Examples with ExtensionScript org.zaproxy.zap.extension.script.ExtensionScript used on opensource projects

Example 1 with ExtensionScript

use of org.zaproxy.zap.extension.script.ExtensionScript in project zaproxy by zaproxy.

the class OptionsVariantPanel method initParam.

/**
     * Initialises the panel (that is, the options shown in it) with the given options.
     *
     * @param param the options to initialise the panel
     */
public void initParam(ScannerParam param) {
    // Set targets and RPC selections
    int targets = param.getTargetParamsInjectable();
    this.getChkInjectableQueryString().setSelected((targets & ScannerParam.TARGET_QUERYSTRING) != 0);
    this.getChkInjectableUrlPath().setSelected((targets & ScannerParam.TARGET_URLPATH) != 0);
    this.getChkInjectablePostData().setSelected((targets & ScannerParam.TARGET_POSTDATA) != 0);
    this.getChkInjectableHeaders().setSelected((targets & ScannerParam.TARGET_HTTPHEADERS) != 0);
    this.getChkInjectableHeadersAllRequests().setSelected(param.isScanHeadersAllRequests());
    this.getChkInjectableHeadersAllRequests().setEnabled(getChkInjectableHeaders().isSelected());
    this.getChkInjectableCookie().setSelected((targets & ScannerParam.TARGET_COOKIE) != 0);
    int rpcEnabled = param.getTargetParamsEnabledRPC();
    this.getChkRPCMultipart().setSelected((rpcEnabled & ScannerParam.RPC_MULTIPART) != 0);
    this.getChkRPCXML().setSelected((rpcEnabled & ScannerParam.RPC_XML) != 0);
    this.getChkRPCJSON().setSelected((rpcEnabled & ScannerParam.RPC_JSON) != 0);
    this.getChkRPCGWT().setSelected((rpcEnabled & ScannerParam.RPC_GWT) != 0);
    this.getChkRPCoData().setSelected((rpcEnabled & ScannerParam.RPC_ODATA) != 0);
    this.getChkRPCDWR().setSelected((rpcEnabled & ScannerParam.RPC_DWR) != 0);
    this.getChkRPCCustom().setSelected((rpcEnabled & ScannerParam.RPC_CUSTOM) != 0);
    ExtensionScript extension = (ExtensionScript) Control.getSingleton().getExtensionLoader().getExtension(ExtensionScript.NAME);
    this.getChkRPCCustom().setEnabled((extension != null));
    this.getExcludedParameterModel().setTokens(param.getExcludedParamList());
}

Example 2 with ExtensionScript

use of org.zaproxy.zap.extension.script.ExtensionScript in project zaproxy by zaproxy.

the class ExtensionActiveScan method hook.

@Override
public void hook(ExtensionHook extensionHook) {
    super.hook(extensionHook);
    attackModeScanner = new AttackModeScanner(this);
    if (getView() != null) {
        extensionHook.getHookMenu().addAnalyseMenuItem(getMenuItemPolicy());
        extensionHook.getHookMenu().addToolsMenuItem(getMenuItemCustomScan());
        extensionHook.getHookMenu().addPopupMenuItem(getPopupMenuActiveScanCustomWithContext());
        extensionHook.getHookView().addStatusPanel(getActiveScanPanel());
        extensionHook.getHookView().addOptionPanel(getOptionsScannerPanel());
        extensionHook.getHookView().addOptionPanel(getOptionsVariantPanel());
        extensionHook.getHookView().addMainToolBarComponent(this.getPolicyButton());
        getView().getMainFrame().getMainFooterPanel().addFooterToolbarRightLabel(attackModeScanner.getScanStatus().getCountLabel());
        ExtensionHelp.enableHelpKey(getActiveScanPanel(), "ui.tabs.ascan");
    }
    extensionHook.addSessionListener(this);
    extensionHook.addOptionsParamSet(getScannerParam());
    // TODO this isn't currently implemented
    // extensionHook.addCommandLine(getCommandLineArguments());
    ExtensionScript extScript = Control.getSingleton().getExtensionLoader().getExtension(ExtensionScript.class);
    if (extScript != null) {
        extScript.registerScriptType(new ScriptType(SCRIPT_TYPE_ACTIVE, "ascan.scripts.type.active", createIcon("script-ascan.png"), true));
        extScript.registerScriptType(new ScriptType(SCRIPT_TYPE_VARIANT, "variant.scripts.type.variant", createIcon("script-variant.png"), true));
    }
    this.ascanController.setExtAlert(Control.getSingleton().getExtensionLoader().getExtension(ExtensionAlert.class));
    this.activeScanApi = new ActiveScanAPI(this);
    this.activeScanApi.addApiOptions(getScannerParam());
    extensionHook.addApiImplementor(activeScanApi);
}

