Feature/montaya (#89)

* Rewrite using Montoya API (#88) Co-authored-by: cyrill <[email protected]> * srv -> src * srv -> src. project structure * cleaning up about tab * formatting, minor changes * improve header detection * fix: jwts in cookies that contain a = (valid b64) now parsed correctly * remove debug * prevent resign key field to break on small window sizes * Update README.md --------- Co-authored-by: cyrill <[email protected]> Co-authored-by: Oussama Zgheb <[email protected]>
ozzi- · Jun 14, 2024 · eb3442d · eb3442d
1 parent 7d4a10b
commit eb3442d
Show file tree

Hide file tree

Showing 325 changed files with 21,944 additions and 5,220 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,65 +1,43 @@
-
-.metadata
-bin/
-tmp/
-*.tmp
-*.bak
-*.swp
-*~.nib
-local.properties
-.settings/
-.loadpath
-.recommenders
-
-# IDEA
-.idea
-
-
-# Eclipse Core
-.project
-
-# External tool builders
-.externalToolBuilders/
-
-# Locally stored "Eclipse launch configurations"
-*.launch
-
-# PyDev specific (Python IDE for Eclipse)
-*.pydevproject
-
-# CDT-specific (C/C++ Development Tooling)
-.cproject
-
-# JDT-specific (Eclipse Java Development Tools)
+.gradle
+build/
+!gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### IntelliJ IDEA ###
+.idea/modules.xml
+.idea/jarRepositories.xml
+.idea/compiler.xml
+.idea/libraries/
+*.iws
+*.iml
+*.ipr
+out/
+!**/src/main/**/out/
+!**/src/test/**/out/
+
+### Eclipse ###
+.apt_generated
 .classpath
-
-# Java annotation processor (APT)
 .factorypath
-
-# PDT-specific (PHP Development Tools)
-.buildpath
-
-# sbteclipse plugin
-.target
-
-# Tern plugin
-.tern-project
-
-# TeXlipse plugin
-.texlipse
-
-# STS (Spring Tool Suite)
+.project
+.settings
 .springBeans
-
-# Code Recommenders
-.recommenders/
-
-
-# maven build directory
-target/
-
-# lib directory (containing the burp jar)
-lib/
-
-# ignore debug output
-*log
+.sts4-cache
+bin/
+!**/src/main/**/bin/
+!**/src/test/**/bin/
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+
+### VS Code ###
+.vscode/
+
+### Mac OS ###
+.DS_Store
+/target/
diff --git a/BappManifest.bmf b/BappManifest.bmf
@@ -6,7 +6,7 @@ ScreenVersion: 2.2
 SerialVersion: 21
 MinPlatformVersion: 0
 ProOnly: False
-Author: Oussama Zgheb & Mathias Vetsch
+Author: Oussama Zgheb
 ShortDescription: Enables Burp to decode and manipulate JSON web tokens.
 EntryPoint: target/JWT4B-jar-with-dependencies.jar
 BuildCommand: mvn package -DskipTests=true -Dmaven.javadoc.skip=true -B

diff --git a/README.md b/README.md
@@ -26,12 +26,6 @@ A config file will be created under "%user.home%\.JWT4B\config.json" with the fo
   "resetEditor": true,
   "highlightColor": "blue",
   "interceptComment": "Contains a JWT",
-  "jwtKeywords": [
-    "Authorization: Bearer",
-    "Authorization: bearer",
-    "authorization: Bearer",
-    "authorization: bearer"
-  ],
   "tokenKeywords": [
     "id_token",
     "ID_TOKEN",
@@ -48,9 +42,9 @@ Note: If resetEditor is set to false, all options such as the re-singing and alg
 
 ## Building your own version (with Eclipse)
 1. Clone repository and create new Eclipse Java Project
-2. Rightclick -> Configure -> Convert to Maven Project (downloading all required libraries)
+2. Rightclick -> Configure -> Convert to Gradle Project (downloading all required libraries)
 3. Open Burp -> Extensions -> APIs -> Save interface files -> Copy all files to JWT4B\src\burp
-4. Export runnable fat JAR including libraries
+4. Gradle -> build jar
 5. Load the JAR in Burp through the Extender Tab -> Extensions -> Add (Good to know: CTRL+Click on a extension to reload it)
 
 # Installation from BApp Store

diff --git a/build.gradle b/build.gradle
@@ -0,0 +1,52 @@
+plugins {
+    id 'java'
+    id 'eclipse'
+}
+
+group = 'org.example'
+version = '1.0-SNAPSHOT'
+
+repositories {
+        maven { url "https://artifact.swissre.com/artifactory/internal" }
+        maven { url "https://artifact.swissre.com/artifactory/external" }
+        maven { url "https://artifact.swissre.com/artifactory/thirdparty" }
+
+    //mavenCentral()
+}
+
+dependencies {
+    compileOnly "net.portswigger.burp.extensions:montoya-api:${extender_version}"
+	compileOnly 'org.projectlombok:lombok:1.18.32'
+	annotationProcessor 'org.projectlombok:lombok:1.18.32'
+
+
+    implementation (
+            'com.auth0:java-jwt:3.11.0',
+            'commons-codec:commons-codec:1.15',
+            'com.fifesoft:rsyntaxtextarea:3.1.1',
+            'commons-lang:commons-lang:2.6',
+            'com.fasterxml.jackson.core:jackson-databind:2.12.7.1',
+            'com.eclipsesource.minimal-json:minimal-json:0.9.4',
+    )
+
+    testImplementation(
+            "net.portswigger.burp.extensions:montoya-api:${extender_version}",
+            "org.junit.jupiter:junit-jupiter-engine:${junit_version}",
+            "org.junit.jupiter:junit-jupiter-params:${junit_version}",
+            'org.assertj:assertj-core:3.22.0',
+            'org.mockito:mockito-core:5.8.0',
+            'org.apache.commons:commons-text:1.10.0'
+    )
+}
+
+test {
+    useJUnitPlatform()
+}
+
+jar {
+    manifest {
+        attributes 'implementation-version': "${version}"
+    }
+    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+    from { configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) } }
+}
diff --git a/gradle.properties b/gradle.properties
@@ -0,0 +1,2 @@
+extender_version = 2023.12.1
+junit_version = 5.11.0-M2
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,6 @@
+#Sat May 25 16:59:06 CEST 2024
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists