TheKingOfDuck/burpFakeIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: TheKingOfDuck:4899a24a1bdac345d09970015ddb4d8a9347dc13
Branches Tags
TheKingOfDuck:master
...
compare: TheKingOfDuck:e002e545a9b8bc163573539fa2f85c4b398e4170
Branches Tags
TheKingOfDuck:master

10 Commits
4899a24a1b ... e002e545a9

Author SHA1 Message Date
鸭王
e002e545a9 Update Config.java 2022-09-29 17:12:23 +08:00
鸭王
a294abf590 fix bug 2021-09-24 20:24:39 +08:00
鸭王
e0f6cc657c bin 2021-09-24 20:22:15 +08:00
鸭王
76f5ca5554 Update README.md 2021-09-24 17:15:38 +08:00
鸭王
bd2b4ecca6 Update README.md 2021-09-24 17:15:01 +08:00
鸭王
afb837f343 bin 2021-09-24 17:13:13 +08:00
鸭王
05c889442c update 2021-09-24 17:10:11 +08:00
鸭王
b0c73b0892 update 2021-09-24 17:09:54 +08:00
鸭王
0bf083e079 Update README.md 2021-09-24 16:16:22 +08:00
鸭王
da46c3d40f update 2021-09-24 16:11:08 +08:00
6 changed files with 55 additions and 43 deletions
Expand all files Collapse all files

5
README.md
View File

@@ -2,6 +2,11 @@
下载使用:[Releases](https://github.com/TheKingOfDuck/burpFakeIP/releases/tag/1.0)
**2021/09/24**
1. 修复[M00nBack](https://github.com/M00nBack)反馈的一个bug。
2. 添加了AutoXFF的开关,并将AutoXFF默认设置不开启,如需让插件给每个请求头添加一个随机的XFF请求头可在右键菜单中选择ON开启
**2021/05/21**

BIN
bin/fakeIP.jar
View File

Binary file not shown.

2
pom.xml
View File

@@ -6,7 +6,7 @@
<groupId>net.thekingofduck</groupId>
<artifactId>fakeIP</artifactId>
<version>1.1-SNAPSHOT</version>
<version>1.1</version>
<build>

44
src/main/java/burp/BurpExtender.java
View File

@@ -10,12 +10,13 @@ import java.util.List;
/**
* Project: fakeIP
* Date:2021/5/21 上午11:07
*
* @author CoolCat
* @version 1.0.0
* Github:https://github.com/TheKingOfDuck
* When I wirting my code, only God and I know what it does. After a while, only God knows.
*/
public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator, IHttpListener{
public class BurpExtender implements IBurpExtender, IContextMenuFactory, IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator, IHttpListener {
public static IExtensionHelpers helpers;
private String PLUGIN_NAME = "burpFakeIP";
private String VERSION = "1.1";
@@ -33,7 +34,7 @@ public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntrude
"[+] Github: https://github.com/TheKingOfDuck\n" +
"[+] ####################################\n" +
"[+] Enjoy it~";
stdout.println(String.format(banner,PLUGIN_NAME,VERSION));
stdout.println(String.format(banner, PLUGIN_NAME, VERSION));
//注册菜单
callbacks.registerContextMenuFactory(this);
@@ -58,38 +59,51 @@ public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntrude
menu.add(random);
menu.add(autoXFF);
if(iContextMenuInvocation.getInvocationContext() != IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST){
if (iContextMenuInvocation.getInvocationContext() != IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST) {
return menus;
}
custom.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent arg0) {
String ip = JOptionPane.showInputDialog("Pls input ur ip:");
Utils.addfakeip(iContextMenuInvocation,ip);
Utils.addfakeip(iContextMenuInvocation, ip);
}
});
localhost.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent arg0) {
Utils.addfakeip(iContextMenuInvocation,"127.0.0.1");
Utils.addfakeip(iContextMenuInvocation, "127.0.0.1");
}
});
random.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent arg0) {
Utils.addfakeip(iContextMenuInvocation,Utils.getRandomIp());
Utils.addfakeip(iContextMenuInvocation, Utils.getRandomIp());
}
});
autoXFF.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent arg0) {
String xff = JOptionPane.showInputDialog("Pls input ur XFF header name:",Config.AUTOXFF);
String xffvalue = JOptionPane.showInputDialog("Pls input ur XFF header value:",Config.AUTOXFFVALUE);
Config.AUTOXFF = xff;
Config.AUTOXFFVALUE = xffvalue;
Object[] options = {"OFF", "ON"};
int flag = JOptionPane.showOptionDialog(null, "AutoXFF Status: " + Config.AUTOXFF_STAT, "FakeIP", JOptionPane.YES_OPTION, JOptionPane.PLAIN_MESSAGE,
null, options, options[options.length - 1]);
switch (flag) {
case 0:
Config.AUTOXFF_STAT = false;
break;
case 1:
Config.AUTOXFF_KEY = JOptionPane.showInputDialog("Pls input ur XFF header name:", Config.AUTOXFF_KEY);
Config.AUTOXFF_VALUE = JOptionPane.showInputDialog("Pls input ur XFF header value:", Config.AUTOXFF_VALUE);
Config.AUTOXFF_STAT = true;
break;
default:
}
}
});
@@ -126,11 +140,11 @@ public class BurpExtender implements IBurpExtender, IContextMenuFactory,IIntrude
@Override
public void processHttpMessage(int i, boolean b, IHttpRequestResponse iHttpRequestResponse) {
if (b){
if (Config.AUTOXFFVALUE.equals("$RandomIp$")){
Utils.addfakeip(iHttpRequestResponse,Utils.getRandomIp());
}else {
Utils.addfakeip(iHttpRequestResponse,Config.AUTOXFFVALUE);
if (b && Config.AUTOXFF_STAT) {
if (Config.AUTOXFF_VALUE.equals("$RandomIp$")) {
Utils.addfakeip(iHttpRequestResponse, Utils.getRandomIp());
} else {
Utils.addfakeip(iHttpRequestResponse, Config.AUTOXFF_VALUE);
}
}
}