Example 3 with ExtensionScript

use of org.zaproxy.zap.extension.script.ExtensionScript in project zaproxy by zaproxy.

the class ExtensionPassiveScan method hook.

@Override
public void hook(ExtensionHook extensionHook) {
    super.hook(extensionHook);
    extensionHook.addOptionsParamSet(getPassiveScanParam());
    extensionHook.addProxyListener(getPassiveScanThread());
    extensionHook.addSessionListener(this);
    if (getView() != null) {
        extensionHook.getHookView().addOptionPanel(getPassiveScannerOptionsPanel());
        extensionHook.getHookView().addOptionPanel(getOptionsPassiveScan(getPassiveScanThread()));
        extensionHook.getHookView().addOptionPanel(getPolicyPanel());
        getView().getMainFrame().getMainFooterPanel().addFooterToolbarRightLabel(getScanStatus().getCountLabel());
    }
    ExtensionScript extScript = Control.getSingleton().getExtensionLoader().getExtension(ExtensionScript.class);
    if (extScript != null) {
        extScript.registerScriptType(new ScriptType(SCRIPT_TYPE_PASSIVE, "pscan.scripts.type.passive", createScriptIcon(), true));
    }
    extensionHook.addApiImplementor(new PassiveScanAPI(this));
}

Example 4 with ExtensionScript

use of org.zaproxy.zap.extension.script.ExtensionScript in project zaproxy by zaproxy.

the class VariantCustomUnitTest method shouldReturnNullLeafNameWithDisabledScript.

@Test
void shouldReturnNullLeafNameWithDisabledScript() throws Exception {
    // Given
    ScriptWrapper scriptWrapper = mock(ScriptWrapper.class);
    given(scriptWrapper.isEnabled()).willReturn(false);
    String nodeName = "name";
    String expectedName = "newname";
    ExtensionScript extScript = mock(ExtensionScript.class);
    VariantScript variantScript = mock(VariantScript.class);
    given(extScript.getInterface(scriptWrapper, VariantScript.class)).willReturn(variantScript);
    VariantCustom variantCustom = new VariantCustom(scriptWrapper, extScript);
    HttpMessage msg = mock(HttpMessage.class);
    given(variantScript.getLeafName(variantCustom, nodeName, msg)).willReturn(expectedName);
    // When
    String name = variantCustom.getLeafName(nodeName, msg);
    // Then
    assertThat(name, is(equalTo(null)));
}

Example 5 with ExtensionScript

use of org.zaproxy.zap.extension.script.ExtensionScript in project zaproxy by zaproxy.

the class VariantCustomUnitTest method shouldReturnNullTreePathWithScriptException.

@Test
void shouldReturnNullTreePathWithScriptException() throws Exception {
    // Given
    ScriptWrapper scriptWrapper = mock(ScriptWrapper.class);
    String expectedPath = "newpath";
    List<String> list = new ArrayList<>();
    list.add(expectedPath);
    ExtensionScript extScript = mock(ExtensionScript.class);
    VariantScript variantScript = mock(VariantScript.class);
    given(extScript.getInterface(scriptWrapper, VariantScript.class)).willReturn(variantScript);
    VariantCustom variantCustom = new VariantCustom(scriptWrapper, extScript);
    HttpMessage msg = mock(HttpMessage.class);
    given(variantScript.getTreePath(variantCustom, msg)).willThrow(RuntimeException.class);
    // When
    List<String> path = variantCustom.getTreePath(msg);
    // Then
    assertThat(path, is(equalTo(null)));
}