Example 1 with Target
use of org.zaproxy.zap.model.Target in project zaproxy by zaproxy.
the class PopupContextTreeMenu method isEnableForComponent.
@Override
public boolean isEnableForComponent(Component invoker) {
if (invoker instanceof JTree && SiteMapPanel.CONTEXT_TREE_COMPONENT_NAME.equals(invoker.getName())) {
JTree contextTree = (JTree) invoker;
if (!isEnabledForMultipleContexts()) {
if (contextTree.getSelectionCount() < 2) {
this.setEnabled(true);
} else {
this.setEnabled(false);
return isEnabledForContext(getContextId());
}
}
SiteNode node = (SiteNode) contextTree.getLastSelectedPathComponent();
if (node == null || node.isRoot()) {
return false;
}
contextIds.clear();
// get all selected contexts as well
TreePath[] paths = contextTree.getSelectionPaths();
if (paths == null || paths.length == 0)
return false;
SiteNode[] nodes = Arrays.stream(paths).map(p -> (SiteNode) p.getLastPathComponent()).toArray(SiteNode[]::new);
// if only the root is selected no contexts are selected
if (nodes.length == 1 && nodes[0].isRoot())
return false;
Stream<Target> targets = Arrays.stream(nodes).map(n -> (Target) n.getUserObject());
contextIds.addAll(Arrays.asList(targets.map(t -> t.getContext().getId()).toArray(Integer[]::new)));
return isEnabledForContext(getContextId());
}
return false;
}
Also used :
Target(org.zaproxy.zap.model.Target)
Arrays(java.util.Arrays)
List(java.util.List)
Stream(java.util.stream.Stream)
SiteMapPanel(org.parosproxy.paros.view.SiteMapPanel)
TreePath(javax.swing.tree.TreePath)
ExtensionPopupMenuItem(org.parosproxy.paros.extension.ExtensionPopupMenuItem)
JTree(javax.swing.JTree)
Component(java.awt.Component)
SiteNode(org.parosproxy.paros.model.SiteNode)
ArrayList(java.util.ArrayList)
JTree(javax.swing.JTree)
Target(org.zaproxy.zap.model.Target)
TreePath(javax.swing.tree.TreePath)
SiteNode(org.parosproxy.paros.model.SiteNode)
Example 2 with Target
use of org.zaproxy.zap.model.Target in project zaproxy by zaproxy.
the class SiteMapPanel method getSelectedContext.
/**
* Returns the Context which is selected in the Site Map panel of the UI or {@code null} if
* nothing is selected or the selection is the root node.
*
* @return Context the context which is selected in the UI
* @since 2.7.0
*/
public Context getSelectedContext() {
SiteNode node = (SiteNode) treeContext.getLastSelectedPathComponent();
if (node == null || node.isRoot()) {
return null;
}
Target target = (Target) node.getUserObject();
if (target != null) {
return target.getContext();
}
return null;
}Example 3 with Target
use of org.zaproxy.zap.model.Target in project zaproxy by zaproxy.
the class ExtensionSpider method getMenuItemCustomScan.
private ZapMenuItem getMenuItemCustomScan() {
if (menuItemCustomScan == null) {
menuItemCustomScan = new ZapMenuItem("menu.tools.spider", getView().getMenuShortcutKeyStroke(KeyEvent.VK_S, KeyEvent.ALT_DOWN_MASK, false));
menuItemCustomScan.setEnabled(Control.getSingleton().getMode() != Mode.safe);
menuItemCustomScan.addActionListener(e -> showSpiderDialog((Target) null));
}
return menuItemCustomScan;
}
Also used :
Target(org.zaproxy.zap.model.Target)
ZapMenuItem(org.zaproxy.zap.view.ZapMenuItem)
Example 4 with Target
use of org.zaproxy.zap.model.Target in project zaproxy by zaproxy.
the class ExtensionSpider method startScanAllInScope.
/**
* Start scan all in scope.
