v1.7 - Small bug fixes

xnl-h4ck3r · Nov 27, 2022 · a0ef1e0 · a0ef1e0
1 parent b53906f
commit a0ef1e0
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 7 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,3 @@
 .vscode
 __pycache__
-.class
+*.class
diff --git a/GAP.py b/GAP.py
@@ -103,6 +103,21 @@
     "forward",
     "forwardurl",
     "forward_url",
+    "src",
+    "endpoint",
+    "srcURL",
+    "q",
+    "link",
+    "import_url",
+    "images",
+    "image",
+    "id",
+    "html",
+    "ewsUrl",
+    "downloadpath",
+    "destination",
+    "consumerUri",
+    "add_imageurl"
 ]
 
 # A comma separated list of Link exclusions used when no options have been saved, or when the "Restore defaults" button is pressed
@@ -194,6 +209,8 @@ def registerExtenderCallbacks(self, callbacks):
         )
         if _debug:
             print("DEBUG MODE ON\n")
+
+        print("If you ever see anything in the Errors tab, please raise an issue on Github so I can fix it!")
 
     def _createUI(self):
         """
@@ -1367,7 +1384,11 @@ def doEverything(self):
                                         print(
                                             "doEverything checking Burp _callbacks.isInScope"
                                         )
-                                    inScope = self._callbacks.isInScope(oUrl)
+                                    # If a URL contains a $ then Burp raises an error for some reason when _callbacks.isInScope is done, so don't check if it does.
+                                    if not "$" in oUrl: 
+                                        inScope = self._callbacks.isInScope(oUrl)
+                                    else:
+                                        inScope = True
 
                                 except Exception as e:
                                     # The link isn't a valid URL so can't check if it is in scope.
@@ -1578,7 +1599,10 @@ def isLinkInScope(self, link):
                         oUrl = URL(url)
                         if str(oUrl.getHost()) != "":
                             try:
-                                if self._callbacks.isInScope(oUrl):
+                                # If a URL contains a $ then Burp raises an error for some reason when _callbacks.isInScope is done, so don't check if it does.
+                                if not "$" in oUrl:
+                                    inScope = self._callbacks.isInScope(oUrl)
+                                else: 
                                     inScope = True
                             except:
                                 # Report as being inScope because we can't be sure if it is or not, but we can include just in case
@@ -2144,7 +2168,7 @@ def getResponseLinks(self, http_response, responseUrl):
                 link_keys = re.finditer(reString, body, re.IGNORECASE)
 
                 for key in link_keys:
-                    if key is not None and key.group() != "":
+                    if key is not None and len(key.group()) > 1:
                         link = key.group()
                         link = link.strip("\"'\n\r( ")
                         link = link.replace("\\n", "")
@@ -2187,6 +2211,10 @@ def getResponseLinks(self, http_response, responseUrl):
                         except Exception as e:
                             self._stderr.println("getResponseLinks 1")
                             self._stderr.println(e)
+                            try:
+                                self._stderr.println("The link that caused the error: " + link)
+                            except:
+                                pass
 
                         # If the link starts with a . and the  2nd character is not a . or / then remove the first .
                         if link[0] == "." and link[1] != "." and link[1] != "/":
@@ -2251,7 +2279,11 @@ def getResponseLinks(self, http_response, responseUrl):
         except Exception as e:
             self._stderr.println("getResponseLinks 3")
             self._stderr.println(e)
-
+            try:
+                self._stderr.println("The link that caused the error: " + link)
+            except:
+                pass
+
         # Also add a link of a js.map file if the X-SourceMap or SourceMap header exists
         try:
             # See if the SourceMap header exists

diff --git a/GAP/__init__.py b/GAP/__init__.py
@@ -1 +1 @@
-__version__="1.6"
+__version__="1.7"
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 <center><img src="https://github.com/xnl-h4ck3r/GAP-Burp-Extension/blob/main/GAP/images/title.png"></center>
 
-## About - v1.6
+## About - v1.7
 
 This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on. This is to be used instead of the original getAllParams extension if you want to make use of the additional link functionality.
 The full Help documentation can be found [here] (https://github.com/xnl-h4ck3r/burp-extensions/blob/main/GAP%20Help.md) or from the Help icon on the GAP tab.