From c0627b92921b3514a94f48b0084befb8687a598d Mon Sep 17 00:00:00 2001 From: Manikandan-Raj Date: Sun, 29 Oct 2023 15:01:46 +0000 Subject: [PATCH 1/2] ATOR v3 - base64 encode/decode, OTP validation --- README.md | 11 +- config/v3/ator-export-demo1/app.text | 5 + config/v3/ator-export-demo1/export.json | 63 +++ config/v3/ator-export-demo2/app.text | 7 + config/v3/ator-export-demo2/export.json | 117 +++++ config/v3/ator-export-demo3/app.text | 5 + config/v3/ator-export-demo3/export.json | 446 ++++++++++++++++++ config/v3/ator-export-demo4/app.text | 4 + config/v3/ator-export-demo4/export.json | 198 ++++++++ pom.xml | 2 +- src/main/java/burp/BurpExtender.java | 4 +- src/main/java/burp/ExecuteATORMacro.java | 65 ++- src/main/java/burp/ExecuteDryRun.java | 69 ++- src/main/java/burp/MenuAllListener.java | 17 +- src/main/java/burp/ObtainPanel.java | 16 +- src/main/java/burp/SMSConfigurationPanel.java | 193 ++++++++ src/main/java/burp/SMSToFetchOTP.java | 233 +++++++++ src/main/java/burp/SetttingsTab.java | 3 + 18 files changed, 1443 insertions(+), 15 deletions(-) create mode 100644 config/v3/ator-export-demo1/app.text create mode 100644 config/v3/ator-export-demo1/export.json create mode 100644 config/v3/ator-export-demo2/app.text create mode 100644 config/v3/ator-export-demo2/export.json create mode 100644 config/v3/ator-export-demo3/app.text create mode 100644 config/v3/ator-export-demo3/export.json create mode 100644 config/v3/ator-export-demo4/app.text create mode 100644 config/v3/ator-export-demo4/export.json create mode 100644 src/main/java/burp/SMSConfigurationPanel.java create mode 100644 src/main/java/burp/SMSToFetchOTP.java diff --git a/README.md b/README.md index 140c2af..d8188f9 100755 --- a/README.md +++ b/README.md @@ -96,7 +96,16 @@ Idea : Record the Tiredful application request in BURP, configure the ATOR exten 8. Do the Step7 again and check the flow - This time extender will not invoke the steps because existing token is valid and so it uses that. - +## ATOR v3 +1. Base 64 encode/decode feature is added. This can be used in extraction layer. +2. OTP validation support + - mysms.com app needs to be configure for this feature. Register your mobile number with this application. And use the API key, password, sendername, key and phonenumber on ATOR Settings panel. +3. [CONFIG](config/v3) + - 3 apps are used here to showcase the demo. + - All the config files are shared. Take this as a reference and import it to get an understanding of how we can configure ATOR. + - This gives you an idea about how ATOR-v3 plugin solves the authentication issue which varies from simple to complex scenario's (OAuth based) +4. [V3 Binary](bin/ATOR-v3.0.0.jar) + - Please take this binary file for ATOR-v3 plugin. ## Built With * [SWING](https://javadoc.scijava.org/Java7/javax/swing/package-summary.html) - Used to add panel diff --git a/config/v3/ator-export-demo1/app.text b/config/v3/ator-export-demo1/app.text new file mode 100644 index 0000000..3488172 --- /dev/null +++ b/config/v3/ator-export-demo1/app.text @@ -0,0 +1,5 @@ +https://app.binder.com.au/ + +This application is used to show this simple flow. +- Login username and password should sent as ATOR Macro. And extract session token as base64 encode +- Use that extraction in all subsequent requests. diff --git a/config/v3/ator-export-demo1/export.json b/config/v3/ator-export-demo1/export.json new file mode 100644 index 0000000..abaf92e --- /dev/null +++ b/config/v3/ator-export-demo1/export.json @@ -0,0 +1,63 @@ +{ + "errorConditionReplacement": { + "TriggerCondition": { + "MainCondition": "condition-1", + "multipleerrorcondition": [] + }, + "ErrorConditionReplacementList": [ + { + "headerName": "Authorization:", + "selectedText": "ZNNlYTBmYTctODc5MC00YzAxLTg3NGQtNmRlYTY2ZWFhOWU2", + "ExtractionName": "session_token_res1", + "stopString": "Og==", + "startString": "asic ", + "Name": "rep_session_token_res1" + } + ] + }, + "obtainToken": { + "Ator": [ + { + "Comment": null, + "httpServiceport": 443, + "request": "POST \/authentication\/Sessions HTTP\/2\r\nHost: api.binder.works\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: application\/json, text\/plain, *\/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application\/json;charset=utf-8\r\nContent-Length: 72\r\nOrigin: https:\/\/app.binder.com.au\r\nDnt: 1\r\nReferer: https:\/\/app.binder.com.au\/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nTe: trailers\r\n\r\n{\"username\":\"testxyz@gmail.com\",\"clearTextPassword\":\"LasVegas123**\"}", + "Highlight": null, + "response": "HTTP\/2 201 Created\r\nDate: Wed, 04 Oct 2023 10:52:51 GMT\r\nContent-Type: application\/json; charset=utf-8\r\nContent-Length: 256\r\nCache-Control: no-store, must-revalidate, no-cache\r\nPragma: no-cache\r\nExpires: Wed, 04 Oct 2023 10:52:51 GMT\r\nServer: Microsoft-IIS\/10.0\r\nAccess-Control-Allow-Origin: https:\/\/app.binder.com.au\r\nAccess-Control-Allow-Credentials: true\r\nX-Aspnet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nX-Frame-Options: SAMEORIGIN\r\n\r\n{\r\n \"SessionToken\": \"fcea0fa7-8790-4c01-874d-6dea66eaa9e6\",\r\n \"UserId\": \"619011bc-caf5-47c9-b10f-503286bcff1d\",\r\n \"Username\": \"Manikandan\",\r\n \"_EdocxUserId\": \"9101800000000007208\",\r\n \"_NetworkName\": \"\",\r\n \"_NetworkId\": \"\",\r\n \"_NetworkPayload\": \"\"\r\n}", + "Host": "https:\/\/api.binder.works:443", + "Method": "POST", + "httpServiceprotocol": "https", + "MsgID": 1, + "URL": "\/authentication\/Sessions", + "httpServicehost": "api.binder.works" + } + ], + "Replacement": [], + "Extraction": [ + { + "isUrlDecode": "Base64 Encode", + "selectedtext": "fcea0fa7-8790-4c01-874d-6dea66eaa9e6", + "stopString": "\",\r ", + "startString": "SessionToken\": \"", + "MsgID": "1", + "Name": "session_token_res1" + } + ] + }, + "errorCondition": { + "request": "PATCH \/authentication\/CurrentUser HTTP\/2\r\nHost: api.binder.works\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: application\/json, text\/plain, *\/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nAuthorization: Basic ZNNlYTBmYTctODc5MC00YzAxLTg3NGQtNmRlYTY2ZWFhOWU2Og==\r\nSilentfail: false\r\nContent-Type: application\/json;charset=utf-8\r\nContent-Length: 60\r\nOrigin: https:\/\/app.binder.com.au\r\nDnt: 1\r\nReferer: https:\/\/app.binder.com.au\/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nTe: trailers\r\n\r\n{\"Name\":\"ManikandanTest\",\"Email\":\"\",\"Username\":\"Manikandan\"}", + "highlight": null, + "protocol": "https", + "port": 443, + "response": "HTTP\/2 440 Login Timeout\r\nDate: Wed, 04 Oct 2023 15:59:45 GMT\r\nContent-Type: application\/json; charset=utf-8\r\nContent-Length: 80\r\nCache-Control: private\r\nServer: Microsoft-IIS\/10.0\r\nAccess-Control-Allow-Origin: https:\/\/app.binder.com.au\r\nAccess-Control-Allow-Credentials: true\r\nX-Aspnet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nX-Frame-Options: SAMEORIGIN\r\n\r\n\"Session token dÃ\u0093ea0fa7-8790-4c01-874d-6dea66eaa9e6 is invalid or unrecognised\"", + "host": "api.binder.works", + "errorconditionlist": [ + { + "Category": "Status Code", + "Description": "ATOR will get trigger if Status Code as 440 in network flows", + "Value": "440", + "Name": "condition-1" + } + ], + "comment": null + } +} \ No newline at end of file diff --git a/config/v3/ator-export-demo2/app.text b/config/v3/ator-export-demo2/app.text new file mode 100644 index 0000000..1493443 --- /dev/null +++ b/config/v3/ator-export-demo2/app.text @@ -0,0 +1,7 @@ +https://www.catawiki.com + +This application is used two-step login sequence +- Username and password has been passed as login sequence. +- Two requests is been part of ATOR macro. +- Response of #req1 has to be extracted