Merge pull request #6 from RUB-NDS/updateScanner

Updated TLS-Scanner and TLS-Attacker versions

README.md

@@ -3,7 +3,7 @@
 The extension is based on the [TLS-Attacker](https://github.com/RUB-NDS/TLS-Attacker) and developed by the [Chair for Network and Data Security from the Ruhr-University Bochum](http://nds.rub.de/) to assist pentesters and security researchers in the evaluation of TLS Server configurations with [Burp Suite](https://portswigger.net/burp).
 
 ## Build
-To compile the extension from source, you need to have Java and Maven installed, as well as [TLS-Attacker](https://github.com/RUB-NDS/TLS-Attacker) in Version 2.9 and [TLS-Scanner](https://github.com/RUB-NDS/TLS-Scanner) in Version 2.7.
+To compile the extension from source, you need to have Java and Maven installed, as well as [TLS-Attacker](https://github.com/RUB-NDS/TLS-Attacker) in Version 3.3.1 and [TLS-Scanner](https://github.com/RUB-NDS/TLS-Scanner) in Version 3.0.2.
 ```bash
 $ mvn clean package
 ```

pom.xml

@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>de.rub.nds.tlsattacker</groupId>
     <artifactId>TLS-Attacker-BurpExtension</artifactId>
-    <version>1.1</version>
+    <version>1.2</version>
     <packaging>jar</packaging>
     <inceptionYear>2018</inceptionYear>
     <dependencies>
@@ -17,7 +17,7 @@
         <dependency>
                 <groupId>de.rub.nds.tlsscanner</groupId>
                 <artifactId>TLS-Scanner</artifactId>
-                <version>2.7</version>
+                <version>3.0.2</version>
         </dependency>
         <!-- Log4j API -->
         <dependency>

src/main/java/de/rub/nds/burp/tlsattacker/gui/UIScanHistory.form

@@ -85,7 +85,7 @@
           <Properties>
             <Property name="editable" type="boolean" value="false"/>
             <Property name="font" type="java.awt.Font" editor="org.netbeans.beaninfo.editors.FontEditor">
-              <Font name="Monospaced" size="12" style="0"/>
+              <Font name="Monospaced" size="14" style="0"/>
             </Property>
           </Properties>
         </Component>

src/main/java/de/rub/nds/burp/tlsattacker/gui/UIScanHistory.java

@@ -8,16 +8,14 @@
  */
 package de.rub.nds.burp.tlsattacker.gui;
 
-import de.rub.nds.burp.utilities.SiteReportPrinter;
+import de.rub.nds.burp.utilities.ANSIHelper;
 import de.rub.nds.burp.utilities.table.TableEntry;
 import de.rub.nds.burp.utilities.table.TableModel;
 import de.rub.nds.tlsscanner.config.ScannerConfig;
 import de.rub.nds.tlsscanner.report.SiteReport;
 import java.awt.Toolkit;
 import java.awt.datatransfer.Clipboard;
 import java.awt.datatransfer.StringSelection;
-import java.awt.event.MouseAdapter;
-import java.awt.event.MouseEvent;
 import javax.swing.JTable;
 import javax.swing.ListSelectionModel;
 import javax.swing.event.ListSelectionEvent;
@@ -64,7 +62,7 @@ private void initComponents() {
         jLabel2.setText("Report:");
 
         jTextPaneResult.setEditable(false);
-        jTextPaneResult.setFont(new java.awt.Font("Monospaced", 0, 12)); // NOI18N
+        jTextPaneResult.setFont(new java.awt.Font("Monospaced", 0, 14)); // NOI18N
         jScrollPane2.setViewportView(jTextPaneResult);
 
