Package org.parosproxy.paros.network

Examples of org.parosproxy.paros.network.HttpMessage

68
69
70
71
72
73
74
75
76
77
78
79
80
81
          public void actionPerformed(java.awt.event.ActionEvent e) {
             
              JList listLog = extension.getLogPanel().getListLog();
              HistoryReference ref = (HistoryReference) listLog.getSelectedValue();
              HttpMessage msg = null;
              try {
                    msg = ref.getHttpMessage();
                  extension.showNotesAddDialog(ref, msg.getNote());
                 
                } catch (HttpMalformedHeaderException e1) {
                    e1.printStackTrace();
                } catch (SQLException e1) {
                    e1.printStackTrace();
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
   *            to run scan with.
   */
  private void testFile(String fileName) throws IOException {

    boolean suspiciousFileFound = false;
    HttpMessage msg = getNewMsg();

    try {
      URI uri = msg.getRequestHeader().getURI();
      String path = uri.getPath();

      if (path == null || path.equals("")) {
        return;
      }
     
     
      if (!path.endsWith("/")) {
        path = path + "/";
      }

      path = path + fileName;

      uri.setPath(path);
      msg.getRequestHeader().setURI(uri);

      sendAndReceive(msg);

      if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
        return;
      }

      if (matchBodyPattern(msg, patternPhpInfo, null)) {
        suspiciousFileFound = true;
      }
    } catch (IOException e) {
    }

    if (suspiciousFileFound) {
      bingo(Alert.RISK_MEDIUM, Alert.WARNING, msg.getRequestHeader()
          .getURI().toString(), "", "", msg);
    }
  }
View Full Code Here
102
103
104
105
106
107
108
109
110
111
112
    }

   
    StringBuffer sb = new StringBuffer();
   
    HttpMessage msg2 = msg;
   
    if (matchBodyPattern(msg2, patternXSS4, sb)) {
      bingo(Alert.RISK_MEDIUM, Alert.SUSPICIOUS, null, param + "=" + XSS4, null, msg);
      return;
    }
View Full Code Here
96
97
98
99
100
101
102
103
104
105
106
107
108
  public void init() {

  }

  public void scan() {
    HttpMessage base = getBaseMsg();

    String uri = base.getRequestHeader().getURI().toString();
    Matcher matcher = null;
    String sessionIdValue = null;
    String sessionIdName = null;
    for (int i = 0; i < staticSessionIDList.length; i++) {
      matcher = staticSessionIDList[i].matcher(uri);
View Full Code Here
76
77
78
79
80
81
82
83
84
85
86
87
88
                extension.setStartNode(node);
                  if (node.isRoot()) {
                      extension.showDialog("All sites will be crawled");
                  } else {
                      try {
                          HttpMessage msg = node.getHistoryReference().getHttpMessage();
                          if (msg != null) {
                              String tmp = msg.getRequestHeader().getURI().toString();
                              extension.showDialog(tmp);
                          }
                      } catch (Exception e1) {
                        // ZAP: Log the exception
                        logger.error(e1.getMessage(), e1);
View Full Code Here
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
  }

  public HistoryReference(int historyId) throws HttpMalformedHeaderException, SQLException {
    RecordHistory history = null;
    history = staticTableHistory.read(historyId);
    HttpMessage msg = history.getHttpMessage();
    // ZAP: Support for multiple tags
    List<RecordTag> tags = staticTableTag.getTagsForHistoryID(historyId);
    for (RecordTag tr : tags) {
      msg.addTag(tr.getTag());
    }
    build(history.getSessionId(), history.getHistoryId(), history.getHistoryType(), msg);
   
    // ZAP: Support for loading the alerts from the db
    List<RecordAlert> alerts = staticTableAlert.getAlertsBySourceHistoryId(historyId);
View Full Code Here
166
167
168
169
170
171
172
173
174
175
176
    if (display != null) {
      return display;
    }

    HttpMessage msg = null;
    try {
      msg = getHttpMessage();
      display = getDisplay(msg);
    } catch (HttpMalformedHeaderException e1) {
      display = "";
View Full Code Here
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
  public void scan() {
    String result = null;
    String path = null;
    URI uri = null;
    int pos = 0;
    HttpMessage msg = getNewMsg();
    try {
      uri = msg.getRequestHeader().getURI();
      path = uri.getPath();
    } catch (Exception e) {
      e.printStackTrace();
    }

    if (path == null || path.equals("")) {
      return;
    }

    msg = getNewMsg();
    String newPath = path + "/" + XSS;
    try {
      uri.setPath(newPath);
      msg.getRequestHeader().setURI(uri);
      sendAndReceive(msg);
    } catch (Exception e) {
      e.printStackTrace();
    }

    result = msg.getResponseBody().toString();
    pos = result.indexOf(XSS);

    if (pos == -1)
      return;
View Full Code Here
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
      menuItemSpider.addActionListener(new ActionListener() {

            public void actionPerformed(ActionEvent e) {
              JTree siteTree = getView().getSiteTreePanel().getTreeSite();
              SiteNode node = (SiteNode) siteTree.getLastSelectedPathComponent();
              HttpMessage msg = null;
              if (node == null) {
                getView().showWarningDialog("You need to visit the website via a browser first and select a URL/folder/node in the 'Sites' panel displayed.");
                return;
              }
              setStartNode(node);
              if (node.isRoot()) {
                showDialog("All sites will be crawled");
              } else {
                try {
                  msg = node.getHistoryReference().getHttpMessage();
                } catch (Exception e1) {
                  // ZAP: Log exceptions
                              log.warn(e1.getMessage(), e1);
                  return;
                }
                String tmp = msg.getRequestHeader().getURI().toString();
                showDialog(tmp);
              }

            }
          });
View Full Code Here
199
200
201
202
203
204
205
206
207
208
209
210
211
  private void inOrderSeed(Spider spider, SiteNode node) {

    try {
      if (!node.isRoot()) {
        HttpMessage msg = node.getHistoryReference().getHttpMessage();
        if (msg != null) {
          if (!msg.getResponseHeader().isImage()) {
            spider.addSeed(msg);
          }
        }
      }
    } catch (Exception e) {
View Full Code Here
TOP

Related Classes of org.parosproxy.paros.network.HttpMessage

  • com.denimgroup.threadfix.plugin.zap.action.AttackThread
  • org.apache.commons.httpclient.URI
  • org.parosproxy.paros.core.proxy.ProxyThread
  • org.parosproxy.paros.core.scanner.AbstractAppParamPlugin
  • org.parosproxy.paros.core.scanner.AbstractDefaultFilePlugin
  • org.parosproxy.paros.core.scanner.Analyser
  • org.parosproxy.paros.core.scanner.HostProcess
  • org.parosproxy.paros.core.scanner.plugin.TestClientAutocomplete
  • org.parosproxy.paros.core.scanner.plugin.TestClientBrowserAutocomplete
  • org.parosproxy.paros.core.scanner.plugin.TestClientBrowserCache
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.