and replaced on #req2. +- Response of #req2 has to be extracted and kept that token in-memory. diff --git a/config/v3/ator-export-demo2/export.json b/config/v3/ator-export-demo2/export.json new file mode 100644 index 0000000..92c7881 --- /dev/null +++ b/config/v3/ator-export-demo2/export.json @@ -0,0 +1,117 @@ +{ + "errorConditionReplacement": { + "TriggerCondition": { + "MainCondition": "condition-1", + "multipleerrorcondition": [] + }, + "ErrorConditionReplacementList": [ + { + "headerName": "Cookie:", + "selectedText": "QWDe0aukkvS0a5Kk2GYy0BtRRecDUMEtSpkUEV6f66G2gfUSuucPbgH86pg4iZ9CAMTxnG4OVsSUVHjx05XotvL0e5q3Ahjg9WLyCc6FfZ1Cnfqg%2FzbAoZSH1R4wmznXS7UIa9297M3vWpF%2BEvKESW7YXN6KRg%3D%3D--NdUzbywUtiCMeFnQ--mgwUawve2n%2BK0k498D%2Fv2g%3D%3D", + "ExtractionName": "cwp_token_res2", + "stopString": "EOL", + "startString": "cw_p=", + "Name": "rep_cwp_token_res2" + } + ] + }, + "obtainToken": { + "Ator": [ + { + "Comment": null, + "httpServiceport": 443, + "request": "POST \/en\/accounts\/pre_session HTTP\/2\r\nHost: www.catawiki.com\r\nContent-Length: 413\r\n\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: application\/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: https:\/\/www.catawiki.com\/en\/\r\nContent-Type: application\/json\r\nOrigin: https:\/\/www.catawiki.com\r\nContent-Length: 2\r\nDnt: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nTe: trailers\r\n\r\n{}", + "Highlight": null, + "response": "HTTP\/2 200 OK\r\nContent-Type: application\/json; charset=utf-8\r\nX-Frame-Options: SAMEORIGIN\r\nX-Xss-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Download-Options: noopen\r\nX-Permitted-Cross-Domain-Policies: none\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nEtag: W\/\"a9647fc5b29572f9aaf834f335b8b602\"\r\nCache-Control: max-age=0, private, must-revalidate\r\nX-Request-Id: 1c89468\r\nContent-Security-Policy: child-src 'self' *.catawiki.com *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net blob: cdn.catawiki.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; connect-src * wss:\/\/*.catawiki.com wss:\/\/*.hotjar.com wss:\/\/*.pusher.com; default-src 'self' *.catawiki.com cdn.catawiki.net; font-src 'self' *.catawiki.com cdn.catawiki.net cdn.kustomerapp.com fonts.gstatic.com script.hotjar.com static.criteo.net; form-action 'self' *.catawiki.com www.facebook.com; frame-src *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; img-src * blob: data:; media-src *.catawiki.com cdn.catawiki.net cdn.builder.io videos.ctfassets.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.catawiki.com *.criteo.com amplify.outbrain.com assets.pinterest.com assets.zendesk.com bat.bing.com cdn.catawiki.net cdn4.userzoom.com connect.facebook.net google-analytics.com googleads.g.doubleclick.net js.stripe.com maps.googleapis.com platform.twitter.com s.pinimg.com script.hotjar.com cdn.kustomerapp.com snap.licdn.com ssl.google-analytics.com static.criteo.net static.hotjar.com tpc.googlesyndication.com w.usabilla.com widget.trustpilot.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.youtube.com www.gstatic.com www.recaptcha.net www.redditstatic.com; style-src 'self' 'unsafe-inline' *.catawiki.com cdn.catawiki.net fonts.googleapis.com; worker-src 'self' *.catawiki.com blob: cdn.catawiki.net\r\nDate: Wed, 04 Oct 2023 11:28:48 GMT\r\nContent-Length: 100\r\nSet-Cookie: cw_sid=065671a2bd5052e5da2d7dd770b7a34b8693ba4695b38196c464b18e811f87ce; domain=.catawiki.com; path=\/; secure; HttpOnly\r\nSet-Cookie: cw_p=oXKANvQ4sRqw%2BUZgRGCy0BsDAbq1D9%2Fk7JIVjq79csfYQTB8AnqFjGsBDLGWFBIIRF3lrwA0jQNWALOpKFFB2fvZ7yTA%2FOqZT%2Bw0o9DhxswvCDZhd3VGqIR2H48moINnPo2JQho6r5SFY0a8ob8Mho%2FVC3HV%2Fa2mtOU%3D--LnodjJZ4OZB2mMR6--EwxWidokSBVV0CH420fF7A%3D%3D; domain=.catawiki.com; path=\/; secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload\r\n\r\n{\"token\":\"rjdY8ub1p6fdcHpl8u8Z4aHCE+10Rl3eFmpCzU1GP96\/GXadJcYgDxlFoiVPjUiAoDgUF3ZByLxnlDIHgVm9qw==\"}", + "Host": "https:\/\/www.catawiki.com:443", + "Method": "POST", + "httpServiceprotocol": "https", + "MsgID": 