         jButtonCopy.setText("Copy");
@@ -133,8 +131,8 @@ private void initTable() {
             public void valueChanged(ListSelectionEvent lse) {
                 SiteReport report = tableModel.getTableList().get(table.getSelectedRow()).getSiteReport();
                 ScannerConfig config = tableModel.getTableList().get(table.getSelectedRow()).getConfig();
-                SiteReportPrinter printer = new SiteReportPrinter(jTextPaneResult, report, config.getReportDetail());
-                printer.printFullReport();
+                String fullReport = report.getFullReport(config.getReportDetail(), !config.isNoColor());
+                jTextPaneResult.setStyledDocument(ANSIHelper.getStyledDocument(fullReport));
                 jTextPaneResult.setCaretPosition(0);
             }
         });

src/main/java/de/rub/nds/burp/tlsattacker/gui/UIScanner.form

@@ -267,7 +267,7 @@
           <Properties>
             <Property name="editable" type="boolean" value="false"/>
             <Property name="font" type="java.awt.Font" editor="org.netbeans.beaninfo.editors.FontEditor">
-              <Font name="Monospaced" size="12" style="0"/>
+              <Font name="Monospaced" size="14" style="0"/>
             </Property>
           </Properties>
         </Component>

src/main/java/de/rub/nds/burp/tlsattacker/gui/UIScanner.java

@@ -10,7 +10,7 @@
 
 import burp.IContextMenuFactory;
 import burp.IContextMenuInvocation;
-import de.rub.nds.burp.utilities.SiteReportPrinter;
+import de.rub.nds.burp.utilities.ANSIHelper;
 import de.rub.nds.tlsattacker.core.config.delegate.GeneralDelegate;
 import de.rub.nds.tlsattacker.core.constants.StarttlsType;
 import de.rub.nds.tlsscanner.TlsScanner;
@@ -145,7 +145,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) {
         });
 
         jTextPaneResult.setEditable(false);
-        jTextPaneResult.setFont(new java.awt.Font("Monospaced", 0, 12)); // NOI18N
+        jTextPaneResult.setFont(new java.awt.Font("Monospaced", 0, 14)); // NOI18N
         jScrollPaneResult.setViewportView(jTextPaneResult);
 
         jCheckBoxStarTls.setText("Scan STARTTLS:");
@@ -363,13 +363,13 @@ private void jButtonScanActionPerformed(java.awt.event.ActionEvent evt) {//GEN-F
         ScannerConfig config = new ScannerConfig(new GeneralDelegate());
         config.getClientDelegate().setHost(jTextFieldHost.getText());
         config.setNoColor(jCheckBoxNoColor.isSelected());
-        config.setThreads(4);
-        config.setAggroLevel(100);
+        config.setParallelProbes(4);
+        config.setOverallThreads(100);
         config.setTimeout(1000);
         if(!jCheckBoxDefaultSetting.isSelected()) {
             config.setDangerLevel(Integer.parseInt((String) jComboBoxDangerLevel.getSelectedItem()));
-            config.setThreads(Integer.parseInt(jTextFieldParallelProbes.getText()));
-            config.setAggroLevel(Integer.parseInt(jTextFieldOverallThreads.getText()));
+            config.setParallelProbes(Integer.parseInt(jTextFieldParallelProbes.getText()));
+            config.setOverallThreads(Integer.parseInt(jTextFieldOverallThreads.getText()));
             config.setTimeout(Integer.parseInt(jTextFieldTimeout.getText()));
             config.setReportDetail(ScannerDetail.valueOf((String) jComboBoxReportDetail.getSelectedItem()));
             config.setScanDetail(ScannerDetail.valueOf((String) jComboBoxScanDetail.getSelectedItem()));
@@ -378,7 +378,7 @@ private void jButtonScanActionPerformed(java.awt.event.ActionEvent evt) {//GEN-F
             config.getStarttlsDelegate().setStarttlsType(StarttlsType.valueOf((String) jComboBoxStarTLS.getSelectedItem()));
         }
         // Clarify scan start
-        jTextPaneResult.setText("Scanning " + config.getClientDelegate().getHost() + " - please be patient...");
+        jTextPaneResult.setStyledDocument(ANSIHelper.getStyledDocument("Scanning " + config.getClientDelegate().getHost() + " - please be patient..."));
         jButtonScan.setEnabled(false); 
         // Use SwingWorker to execute scan in backround
         SwingWorker<Boolean, Integer> worker = new SwingWorker<Boolean, Integer>() {           
@@ -397,18 +397,20 @@ protected void done() {
                 LOGGER.info("---------- Scan of {} finished ----------", config.getClientDelegate().getHost());
                 jButtonScan.setEnabled(true);  
                 // Print scan result
-                SiteReportPrinter printer = new SiteReportPrinter(jTextPaneResult, report, config.getReportDetail());
-                printer.printFullReport();
-                jTextPaneResult.setCaretPosition(0);
-                // Send config and report to scan history
-                if(report.getServerIsAlive()) {
+                if(report != null) {
+                    String fullReport = report.getFullReport(config.getReportDetail(), !config.isNoColor());
+                    jTextPaneResult.setStyledDocument(ANSIHelper.getStyledDocument(fullReport));
+                    jTextPaneResult.setCaretPosition(0);
+                    // Send config and report to scan history
                     scanHistory.add(config, report);
+                } else {
+                    jTextPaneResult.setStyledDocument(ANSIHelper.getStyledDocument("Scan of " + config.getClientDelegate().getHost() + " failed..."));
                 }
             }
         };
         worker.execute();
     }//GEN-LAST:event_jButtonScanActionPerformed
-
+    
     private void jButtonCopyActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButtonCopyActionPerformed
         String toCopy = jTextPaneResult.getText();
         StringSelection stringSelection = new StringSelection(toCopy);