7
src/main/java/burp/Config.java
View File

@@ -18,9 +18,10 @@ public class Config {
"X-remote-IP","X-remote-addr","True-Client-IP","X-Client-IP","Client-IP","X-Real-IP",
"Ali-CDN-Real-IP","Cdn-Src-Ip","Cdn-Real-Ip","CF-Connecting-IP","X-Cluster-Client-IP",
"WL-Proxy-Client-IP", "Proxy-Client-IP","Fastly-Client-Ip","True-Client-Ip","X-Originating-IP",
"X-Host","X-Custom-IP-Authorization"
"X-Host","X-Custom-IP-Authorization","X-Api-Version"
);
public static String AUTOXFF = "X-Forwarded-For";
public static String AUTOXFFVALUE = "$RandomIp$";
public static boolean AUTOXFF_STAT = false;
public static String AUTOXFF_KEY = "X-Forwarded-For";
public static String AUTOXFF_VALUE = "$RandomIp$";
}

40
src/main/java/burp/Utils.java
View File

@@ -1,6 +1,7 @@
package burp;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.List;
import java.util.Random;
import java.util.stream.Collectors;
@@ -36,7 +37,7 @@ public class Utils {
}
//更新header
byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(currentRequest).getBytes());
byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(currentRequest));
currentRequest.setRequest(newMessage);
}
@@ -44,38 +45,29 @@ public class Utils {
public static void addfakeip(IHttpRequestResponse iHttpRequestResponse, String ip) {
//获取原请求信息
IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(iHttpRequestResponse);
List<String> headers = requestInfo.getHeaders();
byte contentType = BurpExtender.helpers.analyzeRequest(iHttpRequestResponse).getContentType();
//为每个请求添加一个Header
headers = headers.stream().filter(key -> !key.equals(Config.AUTOXFF_KEY)).collect(Collectors.toList());
headers.add(String.format("%s: %s", Config.AUTOXFF_KEY, ip));
if (contentType != CONTENT_TYPE_MULTIPART) {
//获取原请求信息
IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(iHttpRequestResponse);
List<String> headers = requestInfo.getHeaders();
//为每个请求添加一个Header
headers = headers.stream().filter(key -> !key.equals(Config.AUTOXFF)).collect(Collectors.toList());
headers.add(String.format("%s: %s", Config.AUTOXFF, ip));
//更新header
byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(iHttpRequestResponse).getBytes());
iHttpRequestResponse.setRequest(newMessage);
}
//更新header
byte[] newMessage = BurpExtender.helpers.buildHttpMessage(headers, getHttpRequestBody(iHttpRequestResponse));
iHttpRequestResponse.setRequest(newMessage);
}
private static String getHttpRequestBody(IHttpRequestResponse httpRequestResponse) {
private static byte[] getHttpRequestBody(IHttpRequestResponse httpRequestResponse) {
byte[] request = httpRequestResponse.getRequest();
IRequestInfo requestInfo = BurpExtender.helpers.analyzeRequest(request);
int httpBodyOffset = requestInfo.getBodyOffset();
int httpBodyLength = request.length - httpBodyOffset;
String httpBody = null;
try {
httpBody = new String(request, httpBodyOffset, httpBodyLength, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
byte[] httpBody = new byte[httpBodyLength];
System.arraycopy(request,httpBodyOffset,httpBody,0,httpBodyLength);
return httpBody;
}
@@ -95,9 +87,9 @@ public class Utils {
{-569376768, -564133889},
};
Random random = new Random();
SecureRandom random = new SecureRandom();
int index = random.nextInt(10);
String ip = num2ip(range[index][0] + new Random().nextInt(range[index][1] - range[index][0]));
String ip = num2ip(range[index][0] + new SecureRandom().nextInt(range[index][1] - range[index][0]));
return ip;
}