From e83a6a1478876dc2468da6ce3790b204721b424b Mon Sep 17 00:00:00 2001 From: gh0stkey <24655118+gh0stkey@users.noreply.github.com> Date: Tue, 31 Dec 2024 15:40:05 +0800 Subject: [PATCH] Version: 4.0.1 Update --- src/main/java/hae/HaE.java | 2 +- .../instances/http/utils/RegularMatcher.java | 2 +- src/main/java/hae/utils/DataManager.java | 55 ++++++++++--------- src/main/resources/rules/Rules.yml | 2 +- 4 files changed, 31 insertions(+), 30 deletions(-) diff --git a/src/main/java/hae/HaE.java b/src/main/java/hae/HaE.java index 4f8b3b7..2dd53fc 100644 --- a/src/main/java/hae/HaE.java +++ b/src/main/java/hae/HaE.java @@ -18,7 +18,7 @@ public class HaE implements BurpExtension { @Override public void initialize(MontoyaApi api) { // 设置扩展名称 - String version = "4.0"; + String version = "4.0.1"; api.extension().setName("HaE - Highlighter and Extractor"); // 加载扩展后输出的项目信息 diff --git a/src/main/java/hae/instances/http/utils/RegularMatcher.java b/src/main/java/hae/instances/http/utils/RegularMatcher.java index dd0ee6b..a353f81 100644 --- a/src/main/java/hae/instances/http/utils/RegularMatcher.java +++ b/src/main/java/hae/instances/http/utils/RegularMatcher.java @@ -111,7 +111,7 @@ public Map> match(String host, String type, String m } } - public static void putDataToGlobalMap(MontoyaApi api, String host, String name, List dataList, boolean flag) { + public synchronized static void putDataToGlobalMap(MontoyaApi api, String host, String name, List dataList, boolean flag) { // 添加到全局变量中,便于Databoard检索 if (!Objects.equals(host, "") && host != null) { Config.globalDataMap.compute(host, (existingHost, existingMap) -> { diff --git a/src/main/java/hae/utils/DataManager.java b/src/main/java/hae/utils/DataManager.java index 732260b..767306b 100644 --- a/src/main/java/hae/utils/DataManager.java +++ b/src/main/java/hae/utils/DataManager.java @@ -19,23 +19,7 @@ public DataManager(MontoyaApi api) { this.persistence = api.persistence(); } - private void saveIndex(String indexName, String indexValue) { - PersistedList indexList = persistence.extensionData().getStringList(indexName); - - if (indexList != null && !indexList.isEmpty()) { - persistence.extensionData().deleteStringList(indexName); - } else { - indexList = PersistedList.persistedStringList(); - } - - if (!indexList.contains(indexValue)) { - indexList.add(indexValue); - } - - persistence.extensionData().setStringList(indexName, indexList); - } - - public void putData(String dataType, String dataName, PersistedObject persistedObject) { + public synchronized void putData(String dataType, String dataName, PersistedObject persistedObject) { if (persistence.extensionData().getChildObject(dataName) != null) { persistence.extensionData().deleteChildObject(dataName); } @@ -51,7 +35,22 @@ public void loadData(MessageTableModel messageTableModel) { // 2. 从索引获取数据 loadHaEData(dataIndex); loadMessageData(messageIndex, messageTableModel); + } + + private void saveIndex(String indexName, String indexValue) { + PersistedList indexList = persistence.extensionData().getStringList(indexName); + if (indexList != null && !indexList.isEmpty()) { + persistence.extensionData().deleteStringList(indexName); + } else { + indexList = PersistedList.persistedStringList(); + } + + if (!indexList.contains(indexValue)) { + indexList.add(indexValue); + } + + persistence.extensionData().setStringList(indexName, indexList); } private void loadHaEData(PersistedList dataIndex) { @@ -69,16 +68,18 @@ private void loadMessageData(PersistedList messageIndex, MessageTableMod if (messageIndex != null && !messageIndex.isEmpty()) { messageIndex.parallelStream().forEach(index -> { PersistedObject dataObj = persistence.extensionData().getChildObject(index); - HttpRequestResponse messageInfo = dataObj.getHttpRequestResponse("messageInfo"); - String comment = dataObj.getString("comment"); - String color = dataObj.getString("color"); - HttpRequest request = messageInfo.request(); - HttpResponse response = messageInfo.response(); - String method = request.method(); - String url = request.url(); - String status = String.valueOf(response.statusCode()); - String length = String.valueOf(response.toByteArray().length()); - messageTableModel.add(messageInfo, url, method, status, length, comment, color, false); + if (dataObj != null) { + HttpRequestResponse messageInfo = dataObj.getHttpRequestResponse("messageInfo"); + String comment = dataObj.getString("comment"); + String color = dataObj.getString("color"); + HttpRequest request = messageInfo.request(); + HttpResponse response = messageInfo.response(); + String method = request.method(); + String url = request.url(); + String status = String.valueOf(response.statusCode()); + String length = String.valueOf(response.toByteArray().length()); + messageTableModel.add(messageInfo, url, method, status, length, comment, color, false); + } }); } } diff --git a/src/main/resources/rules/Rules.yml b/src/main/resources/rules/Rules.yml index e18ed1f..753e4a7 100644 --- a/src/main/resources/rules/Rules.yml +++ b/src/main/resources/rules/Rules.yml @@ -231,7 +231,7 @@ rules: rule: - name: Linkfinder loaded: true - f_regex: (?:"|')(((?:[a-zA-Z]{1,10}://|//)[^"'/]{1,}\.[a-zA-Z]{2,}[^"']{0,})|((?:/|\.\./|\./)[^"'><,;|*()(%%$^/\\\[\]][^"'><,;|()]{1,})|([a-zA-Z0-9_\-/]{1,}/[a-zA-Z0-9_\-/]{1,}\.(?:[a-zA-Z]{1,4}|action)(?:[\?|#][^"|']{0,}|))|([a-zA-Z0-9_\-/]{1,}/[a-zA-Z0-9_\-/]{3,}(?:[\?|#][^"|']{0,}|))|([a-zA-Z0-9_\-]{1,}\.(?:\w)(?:[\?|#][^"|']{0,}|)))(?:"|') + f_regex: (?:"|')((?:(?:[a-zA-Z]{1,10}://|//)[^"'/]{1,}\.[a-zA-Z]{2,}[^"']{0,})|(?:(?:(?:/|\.\./|\./)?[^"'><,;|*()(%%$^/\\\[\]][^"'><,;|()]{1,}\.[a-zA-Z]{1,4})|(?:(?:/|\.\./|\./)?[^"'><,;|*()(%%$^/\\\[\]][^"'><,;|()]{1,}/[^"'><,;|()]{1,}(?:\.[a-zA-Z]{1,4}|action)?)))(?:[\?|#][^"|']{0,})?(?:"|') s_regex: '' format: '{0}' color: gray