Examples with Alert org.parosproxy.paros.core.scanner.Alert used on opensource projects

Search in sources :

Example 21 with Alert

use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.

the class AlertPanel method getTreeAlert.

/**
	 * This method initializes treeAlert	
	 * 	
	 * @return javax.swing.JTree	
	 */
JTree getTreeAlert() {
    if (treeAlert == null) {
        treeAlert = new JTree() {

            private static final long serialVersionUID = 1L;

            @Override
            public Point getPopupLocation(final MouseEvent event) {
                if (event != null) {
                    // Select item on right click
                    TreePath tp = treeAlert.getPathForLocation(event.getX(), event.getY());
                    if (tp != null) {
                        // to be selected
                        if (!treeAlert.getSelectionModel().isPathSelected(tp)) {
                            treeAlert.getSelectionModel().setSelectionPath(tp);
                        }
                    }
                }
                return super.getPopupLocation(event);
            }
        };
        treeAlert.setName(ALERT_TREE_PANEL_NAME);
        treeAlert.setShowsRootHandles(true);
        treeAlert.setBorder(javax.swing.BorderFactory.createEmptyBorder(0, 0, 0, 0));
        treeAlert.setComponentPopupMenu(new JPopupMenu() {

            private static final long serialVersionUID = 1L;

            @Override
            public void show(Component invoker, int x, int y) {
                final int countSelectedNodes = treeAlert.getSelectionCount();
                final ArrayList<HistoryReference> uniqueHistoryReferences = new ArrayList<>(countSelectedNodes);
                if (countSelectedNodes > 0) {
                    SortedSet<Integer> historyReferenceIdsAdded = new TreeSet<>();
                    for (TreePath path : treeAlert.getSelectionPaths()) {
                        final AlertNode node = (AlertNode) path.getLastPathComponent();
                        final Object userObject = node.getUserObject();
                        if (userObject instanceof Alert) {
                            HistoryReference historyReference = ((Alert) userObject).getHistoryRef();
                            if (historyReference != null && !historyReferenceIdsAdded.contains(Integer.valueOf(historyReference.getHistoryId()))) {
                                historyReferenceIdsAdded.add(Integer.valueOf(historyReference.getHistoryId()));
                                uniqueHistoryReferences.add(historyReference);
                            }
                        }
                    }
                    uniqueHistoryReferences.trimToSize();
                }
                SelectableHistoryReferencesContainer messageContainer = new DefaultSelectableHistoryReferencesContainer(treeAlert.getName(), treeAlert, Collections.<HistoryReference>emptyList(), uniqueHistoryReferences);
                view.getPopupMenu().show(messageContainer, x, y);
            }
        });
        treeAlert.addMouseListener(new java.awt.event.MouseAdapter() {

            @Override
            public void mouseClicked(java.awt.event.MouseEvent e) {
                if (SwingUtilities.isLeftMouseButton(e) && e.getClickCount() > 1) {
                    // Its a double click - edit the alert
                    editSelectedAlert();
                }
            }
        });
        treeAlert.addTreeSelectionListener(new javax.swing.event.TreeSelectionListener() {

            @Override
            public void valueChanged(javax.swing.event.TreeSelectionEvent e) {
                DefaultMutableTreeNode node = (DefaultMutableTreeNode) treeAlert.getLastSelectedPathComponent();
                if (node != null && node.getUserObject() != null) {
                    Object obj = node.getUserObject();
                    if (obj instanceof Alert) {
                        Alert alert = (Alert) obj;
                        setMessage(alert.getMessage(), alert.getEvidence());
                        treeAlert.requestFocusInWindow();
                        getAlertViewPanel().displayAlert(alert);
                    } else {
                        getAlertViewPanel().clearAlert();
                    }
                } else {
                    getAlertViewPanel().clearAlert();
                }
            }
        });
        treeAlert.setCellRenderer(new AlertTreeCellRenderer());
        treeAlert.setExpandsSelectedPaths(true);
    }
    return treeAlert;
}
Also used : DefaultSelectableHistoryReferencesContainer(org.zaproxy.zap.view.messagecontainer.http.DefaultSelectableHistoryReferencesContainer) DefaultMutableTreeNode(javax.swing.tree.DefaultMutableTreeNode) ArrayList(java.util.ArrayList) SortedSet(java.util.SortedSet) TreeSelectionEvent(javax.swing.event.TreeSelectionEvent) HistoryReference(org.parosproxy.paros.model.HistoryReference) TreeSelectionListener(javax.swing.event.TreeSelectionListener) Component(java.awt.Component) MouseEvent(java.awt.event.MouseEvent) Point(java.awt.Point) JPopupMenu(javax.swing.JPopupMenu) Point(java.awt.Point) MouseEvent(java.awt.event.MouseEvent) JTree(javax.swing.JTree) DefaultSelectableHistoryReferencesContainer(org.zaproxy.zap.view.messagecontainer.http.DefaultSelectableHistoryReferencesContainer) SelectableHistoryReferencesContainer(org.zaproxy.zap.view.messagecontainer.http.SelectableHistoryReferencesContainer) TreePath(javax.swing.tree.TreePath) Alert(org.parosproxy.paros.core.scanner.Alert)

