-
Notifications
You must be signed in to change notification settings - Fork 4
/
burp_issue2appendix.py
executable file
·92 lines (79 loc) · 3.5 KB
/
burp_issue2appendix.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#!/usr/bin/env python2
# jue ago 28 19:27:37 CEST 2014
#
# Reads an Burp Suite issues XML file and
# print all the issues, payloads and, details
# based on previous work by Pablo Catalina
#
import sys
import re
from base64 import b64decode
from xml.dom import minidom
import html2text
if len(sys.argv) != 2:
print ("\n\tUsage: %s <issues.xml>\n" % sys.argv[0])
sys.exit(1)
filename = sys.argv[1]
xmldoc = minidom.parse(filename)
idict={}
try:
issueslist = xmldoc.getElementsByTagName('issue')
except Exception as e:
raise Exception("%s does not contain issues :-(")
for issue in issueslist:
issue_type_sqli = "1049088"
issue_type_xss_stored = "2097408"
issue_type_xss_reflected = "2097920"
issue_type = issue.getElementsByTagName('type')[0].firstChild.data
location = issue.getElementsByTagName('location')[0].firstChild.data
url = location.split(' ')[0]
param1 = re.search(r"\[(.*)\]", location).groups()[0]
param = param1.replace('parameter','')
request = b64decode(issue.getElementsByTagName('request')[0].firstChild.data)
response = b64decode(issue.getElementsByTagName('response')[0].firstChild.data)
detail = issue.getElementsByTagName('issueDetail')[0].firstChild.data
detail1 = detail.replace('<br><br>','')
detail2 = detail1.replace('<b>','')
detail3 = detail2.replace('</b>','')
payload = ''
if issue_type == issue_type_sqli:
detail4 = detail3.replace("You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.",'')
detail = detail4
elif issue_type == issue_type_xss_stored or issue_type == issue_type_xss_reflected:
payload = re.search(r"he payload (.*) was submitted", detail3).groups()[0]
detail = detail3
else:
print ("issue_type %s not found" % issue_type)
if url not in idict.keys():
idict[url]={}
if param not in idict[url]:
idict[url][param]=(request,response,detail,payload)
else:
print ("[ERROR] URL: %s dupe PARAM: %s" % (url,param))
raise Exception("","")
number = 0
for url in sorted(idict.keys()):
for param in sorted(idict[url].keys()):
print ("=============================================================================================")
print (" Instance number %s" % number)
print (" URL: %s" % url)
print (" Parameter: %s" % param)
if issue_type == issue_type_xss_stored or issue_type == issue_type_xss_reflected:
print (" Payload: %s" % idict[url][param][3])
print ("=============================================================================================")
print ("\n[*] HTTP Request to %s :\n" % url)
#print "<code>"
print ("-----------------------------------[ SNIP STARTS ]-----------------------------------")
print ("%s" % idict[url][param][0],)
print ("------------------------------------[ SNIP ENDS ]------------------------------------")
#print "</code>"
print ("\n[*] HTTP Response to %s :\n" % url)
#print "<code>"
print ("-----------------------------------[ SNIP STARTS ]-----------------------------------")
print ("%s" % idict[url][param][1],)
print ("------------------------------------[ SNIP ENDS ]------------------------------------")
#print "</code>"
print ("\n[*] Issue detail :\n")
print ("%s\n\n" % idict[url][param][2])
number = number + 1