src/main/java/de/rub/nds/burp/utilities/ANSIHelper.java

@@ -0,0 +1,179 @@
+/**
+ * TLS-Attacker-BurpExtension
+ * 
+ * Copyright 2018 Ruhr University Bochum / Hackmanit GmbH
+ * 
+ * Licensed under Apache License 2.0
+ * http://www.apache.org/licenses/LICENSE-2.0/
+ */
+package de.rub.nds.burp.utilities;
+
+import de.rub.nds.tlsscanner.constants.AnsiColor;
+import java.awt.Color;
+import javax.swing.text.BadLocationException;
+import javax.swing.text.DefaultStyledDocument;
+import javax.swing.text.SimpleAttributeSet;
+import javax.swing.text.StyleConstants;
+import javax.swing.text.StyledDocument;
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * Printer for the SiteReport.
+ * 
+ * @author Nurullah Erinola
+ */
+public class ANSIHelper {
+
+    // self defined colors
+    private static final Color LIGHT_ORANGE = new Color(255, 153, 0);
+    private static final Color DARK_RED = new Color(204, 0, 0);
+    private static final Color DARK_BLUE = new Color(0, 0, 204);
+    private static final Color DARK_GREEN = new Color(0, 153, 0);
+    private static final Color DARK_VIOLET = new Color(148,0,211);
+
+    private static final String ANSI_START = "\u001B[";
+    private static final String ANSI_END = "m";
+
+    public static StyledDocument getStyledDocument(String report) {
+        StyledDocument document = new DefaultStyledDocument();
+        SimpleAttributeSet attributes = new SimpleAttributeSet();
+
+        int currentPos = 0; // current char position in report
+        int startIndex = 0; // start of escape sequence
+        int endIndex = 0; // end of escape sequence
+
+        String tmp = "";
+
+        if (report.length() > 0) {
+            // Search start of escape sequence
+            startIndex = report.indexOf(ANSI_START);
+            // No escape sequence found, print all
+            if (startIndex == -1) {
+                append(document, attributes, report);
+                return document;
+            }
+            // Escape sequence is not first char, print all text to escape sequence
+            if (startIndex > 0) {
+                tmp = report.substring(0, startIndex);
+                document = append(document, attributes, tmp);
+                currentPos = startIndex;
+            }
+
+            while (true) {
+                // Search the end of the escape sequence
+                endIndex = report.indexOf(ANSI_END, currentPos);
+
+                // End of escape sequence not found, print all
+                if (endIndex == -1) {
+                    document = append(document, attributes, report.substring(currentPos, report.length()));
+                    break;
+                // End of escape sequence found, parse
+                } else {
+                    tmp = report.substring(currentPos, endIndex+1);
+                    attributes = parseAndAdd(attributes, tmp);
+                    currentPos = endIndex+1;
+                }
+
+                // Search start of next escape sequence
+                startIndex = report.indexOf(ANSI_START, currentPos);
+
+                // No further escape sequence available, print all
+                if (startIndex == -1) {
+                    document = append(document, attributes, report.substring(currentPos, report.length()));
+                    break;
+                // Further escape sequence available, print substring between escape sequence
+                } else {
+                    document = append(document, attributes, report.substring(currentPos, startIndex));