Example 22 with Alert

use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.

the class CoreAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result = null;
    Session session = Model.getSingleton().getSession();
    if (VIEW_HOSTS.equals(name)) {
        result = new ApiResponseList(name);
        SiteNode root = (SiteNode) session.getSiteTree().getRoot();
        @SuppressWarnings("unchecked") Enumeration<SiteNode> en = root.children();
        while (en.hasMoreElements()) {
            String site = en.nextElement().getNodeName();
            if (site.indexOf("//") >= 0) {
                site = site.substring(site.indexOf("//") + 2);
            }
            if (site.indexOf(":") >= 0) {
                site = site.substring(0, site.indexOf(":"));
            }
            ((ApiResponseList) result).addItem(new ApiResponseElement("host", site));
        }
    } else if (VIEW_SITES.equals(name)) {
        result = new ApiResponseList(name);
        SiteNode root = (SiteNode) session.getSiteTree().getRoot();
        @SuppressWarnings("unchecked") Enumeration<SiteNode> en = root.children();
        while (en.hasMoreElements()) {
            ((ApiResponseList) result).addItem(new ApiResponseElement("site", en.nextElement().getNodeName()));
        }
    } else if (VIEW_URLS.equals(name)) {
        result = new ApiResponseList(name);
        SiteNode root = (SiteNode) session.getSiteTree().getRoot();
        this.getURLs(root, (ApiResponseList) result);
    } else if (VIEW_ALERT.equals(name)) {
        TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
        RecordAlert recordAlert;
        try {
            recordAlert = tableAlert.read(this.getParam(params, PARAM_ID, -1));
        } catch (DatabaseException e) {
            throw new ApiException(ApiException.Type.INTERNAL_ERROR);
        }
        if (recordAlert == null) {
            throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
        }
        result = new ApiResponseElement(alertToSet(new Alert(recordAlert)));
    } else if (VIEW_ALERTS.equals(name)) {
        final ApiResponseList resultList = new ApiResponseList(name);
        processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), new Processor<Alert>() {

            @Override
            public void process(Alert alert) {
                resultList.addItem(alertToSet(alert));
            }
        });
        result = resultList;
    } else if (VIEW_NUMBER_OF_ALERTS.equals(name)) {
        CounterProcessor<Alert> counter = new CounterProcessor<>();
        processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), counter);
        result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
    } else if (VIEW_MESSAGE.equals(name)) {
        TableHistory tableHistory = Model.getSingleton().getDb().getTableHistory();
        RecordHistory recordHistory;
        try {
            recordHistory = tableHistory.read(this.getParam(params, PARAM_ID, -1));
        } catch (HttpMalformedHeaderException | DatabaseException e) {
            throw new ApiException(ApiException.Type.INTERNAL_ERROR);
        }
        if (recordHistory == null || recordHistory.getHistoryType() == HistoryReference.TYPE_TEMPORARY) {
            throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
        }
        result = new ApiResponseElement(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
    } else if (VIEW_MESSAGES.equals(name)) {
        final ApiResponseList resultList = new ApiResponseList(name);
        processHttpMessages(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), new Processor<RecordHistory>() {

