fix bug && 完成http hook的开发

README.md

@@ -2,9 +2,9 @@
 
 **Galaxy** 是HTTP请求&响应全加密加签场景下的渗透测试解决方案，现在的载体是一款Burp插件。
 
-**场景1**：在Burp中看到且可编辑解密后的报文。
+**应对场景1**：在Burp中看到且可编辑解密后的报文。
 
-**场景2**：使用桌面的扫描器扫描明文请求。sqlmap、xray...
+**应对场景2**：使用桌面的扫描器扫描明文请求。sqlmap、xray...
 
 这些场景下的解决方案名为 [HttpHook](https://github.com/outlaws-bai/Galaxy/blob/main/docs/HttpHook.md) 。
 

src/main/java/org/m2sec/Galaxy.java

@@ -25,17 +25,22 @@ public class Galaxy implements BurpExtension {
 
     @Override
     public void initialize(MontoyaApi api) {
-        env = RuntimeEnv.BURP;
-        api.extension().setName(Constants.BURP_SUITE_EXT_NAME + "-" + Constants.VERSION);
-        api.logging().logToOutput(Constants.BURP_SUITE_EXT_INIT_DEF + "Version -> " + Constants.VERSION);
-        // 加载配置并初始化
-        Config config = Helper.initAndLoadConfig(api);
-        // 注册UI
-        api.userInterface().registerSuiteTab(Constants.BURP_SUITE_EXT_NAME, new MainPanel(api, config));
-        // 注册插件能力
-        registerAbilities(api, config);
-        // 注册销毁事件
-        api.extension().registerUnloadingHandler(() -> this.destroy(config));
+        try {
+            env = RuntimeEnv.BURP;
+            api.extension().setName(Constants.BURP_SUITE_EXT_NAME + "-" + Constants.VERSION);
+            api.logging().logToOutput(Constants.BURP_SUITE_EXT_INIT_DEF + "Version -> " + Constants.VERSION);
+            // 加载配置并初始化
+            Config config = Helper.initAndLoadConfig(api);
+            // 注册UI
+            api.userInterface().registerSuiteTab(Constants.BURP_SUITE_EXT_NAME, new MainPanel(api, config));
+            // 注册插件能力
+            registerAbilities(api, config);
+            // 注册销毁事件
+            api.extension().registerUnloadingHandler(() -> this.destroy(config));
+        } catch (Exception e) {
+            Helper.initExceptionClean();
+            throw e;
+        }
     }
 
 

src/main/java/org/m2sec/core/common/ApiInfo.java

@@ -4,7 +4,6 @@
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
-import lombok.experimental.Accessors;
 import org.m2sec.core.enums.ContentType;
 import org.m2sec.core.enums.Method;
 import org.m2sec.core.models.*;
@@ -23,7 +22,6 @@
 @Getter
 @Setter
 @ToString
-@Accessors(chain = true)
 @AllArgsConstructor
 public class ApiInfo {
     private Version version;

src/main/java/org/m2sec/core/common/CacheOption.java

@@ -1,10 +1,6 @@
 package org.m2sec.core.common;
 
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-import lombok.Setter;
-import lombok.ToString;
-import lombok.experimental.Accessors;
+import lombok.*;
 import org.m2sec.core.enums.HttpHookWay;
 
 import java.io.File;
@@ -17,7 +13,7 @@
 @Getter
 @Setter
 @ToString
-@Accessors(chain = true)
+@NoArgsConstructor
 @AllArgsConstructor
 public class CacheOption {
     private HttpHookWay hookWay;
@@ -29,6 +25,7 @@ public class CacheOption {
     private boolean hookStart;
 
     public String getScriptPath(String item, String suffix) {
-        return Constants.HTTP_HOOK_EXAMPLES_FILE_DIR + File.separator + item + suffix;
+        return Constants.HTTP_HOOK_EXAMPLES_DIR + File.separator + item + suffix;
     }
+
 }

src/main/java/org/m2sec/core/common/Config.java

@@ -26,6 +26,10 @@ public class Config {
     private CacheOption option;
 
