Update to v1.1.4.

Try to obtain any headers available from the request and set cookies, where present. modified: build.gradle modified: src/main/java/burp/BurpExtender.java modified: src/main/java/org.focalpoint.isns.burp.srichecks/ScriptFinder.java
phefley · Oct 30, 2019 · 7866df4 · 7866df4
1 parent 199a4dd
commit 7866df4
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 10 deletions.
diff --git a/build.gradle b/build.gradle
@@ -14,7 +14,7 @@ plugins {
     id 'application'
 }
 
-version = '1.1.3'
+version = '1.1.4'
 
 sourceCompatibility = '1.8'
 targetCompatibility = '1.8'

diff --git a/src/main/java/burp/BurpExtender.java b/src/main/java/burp/BurpExtender.java
@@ -327,6 +327,8 @@ public List<IScanIssue> doPassiveScan(IHttpRequestResponse baseRequestResponse)
         // Get the response contents for the passive scan
         String response = helpers.bytesToString(baseRequestResponse.getResponse());
         String html = "";
+        // Set the headers for the request
+        scriptFinder.setRequestHeaders(helpers.analyzeRequest(baseRequestResponse).getHeaders());
 
         log(currentScanNumber, url, "starting passive checks.");
 

diff --git a/src/main/java/org.focalpoint.isns.burp.srichecks/ScriptFinder.java b/src/main/java/org.focalpoint.isns.burp.srichecks/ScriptFinder.java
@@ -147,7 +147,8 @@ public Integer getTimeout(){
      * @param headers - a list of request headers
      */
     public void setRequestHeaders(List<String> headers){
-        Collections.copy(requestHeaders, headers);
+        requestHeaders = new ArrayList<>();
+        requestHeaders.addAll(headers);
     }
 
 
@@ -195,28 +196,50 @@ public void startDriver(){
     }
 
     /**
-     * Load the DOM and check for any referenced scripts
-     * Starts and stops the selenium instance
+     * sets the driver's cookies up based on the requestHeaders set
      */
-    public void checkForDomScripts(){
-        startDriver();
+    private void setDriverCookies(){
+        // You can't set cookies until you have the domain set in the DOM, this is a fix for that
+        try {
+            driver.get(url);
+        }
+        catch (TimeoutException e){
+            System.err.println("[" + url + "][-] - timeout when connecting.");
+        }
 
         // Set the driver's cookies based on the headers, if there are any
         if (requestHeaders != null){
             for (String header: requestHeaders){
                 if (header.startsWith("Cookie: ")){
-                    // This is a cookie, split it up
+                    // This is a cookie header, split it up
                     String cookieString = header.substring(8,header.length());
                     for (String kvPair : cookieString.split(";")){
-                        String key = kvPair.split("=")[0];
-                        String value = kvPair.split("=")[1];
+                        String key = kvPair.split("=")[0].trim();
+                        String value = kvPair.split("=")[1].trim();
                         Cookie cookieObj = new Cookie(key, value);
-                        driver.manage().setCookie(cookieObj);
+                        try {
+                            driver.manage().addCookie(cookieObj);
+                        }
+                        catch (org.openqa.selenium.UnableToSetCookieException d){
+                            System.err.println("[JS-SRI][-] Could not set cookie for key " + key + " and value " + value);
+                        }
                     }
                 }
             }
         }
+    }
+
+
+    /**
+     * Load the DOM and check for any referenced scripts
+     * Starts and stops the selenium instance
+     */
+    public void checkForDomScripts(){
+        startDriver();
+
+        setDriverCookies();
 
+        // Now actually get the page
         try {
             driver.get(url);
         }