1, + "URL": "\/en\/accounts\/pre_session", + "httpServicehost": "www.catawiki.com" + }, + { + "Comment": null, + "httpServiceport": 443, + "request": "POST \/en\/accounts\/signin HTTP\/2\r\nHost: www.catawiki.com\r\nCookie: cw_p=oXKANvQ4sRqw%2BUZgRGCy0BsDAbq1D9%2Fk7JIVjq79csfYQTB8AnqFjGsBDLGWFBIIRF3lrwA0jQNWALOpKFFB2fvZ7yTA%2FOqZT%2Bw0o9DhxswvCDZhd3VGqIR2H48moINnPo2JQho6r5SFY0a8ob8Mho%2FVC3HV%2Fa2mtOU%3D--LnodjJZ4OZB2mMR6--EwxWidokSBVV0CH420fF7A%3D%3D\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: application\/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: https:\/\/www.catawiki.com\/en\/\r\nContent-Type: application\/json\r\nX-Csrf-Token: rjdY8ub1p6fdcHpl8u8Z4aHCE+10Rl3eFmpCzU1GP96\/GXadJcYgDxlFoiVPjUiAoDgUF3ZByLxnlDIHgVm9qw==\r\nOrigin: https:\/\/www.catawiki.com\r\nContent-Length: 131\r\nDnt: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nTe: trailers\r\n\r\n{\"email\":\"textxyz@gmail.com\",\"password\":\"LasVegas123**\",\"remember_me\":false,\"funnel\":\"funnel_test\",\"call_to_action\":\"cta_test\"}", + "Highlight": null, + "response": "HTTP\/2 204 No Content\r\nX-Frame-Options: SAMEORIGIN\r\nX-Xss-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Download-Options: noopen\r\nX-Permitted-Cross-Domain-Policies: none\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nCache-Control: no-cache\r\nX-Request-Id: 1c8a5d0\r\nContent-Security-Policy: child-src 'self' *.catawiki.com *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net blob: cdn.catawiki.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; connect-src * wss:\/\/*.catawiki.com wss:\/\/*.hotjar.com wss:\/\/*.pusher.com; default-src 'self' *.catawiki.com cdn.catawiki.net; font-src 'self' *.catawiki.com cdn.catawiki.net cdn.kustomerapp.com fonts.gstatic.com script.hotjar.com static.criteo.net; form-action 'self' *.catawiki.com www.facebook.com; frame-src *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; img-src * blob: data:; media-src *.catawiki.com cdn.catawiki.net cdn.builder.io videos.ctfassets.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.catawiki.com *.criteo.com amplify.outbrain.com assets.pinterest.com assets.zendesk.com bat.bing.com cdn.catawiki.net cdn4.userzoom.com connect.facebook.net google-analytics.com googleads.g.doubleclick.net js.stripe.com maps.googleapis.com platform.twitter.com s.pinimg.com script.hotjar.com cdn.kustomerapp.com snap.licdn.com ssl.google-analytics.com static.criteo.net static.hotjar.com tpc.googlesyndication.com w.usabilla.com widget.trustpilot.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.youtube.com www.gstatic.com www.recaptcha.net www.redditstatic.com; style-src 'self' 'unsafe-inline' *.catawiki.com cdn.catawiki.net fonts.googleapis.com; worker-src 'self' *.catawiki.com blob: cdn.catawiki.net\r\nDate: Wed, 04 Oct 2023 11:29:21 GMT\r\nSet-Cookie: cw_sid=8400f14b9644fa91b30bd5e41cbfae87834e0566c649f81f635958f02560ecc3; domain=.catawiki.com; path=\/; secure; HttpOnly\r\nSet-Cookie: user_id=23054501; domain=catawiki.com; path=\/; secure\r\nSet-Cookie: user_name=user-b3518b3b9142; domain=catawiki.com; path=\/; secure\r\nSet-Cookie: logged_in=yes; domain=catawiki.com; path=\/; secure\r\nSet-Cookie: previously_logged_in=yes; domain=catawiki.com; path=\/; expires=Tue, 04 Oct 2033 11:29:21 GMT; secure\r\nSet-Cookie: cw_ab=Q1yvHmKpEe6SukpQdvbCzAAB; domain=.catawiki.com; path=\/; expires=Tue, 19 Jan 2038 03:14:07 GMT; secure\r\nSet-Cookie: cw_p=QWDe0auhkvS0a5Kk2GYy0BtRRecDUMEtSpkUEV6f66G2gfUSuucPbgH86pg4iZ9CAMTxnG4OVsSUVHjx05XotvL0e5q3Ahjg9WLyCc6FfZ1Cnfqg%2FzbAoZSH1R4wmznXS7UIa9297M3vWpF%2BEvKESW7YXN6KRg%3D%3D--NdUzbywUtiCMeFnQ--mgwUawve2n%2BK0k498D%2Fv2g%3D%3D; domain=.catawiki.com; path=\/; secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload\r\n\r\n", + "Host": "https:\/\/www.catawiki.com:443", + "Method": "POST", + "httpServiceprotocol": "https", + "MsgID": 