*/
public void startScanAllInScope() {
Target target = new Target(true);
target.setRecurse(true);
this.startScan(target, null, null);
}
Also used :
Target(org.zaproxy.zap.model.Target)
Example 5 with Target
use of org.zaproxy.zap.model.Target in project zaproxy by zaproxy.
the class ActiveScanAPI method scanURL.
private int scanURL(String url, User user, boolean scanChildren, boolean scanJustInScope, String method, String postData, ScanPolicy policy, Context context) throws ApiException {
boolean useUrl = true;
if (url == null || url.isEmpty()) {
if (context == null || !context.hasNodesInContextFromSiteTree()) {
throw new ApiException(Type.MISSING_PARAMETER, PARAM_URL);
}
useUrl = false;
} else if (context != null && !context.isInContext(url)) {
throw new ApiException(Type.URL_NOT_IN_CONTEXT, PARAM_URL);
}
StructuralNode node = null;
if (useUrl) {
URI startURI;
try {
if (scanChildren && url.endsWith("/")) {
// Always choose the non leaf node if scanChildren option selected
url = url.substring(0, url.length() - 1);
}
startURI = new URI(url, true);
} catch (URIException e) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_URL, e);
}
String scheme = startURI.getScheme();
if (scheme == null || (!scheme.equalsIgnoreCase("http") && !scheme.equalsIgnoreCase("https"))) {
throw new ApiException(ApiException.Type.ILLEGAL_PARAMETER, PARAM_URL + " does not have a scheme.");
}
try {
Model model = Model.getSingleton();
node = SessionStructure.find(model, startURI, method, postData);
if (node == null && "GET".equalsIgnoreCase(method)) {
// Check if there's a non-leaf node that matches the URI, to scan the subtree.
// (GET is the default method, but non-leaf nodes do not have any method.)
node = SessionStructure.find(model, startURI, null, postData);
}
} catch (Exception e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e);
}
if (node == null) {
throw new ApiException(ApiException.Type.URL_NOT_FOUND);
}
}
Target target;
if (useUrl) {
target = new Target(node);
target.setContext(context);
} else {
target = new Target(context);
}
target.setRecurse(scanChildren);
target.setInScopeOnly(scanJustInScope);
switch(Control.getSingleton().getMode()) {
case safe:
throw new ApiException(ApiException.Type.MODE_VIOLATION);
case protect:
if ((useUrl && !Model.getSingleton().getSession().isInScope(url)) || (context != null && !context.isInScope())) {
throw new ApiException(ApiException.Type.MODE_VIOLATION);
}
// No problem
break;
case standard:
// No problem
break;
case attack:
// No problem
break;
}
Object[] objs = new Object[] {};
if (policy != null) {
objs = new Object[] { policy };
}
return controller.startScan(null, target, user, objs);
}
Also used :
StructuralNode(org.zaproxy.zap.model.StructuralNode)
Target(org.zaproxy.zap.model.Target)
URIException(org.apache.commons.httpclient.URIException)
Model(org.parosproxy.paros.model.Model)
JSONObject(net.sf.json.JSONObject)
URI(org.apache.commons.httpclient.URI)
URIException(org.apache.commons.httpclient.URIException)
PatternSyntaxException(java.util.regex.PatternSyntaxException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
JSONException(net.sf.json.JSONException)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Aggregations
Target (org.zaproxy.zap.model.Target)25
SiteNode (org.parosproxy.paros.model.SiteNode)9
ArrayList (java.util.ArrayList)4
ImageIcon (javax.swing.ImageIcon)3
JButton (javax.swing.JButton)3
TreePath (javax.swing.tree.TreePath)3
URI (org.apache.commons.httpclient.URI)3
Context (org.zaproxy.zap.model.Context)3
StructuralNode (org.zaproxy.zap.model.StructuralNode)3
GridBagLayout (java.awt.GridBagLayout)2
Insets (java.awt.Insets)2
ActionEvent (java.awt.event.ActionEvent)2
ActionListener (java.awt.event.ActionListener)2
HashMap (java.util.HashMap)2
JPanel (javax.swing.JPanel)2
JTree (javax.swing.JTree)2
JSONObject (net.sf.json.JSONObject)2
URIException (org.apache.commons.httpclient.URIException)2
Event (org.zaproxy.zap.eventBus.Event)2
ApiException (org.zaproxy.zap.extension.api.ApiException)2
