Skip to content

Commit 9f3b276

Browse files
committed
Merge pull request #3 from federicodotta/master
Autorize v0.12
2 parents 5075a77 + a6e6817 commit 9f3b276

2 files changed

Lines changed: 4 additions & 11 deletions

File tree

Autorize.py

Lines changed: 3 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ def registerExtenderCallbacks(self, callbacks):
7575

7676
self.currentRequestNumber = 1
7777

78-
print "Thank you for installing Autorize v0.11 extension"
78+
print "Thank you for installing Autorize v0.12 extension"
7979
print "Created by Barak Tawily"
8080
print "Contributors: Barak Tawily, Federico Dotta"
8181
print "\nGithub:\nhttps://github.com/Quitten/Autorize"
@@ -134,7 +134,6 @@ def initEnforcementDetector(self):
134134
EDLabelList = JLabel("Filter List:")
135135
EDLabelList.setBounds(10, 165, 140, 30)
136136

137-
#EDStrings = ["Finger Print: (enforced message body contains)", "Content-Length: (constant Content-Length number of enforced response)", "Headers: (enforced message headers contains)", "Regex: (headers + body)"]
138137
EDStrings = ["Headers (simple string): (enforced message headers contains)", "Headers (regex): (enforced messege headers contains)", "Body (simple string): (enforced messege body contains)", "Body (regex): (enforced messege body contains)", "Full request (simple string): (enforced messege contains)", "Full request (regex): (enforced messege contains)", "Content-Length: (constant Content-Length number of enforced response)"]
139138
self.EDType = JComboBox(EDStrings)
140139
self.EDType.setBounds(80, 10, 430, 30)
@@ -169,10 +168,6 @@ def initEnforcementDetectorUnauthorized(self):
169168
## init enforcement detector tab
170169
#
171170

172-
# These two variable appears to be unused...
173-
#self.EDFP = ArrayList()
174-
#self.EDCT = ArrayList()
175-
176171
EDLType = JLabel("Type:")
177172
EDLType.setBounds(10, 10, 140, 30)
178173

@@ -182,7 +177,6 @@ def initEnforcementDetectorUnauthorized(self):
182177
EDLabelList = JLabel("Filter List:")
183178
EDLabelList.setBounds(10, 165, 140, 30)
184179

185-
#EDStrings = ["Finger Print: (enforced message body contains)", "Content-Length: (constant Content-Length number of enforced response)", "Headers: (enforced message headers contains)", "Regex: (headers + body)"]
186180
EDStrings = ["Headers (simple string): (enforced message headers contains)", "Headers (regex): (enforced messege headers contains)", "Body (simple string): (enforced messege body contains)", "Body (regex): (enforced messege body contains)", "Full request (simple string): (enforced messege contains)", "Full request (regex): (enforced messege contains)", "Content-Length: (constant Content-Length number of enforced response)"]
187181
self.EDTypeUnauth = JComboBox(EDStrings)
188182
self.EDTypeUnauth.setBounds(80, 10, 430, 30)
@@ -713,7 +707,7 @@ def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
713707

714708
return
715709

716-
def sendRequestToAuthorizeWork(self,messageInfo):
710+
def sendRequestToAutorizeWork(self,messageInfo):
717711

718712
if messageInfo.getResponse() == None:
719713
message = self.makeMessage(messageInfo,False,False)
@@ -741,7 +735,6 @@ def makeMessage(self, messageInfo, removeOrNot, authorizeOrNot):
741735
headers.remove(header)
742736

743737
if authorizeOrNot:
744-
#print self.replaceString.getText()
745738
headers.append(self.replaceString.getText())
746739

747740
msgBody = messageInfo.getRequest()[requestInfo.getBodyOffset():]
@@ -950,7 +943,7 @@ def __init__(self, extender, messageInfo, menuName):
950943

951944
def actionPerformed(self, e):
952945
if self._menuName == "request":
953-
start_new_thread(self._extender.sendRequestToAuthorizeWork,(self._messageInfo,))
946+
start_new_thread(self._extender.sendRequestToAutorizeWork,(self._messageInfo,))
954947

955948
if self._menuName == "cookie":
956949
self._extender.replaceString.setText(self._extender.getCookieFromMessage(self._messageInfo))

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Autorize
2-
Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert at AppSec Labs. Autorize was designed to help security testers by performing automatic authorization tests. With the last release now Authorize also perform automatic authentication tests.
2+
Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert at AppSec Labs. Autorize was designed to help security testers by performing automatic authorization tests. With the last release now Autorize also perform automatic authentication tests.
33

44
![alt tag](https://raw.githubusercontent.com/Quitten/Autorize/master/Autorize.png)
55

0 commit comments

Comments
 (0)