From beb2dbfa2f0123bc03b373409af5fdc2ca82557a Mon Sep 17 00:00:00 2001 From: Luca Rupp Date: Fri, 19 Apr 2024 16:21:46 +0200 Subject: [PATCH 1/5] Add string concaternate operation. --- src/main/java/de/usd/cstchef/Utils.java | 3 +- .../operations/string/Concaternate.java | 58 +++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 src/main/java/de/usd/cstchef/operations/string/Concaternate.java diff --git a/src/main/java/de/usd/cstchef/Utils.java b/src/main/java/de/usd/cstchef/Utils.java index 0e7b4f8..ae9bad0 100644 --- a/src/main/java/de/usd/cstchef/Utils.java +++ b/src/main/java/de/usd/cstchef/Utils.java @@ -108,6 +108,7 @@ import de.usd.cstchef.operations.string.Suffix; import de.usd.cstchef.operations.string.Uppercase; import de.usd.cstchef.operations.string.Lowercase; +import de.usd.cstchef.operations.string.Concaternate; import de.usd.cstchef.operations.utils.GetVariable; import de.usd.cstchef.operations.utils.NoOperation; import de.usd.cstchef.operations.utils.RandomNumber; @@ -228,7 +229,7 @@ public static Class[] getOperationsDev() { Suffix.class, Sum.class, StringContains.class, StringMatch.class, Tiger.class, ToBase64.class, ToHex.class, UnixTimestamp.class, UrlDecode.class, UrlEncode.class, Whirlpool.class, WriteFile.class, XmlFullSignature.class, XmlMultiSignature.class, - Xor.class, SoapMultiSignature.class + Xor.class, SoapMultiSignature.class, Concaternate.class }; } diff --git a/src/main/java/de/usd/cstchef/operations/string/Concaternate.java b/src/main/java/de/usd/cstchef/operations/string/Concaternate.java new file mode 100644 index 0000000..8c09407 --- /dev/null +++ b/src/main/java/de/usd/cstchef/operations/string/Concaternate.java @@ -0,0 +1,58 @@ +package de.usd.cstchef.operations.string; + +import de.usd.cstchef.VariableStore; +import de.usd.cstchef.operations.Operation; +import de.usd.cstchef.operations.OperationCategory; +import de.usd.cstchef.operations.Operation.OperationInfos; +import de.usd.cstchef.view.ui.VariableTextArea; + + +@OperationInfos(name = "Concaternate", category = OperationCategory.STRING, description = "Concaternate multiple string values or variables. Separate multiple strings or variables with ';'.") +public class Concaternate extends Operation { + + private VariableTextArea text; + + @Override + protected byte[] perform(byte[] input) throws Exception { + + String[] components = text.getText().split(";"); + String trimed; + byte[][] value = new byte[components.length][]; + for (int i = 0; i < components.length; i++) { + trimed = components[i].trim(); + + if (trimed.startsWith("$")) { + value[i] = VariableStore.getInstance().getVariable(trimed); + } else { + value[i] = trimed.getBytes(); + } + } + + return flatten_array(value); + } + + public void createUI() { + this.text = new VariableTextArea(); + this.addUIElement("Values to concaternate", this.text); + } + + private byte[] flatten_array(byte[][] arrays){ + + // Calculate the total length of the concatenated array + int totalLength = 0; + for (byte[] array : arrays) { + totalLength += array.length; + } + + // Create the concatenated array + byte[] result = new byte[totalLength]; + int currentIndex = 0; + for (byte[] array : arrays) { + System.arraycopy(array, 0, result, currentIndex, array.length); + currentIndex += array.length; + } + + return result; + } + +} From d543e8ad11439ff0ef4d586f7202717a75f163b0 Mon Sep 17 00:00:00 2001 From: Felix Buschbeck Date: Tue, 7 May 2024 08:23:19 -0400 Subject: [PATCH 2/5] Refactoring --- .../operations/string/Concaternate.java | 58 ------------------- 1 file changed, 58 deletions(-) delete mode 100644 src/main/java/de/usd/cstchef/operations/string/Concaternate.java