Update Config.java

fix bug
bin
2022-09-29 17:12:23 +08:00 · 2021-09-24 20:24:39 +08:00 · 2021-09-24 20:22:15 +08:00 · 2021-09-24 17:15:38 +08:00 · 2021-09-24 17:15:01 +08:00 · 2021-09-24 17:13:13 +08:00
6 changed files with 55 additions and 43 deletions
--- a/README.md
+++ b/README.md
@@ -2,6 +2,11 @@

 下载使用：[Releases](https://github.com/TheKingOfDuck/burpFakeIP/releases/tag/1.0)

+**2021/09/24**
+
+1. 修复[M00nBack](https://github.com/M00nBack)反馈的一个bug。
+2. 添加了AutoXFF的开关,并将AutoXFF默认设置不开启,如需让插件给每个请求头添加一个随机的XFF请求头可在右键菜单中选择ON开启
+

 **2021/05/21**

--- a/bin/fakeIP.jar
+++ b/bin/fakeIP.jar
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@

    <groupId>net.thekingofduck</groupId>
    <artifactId>fakeIP</artifactId>
-    <version>1.1-SNAPSHOT</version>
+    <version>1.1</version>


    <build>
--- a/src/main/java/burp/BurpExtender.java
+++ b/src/main/java/burp/BurpExtender.java
@@ -10,12 +10,13 @@ import java.util.List;
 /**
 * Project: fakeIP
 * Date:2021/5/21 上午11:07
+ *
 * @author CoolCat
 * @version 1.0.0
 * Github:https://github.com/TheKingOfDuck
 * When I wirting my code, only God and I know what it does. After a while, only God knows.
 */
-public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator, IHttpListener{
+public class BurpExtender implements IBurpExtender, IContextMenuFactory, IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator, IHttpListener {
    public static IExtensionHelpers helpers;
    private String PLUGIN_NAME = "burpFakeIP";
    private String VERSION = "1.1";
@@ -33,7 +34,7 @@ public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntrude
                "[+]    Github: https://github.com/TheKingOfDuck\n" +
                "[+] ####################################\n" +
                "[+] Enjoy it~";
-        stdout.println(String.format(banner,PLUGIN_NAME,VERSION));
+        stdout.println(String.format(banner, PLUGIN_NAME, VERSION));

        //注册菜单
        callbacks.registerContextMenuFactory(this);
@@ -58,38 +59,51 @@ public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntrude
        menu.add(random);
        menu.add(autoXFF);

-        if(iContextMenuInvocation.getInvocationContext() != IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST){
+        if (iContextMenuInvocation.getInvocationContext() != IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST) {
            return menus;
        }
        custom.addActionListener(new ActionListener() {
            @Override
            public void actionPerformed(ActionEvent arg0) {
                String ip = JOptionPane.showInputDialog("Pls input ur ip:");
-                Utils.addfakeip(iContextMenuInvocation,ip);
+                Utils.addfakeip(iContextMenuInvocation, ip);
            }
        });

        localhost.addActionListener(new ActionListener() {
            @Override
            public void actionPerformed(ActionEvent arg0) {
-                Utils.addfakeip(iContextMenuInvocation,"127.0.0.1");
+                Utils.addfakeip(iContextMenuInvocation, "127.0.0.1");
            }
        });

        random.addActionListener(new ActionListener() {
            @Override
            public void actionPerformed(ActionEvent arg0) {
-                Utils.addfakeip(iContextMenuInvocation,Utils.getRandomIp());
+                Utils.addfakeip(iContextMenuInvocation, Utils.getRandomIp());
            }
        });

        autoXFF.addActionListener(new ActionListener() {
            @Override
            public void actionPerformed(ActionEvent arg0) {
-                String xff = JOptionPane.showInputDialog("Pls input ur XFF header name:",Config.AUTOXFF);
-                String xffvalue = JOptionPane.showInputDialog("Pls input ur XFF header value:",Config.AUTOXFFVALUE);
-                Config.AUTOXFF = xff;
-                Config.AUTOXFFVALUE = xffvalue;
+
+                Object[] options = {"OFF", "ON"};
+                int flag = JOptionPane.showOptionDialog(null, "AutoXFF Status: " + Config.AUTOXFF_STAT, "FakeIP", JOptionPane.YES_OPTION, JOptionPane.PLAIN_MESSAGE,
+
+                        null, options, options[options.length - 1]);
+
+                switch (flag) {
+                    case 0:
+                        Config.AUTOXFF_STAT = false;
+                        break;
+                    case 1:
+                        Config.AUTOXFF_KEY = JOptionPane.showInputDialog("Pls input ur XFF header name:", Config.AUTOXFF_KEY);
+                        Config.AUTOXFF_VALUE = JOptionPane.showInputDialog("Pls input ur XFF header value:", Config.AUTOXFF_VALUE);
+                        Config.AUTOXFF_STAT = true;
+                        break;
+                    default:
+                }
            }
        });

@@ -126,11 +140,11 @@ public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntrude

    @Override
    public void processHttpMessage(int i, boolean b, IHttpRequestResponse iHttpRequestResponse) {
-        if (b){
-            if (Config.AUTOXFFVALUE.equals("$RandomIp$")){
-                Utils.addfakeip(iHttpRequestResponse,Utils.getRandomIp());
-            }else {
-                Utils.addfakeip(iHttpRequestResponse,Config.AUTOXFFVALUE);
+        if (b && Config.AUTOXFF_STAT) {
+            if (Config.AUTOXFF_VALUE.equals("$RandomIp$")) {
+                Utils.addfakeip(iHttpRequestResponse, Utils.getRandomIp());
+            } else {
+                Utils.addfakeip(iHttpRequestResponse, Config.AUTOXFF_VALUE);
            }
        }
    }
--- a/src/main/java/burp/Config.java
+++ b/src/main/java/burp/Config.java
@@ -18,9 +18,10 @@ public class Config {
            "X-remote-IP","X-remote-addr","True-Client-IP","X-Client-IP","Client-IP","X-Real-IP",
            "Ali-CDN-Real-IP","Cdn-Src-Ip","Cdn-Real-Ip","CF-Connecting-IP","X-Cluster-Client-IP",
            "WL-Proxy-Client-IP", "Proxy-Client-IP","Fastly-Client-Ip","True-Client-Ip","X-Originating-IP",
-            "X-Host","X-Custom-IP-Authorization"
+            "X-Host","X-Custom-IP-Authorization","X-Api-Version"
    );

-    public static String AUTOXFF = "X-Forwarded-For";
-    public static String AUTOXFFVALUE = "$RandomIp$";
+    public static boolean AUTOXFF_STAT = false;
+    public static String AUTOXFF_KEY = "X-Forwarded-For";
+    public static String AUTOXFF_VALUE = "$RandomIp$";
 }
--- a/src/main/java/burp/Utils.java
+++ b/src/main/java/burp/Utils.java
@@ -1,6 +1,7 @@
 package burp;

 import java.io.UnsupportedEncodingException;
+import java.security.SecureRandom;
 import java.util.List;
 import java.util.Random;
 import java.util.stream.Collectors;
@@ -36,7 +37,7 @@ public class Utils {
        }

        //更新header
-        byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(currentRequest).getBytes());
+        byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(currentRequest));
        currentRequest.setRequest(newMessage);

    }
@@ -44,38 +45,29 @@ public class Utils {

    public static void addfakeip(IHttpRequestResponse iHttpRequestResponse, String ip) {

-
-        byte contentType = BurpExtender.helpers.analyzeRequest(iHttpRequestResponse).getContentType();
-
-        if (contentType != CONTENT_TYPE_MULTIPART) {
        //获取原请求信息
        IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(iHttpRequestResponse);
        List<String> headers = requestInfo.getHeaders();

        //为每个请求添加一个Header
-            headers = headers.stream().filter(key -> !key.equals(Config.AUTOXFF)).collect(Collectors.toList());
-            headers.add(String.format("%s: %s", Config.AUTOXFF, ip));
+        headers = headers.stream().filter(key -> !key.equals(Config.AUTOXFF_KEY)).collect(Collectors.toList());
+        headers.add(String.format("%s: %s", Config.AUTOXFF_KEY, ip));

        //更新header
-            byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(iHttpRequestResponse).getBytes());
+        byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(iHttpRequestResponse));
        iHttpRequestResponse.setRequest(newMessage);
-        }


    }

-    private static String getHttpRequestBody(IHttpRequestResponse httpRequestResponse) {
+    private static byte[] getHttpRequestBody(IHttpRequestResponse httpRequestResponse) {
        byte[] request = httpRequestResponse.getRequest();
        IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(request);

        int httpBodyOffset = requestInfo.getBodyOffset();
        int httpBodyLength = request.length - httpBodyOffset;
-        String httpBody = null;
-        try {
-            httpBody = new String(request, httpBodyOffset, httpBodyLength, "UTF-8");
-        } catch (UnsupportedEncodingException e) {
-            throw new RuntimeException(e);
-        }
+        byte[] httpBody = new byte[httpBodyLength];
+        System.arraycopy(request,httpBodyOffset,httpBody,0,httpBodyLength);
        return httpBody;
    }

@@ -95,9 +87,9 @@ public class Utils {
                {-569376768, -564133889},
        };

-        Random random = new Random();
+        SecureRandom random = new SecureRandom();
        int index = random.nextInt(10);
-        String ip = num2ip(range[index][0] + new Random().nextInt(range[index][1] - range[index][0]));
+        String ip = num2ip(range[index][0] + new SecureRandom().nextInt(range[index][1] - range[index][0]));
        return ip;
    }
Author	SHA1	Message	Date
鸭王	e002e545a9	Update Config.java	2022-09-29 17:12:23 +08:00
鸭王	a294abf590	fix bug	2021-09-24 20:24:39 +08:00
鸭王	e0f6cc657c	bin	2021-09-24 20:22:15 +08:00
鸭王	76f5ca5554	Update README.md	2021-09-24 17:15:38 +08:00
鸭王	bd2b4ecca6	Update README.md	2021-09-24 17:15:01 +08:00
鸭王	afb837f343	bin	2021-09-24 17:13:13 +08:00
鸭王	05c889442c	update	2021-09-24 17:10:11 +08:00
鸭王	b0c73b0892	update	2021-09-24 17:09:54 +08:00
鸭王	0bf083e079	Update README.md	2021-09-24 16:16:22 +08:00
鸭王	da46c3d40f	update	2021-09-24 16:11:08 +08:00