            @Override
            public void process(RecordHistory recordHistory) {
                resultList.addItem(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
            }
        });
        result = resultList;
    } else if (VIEW_NUMBER_OF_MESSAGES.equals(name)) {
        CounterProcessor<RecordHistory> counter = new CounterProcessor<>();
        processHttpMessages(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), counter);
        result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
    } else if (VIEW_MODE.equals(name)) {
        result = new ApiResponseElement(name, Control.getSingleton().getMode().name());
    } else if (VIEW_VERSION.equals(name)) {
        result = new ApiResponseElement(name, Constant.PROGRAM_VERSION);
    } else if (VIEW_EXCLUDED_FROM_PROXY.equals(name)) {
        result = new ApiResponseList(name);
        List<String> regexs = session.getExcludeFromProxyRegexs();
        for (String regex : regexs) {
            ((ApiResponseList) result).addItem(new ApiResponseElement("regex", regex));
        }
    } else if (VIEW_HOME_DIRECTORY.equals(name)) {
        result = new ApiResponseElement(name, Model.getSingleton().getOptionsParam().getUserDirectory().getAbsolutePath());
    } else if (VIEW_SESSION_LOCATION.equals(name)) {
        result = new ApiResponseElement(name, session.getFileName());
    } else if (VIEW_PROXY_CHAIN_EXCLUDED_DOMAINS.equals(name) || VIEW_OPTION_PROXY_EXCLUDED_DOMAINS.equals(name) || VIEW_OPTION_PROXY_CHAIN_SKIP_NAME.equals(name)) {
        result = proxyChainExcludedDomainsToApiResponseList(name, Model.getSingleton().getOptionsParam().getConnectionParam().getProxyExcludedDomains(), false);
    } else if (VIEW_OPTION_PROXY_EXCLUDED_DOMAINS_ENABLED.equals(name)) {
        result = proxyChainExcludedDomainsToApiResponseList(name, Model.getSingleton().getOptionsParam().getConnectionParam().getProxyExcludedDomains(), true);
    } else {
        throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    return result;
}
Also used : HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) List(java.util.List) ArrayList(java.util.ArrayList) RecordHistory(org.parosproxy.paros.db.RecordHistory) SiteNode(org.parosproxy.paros.model.SiteNode) Enumeration(java.util.Enumeration) RecordAlert(org.parosproxy.paros.db.RecordAlert) TableAlert(org.parosproxy.paros.db.TableAlert) Alert(org.parosproxy.paros.core.scanner.Alert) RecordAlert(org.parosproxy.paros.db.RecordAlert) ExtensionAlert(org.zaproxy.zap.extension.alert.ExtensionAlert) TableAlert(org.parosproxy.paros.db.TableAlert) TableHistory(org.parosproxy.paros.db.TableHistory) DatabaseException(org.parosproxy.paros.db.DatabaseException) Session(org.parosproxy.paros.model.Session)

Example 23 with Alert

use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.

the class PopupMenuShowAlerts method isButtonEnabledForHistoryReference.

@Override
public boolean isButtonEnabledForHistoryReference(HistoryReference href) {
    List<Alert> alerts;
    if (href.getSiteNode() != null) {
        alerts = href.getSiteNode().getAlerts();
    } else {
        alerts = href.getAlerts();
    }
    URI hrefURI = href.getURI();
    List<PopupMenuShowAlert> alertList = new ArrayList<>(alerts.size());
    for (Alert alert : alerts) {
        // Just show ones for this node
        if (hrefURI != null && !alert.getUri().equals(hrefURI.toString())) {
            continue;
        }
        final PopupMenuShowAlert menuItem = new PopupMenuShowAlert(alert.getName(), alert);
        menuItem.setIcon(alert.getIcon());
        alertList.add(menuItem);
    }
    Collections.sort(alertList);
    for (PopupMenuShowAlert pmsa : alertList) {
        this.add(pmsa);
    }
    return (alertList.size() > 0);
}
Also used : ArrayList(java.util.ArrayList) Alert(org.parosproxy.paros.core.scanner.Alert) URI(org.apache.commons.httpclient.URI)

Example 24 with Alert

use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.

the class ExtensionAlert method refreshAlert.