diff --git a/src/main/java/de/usd/cstchef/operations/string/Concaternate.java b/src/main/java/de/usd/cstchef/operations/string/Concaternate.java deleted file mode 100644 index 8c09407..0000000 --- a/src/main/java/de/usd/cstchef/operations/string/Concaternate.java +++ /dev/null @@ -1,58 +0,0 @@ -package de.usd.cstchef.operations.string; - -import de.usd.cstchef.VariableStore; -import de.usd.cstchef.operations.Operation; -import de.usd.cstchef.operations.OperationCategory; -import de.usd.cstchef.operations.Operation.OperationInfos; -import de.usd.cstchef.view.ui.VariableTextArea; - - -@OperationInfos(name = "Concaternate", category = OperationCategory.STRING, description = "Concaternate multiple string values or variables. Separate multiple strings or variables with ';'.") -public class Concaternate extends Operation { - - private VariableTextArea text; - - @Override - protected byte[] perform(byte[] input) throws Exception { - - String[] components = text.getText().split(";"); - String trimed; - byte[][] value = new byte[components.length][]; - for (int i = 0; i < components.length; i++) { - trimed = components[i].trim(); - - if (trimed.startsWith("$")) { - value[i] = VariableStore.getInstance().getVariable(trimed); - } else { - value[i] = trimed.getBytes(); - } - } - - return flatten_array(value); - } - - public void createUI() { - this.text = new VariableTextArea(); - this.addUIElement("Values to concaternate", this.text); - } - - private byte[] flatten_array(byte[][] arrays){ - - // Calculate the total length of the concatenated array - int totalLength = 0; - for (byte[] array : arrays) { - totalLength += array.length; - } - - // Create the concatenated array - byte[] result = new byte[totalLength]; - int currentIndex = 0; - for (byte[] array : arrays) { - System.arraycopy(array, 0, result, currentIndex, array.length); - currentIndex += array.length; - } - - return result; - } - -} From a6649f5eb440b0362b824233d9d7a08abb9dd422 Mon Sep 17 00:00:00 2001 From: Felix Buschbeck Date: Tue, 7 May 2024 08:24:15 -0400 Subject: [PATCH 3/5] Fix Montoya API issues --- .../operations/string/Concatenate.java | 67 +++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 src/main/java/de/usd/cstchef/operations/string/Concatenate.java diff --git a/src/main/java/de/usd/cstchef/operations/string/Concatenate.java b/src/main/java/de/usd/cstchef/operations/string/Concatenate.java new file mode 100644 index 0000000..0fc07f2 --- /dev/null +++ b/src/main/java/de/usd/cstchef/operations/string/Concatenate.java @@ -0,0 +1,67 @@ +package de.usd.cstchef.operations.string; + +import burp.api.montoya.core.ByteArray; +import de.usd.cstchef.Utils.MessageType; +import de.usd.cstchef.VariableStore; +import de.usd.cstchef.operations.Operation; +import de.usd.cstchef.operations.OperationCategory; +import de.usd.cstchef.operations.Operation.OperationInfos; +import de.usd.cstchef.view.ui.VariableTextArea; +import de.usd.cstchef.view.ui.VariableTextField; + + +@OperationInfos(name = "Concatenate", category = OperationCategory.STRING, description = "Concatenate multiple string values or variables. Separate multiple strings or variables with ';'.") +public class Concatenate extends Operation { + + protected VariableTextArea text; + protected VariableTextField delimiter; + + @Override + protected ByteArray perform(ByteArray input, MessageType messageType) throws Exception { + + String delim = delimiter.getText(); + VariableStore.getInstance().setVariable("input", input); + + String[] components = text.getText().split(delim); + String trimed; + byte[][] value = new byte[components.length][]; + for (int i = 0; i < components.length; i++) { + trimed = components[i].trim(); + + if (trimed.startsWith("$")) { + value[i] = VariableStore.getInstance().getVariable(trimed).getBytes(); + } else { + value[i] = trimed.getBytes(); + } + } + + return factory.createByteArray(flatten_array(value)); + } + + public void createUI() { + this.text = new VariableTextArea(); + this.addUIElement("Strings to concatenate", this.text); + this.delimiter = new VariableTextField(); + this.addUIElement("Delimiter", this.delimiter); + } + + private byte[] flatten_array(byte[][] arrays){ + + // Calculate the total length of the concatenated array + int totalLength = 0; + for (byte[] array : arrays) { + totalLength += array.length; + } + + // Create the concatenated array + byte[] result = new byte[totalLength]; + int currentIndex = 0; + for (byte[] array : arrays) { + System.arraycopy(array, 0, result, currentIndex, array.length); + currentIndex += array.length; + } + + return result; + } + +} From 5065a5db808abcb816459f9cbd72dd48ed34450c Mon Sep 17 00:00:00 2001 From: Felix Buschbeck Date: Tue, 7 May 2024 08:45:39 -0400 Subject: [PATCH 4/5] Add Concatenate class --- src/main/java/de/usd/cstchef/Utils.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/de/usd/cstchef/Utils.java b/src/main/java/de/usd/cstchef/Utils.java index 9e58c18..0b3fa57 100644 --- a/src/main/java/de/usd/cstchef/Utils.java +++ b/src/main/java/de/usd/cstchef/Utils.java @@ -137,7 +137,7 @@ import de.usd.cstchef.operations.string.Suffix; import de.usd.cstchef.operations.string.Uppercase; import de.usd.cstchef.operations.string.Lowercase; -import de.usd.cstchef.operations.string.Concaternate; +import de.usd.cstchef.operations.string.Concatenate; import de.usd.cstchef.operations.utils.Counter; import de.usd.cstchef.operations.utils.GetVariable; import de.usd.cstchef.operations.utils.NoOperation; @@ -313,7 +313,7 @@ public static Class[] getOperationsDev() { TimestampOffset.class, TimestampToDateTime.class, ToBase64.class, ToHex.class, UnixTimestamp.class, UrlDecode.class, UrlEncode.class, Whirlpool.class, WriteFile.class, XmlFullSignature.class, XmlMultiSignature.class, - Xor.class, SoapMultiSignature.class, Concaternate.class + Xor.class, SoapMultiSignature.class, Concatenate.class }; } From 7f59aab116f0c7b88bd6bc037a38711f5c49dc4f Mon Sep 17 00:00:00 2001 From: Felix Buschbeck Date: Tue, 7 May 2024 09:47:43 -0400 Subject: [PATCH 5/5] Adjust Operation description --- .../java/de/usd/cstchef/operations/string/Concatenate.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/de/usd/cstchef/operations/string/Concatenate.java b/src/main/java/de/usd/cstchef/operations/string/Concatenate.java index 0fc07f2..d212503 100644 --- a/src/main/java/de/usd/cstchef/operations/string/Concatenate.java +++ b/src/main/java/de/usd/cstchef/operations/string/Concatenate.java @@ -10,7 +10,7 @@ import de.usd.cstchef.view.ui.VariableTextField; -@OperationInfos(name = "Concatenate", category = OperationCategory.STRING, description = "Concatenate multiple string values or variables. Separate multiple strings or variables with ';'.") +@OperationInfos(name = "Concatenate", category = OperationCategory.STRING, description = "Concatenate CSTC Input and/or your own. \"$input\" to work with CSTC Input.") public class Concatenate extends Operation { protected VariableTextArea text; @@ -40,7 +40,7 @@ protected ByteArray perform(ByteArray input, MessageType messageType) throws Exc public void createUI() { this.text = new VariableTextArea(); - this.addUIElement("Strings to concatenate", this.text); + this.addUIElement("Strings", this.text); this.delimiter = new VariableTextField(); this.addUIElement("Delimiter", this.delimiter); }