JSON support for list import/export & required related refactor (#28)

* RegexContext class for Options lists * refactor: createOptions_Regex * refactor: createOptions_Configuration_Scanner * Removed duplicated code * Moved ActionListener to classes * refactor: parameters on separate lines * refactor: removed useless static * fix: resource packaging; refactor: open regex list from file * feat: open and save list from JSON * refactor: moved stderr/out to BurpSuite extension page; Cleaned exceptions handling * Updated README.md with new changes * updated bappdescription docs
CYS4srl · Jul 17, 2023 · 38f61c2 · 38f61c2
1 parent 442f3b2
commit 38f61c2
Show file tree

Hide file tree

Showing 10 changed files with 496 additions and 255 deletions.
diff --git a/BappDescription.html b/BappDescription.html
@@ -9,5 +9,6 @@
     <li>Pre-defined set of regex</li>
     <li>Many filters to skip irrelevant messages</li>
     <li>Customizable regexes lists</li>
-    <li>Import/Export regexes with CSV files</li>
+    <li>Import regexes from CSV/JSON files</li>
+    <li>Export results to CSV/JSON files</li>
 </ul>
diff --git a/README.md b/README.md
@@ -85,26 +85,41 @@ To see the predefined list go to the Options tab. There you can choose which of
 
 These are the actions available to manage the lists:
 
-- **New**: a pop-up will appear to insert a new regex or extension.
-- **Delete**: the currently selected row will be deleted from the list.
-- **Clear**: the list will be emptied.
-- **Reset**: the plugin will reset to the default list.
-- **Open**: a pop-up will appear to import a list of regex or extensions from a `.csv` file. For the required file format, refer to the [Importing Lists](#importing-lists) section.
-- **Save**: the current list will be saved to a `.csv`.
 - **Enable all**: disable all the regexes in the current section.
 - **Disable all**: enable all the regexes in the current section.
+- **Reset default list**: the list will be reset to the default list.
+- **Clear list**: the list will be emptied.
+- **Open list**: a pop-up will appear to import a list of regex or extensions from a `csv` or `json` file. For the required file format, refer to the [Importing Lists](#importing-lists) section.
+- **Save list**: a pop-up will appear to save the current list of regex to a `csv` or `json` file.
+- **New regex**: a pop-up will appear to insert a new regex or extension.
+- **Delete regex**: the currently selected row will be deleted from the list.
+- **Edit regex**: a pop-up will appear to modify the currently selected row.
 
-After customizing the lists it is now possible to start scanning for sensitive information inside HTTP messages. The plugin offers the following mode of operations:
-
-1. **Analyze HTTP History**: the plugin will parse all http history generated up to that moment, matching all active patterns.
+After customizing the lists it is now possible to start scanning for sensitive information inside HTTP messages. The extension parses all http request generated up to that moment in the Proxy tab, and tries to match all active patterns.
 
 ### Importing Lists
 
-Using the "Open" and "Save" buttons it's possible to import custom lists, and save the current list to a file.
+Using the "Open list" and "Save list" buttons it's possible to import custom lists, and save the current list to a file.
+
+Both `CSV` and `JSON` files with their respective extensions are supported.
+
+- For **CSV** files, the first line represent the header line `"description","regex"` and each next line represents an entry. Entries must have the following format: `"Description","Regex"`. The quotation marks and the comma are required. Any double-quote inside the fields must be escaped with another double-quote. E.g.:
 
-The files must have the `.csv` extension.
+  ```csv
+  "description","regex"
+  "Google e-mail","\w+@gmail.com"
+  ```
 
-Each line in the file represents an entry and should have the following format: `"Description","Regex"`. The quotation marks and the comma are required.
+- For **JSON** files, the file must be in the following format:
+
+  ```json
+  [
+    {
+      "description": "Google e-mail",
+      "regex": "\\w+@gmail.com"
+    }
+  ]
+  ```
 