 
+    public static Config ofDisk() {
+        return ofDisk(null);
+    }
+
     public static Config ofDisk(MontoyaApi api) {
         return ofDisk(api, Constants.OPTION_FILE_PATH, Constants.SETTING_FILE_PATH);
     }

src/main/java/org/m2sec/core/common/Constants.java

@@ -27,14 +27,21 @@ public class Constants {
     public static final String TMP_FILE_DIR = WORK_DIR + File.separator + "tmp";
 
     public static final String EXTRACT_FILE_DIR = WORK_DIR + File.separator + "extract";
-    public static final String HTTP_HOOK_EXAMPLES_FILE_DIR = WORK_DIR + File.separator + "examples";
+    public static final String HTTP_HOOK_EXAMPLES_DIR_NAME = "examples";
 
-    public static final String TEMPLATE_FILE_DIR = WORK_DIR + File.separator + "templates";
-    public static final String OPTION_FILE_PATH = WORK_DIR + File.separator + "option.yaml";
-    public static final String SETTING_FILE_PATH = WORK_DIR + File.separator + "setting.yaml";
+    public static final String TEMPLATE_DIR_NAME = "templates";
+    public static final String HTTP_HOOK_EXAMPLES_DIR = WORK_DIR + File.separator + HTTP_HOOK_EXAMPLES_DIR_NAME;
+
+    public static final String TEMPLATE_DIR = WORK_DIR + File.separator + TEMPLATE_DIR_NAME;
+
+    public static final String OPTION_FILE_NAME = "option.yaml";
+    public static final String SETTING_FILE_NAME = "setting.yaml";
+
+    public static final String OPTION_FILE_PATH = WORK_DIR + File.separator + OPTION_FILE_NAME;
+    public static final String SETTING_FILE_PATH = WORK_DIR + File.separator + SETTING_FILE_NAME;
     public static final String LOG_FILE_PATH = WORK_DIR + File.separator + "run.log";
 
-    public static final String BYPASS_HOST_CHECK_TEMPLATE_FILE_PATH = TEMPLATE_FILE_DIR + File.separator +
+    public static final String BYPASS_HOST_CHECK_TEMPLATE_FILE_PATH = TEMPLATE_DIR + File.separator +
         "bypassHostCheckTemplate.txt";
 
     public static final String HTTP_HEADER_CONTENT_LENGTH = "Content-Length";

src/main/java/org/m2sec/core/common/FileTools.java

@@ -35,7 +35,7 @@ public static String readResourceAsString(String path) {
     }
 
 
-    public static void cpResourceFileToTarget(String resourceFilePath, String targetDir) {
+    public static void cpResourceToTargetIfExist(String resourceFilePath, String targetDir) {
         Path targetDirPath = Paths.get(targetDir);
         Path targetPath = targetDirPath.resolve(new File(resourceFilePath).getName());
         writeFile(targetPath.toAbsolutePath().toString(), readResourceAsString(resourceFilePath));
@@ -91,8 +91,11 @@ public static void createDirs(String... dirs) {
     }
 
     public static void createFiles(String... filePaths) {
-        for (String filePath : filePaths) {
-            Path path = Paths.get(filePath);
+        createFiles(Stream.of(filePaths).map(Paths::get).toArray(Path[]::new));
+    }
+
+    public static void createFiles(Path... filePaths) {
+        for (Path path : filePaths) {
             try {
                 if (!Files.exists(path.getParent())) {
                     Files.createDirectories(path.getParent());
@@ -122,13 +125,29 @@ public static void deleteFileIfExist(File... files) {
 
     public static void writeFile(String targetFilePath, String content) {
         try {
-            Files.write(Paths.get(targetFilePath), content.getBytes());
+            Path path = Paths.get(targetFilePath);
+            if (!Files.exists(path)) createFiles(path);
+            Files.write(path, content.getBytes());
         } catch (IOException e) {
             throw new RuntimeException(e);
         }
     }
 