private void refreshAlert(Session session) throws DatabaseException {
    if (Constant.isLowMemoryOptionSet()) {
        return;
    }
    SiteMap siteTree = this.getModel().getSession().getSiteTree();
    TableAlert tableAlert = getModel().getDb().getTableAlert();
    // TODO this doesnt work, but should be used when its fixed :/
    //Vector<Integer> v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
    Vector<Integer> v = tableAlert.getAlertList();
    final ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
    for (int i = 0; i < v.size(); i++) {
        int alertId = v.get(i).intValue();
        RecordAlert recAlert = tableAlert.read(alertId);
        int historyId = recAlert.getHistoryId();
        HistoryReference historyReference = null;
        if (extensionHistory != null) {
            historyReference = extensionHistory.getHistoryReference(historyId);
        }
        if (historyReference == null) {
            historyReference = this.hrefs.get(Integer.valueOf(historyId));
        }
        Alert alert;
        if (historyReference != null) {
            alert = new Alert(recAlert, historyReference);
        } else {
            alert = new Alert(recAlert);
        }
        historyReference = alert.getHistoryRef();
        if (historyReference != null) {
            // The ref can be null if hrefs are purged
            addAlertToTree(alert);
            Integer key = Integer.valueOf(historyId);
            if (!hrefs.containsKey(key)) {
                this.hrefs.put(key, alert.getHistoryRef());
            }
        }
    }
    siteTree.nodeStructureChanged((SiteNode) siteTree.getRoot());
}
Also used : HistoryReference(org.parosproxy.paros.model.HistoryReference) TableAlert(org.parosproxy.paros.db.TableAlert) SiteMap(org.parosproxy.paros.model.SiteMap) ExtensionHistory(org.parosproxy.paros.extension.history.ExtensionHistory) Alert(org.parosproxy.paros.core.scanner.Alert) RecordAlert(org.parosproxy.paros.db.RecordAlert) TableAlert(org.parosproxy.paros.db.TableAlert) RecordAlert(org.parosproxy.paros.db.RecordAlert)

Example 25 with Alert

use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.

the class ExtensionAlert method getXml.

@Override
public String getXml(SiteNode site) {
    StringBuilder xml = new StringBuilder();
    xml.append("<alerts>");
    List<Alert> alerts = site.getAlerts();
    SortedSet<String> handledAlerts = new TreeSet<String>();
    for (int i = 0; i < alerts.size(); i++) {
        Alert alert = alerts.get(i);
        if (alert.getConfidence() != Alert.CONFIDENCE_FALSE_POSITIVE) {
            if (this.getAlertParam().isMergeRelatedIssues()) {
                String fingerprint = alertFingerprint(alert);
                if (handledAlerts.add(fingerprint)) {
                    // Its a new one
                    // Build up the full set of details
                    StringBuilder sb = new StringBuilder();
                    sb.append("  <instances>\n");
                    int count = 0;
                    for (int j = i; j < alerts.size(); j++) {
                        // Deliberately include i!
                        Alert alert2 = alerts.get(j);
                        if (fingerprint.equals(alertFingerprint(alert2))) {
                            if (this.getAlertParam().getMaximumInstances() == 0 || count < this.getAlertParam().getMaximumInstances()) {
                                sb.append("  <instance>\n");
                                sb.append(alert2.getUrlParamXML());
                                sb.append("  </instance>\n");
                            }
                            count++;
                        }
                    }
                    sb.append("  </instances>\n");
                    sb.append("  <count>");
                    sb.append(count);
                    sb.append("</count>\n");
                    xml.append(alert.toPluginXML(sb.toString()));
                }
            } else {
                String urlParamXML = alert.getUrlParamXML();
                xml.append(alert.toPluginXML(urlParamXML));
            }
        }
    }
    xml.append("</alerts>");
    return xml.toString();
}
Also used : TreeSet(java.util.TreeSet) Alert(org.parosproxy.paros.core.scanner.Alert) RecordAlert(org.parosproxy.paros.db.RecordAlert) TableAlert(org.parosproxy.paros.db.TableAlert)

Aggregations

Alert (org.parosproxy.paros.core.scanner.Alert)37 Test (org.junit.Test)15 ArrayList (java.util.ArrayList)7 RecordAlert (org.parosproxy.paros.db.RecordAlert)7 TableAlert (org.parosproxy.paros.db.TableAlert)7 HistoryReference (org.parosproxy.paros.model.HistoryReference)6 SiteNode (org.parosproxy.paros.model.SiteNode)6 ExtensionAlert (org.zaproxy.zap.extension.alert.ExtensionAlert)5 DatabaseException (org.parosproxy.paros.db.DatabaseException)4 TreePath (javax.swing.tree.TreePath)3 DefaultMutableTreeNode (javax.swing.tree.DefaultMutableTreeNode)2 Session (org.parosproxy.paros.model.Session)2 SiteMap (org.parosproxy.paros.model.SiteMap)2 AlertNode (org.zaproxy.zap.extension.alert.AlertNode)2 Component (java.awt.Component)1 Dimension (java.awt.Dimension)1 HeadlessException (java.awt.HeadlessException)1 Point (java.awt.Point)1 MouseEvent (java.awt.event.MouseEvent)1 Enumeration (java.util.Enumeration)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial