update

README.md

@@ -1,12 +1,66 @@
 
 
-# Fiora
+## Fiora
 
-LoL中无双剑姬的名字，她是一个善于发现对手防守弱点，实现精准打击的英雄。
+项目简介：LoL中的英雄无双剑姬的名字，她善于发现对手防守弱点，实现精准打击。该项目为PoC框架[nuclei](https://github.com/projectdiscovery/nuclei)提供图形界面，实现快速搜索、一键运行等功能，提升[nuclei](https://github.com/projectdiscovery/nuclei)的使用体验。
 
+项目地址：https://github.com/bit4woo/Fiora
 
+项目作者：[bit4woo](https://github.com/bit4woo)
 
-PoC-T的 脚本图形界面
+视频教程：
 
-技能独立运行，同时也可以用作burp插件。
+## 安装运行
+
+### 一、作为burp插件运行
+
+1、访问https://github.com/bit4woo/Fiora/releases
+
+2、下载最新jar包
+
+3、如下方法安装插件
+
+![image-20220101172629795](README.assets/image-20220101172629795.png)
+
+4、如果你想使用最新的功能，可以使用如下方法自行打包。
+
+```
+git clone https://github.com/bit4woo/knife
+cd knife
+mvn package
+```
+
+
+
+### 二、作为独立程序运行
+
+该程序即可作为burp插件运行，也可以作为独立程序运行。命令行下通过java启动程序的命令：
+
+```
+java -jar Fiora-202100220-jar-with-dependencies.jar      
+```
+
+![image-20220101173315536](README.assets/image-20220101173315536.png)
+
+程序截图
+
+![image-20220101173647192](README.assets/image-20220101173647192.png)
+
+
+
+## 注意说明
+
+1、你需要自行安装nuclei到本地环境，并且将命令加入环境变量。安装方法可以参考[官方文档](https://nuclei.projectdiscovery.io/nuclei/get-started/#running-nuclei)。
+
+2、nuclei的模板文件存放的默认路径是当前用户路径下，即 YourUserHome/nuclei-templates。
+
+
+
+## 使用方法
+
+```
+nuclei -t C:\Users\P52\nuclei-templates\cnvd\CNVD-2020-56167.yaml -u http://example.com -proxy http://127.0.0.1
+
+nuclei -t C:\Users\P52\nuclei-templates\cnvd\CNVD-2020-56167.yaml -u http://example.com -proxy http://127.0.0.1
+```
 

pom.xml

@@ -7,7 +7,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.bit4woo.burp</groupId>
 	<artifactId>Fiora</artifactId>
-	<version>20210917</version>
+	<version>v0.1</version>
 
 	<repositories>
 		<repository>

src/GUI/MainGUI.java

@@ -9,6 +9,7 @@
 
 import PoC.PoCPanel;
 import burp.BurpExtender;
+import burp.GlobalConfig;
 
 
 public class MainGUI extends JFrame {
@@ -19,6 +20,8 @@ public class MainGUI extends JFrame {
 	protected PrintWriter stderr;
 	public static OptionsPanel optionsPanel;
 	public static String poctRootPath = System.getProperty("user.home")+File.separator+"nuclei-templates";
+	private static GlobalConfig globalConfig;
+
 
 	public static PoCPanel getPoCPanel() {
 		return pocPanel;
@@ -31,6 +34,14 @@ public static File getCurrentDBFile() {
 	public static void setCurrentDBFile(File currentDBFile) {
 		MainGUI.currentDBFile = currentDBFile;
 	}
+
+	public static GlobalConfig getGlobalConfig() {
+		return globalConfig;
+	}
+
+	public static void setGlobalConfig(GlobalConfig globalConfig) {
+		MainGUI.globalConfig = globalConfig;
+	}
 
 	/**
 	 * Create the frame.
@@ -43,7 +54,7 @@ public MainGUI() {//构造函数
 			stdout = new PrintWriter(System.out, true);
 			stderr = new PrintWriter(System.out, true);
 		}
-
+		
 		JTabbedPane tabbedWrapper = new JTabbedPane();
 		setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
 		setBounds(100, 100, 1174, 497);
@@ -52,6 +63,9 @@ public MainGUI() {//构造函数
 		tabbedWrapper.addTab("PoC", null, pocPanel, null);
 		//optionsPanel = new OptionsPanel();
 		//tabbedWrapper.addTab("Options", null, optionsPanel, null);
+
+		globalConfig = GlobalConfig.loadFromDisk();
+		GlobalConfig.showConfigToUI(globalConfig);
 	}
 
 	public MainGUI(String poctRootPath){

src/PoC/LineTable.java

@@ -23,12 +23,14 @@
 import javax.swing.table.JTableHeader;
 import javax.swing.table.TableRowSorter;
 
+import GUI.MainGUI;
 import GUI.TextAreaMouseListener;
 import GUI.textAreaDocumentListener;
 import PoC.search.History;
 import PoC.search.LineSearch;
 import burp.BurpExtender;
 import burp.Commons;
+import burp.GlobalConfig;
 
 public class LineTable extends JTable
 {
@@ -145,7 +147,11 @@ public JSplitPane tableAndDetailPanel(){
 		textAreaTarget = new JTextArea();
 		scrollPane.setViewportView(textAreaTarget);
 		textAreaTarget.addMouseListener(new TextAreaMouseListener(textAreaTarget));
-		textAreaTarget.getDocument().addDocumentListener(new textAreaDocumentListener(textAreaTarget,BurpExtender.getGlobalConfig()));
+		GlobalConfig config = MainGUI.getGlobalConfig();
+		if (config != null) {
+			textAreaTarget.getDocument().addDocumentListener(new textAreaDocumentListener(textAreaTarget,config));
+		}
+
 
