-
Notifications
You must be signed in to change notification settings - Fork 232
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3bb487e
commit 8cd9009
Showing
6 changed files
with
305 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<module type="JAVA_MODULE" version="4" /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<groupId>net.thekingofduck</groupId> | ||
<artifactId>fakeIP</artifactId> | ||
<version>1.0-SNAPSHOT</version> | ||
|
||
|
||
<build> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-compiler-plugin</artifactId> | ||
<configuration> | ||
<source>1.8</source> | ||
<target>1.8</target> | ||
</configuration> | ||
</plugin> | ||
</plugins> | ||
</build> | ||
<dependencies> | ||
<dependency> | ||
<groupId>net.portswigger.burp.extender</groupId> | ||
<artifactId>burp-extender-api</artifactId> | ||
<version>LATEST</version> | ||
</dependency> | ||
</dependencies> | ||
|
||
|
||
|
||
</project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,137 @@ | ||
package burp; | ||
|
||
import javax.swing.*; | ||
import java.awt.event.ActionEvent; | ||
import java.awt.event.ActionListener; | ||
import java.io.PrintWriter; | ||
import java.util.ArrayList; | ||
import java.util.List; | ||
|
||
/** | ||
* Project: fakeIP | ||
* Date:2021/5/21 上午11:07 | ||
* @author CoolCat | ||
* @version 1.0.0 | ||
* Github:https://github.com/TheKingOfDuck | ||
* When I wirting my code, only God and I know what it does. After a while, only God knows. | ||
*/ | ||
public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator, IHttpListener{ | ||
public static IExtensionHelpers helpers; | ||
private String PLUGIN_NAME = "burpFakeIP"; | ||
private String VERSION = "1.0"; | ||
public static PrintWriter stdout; | ||
|
||
@Override | ||
public void registerExtenderCallbacks(final IBurpExtenderCallbacks callbacks) { | ||
helpers = callbacks.getHelpers(); | ||
|
||
stdout = new PrintWriter(callbacks.getStdout(), true); | ||
String banner = "[+] %s %s is loaded...\n" + | ||
"[+] ####################################\n" + | ||
"[+] Anthor: CoolCat\n" + | ||
"[+] Blog: https://blog.thekingofduck.com/\n" + | ||
"[+] Github: https://github.com/TheKingOfDuck\n" + | ||
"[+] ####################################\n" + | ||
"[+] Enjoy it~"; | ||
stdout.println(String.format(banner,PLUGIN_NAME,VERSION)); | ||
|
||
//注册菜单 | ||
callbacks.registerContextMenuFactory(this); | ||
callbacks.registerIntruderPayloadGeneratorFactory(this); | ||
callbacks.setExtensionName(PLUGIN_NAME); | ||
callbacks.registerHttpListener(this); | ||
|
||
} | ||
|
||
@Override | ||
public List<JMenuItem> createMenuItems(IContextMenuInvocation iContextMenuInvocation) { | ||
List<JMenuItem> menus = new ArrayList(); | ||
JMenu menu = new JMenu(PLUGIN_NAME); | ||
|
||
JMenuItem custom = new JMenuItem("customIP"); | ||
JMenuItem localhost = new JMenuItem("127.0.0.1"); | ||
JMenuItem random = new JMenuItem("randomIP"); | ||
JMenuItem autoXFF = new JMenuItem("AutoXFF"); | ||
|
||
menu.add(custom); | ||
menu.add(localhost); | ||
menu.add(random); | ||
menu.add(autoXFF); | ||
|
||
if(iContextMenuInvocation.getInvocationContext() != IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST){ | ||
return menus; | ||
} | ||
custom.addActionListener(new ActionListener() { | ||
@Override | ||
