Add Configuration Pane (#3)

* Add configuration pane * Tie the settings with each client * Ensure that TLS is set on default
wdahlenburg · Aug 31, 2021 · 45e5e18 · 45e5e18
1 parent 6d8dfd6
commit 45e5e18
Show file tree

Hide file tree

Showing 6 changed files with 410 additions and 14 deletions.
diff --git a/src/burp/BurpExtender.java b/src/burp/BurpExtender.java
@@ -1,11 +1,14 @@
 package burp;
 
-import burp.gui.InteractshListener;
-import burp.gui.PollTimeListener;
+import burp.listeners.InteractshListener;
+import burp.listeners.PollTimeListener;
 import interactsh.Client;
 import interactsh.InteractEntry;
+import layout.SpringUtilities;
 
 import java.awt.*;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
@@ -19,12 +22,17 @@ public class BurpExtender extends AbstractTableModel implements IBurpExtender, I
     private static IBurpExtenderCallbacks callbacks;
     private static IExtensionHelpers helpers;
 
+    private JTabbedPane mainPane;
     private JSplitPane splitPane;
     private JScrollPane scrollPane;
     private JSplitPane tableSplitPane;
     private JPanel resultsPanel;
     private static JTextField pollField;
     private static Table logTable;
+    public static JTextField serverText;
+    public static JTextField portText;
+    public static JTextField authText;
+    public static JCheckBox tlsBox;
     private static List<InteractEntry> log = new ArrayList<InteractEntry>();
     private static ArrayList<Client> clients = new ArrayList<Client>();
     private InteractshListener listener;
@@ -46,6 +54,9 @@ public void registerExtenderCallbacks(final IBurpExtenderCallbacks callbacks)
         callbacks.setExtensionName("Interactsh Collaborator");
         callbacks.printOutput("Starting Interactsh Collaborator!");
 
+        // Save settings
+        burp.gui.Config.generateConfig();
+
         // Register this as a IExtensionStateListener
         callbacks.registerExtensionStateListener(BurpExtender.this);
 
@@ -58,7 +69,9 @@ public void registerExtenderCallbacks(final IBurpExtenderCallbacks callbacks)
             @Override
             public void run()
             {
+                mainPane = new JTabbedPane();
                 splitPane = new JSplitPane(JSplitPane.VERTICAL_SPLIT);
+                mainPane.addTab("Logs", splitPane);
 
                 resultsPanel = new JPanel();
                 tableSplitPane = new JSplitPane(JSplitPane.VERTICAL_SPLIT);
@@ -82,12 +95,67 @@ public void run()
                 panel.add(pollField);
                 splitPane.setTopComponent(panel);
 
+                // Configuration pane
+                JPanel configPanel = new JPanel(new FlowLayout(FlowLayout.LEFT));
+                mainPane.addTab("Configuration", configPanel);
+                JPanel innerConfig = new JPanel();
+                innerConfig.setSize(new Dimension(80, 150));
+                innerConfig.setLayout(new SpringLayout());
+                configPanel.add(innerConfig);
+
+                serverText = new JTextField("interact.sh", 20);
+                portText = new JTextField("443", 20);
+                authText = new JTextField("", 20);
+                tlsBox = new JCheckBox("", true);
+
+                JLabel server = new JLabel("Server: ");
+                innerConfig.add(server);
+                server.setLabelFor(serverText);
+                innerConfig.add(serverText);
+
+                JLabel port = new JLabel("Port: ");
+                innerConfig.add(port);
+                port.setLabelFor(portText);
+                innerConfig.add(portText);
+
+                JLabel auth = new JLabel("Authorization: ");
+                innerConfig.add(auth);
+                auth.setLabelFor(authText);
+                innerConfig.add(authText);
+
+                JLabel tls = new JLabel("TLS: ");
+                innerConfig.add(tls);
+                tls.setLabelFor(tlsBox);
+                innerConfig.add(tlsBox);
+
+                JButton updateConfigButton = new JButton("Update Settings");
+                updateConfigButton.addActionListener(new ActionListener() {
+                    public void actionPerformed(ActionEvent e) {
+                        burp.gui.Config.updateConfig();
+                    }
+                });
+                innerConfig.add(updateConfigButton);
+
+                // Add a blank panel so that SpringUtilities can make a well shaped grid
+                innerConfig.add(new JPanel());
+
+                SpringUtilities.makeCompactGrid(innerConfig,
+                        5, 2, //rows, cols
+                        6, 6,        //initX, initY
+                        6, 6);       //xPad, yPad
+
+                burp.gui.Config.loadConfig();
+
+
                 // customize our UI components
+                callbacks.customizeUiComponent(mainPane);
                 callbacks.customizeUiComponent(resultsPanel);
                 callbacks.customizeUiComponent(tableSplitPane);
                 callbacks.customizeUiComponent(splitPane);
                 callbacks.customizeUiComponent(logTable);
                 callbacks.customizeUiComponent(scrollPane);
+                callbacks.customizeUiComponent(configPanel);
+                callbacks.customizeUiComponent(innerConfig);
                 callbacks.customizeUiComponent(CollaboratorButton);
 
