Merge pull request #59 from joe-ds/main

Bambda to Filter Authenticated Requests
PortSwigger · Feb 6, 2024 · 5455561 · 5455561
2 parents b3a7c42 + 0976bbc
commit 5455561
Showing 1 changed file with 51 additions and 0 deletions.
diff --git a/Proxy/HTTP/FilterAuthenticated.bambda b/Proxy/HTTP/FilterAuthenticated.bambda
@@ -0,0 +1,51 @@
+/**
+ * Filters authenticated 200 OK requests in Proxy HTTP history. See four config values below.
+ *
+ * @author joe-ds (https://github.com/joe-ds)
+ **/
+
+var configNoFilter = true;        // If set to false, won't show JS, GIF, JPG, PNG, CSS.
+var configNotInScopeOnly = true;  // If set to false, won't show out-of-scope items.
+var sessionCookieName = "";       // If given, will look for a cookie with that name.
+var sessionCookieValue = "";      // If given, will check if cookie with sessionCookieName has this value.
+
+if (!requestResponse.hasResponse()) {
+    return false;
+}
+
+var request = requestResponse.request();
+var response = requestResponse.response();
+
+if (!response.isStatusCodeClass(StatusCodeClass.CLASS_2XX_SUCCESS)) {
+    return false;
+}
+
+var authHeader = request.hasHeader("Authorization");
+
+boolean sessionCookie = request.headerValue("Cookie") != null
+                            && !sessionCookieName.isEmpty()
+                            && request.hasParameter(sessionCookieName, HttpParameterType.COOKIE) 
+			                && (sessionCookieValue.isEmpty() || sessionCookieValue.equals(request.parameter(sessionCookieName, HttpParameterType.COOKIE).value()));
+
+var path = request.pathWithoutQuery().toLowerCase();
+var mimeType = requestResponse.mimeType();
+var filterDenyList = mimeType != MimeType.CSS
+ && mimeType != MimeType.IMAGE_UNKNOWN
+ && mimeType != MimeType.IMAGE_JPEG
+ && mimeType != MimeType.IMAGE_GIF
+ && mimeType != MimeType.IMAGE_PNG
+ && mimeType != MimeType.IMAGE_BMP
+ && mimeType != MimeType.IMAGE_TIFF
+ && mimeType != MimeType.UNRECOGNIZED
+ && mimeType != MimeType.SOUND
+ && mimeType != MimeType.VIDEO
+ && mimeType != MimeType.FONT_WOFF
+ && mimeType != MimeType.FONT_WOFF2
+ && mimeType != MimeType.APPLICATION_UNKNOWN
+ && !path.endsWith(".js")
+ && !path.endsWith(".gif")
+ && !path.endsWith(".jpg")
+ && !path.endsWith(".png")
+ && !path.endsWith(".css");
+
+return (authHeader || sessionCookie) && (configNoFilter || filterDenyList) && (configNotInScopeOnly || request.isInScope());