2, + "URL": "\/en\/accounts\/signin", + "httpServicehost": "www.catawiki.com" + } + ], + "Replacement": [ + { + "ReplacementName": "rep_cwp_token_res1", + "selectedtext": "oXKANvQ4sRqw%2BUZgRGCy0BsDAbq1D9%2Fk7JIVjq79csfYQTB8AnqFjGsBDLGWFBIIRF3lrwA0jQNWALOpKFFB2fvZ7yTA%2FOqZT%2Bw0o9DhxswvCDZhd3VGqIR2H48moINnPo2JQho6r5SFY0a8ob8Mho%2FVC3HV%2Fa2mtOU%3D--LnodjJZ4OZB2mMR6--EwxWidokSBVV0CH420fF7A%3D%3D", + "RepalcementMsgID": "2", + "ExtractionName": "cwp_token_res1", + "stopString": "\r Use", + "startString": "cw_p=", + "ExtractionMsgID": "1" + }, + { + "ReplacementName": "rep_token_res1", + "selectedtext": "rjdY8ub1p6fdcHpl8u8Z4aHCE+10Rl3eFmpCzU1GP96\/GXadJcYgDxlFoiVPjUiAoDgUF3ZByLxnlDIHgVm9qw==", + "RepalcementMsgID": "2", + "ExtractionName": "token_res1", + "stopString": "\r Ori", + "startString": "Token: ", + "ExtractionMsgID": "" + } + ], + "Extraction": [ + { + "isUrlDecode": "NA", + "selectedtext": "oXKANvQ4sRqw%2BUZgRGCy0BsDAbq1D9%2Fk7JIVjq79csfYQTB8AnqFjGsBDLGWFBIIRF3lrwA0jQNWALOpKFFB2fvZ7yTA%2FOqZT%2Bw0o9DhxswvCDZhd3VGqIR2H48moINnPo2JQho6r5SFY0a8ob8Mho%2FVC3HV%2Fa2mtOU%3D--LnodjJZ4OZB2mMR6--EwxWidokSBVV0CH420fF7A%3D%3D", + "stopString": "; dom", + "startString": "cw_p=", + "MsgID": "1", + "Name": "cwp_token_res1" + }, + { + "isUrlDecode": "NA", + "selectedtext": "rjdY8ub1p6fdcHpl8u8Z4aHCE+10Rl3eFmpCzU1GP96\/GXadJcYgDxlFoiVPjUiAoDgUF3ZByLxnlDIHgVm9qw==", + "stopString": "\"", + "startString": "token\":\"", + "MsgID": "1", + "Name": "token_res1" + }, + { + "isUrlDecode": "NA", + "selectedtext": "QWDe0auhkvS0a5Kk2GYy0BtRRecDUMEtSpkUEV6f66G2gfUSuucPbgH86pg4iZ9CAMTxnG4OVsSUVHjx05XotvL0e5q3Ahjg9WLyCc6FfZ1Cnfqg%2FzbAoZSH1R4wmznXS7UIa9297M3vWpF%2BEvKESW7YXN6KRg%3D%3D--NdUzbywUtiCMeFnQ--mgwUawve2n%2BK0k498D%2Fv2g%3D%3D", + "stopString": "; dom", + "startString": "cw_p=", + "MsgID": "2", + "Name": "cwp_token_res2" + } + ] + }, + "errorCondition": { + "request": "PATCH \/accounts\/api\/v2\/users\/me HTTP\/2\r\nHost: www.catawiki.com\r\nCookie: cw_p=QWDe0aukkvS0a5Kk2GYy0BtRRecDUMEtSpkUEV6f66G2gfUSuucPbgH86pg4iZ9CAMTxnG4OVsSUVHjx05XotvL0e5q3Ahjg9WLyCc6FfZ1Cnfqg%2FzbAoZSH1R4wmznXS7UIa9297M3vWpF%2BEvKESW7YXN6KRg%3D%3D--NdUzbywUtiCMeFnQ--mgwUawve2n%2BK0k498D%2Fv2g%3D%3D\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: *\/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nPrefer: safe\r\nReferer: https:\/\/www.catawiki.com\/en\/accounts\/settings\/account\r\nX-Csrf-Token: FFFoPeR\/U08NG8HvOXaWEDHwQ0AAF+5IXaJ+E6rC6eWFIMNWr\/K8f6cHu3vx0ysOkeKXETjqX7XsdPhGBBJ\r\nContent-Type: application\/json\r\nOrigin: https:\/\/www.catawiki.com\r\nContent-Length: 64\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nTe: trailers\r\n\r\n{\"locale\":\"en\",\"first_name\":\"Manikandan\",\"last_name\":\"Rajappan\"}", + "highlight": null, + "protocol": "https", + "port": 443, + "response": "HTTP\/2 401 Unauthorized\r\nContent-Type: application\/json; charset=utf-8\r\nContent-Length: 98\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: child-src 'self' *.catawiki.com *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net blob: cdn.catawiki.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; connect-src * wss:\/\/*.catawiki.com wss:\/\/*.hotjar.com wss:\/\/*.pusher.com; default-src 'self' *.catawiki.com cdn.catawiki.net; font-src 'self' *.catawiki.com cdn.catawiki.net cdn.kustomerapp.com fonts.gstatic.com script.hotjar.com static.criteo.net; form-action 'self' *.catawiki.com www.facebook.com; frame-src *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; img-src * blob: data:; media-src *.catawiki.com cdn.catawiki.net cdn.builder.io videos.ctfassets.