-    public static void copyResourceDirToTargetDir(String sourceDir, String targetDir) {
+    public static void writeFileIfEmptyOfResource(String resourceName, String filepath) {
+        Path path = Paths.get(filepath);
+        if (!Files.exists(path) || readFileAsString(filepath).isBlank()) {
+            writeFile(filepath, readResourceAsString(resourceName));
+        }
+    }
+
+    public static void writeFileIfEmpty(String targetFilePath, String content) {
+        String raw = readFileAsString(targetFilePath);
+        if (raw.isBlank()) {
+            writeFile(targetFilePath, content);
+        }
+    }
+
+    public static void copyDirResourcesToTargetDirIfEmpty(String sourceDir, String targetDir) {
         try {
             // 获取目标目录路径
             Path targetPath = Paths.get(targetDir);

src/main/java/org/m2sec/core/common/Helper.java

@@ -27,27 +27,25 @@ public static Config initAndLoadConfig(MontoyaApi api) {
         // add加解密程序
         Security.addProvider(new BouncyCastleProvider());
 
-        // 加载配置文件
-        Config config = Config.ofDisk(api);
-
-        // 初始化log
-        Helper.initLogger(Constants.LOG_FILE_PATH, config.getSetting().getLogLevel().name());
-        log.debug("load config success! {}", config);
-
         // 创建必要的文件和路径
         FileTools.createDirs(Constants.WORK_DIR, // 插件工作路径
             Constants.TMP_FILE_DIR, // 临时文件路径
-            Constants.EXTRACT_FILE_DIR, // 提取文件路径
-            Constants.HTTP_HOOK_EXAMPLES_FILE_DIR, // http hook examples
-            Constants.TEMPLATE_FILE_DIR // templates
+            Constants.EXTRACT_FILE_DIR // 提取文件路径
         );
-        FileTools.createFiles(Constants.OPTION_FILE_PATH);
 
         // cp resources 文件到工作目录下
-        FileTools.cpResourceFileToTarget("setting.yaml", Constants.WORK_DIR);
-        FileTools.cpResourceFileToTarget("option.yaml", Constants.WORK_DIR);
-        FileTools.copyResourceDirToTargetDir("examples", Constants.HTTP_HOOK_EXAMPLES_FILE_DIR);
-        FileTools.copyResourceDirToTargetDir("templates", Constants.TEMPLATE_FILE_DIR);
+        FileTools.writeFileIfEmptyOfResource(Constants.SETTING_FILE_NAME, Constants.SETTING_FILE_PATH);
+        FileTools.writeFileIfEmptyOfResource(Constants.OPTION_FILE_NAME, Constants.OPTION_FILE_PATH);
+        FileTools.copyDirResourcesToTargetDirIfEmpty(Constants.HTTP_HOOK_EXAMPLES_DIR_NAME,
+            Constants.HTTP_HOOK_EXAMPLES_DIR);
+        FileTools.copyDirResourcesToTargetDirIfEmpty(Constants.TEMPLATE_DIR_NAME, Constants.TEMPLATE_DIR);
+
+        // 加载配置文件
+        Config config = Config.ofDisk(api);
+
+        // 初始化log
+        Helper.initLogger(Constants.LOG_FILE_PATH, config.getSetting().getLogLevel().name());
+        log.debug("load config success! {}", config);
 
         return config;
     }
@@ -73,7 +71,9 @@ public static void initLogger(String logFilePath, String level) {
 
     public static void deleteLogFile() {
         LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory();
+        if (loggerContext == null) return;
         FileAppender<?> fileAppender = (FileAppender<?>) loggerContext.getLogger("root").getAppender("FILE");
+        if (fileAppender == null) return;
         fileAppender.stop();
         FileTools.deleteFileIfExist(fileAppender.getFile());
     }
@@ -85,4 +85,8 @@ public static void cleanTmpDir() {
         }
     }
 