public void actionPerformed(ActionEvent arg0) { | ||
String ip = JOptionPane.showInputDialog("Pls input ur ip:"); | ||
Utils.addfakeip(iContextMenuInvocation,ip); | ||
} | ||
}); | ||
|
||
localhost.addActionListener(new ActionListener() { | ||
@Override | ||
public void actionPerformed(ActionEvent arg0) { | ||
Utils.addfakeip(iContextMenuInvocation,"127.0.0.1"); | ||
} | ||
}); | ||
|
||
random.addActionListener(new ActionListener() { | ||
@Override | ||
public void actionPerformed(ActionEvent arg0) { | ||
Utils.addfakeip(iContextMenuInvocation,Utils.getRandomIp()); | ||
} | ||
}); | ||
|
||
autoXFF.addActionListener(new ActionListener() { | ||
@Override | ||
public void actionPerformed(ActionEvent arg0) { | ||
String xff = JOptionPane.showInputDialog("Pls input ur XFF header name:","X-Forwarded-For"); | ||
String xffvalue = JOptionPane.showInputDialog("Pls input ur XFF header value:","$RandomIp$"); | ||
Config.AUTOXFF = xff; | ||
Config.AUTOXFFVALUE = xffvalue; | ||
} | ||
}); | ||
|
||
menus.add(menu); | ||
return menus; | ||
} | ||
|
||
|
||
@Override | ||
public boolean hasMorePayloads() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public byte[] getNextPayload(byte[] bytes) { | ||
String payload = Utils.getRandomIp(); | ||
return payload.getBytes(); | ||
} | ||
|
||
@Override | ||
public void reset() { | ||
|
||
} | ||
|
||
@Override | ||
public String getGeneratorName() { | ||
return PLUGIN_NAME; | ||
} | ||
|
||
@Override | ||
public IIntruderPayloadGenerator createNewInstance(IIntruderAttack iIntruderAttack) { | ||
return this; | ||
} | ||
|
||
@Override | ||
public void processHttpMessage(int i, boolean b, IHttpRequestResponse iHttpRequestResponse) { | ||
if (b){ | ||
if (Config.AUTOXFFVALUE.equals("$RandomIp$")){ | ||
Utils.addfakeip(iHttpRequestResponse,Utils.getRandomIp()); | ||
} | ||
Utils.addfakeip(iHttpRequestResponse,Config.AUTOXFFVALUE); | ||
|
||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package burp; | ||
|
||
import java.util.Arrays; | ||
import java.util.List; | ||
|
||
/** | ||
* Project: fakeIP | ||
* Date:2021/5/21 上午11:56 | ||
* | ||
* @author CoolCat | ||
* @version 1.0.0 | ||
* Github:https://github.com/TheKingOfDuck | ||
* When I wirting my code, only God and I know what it does. After a while, only God knows. | ||
*/ | ||
public class Config { | ||
public static List<String> HEADER_LIST = Arrays.asList( | ||
"X-Forwarded-For","X-Forwarded","Forwarded-For","Forwarded", "X-Forwarded-Host", | ||
"X-remote-IP","X-remote-addr","True-Client-IP","X-Client-IP","Client-IP","X-Real-IP", | ||
"Ali-CDN-Real-IP","Cdn-Src-Ip","Cdn-Real-Ip","CF-Connecting-IP","X-Cluster-Client-IP", | ||
"WL-Proxy-Client-IP", "Proxy-Client-IP","Fastly-Client-Ip","True-Client-Ip","X-Originating-IP", | ||
"X-Host","X-Custom-IP-Authorization" | ||
); | ||
|
||
public static String AUTOXFF = "X-Forwarded-For"; | ||
public static String AUTOXFFVALUE = "$RandomIp$"; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
package burp; | ||
|
||
import java.io.UnsupportedEncodingException; | ||
import java.util.List; | ||
import java.util.Random; | ||
import java.util.stream.Collectors; | ||
|
||
/** | ||
* Project: fakeIP | ||
* Date:2021/5/21 上午11:30 | ||
* | ||
* @author CoolCat | ||
* @version 1.0.0 | ||
* Github:https://github.com/TheKingOfDuck | ||