 		JTabbedPane ResponsePanel = new JTabbedPane();
 		RequestDetailPanel.setRightComponent(ResponsePanel);

src/PoC/PoCPanel.java

@@ -155,6 +155,15 @@ public boolean LoadData(String dir){
 			return false;
 		}
 	}
+
+	public static void updateTemplate() {
+		try {
+			Process process = Runtime.getRuntime().exec("nuclei -ut");
+			process.waitFor();//等待执行完成
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+	}
 
 	public JPanel createButtonPanel() {
 		buttonPanel = new JPanel();
@@ -221,6 +230,7 @@ public void actionPerformed(ActionEvent e) {
 		buttonPanel.add(buttonFresh);
 		buttonFresh.addActionListener(new ActionListener() {
 			public void actionPerformed(ActionEvent e) {
+				updateTemplate();
 				LoadData(MainGUI.poctRootPath);
 				lblStatus.setText(titleTableModel.getStatusSummary());
 				buttonSearch.doClick();
@@ -232,10 +242,10 @@ public void actionPerformed(ActionEvent e) {
 		buttonProxy.addActionListener(new ActionListener() {
 			public void actionPerformed(ActionEvent e) {
 				try {
-					String originProxy = BurpExtender.getGlobalConfig().getProxy();
-					String proxy = JOptionPane.showInputDialog("Proxy To Use", originProxy);
-					if (proxy!= null && proxy.contains(":")) {
-						BurpExtender.getGlobalConfig().setProxy(proxy.trim());
+					String originProxy = MainGUI.getGlobalConfig().getProxy();
+					String proxy = JOptionPane.showInputDialog("Proxy To Use: eg. http://127.0.0.1:8080", originProxy);
+					if (proxy!= null) {
+						MainGUI.getGlobalConfig().setProxy(proxy.trim());
 					}
 				} catch (Exception e1) {
 					e1.printStackTrace();

src/burp/BurpExtender.java

@@ -26,7 +26,6 @@ public class BurpExtender implements IBurpExtender, ITab,IContextMenuFactory,IEx
 	private static String Author = "by bit4woo";
 	private static String github = "https://github.com/bit4woo/Fiora";
 	private static MainGUI gui;
-	private static GlobalConfig globalConfig;
 	private static final Logger log=LogManager.getLogger(BurpExtender.class);
 
 	public static PrintWriter getStdout() {
@@ -60,15 +59,6 @@ public static MainGUI getGui() {
 		return gui;
 	}
 
-
-	public static GlobalConfig getGlobalConfig() {
-		return globalConfig;
-	}
-
-	public static void setGlobalConfig(GlobalConfig globalConfig) {
-		BurpExtender.globalConfig = globalConfig;
-	}
-
 	public static String getExtenderName() {
 		return ExtenderName;
 	}
@@ -96,9 +86,9 @@ public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks)
 		callbacks.registerContextMenuFactory(this);
 		callbacks.registerExtensionStateListener(this);
 
-		globalConfig = GlobalConfig.loadFromDisk();
+
 		gui = new MainGUI();
-		GlobalConfig.showConfigToUI(globalConfig);
+
 		SwingUtilities.invokeLater(new Runnable()
 		{//create GUI
 			public void run()
@@ -126,6 +116,6 @@ public List<JMenuItem> createMenuItems(IContextMenuInvocation invocation) {
 
 	@Override
 	public void extensionUnloaded() {
-		globalConfig.saveToDisk();
+		MainGUI.getGlobalConfig().saveToDisk();
 	}
 }

src/run/RunNucleiAction.java

@@ -6,8 +6,8 @@
 
 import org.apache.commons.io.FileUtils;
 
+import GUI.MainGUI;
 import PoC.PoCPanel;
-import burp.BurpExtender;
 
 public class RunNucleiAction{
 
@@ -28,7 +28,7 @@ public static String genCommand(List<String> targets,String poc) {
 				para = "-t "+poc.trim()+" -l "+tmpTargets.getAbsolutePath();
 			}
 			if (targets.toString().toLowerCase().contains("http://") || targets.toString().toLowerCase().contains("https://")) {
-				String proxy = BurpExtender.getGlobalConfig().fetchHttpProxy();
+				String proxy = MainGUI.getGlobalConfig().fetchHttpProxy();
 				para = para + " -proxy "+ proxy;
 			}
 
@@ -55,7 +55,7 @@ public static String genWorkflowCommand(List<String> targets,String poc) {
 				para = "-w "+poc.trim()+" -l "+tmpTargets.getAbsolutePath();
 			}
 			if (targets.toString().toLowerCase().contains("http://") || targets.toString().toLowerCase().contains("https://")) {
-				String proxy = BurpExtender.getGlobalConfig().fetchHttpProxy();
+				String proxy = MainGUI.getGlobalConfig().fetchHttpProxy();
 				para = para + " -proxy "+ proxy;
 			}
 
@@ -82,7 +82,7 @@ public static String genTagsCommand(List<String> targets,String tags) {
 				para = "-tags "+tags.trim()+" -l "+tmpTargets.getAbsolutePath();
 			}
 			if (targets.toString().toLowerCase().contains("http://") || targets.toString().toLowerCase().contains("https://")) {
-				String proxy = BurpExtender.getGlobalConfig().fetchHttpProxy();
+				String proxy = MainGUI.getGlobalConfig().fetchHttpProxy();
 				para = para + " -proxy "+ proxy;
 			}