Implements the changing of DB file during a Burp working session #11

righettod · Aug 31, 2019 · ef29d4e · ef29d4e
1 parent 7110871
commit ef29d4e
Show file tree

Hide file tree

Showing 12 changed files with 95 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -56,6 +56,28 @@ There is an option to exclude the logging of the requests that target images (ch
 
 The list of supported file extensions is [here](resources/settings.properties).
 
+## Pause the logging
+
+There is an option to pause the logging (re-click on the menu to resume the logging):
+
+![Pause Option Menu](example6a.png)
+
+When the logging is paused then when Burp is restarted, it keep in mind that the logging was previously paused and then reflect the state in the menu:
+
+![Pause Option Menu](example6c.png)
+
+Otherwise, when Burp is started and logging was not previously paused then the following options are proposed:
+
+![Pause Option Menu](example6b.png)
+
+## Change the DB file
+
+:warning: This option require that the logging was paused.
+
+There is an option to change the DB file during a Burp working session:
+
+![ChangeDB Option Menu](example7.png)
+
 ## Statistics
 
 There is an option to obtain statistics about the information logged in the database:

diff --git a/example3.png b/example3.png
diff --git a/example4.png b/example4.png
diff --git a/example5a.png b/example5a.png
diff --git a/example6a.png b/example6a.png
diff --git a/example6b.png b/example6b.png
diff --git a/example6c.png b/example6c.png
diff --git a/example7.png b/example7.png
diff --git a/src/burp/ActivityLogger.java b/src/burp/ActivityLogger.java
@@ -66,10 +66,21 @@ class ActivityLogger implements IExtensionStateListener {
         //Affect the properties
         this.callbacks = callbacks;
         this.trace = trace;
+        updateStoreLocation(storeName);
+    }
+
+    /**
+     * Change the location where DB is stored.
+     *
+     * @param storeName Name of the storage that will be created (file path).
+     * @throws Exception If connection with the DB cannot be opened or if the DB cannot be created or if the JDBC driver cannot be loaded.
+     */
+    void updateStoreLocation(String storeName) throws Exception {
+        String newUrl = "jdbc:sqlite:" + storeName;
+        this.url = newUrl;
         //Open the connection to the DB
         this.trace.writeLog("Activity information will be stored in database file '" + storeName + "'.");
-        url = "jdbc:sqlite:" + storeName;
-        this.storageConnection = DriverManager.getConnection(url);
+        this.storageConnection = DriverManager.getConnection(newUrl);
         this.storageConnection.setAutoCommit(true);
         this.trace.writeLog("Open new connection to the storage.");
         //Create the table
@@ -79,7 +90,6 @@ class ActivityLogger implements IExtensionStateListener {
         }
     }
 
-
     /**
      * Save an activity event into the storage.
      *
@@ -128,7 +138,7 @@ DBStats getEventsStats() throws Exception {
         long totalAmountDataSent = 0;
         long biggestRequestAmountDataSent = 0;
         long maxHitsBySecond = 0;
-        if(recordsCount > 0){
+        if (recordsCount > 0) {
             //Get the total amount of data sent, we assume here that 1 character = 1 byte
             try (PreparedStatement stmt = this.storageConnection.prepareStatement(SQL_TOTAL_AMOUNT_DATA_SENT)) {
                 try (ResultSet rst = stmt.executeQuery()) {

diff --git a/src/burp/BurpExtender.java b/src/burp/BurpExtender.java
@@ -41,15 +41,7 @@ public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
                 }
                 //Case for the NO => Change DB file
                 if (loggingQuestionReply == JOptionPane.NO_OPTION) {
-                    JFileChooser customStoreFileNameFileChooser = new JFileChooser();
-                    customStoreFileNameFileChooser.setDialogTitle(extensionName + " - Select the DB file to use...");
-                    customStoreFileNameFileChooser.setCurrentDirectory(new File(System.getProperty("user.home")));
-                    customStoreFileNameFileChooser.setDialogType(JFileChooser.SAVE_DIALOG);
-                    customStoreFileNameFileChooser.setDragEnabled(false);
-                    customStoreFileNameFileChooser.setMultiSelectionEnabled(false);
-                    customStoreFileNameFileChooser.setAcceptAllFileFilterUsed(false);
-                    customStoreFileNameFileChooser.setFileSelectionMode(JFileChooser.FILES_ONLY);
-                    customStoreFileNameFileChooser.setFileHidingEnabled(true);
+                    JFileChooser customStoreFileNameFileChooser = Utilities.createDBFileChooser();
                     int dbFileSelectionReply = customStoreFileNameFileChooser.showDialog(burpFrame, "Use");
                     if (dbFileSelectionReply == JFileChooser.APPROVE_OPTION) {
                         customStoreFileName = customStoreFileNameFileChooser.getSelectedFile().getAbsolutePath().replaceAll("\\\\", "/");

