Python burp.IScannerCheck() Examples

The following are 2 code examples of burp.IScannerCheck(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module burp , or try the search function .
Example #1
Source File: Asset_Discover.py    From BurpSuite-Asset_Discover with MIT License 5 votes vote down vote up 
def consolidateDuplicateIssues(self, existingIssue, newIssue):
        if (existingIssue.getIssueDetail() == newIssue.getIssueDetail()):
            return -1
        else:
            return 0

    # Implement the doPassiveScan method of IScannerCheck interface
    # Burp Scanner invokes this method for each base request/response that is passively scanned.
Example #2
Source File: scanner.py    From inql with Apache License 2.0 4 votes vote down vote up 
def doPassiveScan(self, baseRequestResponse):
        """
        Override IScannerCheck method.

        :param baseRequestResponse: burp requestResponse message.
        :return: issues containing all the burp findings, they will be added to the found issues.
        """
        issues = []
        for check in TECH_CHECKS:
            # look for matches of our passive check grep string
            matches = self._get_matches(baseRequestResponse.getResponse(), bytearray(check))
            if len(matches) != 0:
                # report the issue
                issues.extend([_CustomScanIssue(
                    http_service=baseRequestResponse.getHttpService(),
                    url=self._helpers.analyzeRequest(baseRequestResponse).getUrl(),
                    http_messages=[self._callbacks.applyMarkers(baseRequestResponse, None, matches)],
                    name="GraphQL Technology",
                    detail="The website is using GraphQL Technology!<br><br>"
                    "GraphQL is an open-source data query and manipulation language for APIs, and a runtime for fulfilling queries with existing data. GraphQL was developed internally by Facebook in 2012 before being publicly released in 2015.<br><br>"
                    "It provides an efficient, powerful and flexible approach to developing web APIs, and has been compared and contrasted with REST and other web service architectures. It allows clients to define the structure of the data required, and exactly the same structure of the data is returned from the server, therefore preventing excessively large amounts of data from being returned, but this has implications for how effective web caching of query results can be. The flexibility and richness of the query language also adds complexity that may not be worthwhile for simple APIs. It consists of a type system, query language and execution semantics, static validation, and type introspection.<br><br>"
                    "GraphQL supports reading, writing (mutating) and subscribing to changes to data (realtime updates).",
                    severity="Information", confidence="Firm", issuebg="Not posing any imminent security risk.",
                    rembg="<ul><li><a href='https://graphql.org/'>GraphQL</a></li></ul>",
                    remdet=""
                )])

        for check in CONSOLE_CHECKS:
            # look for matches of our passive check grep string
            matches = self._get_matches(baseRequestResponse.getResponse(), bytearray(check))
            if len(matches) != 0:
                # report the issue
                issues.extend([_CustomScanIssue(
                    http_service=baseRequestResponse.getHttpService(),
                    url=self._helpers.analyzeRequest(baseRequestResponse).getUrl(),
                    http_messages=[self._callbacks.applyMarkers(baseRequestResponse, None, matches)],
                    name="Exposed GraphQL Development Console",
                    detail="GraphQL is a query language for APIs and a runtime for fulfilling queries with existing data.<br><br>"
                    "<b>GraphiQL/GraphQL Playground</b> are in-browser tools for writing, validating, and testing GraphQL queries.<br><br>"
                    "The response contains the following string: <b>%s</b>." % check,
                    severity="Low", confidence="Firm", issuebg="Not posing any imminent security risk.",
                    rembg="<ul>"
                    "<li><a href='https://graphql.org/'>GraphQL</a></li>"
                    "<li><a href='https://github.com/graphql/graphiql'>GraphiQL</a></li>"
                    "<li><a href='https://github.com/prisma/graphql-playground'>GraphQL Playground</a></li>"
                    "</ul>",
                    remdet="Remove the GraphQL development console from web-application in a production stage.<br><br>"
                    "Disable GraphiQL<br>"
                    "<pre>if (process.env.NODE_ENV === 'development') {</pre></br>"
                    "<pre>  app.all(</pre></br>"
                    "<pre>    '/graphiql',</pre></br>"
                    "<pre>    graphiqlExpress({</pre></br>"
                    "<pre>      endpointURL: '/graphql',</pre></br>"
                    "<pre>    }),</pre></br>"
                    "<pre>  );</pre></br>"
                    "<pre>}</pre>"
                )])

        return issues