* When I wirting my code, only God and I know what it does. After a while, only God knows. | ||
*/ | ||
public class Utils { | ||
|
||
public static void addfakeip(IContextMenuInvocation iContextMenuInvocation,String ip) { | ||
|
||
//获取原请求信息 | ||
IHttpRequestResponse currentRequest = iContextMenuInvocation.getSelectedMessages()[0]; | ||
IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(currentRequest); | ||
List<String> headers = requestInfo.getHeaders(); | ||
|
||
//去除header中本身已经有的字段 | ||
List<String> templist = Config.HEADER_LIST; | ||
for (String header:headers) { | ||
String hkey = header.split(":")[0]; | ||
templist = templist.stream().filter( key -> !key.equals(hkey)).collect(Collectors.toList()); | ||
} | ||
for (String headerkey:templist) { | ||
headers.add(String.format("%s: %s",headerkey,ip)); | ||
} | ||
|
||
//更新header | ||
byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(currentRequest).getBytes()); | ||
currentRequest.setRequest(newMessage); | ||
|
||
} | ||
|
||
|
||
public static void addfakeip(IHttpRequestResponse iHttpRequestResponse,String ip) { | ||
|
||
//获取原请求信息 | ||
IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(iHttpRequestResponse); | ||
List<String> headers = requestInfo.getHeaders(); | ||
|
||
//为每个请求添加一个Header | ||
headers = headers.stream().filter( key -> !key.equals(Config.AUTOXFF)).collect(Collectors.toList()); | ||
headers.add(String.format("%s: %s",Config.AUTOXFF,ip)); | ||
|
||
//更新header | ||
byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(iHttpRequestResponse).getBytes()); | ||
iHttpRequestResponse.setRequest(newMessage); | ||
|
||
} | ||
|
||
private static String getHttpRequestBody(IHttpRequestResponse httpRequestResponse) { | ||
byte[] request = httpRequestResponse.getRequest(); | ||
IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(request); | ||
|
||
int httpBodyOffset = requestInfo.getBodyOffset(); | ||
int httpBodyLength = request.length - httpBodyOffset; | ||
String httpBody = null; | ||
try { | ||
httpBody = new String(request, httpBodyOffset, httpBodyLength, "UTF-8"); | ||
} catch (UnsupportedEncodingException e) { | ||
throw new RuntimeException(e); | ||
} | ||
return httpBody; | ||
} | ||
|
||
public static String getRandomIp() { | ||
|
||
// ip范围 ref:https://blog.csdn.net/zhengxiongwei/article/details/78486146 | ||
int[][] range = { | ||
{607649792, 608174079}, | ||
{1038614528, 1039007743}, | ||
{1783627776, 1784676351}, | ||
{2035023872, 2035154943}, | ||
{2078801920, 2079064063}, | ||
{-1950089216, -1948778497}, | ||
{-1425539072, -1425014785}, | ||
{-1236271104, -1235419137}, | ||
{-770113536, -768606209}, | ||
{-569376768, -564133889}, | ||
}; | ||
|
||
Random random = new Random(); | ||
int index = random.nextInt(10); | ||
String ip = num2ip(range[index][0] + new Random().nextInt(range[index][1] - range[index][0])); | ||
return ip; | ||
} | ||
|
||
public static String num2ip(int ip) { | ||
int[] b = new int[4]; | ||
String ipStr = ""; | ||
b[0] = (int) ((ip >> 24) & 0xff); | ||
b[1] = (int) ((ip >> 16) & 0xff); | ||
b[2] = (int) ((ip >> 8) & 0xff); | ||
b[3] = (int) (ip & 0xff); | ||
ipStr = Integer.toString(b[0]) + "." + Integer.toString(b[1]) + "." + Integer.toString(b[2]) + "." + Integer.toString(b[3]); | ||
return ipStr; | ||
} | ||
} |