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.catawiki.com *.criteo.com amplify.outbrain.com assets.pinterest.com assets.zendesk.com bat.bing.com cdn.catawiki.net cdn4.userzoom.com connect.facebook.net google-analytics.com googleads.g.doubleclick.net js.stripe.com maps.googleapis.com platform.twitter.com s.pinimg.com script.hotjar.com cdn.kustomerapp.com snap.licdn.com ssl.google-analytics.com static.criteo.net static.hotjar.com tpc.googlesyndication.com w.usabilla.com widget.trustpilot.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.youtube.com www.gstatic.com www.recaptcha.net www.redditstatic.com; style-src 'self' 'unsafe-inline' *.catawiki.com cdn.catawiki.net fonts.googleapis.com; worker-src 'self' *.catawiki.com blob: cdn.catawiki.net\r\nDate: Wed, 04 Oct 2023 16:30:12 GMT\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload\r\n\r\n{\"error\":{\"code\":\"unauthorized_error\",\"message\":\"You are not authorized to perform this action.\"}}", + "host": "www.catawiki.com", + "errorconditionlist": [ + { + "Category": "Status Code", + "Description": "ATOR will get trigger if Status Code as 401 in network flows", + "Value": "401", + "Name": "condition-1" + }, + { + "Category": "Body", + "Description": "ATOR will get trigger if Body contains unauthorized_error in network flows", + "Value": "unauthorized_error", + "Name": "condition-2" + } + ], + "comment": null + } +} \ No newline at end of file diff --git a/config/v3/ator-export-demo3/app.text b/config/v3/ator-export-demo3/app.text new file mode 100644 index 0000000..9f306d8 --- /dev/null +++ b/config/v3/ator-export-demo3/app.text @@ -0,0 +1,5 @@ +https://www.catawiki.com + +- Facebook OAuth login has been used to get a token +- Multiple extraction and replacement has been configured within ATOR macro. +- Kept the final extracted token in-memory. Those are used in subsequent requests. \ No newline at end of file diff --git a/config/v3/ator-export-demo3/export.json b/config/v3/ator-export-demo3/export.json new file mode 100644 index 0000000..f1ca29a --- /dev/null +++ b/config/v3/ator-export-demo3/export.json @@ -0,0 +1,446 @@ +{ + "errorConditionReplacement": { + "TriggerCondition": { + "MainCondition": "condition-1", + "multipleerrorcondition": [] + }, + "ErrorConditionReplacementList": [ + { + "headerName": "Cookie:", + "selectedText": "detnBStF4wnxfdABH7g5h2fm7bP4PU%2BJH8z8gekDFv8Td7sRORRIlxydXbGZH6T5%2BqbqeG114KsM9zgkaSIdupome1o9wyN5NDmWhUXHFyicRfreucD55ohbgq3w8GPvLZRHvBAk6beb43DbisNYP5JhWodMjCS%2FkeJkPnaQsaUYg09C9%2FHYt82Umg6BiA1WOriHIldVWl3XN959eAtR6CO5erPF2hqn2uJICQ%3D%3D--Rt4GwKpIyS49FwBx--2ITzsLAuyem0yMzjYbuNUQ%3D%3D", + "ExtractionName": "cwp_token_final", + "stopString": "; use", + "startString": "cw_p=", + "Name": "rep_cwp_token_final" + } + ] + }, + "obtainToken": { + "Ator": [ + { + "Comment": null, + "httpServiceport": 443, + "request": "GET \/en\/accounts\/auth\/facebook HTTP\/2\r\nHost: www.catawiki.com\r\nContent-Length: 458\r\n\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,*\/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nPrefer: safe\r\nReferer: https:\/\/www.catawiki.com\/en\/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nTe: trailers\r\n\r\n", + "Highlight": null, + "response": "HTTP\/2 302 Found\r\nContent-Length: 274\r\nLocation: https:\/\/www.facebook.com\/v12.0\/dialog\/oauth?client_id=238226522900020&redirect_uri=https%3A%2F%2Fwww.catawiki.com%2Faccounts%2Fauth%2Ffacebook%2Fcallback&response_type=code&scope=email%2Cpublic_profile&state=5c0f97ff79069788193d3aa087deea7e3effcac35a36a609\r\nCache-Control: no-cache\r\nX-Request-Id: 1cd1626\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: child-src 'self' *.catawiki.com *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net blob: cdn.catawiki.