                 // add the custom tab to Burp's UI
@@ -159,7 +227,7 @@ public String getTabCaption()
     @Override
     public Component getUiComponent()
     {
-        return splitPane;
+        return mainPane;
     }
 
     //

diff --git a/src/burp/gui/Config.java b/src/burp/gui/Config.java
@@ -0,0 +1,83 @@
+package burp.gui;
+
+import burp.IBurpExtenderCallbacks;
+
+import javax.swing.*;
+
+public class Config {
+    public static void generateConfig(){
+        IBurpExtenderCallbacks callbacks = burp.BurpExtender.getCallbacks();
+
+        String server = callbacks.loadExtensionSetting("interactsh-server");
+        String port = callbacks.loadExtensionSetting("interactsh-port");
+
+        if ((server == null || server.isEmpty()) ||
+                (port == null || port.isEmpty())){
+            callbacks.saveExtensionSetting("interactsh-server", "interact.sh");
+            callbacks.saveExtensionSetting("interactsh-port", "443");
+            callbacks.saveExtensionSetting("interactsh-uses-tls", Boolean.toString(true));
+        }
+    }
+
+    public static void loadConfig(){
+        IBurpExtenderCallbacks callbacks = burp.BurpExtender.getCallbacks();
+        String server = callbacks.loadExtensionSetting("interactsh-server");
+        String port = callbacks.loadExtensionSetting("interactsh-port");
+        boolean tls = Boolean.parseBoolean(callbacks.loadExtensionSetting("interactsh-uses-tls"));
+        String authorization = callbacks.loadExtensionSetting("interactsh-authorization");
+
+        // Update each of the text boxes on the Configuration pane
+        burp.BurpExtender.serverText.setText(server);
+        burp.BurpExtender.portText.setText(port);
+        burp.BurpExtender.authText.setText(authorization);
+        burp.BurpExtender.tlsBox.setSelected(tls);
+    }
+
+    public static void updateConfig(){
+        IBurpExtenderCallbacks callbacks = burp.BurpExtender.getCallbacks();
+
+        // Read each of the text boxes on the Configuration pane
+        String server = burp.BurpExtender.serverText.getText();
+        String port = burp.BurpExtender.portText.getText();
+        String authorization = burp.BurpExtender.authText.getText();
+        boolean tls = burp.BurpExtender.tlsBox.isSelected();
+
+        callbacks.saveExtensionSetting("interactsh-server", server);
+        callbacks.saveExtensionSetting("interactsh-port", port);
+        callbacks.saveExtensionSetting("interactsh-uses-tls", Boolean.toString(tls));
+        callbacks.saveExtensionSetting("interactsh-authorization", authorization);
+    }
+
+    public static String getHost(){
+        return burp.BurpExtender.getCallbacks().loadExtensionSetting("interactsh-server");
+    }
+
+    public static String getPort(){
+        return burp.BurpExtender.getCallbacks().loadExtensionSetting("interactsh-port");
+    }
+
+    public static boolean getScheme(){
+        return Boolean.parseBoolean(burp.BurpExtender.getCallbacks().loadExtensionSetting("interactsh-uses-tls"));
+    }
+
+    public static String getAuth(){
+        return burp.BurpExtender.getCallbacks().loadExtensionSetting("interactsh-authorization");
+    }
+
+    public static String getUrl(){
+        String scheme = "https://";
+        if(Boolean.parseBoolean(burp.BurpExtender.getCallbacks().loadExtensionSetting("interactsh-server")) ==  false){
+            scheme = "http://";
+        }
+
+        String url = scheme + getHost();
+        String port = getPort();
+        if(!(port == "80" || port == "443")){
+            url += ":" + port;
+        }
+
+        return url;
+    }
+}
+
+
diff --git a/src/burp/gui/InteractshListener.java → src/burp/listeners/InteractshListener.java b/src/burp/gui/InteractshListener.java → src/burp/listeners/InteractshListener.java
@@ -1,6 +1,5 @@
-package burp.gui;
+package burp.listeners;
 