 Regexes must be compliant with the Java's Regexes Style. If in doubt, use [regex101](https://regex101.com/) with the `Java 8` flavour to test regexes.
 

diff --git a/src/main/java/com/cys4/sensitivediscoverer/controller/OptionsScannerUpdateListener.java b/src/main/java/com/cys4/sensitivediscoverer/controller/OptionsScannerUpdateListener.java
@@ -0,0 +1,27 @@
+package com.cys4.sensitivediscoverer.controller;
+
+import com.cys4.sensitivediscoverer.ui.MainUI;
+
+import javax.swing.*;
+import java.awt.event.ActionListener;
+
+public abstract class OptionsScannerUpdateListener implements ActionListener {
+
+    protected JLabel currentValueLabel;
+    protected JTextField updatedStatusField;
+    protected MainUI mainUI;
+
+    public OptionsScannerUpdateListener(MainUI mainUI) {
+        this.currentValueLabel = null;
+        this.updatedStatusField = null;
+        this.mainUI = mainUI;
+    }
+
+    public void setCurrentValueLabel(JLabel currentValueLabel) {
+        this.currentValueLabel = currentValueLabel;
+    }
+
+    public void setUpdatedStatusField(JTextField updatedStatusField) {
+        this.updatedStatusField = updatedStatusField;
+    }
+}
diff --git a/...ain/java/com/cys4/sensitivediscoverer/controller/OptionsScannerUpdateMaxSizeListener.java b/...ain/java/com/cys4/sensitivediscoverer/controller/OptionsScannerUpdateMaxSizeListener.java
@@ -0,0 +1,28 @@
+package com.cys4.sensitivediscoverer.controller;
+
+import com.cys4.sensitivediscoverer.ui.MainUI;
+
+import java.awt.event.ActionEvent;
+
+import static com.cys4.sensitivediscoverer.controller.Messages.getLocaleString;
+
+public class OptionsScannerUpdateMaxSizeListener extends OptionsScannerUpdateListener {
+
+    public OptionsScannerUpdateMaxSizeListener(MainUI mainUI) {
+        super(mainUI);
+    }
+
+    @Override
+    public void actionPerformed(ActionEvent actionEvent) {
+        try {
+            int newMaxSizeValue = Integer.parseInt(updatedStatusField.getText());
+            if (newMaxSizeValue < 1)
+                throw new NumberFormatException(getLocaleString("exception-sizeMustBeGreaterEqualThanOne"));
+
+            this.mainUI.setMaxSizeValueOption(newMaxSizeValue);
+            currentValueLabel.setText(String.valueOf(this.mainUI.getMaxSizeValueOption()));
+            updatedStatusField.setText("");
+        } catch (NumberFormatException ignored) {
+        }
+    }
+}
diff --git a/.../java/com/cys4/sensitivediscoverer/controller/OptionsScannerUpdateNumThreadsListener.java b/.../java/com/cys4/sensitivediscoverer/controller/OptionsScannerUpdateNumThreadsListener.java
@@ -0,0 +1,30 @@
+package com.cys4.sensitivediscoverer.controller;
+
+import com.cys4.sensitivediscoverer.scanner.BurpLeaksScanner;
+import com.cys4.sensitivediscoverer.ui.MainUI;
+
+import java.awt.event.ActionEvent;
+
+import static com.cys4.sensitivediscoverer.controller.Messages.getLocaleString;
+
+public class OptionsScannerUpdateNumThreadsListener extends OptionsScannerUpdateListener {
+
+    public OptionsScannerUpdateNumThreadsListener(MainUI mainUI) {
+        super(mainUI);
+    }
+
+    @Override
+    public void actionPerformed(ActionEvent actionEvent) {
+        try {
+            int newThreadNumber = Integer.parseInt(updatedStatusField.getText());
+            if (newThreadNumber < 1 || newThreadNumber > 128)
+                throw new NumberFormatException(getLocaleString("exception-numberNotInTheExpectedRange"));
+
+            BurpLeaksScanner burpLeaksScanner = this.mainUI.getBurpLeaksScanner();
+            burpLeaksScanner.setNumThreads(newThreadNumber);
+            currentValueLabel.setText(String.valueOf(burpLeaksScanner.getNumThreads()));
+            updatedStatusField.setText("");
+        } catch (NumberFormatException ignored) {
+        }
+    }
+}
diff --git a/src/main/java/com/cys4/sensitivediscoverer/controller/Utils.java b/src/main/java/com/cys4/sensitivediscoverer/controller/Utils.java
@@ -9,6 +9,7 @@
 import java.awt.*;
 import java.io.*;
 import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
 import java.util.List;
 import java.util.Objects;
 import java.util.stream.Collectors;
@@ -61,15 +62,40 @@ public static void saveToFile(String extensionName, List<String> lines) {
         if (!exportFilePath.endsWith("."+extensionName)) {
             exportFilePath += "."+extensionName;
         }
+
         try {
             PrintWriter pwt = new PrintWriter(exportFilePath);
             lines.forEach(pwt::println);
             pwt.close();
-        } catch (FileNotFoundException e) {
+        } catch (Exception e) {
             e.printStackTrace();
         }
     }
 
