println(output)
	self.extender.stdout.println(proc.stderr.read())
	return output
	except CalledProcessError as e:
	self.extender.stdout.println("error({0}): {1}".format(e.errno, e.strerror))
	except:
	self.extender.stdout.println("Unexpected error: %s: %s\n%s" % (sys.exc_info()[0],sys.exc_info()[1],sys.exc_info()[2]))
	return None

	def encodeWCF(self,xmlContent):
	xmlStringContent = self.extender.helpers.bytesToString(xmlContent)
	base64EncodedXML = base64.b64encode(xmlStringContent.replace("\n", '').replace("\t", ''))

	try:
	#NBFS.exe must be in the same directory as Burp
	proc = subprocess.Popen(['NBFS.exe', 'encode', base64EncodedXML],
	stdout=subprocess.PIPE, stderr=subprocess.PIPE)
	output = proc.stdout.read()
	self.extender.stdout.println(output)
	self.extender.stdout.println(proc.stderr.read())
	return self.extender.helpers.stringToBytes(base64.b64decode(output))
	except CalledProcessError, e:
	self.extender.stdout.println("error({0}): {1}".format(e.errno, e.strerror))
	except:
	self.extender.stdout.println("Unexpected error: %s: %s\n%s" % (sys.exc_info()[0],sys.exc_info()[1],sys.exc_info()[2]))
	return None

	def setMessage(self, content, isRequest):
	self.txtInput.setText(
	self.getPrettyXML(
	base64.b64decode(
	self.decodeWCF(
	base64.b64encode(self.body)))))
	return

	def getMessage(self):
	if self.txtInput.isTextModified():
	return self.extender.helpers.buildHttpMessage(self.httpHeaders, self.encodeWCF(self.txtInput.getText()))
	else:
	return self.content