+    public static void initExceptionClean() {
+
+    }
+
 }

src/main/java/org/m2sec/core/httphook/JavaFileHooker.java

@@ -32,6 +32,7 @@ public class JavaFileHooker extends AbstractHttpHooker {
 
     @Override
     public void init(CacheOption cache1) {
+        cache = cache1;
         String javaFilePath = cache1.getScriptPath(cache1.getJavaSelectItem(),
             ".java");
         init(javaFilePath);

src/main/java/org/m2sec/core/models/Request.java

@@ -6,7 +6,6 @@
 import com.google.protobuf.ByteString;
 import lombok.Getter;
 import lombok.Setter;
-import lombok.experimental.Accessors;
 import lombok.extern.slf4j.Slf4j;
 import org.m2sec.core.common.Constants;
 import org.m2sec.core.common.Tuple;
@@ -28,7 +27,6 @@
 @Getter
 @Setter
 @Slf4j
-@Accessors(chain = true)
 public class Request {
     /**
      * is https?

src/main/java/org/m2sec/core/models/Response.java

@@ -6,7 +6,6 @@
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import lombok.Setter;
-import lombok.experimental.Accessors;
 import org.m2sec.core.common.Constants;
 import org.m2sec.rpc.HttpHook;
 
@@ -19,7 +18,6 @@
  */
 @Getter
 @Setter
-@Accessors(chain = true)
 @AllArgsConstructor
 public class Response {
     private String version;

src/main/java/org/m2sec/core/models/UploadFile.java

@@ -3,7 +3,6 @@
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import lombok.Setter;
-import lombok.experimental.Accessors;
 
 /**
  * @author: outlaws-bai
@@ -12,7 +11,6 @@
  */
 @Getter
 @Setter
-@Accessors(chain = true)
 @AllArgsConstructor
 public class UploadFile {
     private String filename;

src/main/java/org/m2sec/panels/httphook/GrpcImpl.java

@@ -4,7 +4,6 @@
 import org.m2sec.core.common.CacheOption;
 import org.m2sec.core.common.Constants;
 import org.m2sec.core.enums.HttpHookWay;
-import org.m2sec.core.httphook.AbstractHttpHooker;
 import org.m2sec.core.httphook.GRpcHooker;
 import org.m2sec.panels.SwingTools;
 
@@ -41,14 +40,14 @@ private void initPanel() {
         grpcConnPanel.add(grpcConnTextField);
 
         add(grpcConnPanel, BorderLayout.CENTER);
-        setData();
+        setPanelData();
     }
 
-    private void setData() {
+    private void setPanelData() {
         grpcConnTextField.setText(cache.getGrpcConn());
     }
 
-    public String getData() {
+    public String getUserTypeData() {
         return grpcConnTextField.getText();
     }
 

src/main/java/org/m2sec/panels/httphook/HttpHookPanel.java

@@ -4,7 +4,6 @@
 import lombok.extern.slf4j.Slf4j;
 import org.m2sec.Galaxy;
 import org.m2sec.core.common.CacheOption;
-import org.m2sec.core.common.Config;
 import org.m2sec.core.enums.HttpHookWay;
 import org.m2sec.core.enums.RunStatus;
 import org.m2sec.panels.SwingTools;
@@ -127,13 +126,14 @@ private void initPanel() {
             SwingTools.changeComponentStatus(hookResponseCheckBox, isStop);
 
             if (!isStop) {
-                cache.setHookStart(true)
-                    .setHookWay(HttpHookWay.valueOf((String) comboBox.getSelectedItem()))
-                    .setRequestCheckExpression(checkELTextField.getText())
-                    .setHookRequest(hookRequestCheckBox.isSelected())
-                    .setHookResponse(hookResponseCheckBox.isSelected())
-                    .setGrpcConn(rpcImpl.getData())
-                    .setJavaSelectItem(javaImpl.getData());
+                // 设置本次所选择的配置
+                cache.setHookStart(true);
+                cache.setHookWay(HttpHookWay.valueOf((String) comboBox.getSelectedItem()));
+                cache.setRequestCheckExpression(checkELTextField.getText());
+                cache.setHookRequest(hookRequestCheckBox.isSelected());
+                cache.setHookResponse(hookResponseCheckBox.isSelected());
+                cache.setGrpcConn(rpcImpl.getUserTypeData());
+                cache.setJavaSelectItem(javaImpl.getData());
                 hookService.start(cache);
             } else {
                 hookService.stop(cache);