-import javax.swing.*;
 import java.awt.*;
 import java.awt.datatransfer.StringSelection;
 import java.awt.event.ActionEvent;

diff --git a/src/burp/gui/PollTimeListener.java → src/burp/listeners/PollTimeListener.java b/src/burp/gui/PollTimeListener.java → src/burp/listeners/PollTimeListener.java
@@ -1,4 +1,4 @@
-package burp.gui;
+package burp.listeners;
 
 import javax.swing.event.DocumentEvent;
 import javax.swing.event.DocumentListener;

diff --git a/src/interactsh/Client.java b/src/interactsh/Client.java
@@ -22,12 +22,24 @@ public class Client {
     private String secretKey;
     private String correlationId;
 
+    // Defaults
     private String server = "https://interact.sh";
     private String host = "interact.sh";
     private int port = 443;
     private boolean scheme = true;
+    private String authorization = null;
 
-    public Client(){}
+    public Client(){
+        server = burp.gui.Config.getUrl();
+        host = burp.gui.Config.getHost();
+        scheme = burp.gui.Config.getScheme();
+        authorization = burp.gui.Config.getAuth();
+        try {
+            port = Integer.parseInt(burp.gui.Config.getPort());
+        } catch (NumberFormatException ne){
+            port = 443;
+        }
+    }
 
     public boolean registerClient() throws Exception {
         String pubKey = Base64.getEncoder().encodeToString(getPublicKey().getBytes(StandardCharsets.UTF_8));
@@ -45,8 +57,11 @@ public boolean registerClient() throws Exception {
                     + "Host: " + host + "\r\n"
                     + "User-Agent: Interact.sh Client\r\n"
                     + "Content-Type: application/json\r\n"
-                    + "Content-Length: " + registerData.toString().length() + "\r\n"
-                    + "Connection: close\r\n\r\n"
+                    + "Content-Length: " + registerData.toString().length() + "\r\n";
+            if(!(authorization == null || authorization.isEmpty())){
+                request += "Authorization: " + authorization + "\r\n";
+            }
+            request += "Connection: close\r\n\r\n"
                     + registerData.toString();
 
             byte[] response = callbacks.makeHttpRequest(host, port, scheme, request.getBytes(StandardCharsets.UTF_8));
@@ -63,8 +78,11 @@ public boolean registerClient() throws Exception {
     public boolean poll() throws IOException, InterruptedException {
         String request = "GET /poll?id=" + correlationId + "&secret=" + secretKey + " HTTP/1.1\r\n"
                 + "Host: " + host + "\r\n"
-                + "User-Agent: Interact.sh Client\r\n"
-                + "Connection: close\r\n\r\n";
+                + "User-Agent: Interact.sh Client\r\n";
+        if(!(authorization == null || authorization.isEmpty())){
+            request += "Authorization: " + authorization + "\r\n";
+        }
+        request += "Connection: close\r\n\r\n";
 
         byte[] response = callbacks.makeHttpRequest(host, port, scheme, request.getBytes(StandardCharsets.UTF_8));
         IResponseInfo responseInfo = BurpExtender.getHelpers().analyzeResponse(response);
@@ -107,8 +125,11 @@ public void deregister(){
                     + "Host: " + host + "\r\n"
                     + "User-Agent: Interact.sh Client\r\n"
                     + "Content-Type: application/json\r\n"
-                    + "Content-Length: " + deregisterData.toString().length() + "\r\n"
-                    + "Connection: close\r\n\r\n"
+                    + "Content-Length: " + deregisterData.toString().length() + "\r\n";
+            if(!(authorization == null || authorization.isEmpty())){
+                request += "Authorization: " + authorization + "\r\n";
+            }
+            request += "Connection: close\r\n\r\n"
                     + deregisterData.toString();
 
             callbacks.makeHttpRequest(host, port, scheme, request.getBytes(StandardCharsets.UTF_8));
@@ -128,7 +149,7 @@ public String getInteractDomain(){
             while (fullDomain.length() < 33) {
                 fullDomain += (char)(random.nextInt(26) + 'a');
             }
-            fullDomain += "." + server.split("/")[2]; // .interact.sh
+            fullDomain += "." + host;
             return fullDomain;
         }
     }