diff --git a/src/burp/ConfigMenu.java b/src/burp/ConfigMenu.java
@@ -2,6 +2,7 @@
 
 import javax.swing.AbstractAction;
 import javax.swing.JCheckBoxMenuItem;
+import javax.swing.JFileChooser;
 import javax.swing.JFrame;
 import javax.swing.JMenu;
 import javax.swing.JMenuBar;
@@ -168,6 +169,36 @@ public void actionPerformed(ActionEvent e) {
             }
         });
         this.cfgMenu.add(subMenuPauseTheLogging);
+        //Add the menu to change the DB file
+        menuText = "Change the DB file";
+        final JMenuItem subMenuDBFileLocationMenuItem = new JMenuItem(menuText);
+        subMenuDBFileLocationMenuItem.addActionListener(
+                new AbstractAction(menuText) {
+                    public void actionPerformed(ActionEvent e) {
+                        try {
+                            String title = "Change the DB file";
+                            if (!ConfigMenu.IS_LOGGING_PAUSED) {
+                                JOptionPane.showMessageDialog(ConfigMenu.getBurpFrame(), "Logging must be paused prior to update the DB file location!", title, JOptionPane.WARNING_MESSAGE);
+                            } else {
+                                String customStoreFileName = callbacks.loadExtensionSetting(ConfigMenu.DB_FILE_CUSTOM_LOCATION_CFG_KEY);
+                                JFileChooser customStoreFileNameFileChooser = Utilities.createDBFileChooser();
+                                int dbFileSelectionReply = customStoreFileNameFileChooser.showDialog(getBurpFrame(), "Use");
+                                if (dbFileSelectionReply == JFileChooser.APPROVE_OPTION) {
+                                    customStoreFileName = customStoreFileNameFileChooser.getSelectedFile().getAbsolutePath().replaceAll("\\\\", "/");
+                                    activityLogger.updateStoreLocation(customStoreFileName);
+                                    callbacks.saveExtensionSetting(ConfigMenu.DB_FILE_CUSTOM_LOCATION_CFG_KEY, customStoreFileName);
+                                    JOptionPane.showMessageDialog(getBurpFrame(), "DB file updated to use:\n\r" + customStoreFileName, title, JOptionPane.INFORMATION_MESSAGE);
+                                } else {
+                                    JOptionPane.showMessageDialog(getBurpFrame(), "The following database file will continue to be used:\n\r" + customStoreFileName, title, JOptionPane.INFORMATION_MESSAGE);
+                                }
+                            }
+                        } catch (Exception exp) {
+                            ConfigMenu.this.trace.writeLog("Cannot update DB file location: " + exp.getMessage());
+                        }
+                    }
+                }
+        );
+        this.cfgMenu.add(subMenuDBFileLocationMenuItem);
         //Add the sub menu to get statistics about the DB.
         menuText = "Get statistics about the logged events";
         final JMenuItem subMenuDBStatsMenuItem = new JMenuItem(menuText);

diff --git a/src/burp/Utilities.java b/src/burp/Utilities.java
@@ -0,0 +1,27 @@
+package burp;
+
+import javax.swing.JFileChooser;
+import java.io.File;
+
+/**
+ * Contains utilities methods.
+ */
+class Utilities {
+
+    /**
+     * Create and configure a UI to select a DB file
+     * @return a instance of a JFileChooser ready to use
+     */
+    static JFileChooser createDBFileChooser() {
+        JFileChooser customStoreFileNameFileChooser = new JFileChooser();
+        customStoreFileNameFileChooser.setDialogTitle("Select the DB file to use...");
+        customStoreFileNameFileChooser.setCurrentDirectory(new File(System.getProperty("user.home")));
+        customStoreFileNameFileChooser.setDialogType(JFileChooser.SAVE_DIALOG);
+        customStoreFileNameFileChooser.setDragEnabled(false);
+        customStoreFileNameFileChooser.setMultiSelectionEnabled(false);
+        customStoreFileNameFileChooser.setAcceptAllFileFilterUsed(false);
+        customStoreFileNameFileChooser.setFileSelectionMode(JFileChooser.FILES_ONLY);
+        customStoreFileNameFileChooser.setFileHidingEnabled(true);
+        return customStoreFileNameFileChooser;
+    }
+}