fix bug #90

bit4woo · Aug 1, 2024 · 4d3d62d · 4d3d62d
1 parent f0e22b7
commit 4d3d62d
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 26 deletions.
diff --git a/src/config/ConfigEntry.java b/src/config/ConfigEntry.java
@@ -266,11 +266,11 @@ public boolean isInRuleScope(int toolFlag, IHttpRequestResponse messageInfo) {
         HelperPlus getter = BurpExtender.getHelperPlus();
         String baseUrl = HelperPlus.getBaseURL(messageInfo).toString();
         String url;
-		try {
-			url = getter.getFullURL(messageInfo).toString();
-		} catch (Exception e) {
-			url = baseUrl;
-		}
+        try {
+            url = getter.getFullURL(messageInfo).toString();
+        } catch (Exception e) {
+            url = baseUrl;
+        }
         String host = HelperPlus.getHost(messageInfo);
         String configkey = getKey();
 
@@ -323,28 +323,43 @@ public String getFinalValue(IHttpRequestResponse[] messageInfos) {
             return valueStr;
         }
 
-        List<String> items = TextUtils.grepWithRegex(valueStr, "\\{.*?\\}");
+        //List<String> items = TextUtils.grepWithRegex(valueStr, "\\{A-Za-z?\\}");
+        //正则提取在遇到json格式时，可能有非预期结果。
 
         List<String> httpParts = MessagePart.getPartList();
         List<ConfigEntry> varConfigs = GUI.configTableModel.getBasicConfigVars();
 
-        for (String item : items) {
-            String partType = item.replace("{", "").replace("}", "");
-            for (String part : httpParts) {
-                if (partType.equalsIgnoreCase(part)) {
-                    String value = getValueByPartType(messageInfos, partType);
-                    valueStr = valueStr.replace(item, value);
-                }
-            }
-            for (ConfigEntry config : varConfigs) {
-                if (partType.equalsIgnoreCase(config.getKey())) {
-                    valueStr = valueStr.replace(item, config.getValue());
-                }
-            }
+        for (String part : httpParts) {
+            valueStr = findAndReplace(valueStr, "{" + part + "}", getValueByPartType(messageInfos, part));
+        }
+        for (ConfigEntry config : varConfigs) {
+            valueStr = findAndReplace(valueStr, "{" + config.getKey() + "}", config.getValue());
         }
         return valueStr;
     }
 
+    /**
+     * 查找时忽略大小写，但是替换结果不能改变原始字符串的大小写。
+     *
+     * @param text
+     * @param toFind
+     * @param replacement
+     * @return
+     */
+    public static String findAndReplace(String text, String toFind, String replacement) {
+        while (true) {
+            int index = text.toLowerCase().indexOf(toFind.toLowerCase());
+            if (index != -1) {
+                String prefix = text.substring(0, index);
+                String suffix = text.substring(index + toFind.length());
+                text = prefix + replacement + suffix;
+            } else {
+                break;
+            }
+        }
+        return text;
+    }
+
     public boolean ifNeedTakeAction(int toolFlag, IHttpRequestResponse messageInfo) {
         if (!isEnable()) return false;
         if (!isActionType()) return false;

diff --git a/src/runcmd/MessagePart.java b/src/runcmd/MessagePart.java
@@ -39,9 +39,9 @@ public class MessagePart {
     public static final String MultiResponseHeaders = "MultiResponseHeaders";
     public static final String ResponseBody = "ResponseBody";
     public static final String MultiResponseBody = "MultiResponseBody";
-    
-    
-    private static final String ConnectingCharacter =" ";
+
+
+    private static final String ConnectingCharacter = " ";
     private static final String workdir = System.getProperty("user.home") + File.separator + ".knife";
 
     public static List<String> getPartList() {
@@ -106,7 +106,11 @@ private static String getPartOfMessage(IHttpRequestResponse message, String part
             case MultiResponse:
             case ResponseAsFile:
             case MultiResponseAsFile:
-                value = new String(message.getResponse());
+                if (message.getResponse() == null) {
+                    value = "";
+                } else {
+                    value = new String(message.getResponse());
+                }
                 break;
             case RequestHeaders:
             case MultiRequestHeaders:
@@ -122,7 +126,12 @@ private static String getPartOfMessage(IHttpRequestResponse message, String part
                 break;
             case ResponseBody:
             case MultiResponseBody:
-                value = new String(HelperPlus.getBody(false, message));
+                byte[] body = HelperPlus.getBody(false, message);
+                if (body == null) {
+                    value = "";
+                } else {
+                    value = new String(HelperPlus.getBody(false, message));
+                }
                 break;
             default:
                 value = "NotValidPartType";
@@ -151,15 +160,15 @@ public static String getValueByPartType(IHttpRequestResponse[] messages, String
                 break;
             }
         }
-        
+
         if (partType.toLowerCase().endsWith("asfile")) {
             if (tempValues.size() > 1) {
                 firstHost = firstHost + "." + tempValues.size();
             }
             String content = String.join(System.lineSeparator(), tempValues);
             return contentToFile(firstHost, content);
         } else {
-        	String content = String.join(ConnectingCharacter, tempValues);
+            String content = String.join(ConnectingCharacter, tempValues);
             return content;
         }
     }