+    /**
+     * Open JFileChooser to get lines from a file
+     * @param extensionName the extension to filter files
+     * @return The lines from the file, or null if there was an error
+     */
+    public static List<String> linesFromFile(String extensionName) {
+        JFrame parentFrame = new JFrame();
+        JFileChooser fileChooser = new JFileChooser();
+        FileNameExtensionFilter filter = new FileNameExtensionFilter("."+extensionName,extensionName);
+        fileChooser.setFileFilter(filter);
+        fileChooser.setDialogTitle(getLocaleString("utils-linesFromFile-importFile"));
+
+        int userSelection = fileChooser.showOpenDialog(parentFrame);
+        if (userSelection != JFileChooser.APPROVE_OPTION) return null;
+
+        File selectedFile = fileChooser.getSelectedFile();
+        try {
+            return Files.readAllLines(selectedFile.toPath());
+        } catch (IOException e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
     /**
      * Recursively disable all components that have a certain property set.
      * When a component with the property specified is found, the component and all the recursive children are enabled to the state specified.

diff --git a/src/main/java/com/cys4/sensitivediscoverer/model/RegexContext.java b/src/main/java/com/cys4/sensitivediscoverer/model/RegexContext.java
@@ -0,0 +1,16 @@
+package com.cys4.sensitivediscoverer.model;
+
+import java.util.List;
+
+public class RegexContext {
+
+    private final List<RegexEntity> regexEntities;
+
+    public RegexContext(List<RegexEntity> regexEntities) {
+        this.regexEntities = regexEntities;
+    }
+
+    public List<RegexEntity> getRegexEntities() {
+        return regexEntities;
+    }
+}
diff --git a/src/main/java/com/cys4/sensitivediscoverer/scanner/BurpLeaksScanner.java b/src/main/java/com/cys4/sensitivediscoverer/scanner/BurpLeaksScanner.java
@@ -73,7 +73,7 @@ public void analyzeProxyHistory(JProgressBar progressBar) {
         // setup filter parameters for analysis
         boolean inScope = MainUI.isInScopeOptionSelected();
         boolean checkMimeType = MainUI.isSkipMediaTypeOptionSelected();
-        int maxRequestSize = MainUI.isSkipMaxSizeOptionSelected() ? MainUI.getMaxSizeValueOption() : -1;
+        int maxRequestSize = MainUI.isSkipMaxSizeOptionSelected() ? this.mainUI.getMaxSizeValueOption() : -1;
 
         ExecutorService executor = Executors.newFixedThreadPool(numThreads);
         for (int i = 0; i < httpProxyItems.length; i++) {