+                    currentPos = startIndex;
+                }
+            }
+        }
+        return document;
+    }
+
+    private static String replaceTabs(String string) {
+        String[] splitted = string.split("\n", -1);
+        for(int i = 0; i < splitted.length; i++) {
+            int pos = splitted[i].indexOf("\t");
+            while(pos != -1) {
+                splitted[i] = splitted[i].replaceFirst("\t", StringUtils.repeat(" ", 8-(pos%8)));
+                pos = splitted[i].indexOf("\t");
+            }
+        }
+        return String.join("\n", splitted);
+    }
+
+    private static StyledDocument append(StyledDocument document, SimpleAttributeSet attributes, String toAppend) {
+        try {
+           document.insertString(document.getLength(), replaceTabs(toAppend), attributes);
+        } catch (BadLocationException exp) {
+
+        }
+        return document;
+    } 
+
+    private static SimpleAttributeSet parseAndAdd(SimpleAttributeSet attrSet, String ansi) {
+        switch(AnsiColor.getAnsiColor(ansi)) {
+            case RESET: 
+                attrSet = new SimpleAttributeSet();
+                break;        
+            case BLACK: 
+                attrSet.addAttribute(StyleConstants.Foreground, Color.BLACK);
+                break;
+            case RED: 
+                attrSet.addAttribute(StyleConstants.Foreground, DARK_RED);
+                break;
+            case GREEN: 
+                attrSet.addAttribute(StyleConstants.Foreground, DARK_GREEN);
+                break;
+            case YELLOW: 
+                attrSet.addAttribute(StyleConstants.Foreground, LIGHT_ORANGE);
+                break;
+            case BLUE: 
+                attrSet.addAttribute(StyleConstants.Foreground, DARK_BLUE);
+                break;
+            case PURPLE: 
+                attrSet.addAttribute(StyleConstants.Foreground, DARK_VIOLET);
+                break;
+            case CYAN: 
+                attrSet.addAttribute(StyleConstants.Foreground, Color.CYAN);
+                break;
+            case WHITE: 
+                attrSet.addAttribute(StyleConstants.Foreground, Color.WHITE);
+                break;
+            case BLACK_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, Color.BLACK);
+                break;
+            case RED_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, DARK_RED);
+                break;
+            case GREEN_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, DARK_GREEN);
+                break;
+            case YELLOW_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, LIGHT_ORANGE);
+                break;
+            case BLUE_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, DARK_BLUE);
+                break;
+            case PURPLE_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, DARK_VIOLET);
+                break;
+            case CYAN_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, Color.CYAN);
+                break;
+            case WHITE_BACKGROUND:
+                attrSet.addAttribute(StyleConstants.Background, Color.WHITE);
+                break;
+            case BOLD: 
+                attrSet.addAttribute(StyleConstants.CharacterConstants.Bold, Boolean.TRUE);
+                break;
+            case UNDERLINE: 
+                StyleConstants.setUnderline(attrSet, true);
+                break;
+            default: 
+                break;
+        }
+        return attrSet;
+    }
+}