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; connect-src * wss:\/\/*.catawiki.com wss:\/\/*.hotjar.com wss:\/\/*.pusher.com; default-src 'self' *.catawiki.com cdn.catawiki.net; font-src 'self' *.catawiki.com cdn.catawiki.net cdn.kustomerapp.com fonts.gstatic.com script.hotjar.com static.criteo.net; form-action 'self' *.catawiki.com www.facebook.com; frame-src *.catawiki.com *.criteo.com *.criteo.net 5139330.fls.doubleclick.net bid.g.doubleclick.net ct.pinterest.com js.stripe.com platform.twitter.com tpc.googlesyndication.com vars.hotjar.com www.facebook.com www.trustpilot.com www.youtube.com www.google.com www.recaptcha.net widget.trustpilot.com; img-src * blob: data:; media-src *.catawiki.com cdn.catawiki.net cdn.builder.io videos.ctfassets.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.catawiki.com *.criteo.com amplify.outbrain.com assets.pinterest.com assets.zendesk.com bat.bing.com cdn.catawiki.net cdn4.userzoom.com connect.facebook.net google-analytics.com googleads.g.doubleclick.net js.stripe.com maps.googleapis.com platform.twitter.com s.pinimg.com script.hotjar.com cdn.kustomerapp.com snap.licdn.com ssl.google-analytics.com static.criteo.net static.hotjar.com tpc.googlesyndication.com w.usabilla.com widget.trustpilot.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.youtube.com www.gstatic.com www.recaptcha.net www.redditstatic.com; style-src 'self' 'unsafe-inline' *.catawiki.com cdn.catawiki.net fonts.googleapis.com; worker-src 'self' *.catawiki.com blob: cdn.catawiki.net\r\nDate: Wed, 04 Oct 2023 12:02:11 GMT\r\nSet-Cookie: cw_sid=ca0c7e14d19034c8ac903d903e9e2f143197a3ad2ae74c9a22b3118ebaef931f; domain=.catawiki.com; path=\/; secure; HttpOnly\r\nSet-Cookie: cw_p=WC46tzZA0SZNP891JuYP0kZL7JL77pbM%2BchoAHzbHK0gQqKNEvu1mR8%2BP9LW8yYN86TglyoMEo36wqEUn%2FdKvS83Cpnb6RiblMZkHkuHtyx0tDUKLFnpUXMq92qpeEfs7qfJVFyKrhRDIcxjKpzo%2FApNI4TtGL70m1SlD1kGP%2Br9yhm6UbFeSrB3Q8cSjEK8VO30OqyVCQ20EFNnygAu1m74kExA%2Fzxe5CApkJ5s8YXJap9Ln5yD3K90OSXLxycO--KCs8J1t9t%2Bjs2fXs--sNJHBsajbBWwZ1hlDL7utg%3D%3D; domain=.catawiki.com; path=\/; secure; HttpOnly\r\nStrict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload\r\n\r\nRedirecting to https:\/\/www.facebook.com\/v12.0\/dialog\/oauth?client_id=238226522900020&redirect_uri=https%3A%2F%2Fwww.catawiki.com%2Faccounts%2Fauth%2Ffacebook%2Fcallback&response_type=code&scope=email%2Cpublic_profile&state=5c0f97ff79069788193d3aa087deea7e3effcac35a36a609...", + "Host": "https:\/\/www.catawiki.com:443", + "Method": "GET", + "httpServiceprotocol": "https", + "MsgID": 1, + "URL": "\/en\/accounts\/auth\/facebook", + "httpServicehost": "www.catawiki.com" + }, + { + "Comment": null, + "httpServiceport": 443, + "request": "GET \/v12.0\/dialog\/oauth?client_id=238226522900020&redirect_uri=https%3A%2F%2Fwww.catawiki.com%2Faccounts%2Fauth%2Ffacebook%2Fcallback&response_type=code&scope=email%2Cpublic_profile&state=5c0f97ff79069788193d3aa087deea7e3effcac35a36a609 HTTP\/2\r\nHost: www.facebook.com\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,*\/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nPrefer: safe\r\nReferer: https:\/\/www.catawiki.com\/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nSec-Fetch-User: ?1\r\nTe: trailers\r\n\r\n", + "Highlight": null, + "response": "HTTP\/2 302 Found\r\nSet-Cookie: sb=xlQdZZQQ-sf6PjaB-PHi6WBH; expires=Thu, 07-Nov-2024 12:04:22 GMT; Max-Age=34560000; path=\/; domain=.facebook.com; secure; httponly; SameSite=None\r\nLocation: https:\/\/www.facebook.com\/login.php?skip_api_login=1&api_key=238226522900020&kid_directed_site=0&app_id=238226522900020&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv12.0%2Fdialog%2Foauth%3Fclient_id%3D238226522900020%26redirect_uri%3Dhttps%253A%252F%252Fwww.catawiki.com%252Faccounts%252Fauth%252Ffacebook%252Fcallback%26response_type%3Dcode%26scope%3Demail%252Cpublic_profile%26state%3D5c0f97ff79069788193d3aa087deea7e3effcac35a36a609%26ret%3Dlogin%26fbapp_pres%3D0%26logger_id%3Daddcce99-fa9e-42c7-a497-32f1e89a76d4%26tp%3Dunspecified&cancel_url=https%3A%2F%2Fwww.catawiki.com%2Faccounts%2Fauth%2Ffacebook%2Fcallback%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%26state%3D5c0f97ff79069788193d3aa087deea7e3effcac35a36a609%23_%3D_&display=page&locale=en_GB&pl_dbl=0\r\nCross-Origin-Opener-Policy: unsafe-none\r\nFacebook-Api-Version: v12.0\r\nStrict-Transport-Security: max-age=15552000; preload\r\nContent-Type: text\/html; charset=\"utf-8\"\r\nX-Fb-Debug: EBZTYmFPL1hXbEGPxTeTWuSiz\/fsyPinfX57hwjMjO18qq8pvnCEq7Xy8Ytr9zX\/RLgMhrhhdPtyDEDFLq4kLQ==\r\nContent-Length: 0\r\nDate: Wed, 04 Oct 2023 12:04:22 GMT\r\nAlt-Svc: h3=\":443\"; ma=86400\r\n\r\n", + "Host": "https:\/\/www.facebook.com:443", + "Method": "GET", + "httpServiceprotocol": "https", + "MsgID": 2, + "URL": "\/v12.0\/dialog\/oauth", + "httpServicehost": "www.facebook.com" + }, + { + "Comment": null, + "httpServiceport": 443, + "request": "GET \/login.php?skip_api_login=1&api_key=238226522900020&kid_directed_site=0&app_id=238226522900020&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv12.0%2Fdialog%2Foauth%3Fclient_id%3D238226522900020%26redirect_uri%3Dhttps%253A%252F%252Fwww.catawiki.com%252Faccounts%252Fauth%252Ffacebook%252Fcallback%26response_type%3Dcode%26scope%3Demail%252Cpublic_profile%26state%3D5c0f97ff79069788193d3aa087deea7e3effcac35a36a609%26ret%3Dlogin%26fbapp_pres%3D0%26logger_id%3Daddcce99-fa9e-42c7-a497-32f1e89a76d4%26tp%3Dunspecified&cancel_url=https%3A%2F%2Fwww.catawiki.com%2Faccounts%2Fauth%2Ffacebook%2Fcallback%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%26state%3D5c0f97ff79069788193d3aa087deea7e3effcac35a36a609%23_%3D_&display=page&locale=en_GB&pl_dbl=0 HTTP\/2\r\nHost: www.facebook.com\r\nCookie: sb=xlQdZZQQ-sf6PjaB-PHi6WBH\r\nUser-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko\/20100101 Firefox\/102.0\r\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,*\/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nPrefer: safe\r\nReferer: https:\/\/www.catawiki.com\/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nSec-Fetch-User: ?1\r\nTe: trailers\r\n\r\n", + "Highlight": null, + "response": "HTTP\/2 200 OK\r\nVary: Accept-Encoding\r\nSet-Cookie: fr=0ocwDiwJl4QS5qjOE..BlHVUS.Pq.AAA.0.0.BlHVUS.AWUABxFtd1s; expires=Tue, 02-Jan-2024 12:05:38 GMT; Max-Age=7776000; path=\/; domain=.facebook.com; secure; httponly; SameSite=None\r\nReport-To: {\"max_age\":259200,\"endpoints\":[{\"url\":\"https:\\\/\\\/www.facebook.com\\\/ajax\\\/browser_error_reports\\\/?device_level=unknown\"}]}\r\nContent-Security-Policy: default-src data: blob: 'self' https:\/\/*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss:\/\/*.facebook.com:* wss:\/\/*.whatsapp.com:* wss:\/\/*.fbcdn.net attachment.fbsbx.com ws:\/\/localhost:* blob: *.cdninstagram.com 'self' http:\/\/localhost:3103 wss:\/\/gateway.facebook.com wss:\/\/edge-chat.facebook.com wss:\/\/snaptu-d.facebook.com wss:\/\/kaios-d.facebook.com\/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https:\/\/*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https:\/\/*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https:\/\/paywithmybank.com https:\/\/sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;\r\nDocument-Policy: force-load-at-top\r\nPermissions-Policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()\r\nCross-Origin-Resource-Policy: same-origin\r\nCross-Origin-Opener-Policy: unsafe-none\r\nPragma: no-cache\r\nCache-Control: private, no-cache, no-store, must-revalidate\r\nExpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 0\r\nX-Frame-Options: DENY\r\nStrict-Transport-Security: max-age=15552000; preload\r\nContent-Type: text\/html; charset=\"utf-8\"\r\nX-Fb-Debug: xK2Li4ebADD4DMCFpbm+HmNW8OnrTzR2cSOawvB47arpiUUSJvr9cYtK4RyhXIVWohAxuq1BPLWuMxDYrBNoYQ==\r\nDate: Wed, 04 Oct 2023 12:05:38 GMT\r\nAlt-Svc: h3=\":443\"; ma=86400\r\n\r\n\n\n