Script comunication with the alert object
71 views
Skip to first unread message
märio liny
Oct 3, 2021, 4:00:43 PM10/3/21
to OWASP ZAP User Group
Hi zaproxy Team,
first, thanks for the work you put into it, zaproxy has evolved a lot during the last years!
I've a question about scripting.
I want to be able to right click on a raised alert, and then print the result in the script console.
While the answer here https://stackoverflow.com/questions/49167651/can-i-access-to-alerts-object-of-owasp-zap works perfectly when printing details on all alarms, i'm trying to limit the results only on the alarm i'm right clicking on.
Does it make sense?
Is this possible?
Thanks again, and keep up the great work you're doing
Cristian
Simon Bennetts
Oct 4, 2021, 4:21:27 AM10/4/21
to OWASP ZAP User Group
Hi Cristian,
You can right click on URLs and run a script using Targeted Scripts. However these only work for URLs and not alerts :/
In theory we could extend them to support alerts as well, but that will take a bit of work and wouldn't be available until 2.12 at the earliest.
You will be able to do this using Extender Scripts but we dont appear to have any examples right now :/
In Java you can add a popup menu item to alerts by extending PopupMenuItemAlert - if you're comfortable reading Java then have a look at the classes which extend this and see if you can convert that code into one of the supported scripting languages. It will work but might take a bit of messing around.
Cheers,
Simon
märio liny
Oct 4, 2021, 5:16:27 AM10/4/21
to OWASP ZAP User Group
Thanks Simon,
I'm using Extender scripts, and "copy as curl command menu.js" as template.
I came up with this, but of course it gets only the first alert in the list (alerts[0]):
var popupmenuitemtype = Java.type("org.zaproxy.zap.view.popup.PopupMenuItemHistoryReferenceContainer");
var alertdet= new popupmenuitemtype("Get Alert Detail") {
performAction: function(href) {
invokeWith(href.getHttpMessage());
}
}
function install(helper) {
if (helper.getView()) {
helper.getView().getPopupMenu().addMenu(alertdet);
}
}
function uninstall(helper) {
if (helper.getView()) {
helper.getView().getPopupMenu().removeMenu(alertdet);
}
}
function invokeWith(msg) {
extAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(org.zaproxy.zap.extension.alert.ExtensionAlert.NAME)
var Alert = org.parosproxy.paros.core.scanner.Alert;
var alerts = extAlert.getAllAlerts()
var alert = alerts[0]
print(alert.uri)
print(alert.name)
}
var alertdet= new popupmenuitemtype("Get Alert Detail") {
performAction: function(href) {
invokeWith(href.getHttpMessage());
}
}
function install(helper) {
if (helper.getView()) {
helper.getView().getPopupMenu().addMenu(alertdet);
}
}
function uninstall(helper) {
if (helper.getView()) {
helper.getView().getPopupMenu().removeMenu(alertdet);
}
}
function invokeWith(msg) {
extAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(org.zaproxy.zap.extension.alert.ExtensionAlert.NAME)
var Alert = org.parosproxy.paros.core.scanner.Alert;
var alerts = extAlert.getAllAlerts()
var alert = alerts[0]
print(alert.uri)
print(alert.name)
}
Cristian
kingthorin+owaspzap
Oct 4, 2021, 10:30:16 AM10/4/21
to OWASP ZAP User Group
You'd have to get the alerts tree and see what's selected then only print the details for the selected items as you walk the tree.
märio liny
Oct 4, 2021, 2:11:46 PM10/4/21
to OWASP ZAP User Group
Hi
any idea on how i can achieve that?
I'm reading all the possible JS/java code out there but still can't find what i should call.
Any help is very appreciated.
Cristian
kingthorin+owaspzap
Oct 4, 2021, 3:09:05 PM10/4/21
to OWASP ZAP User Group
Have a look at this code: It's used for counted selected alerts, so you could do basically the same thing but instead of counting get the alert and output the details:
kingthorin+owaspzap
Oct 4, 2021, 3:09:31 PM10/4/21
to OWASP ZAP User Group
counted > counting
märio liny
Oct 5, 2021, 11:31:31 AM10/5/21
to OWASP ZAP User Group
Hi again guys,
still struggling with this one.
Now i'm trying to use
javax.swing.JTree to access the tree, but seems i'm not able to do that properly
function invokeWith(msg) {
extAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(org.zaproxy.zap.extension.alert.ExtensionAlert.NAME)
extAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(org.zaproxy.zap.extension.alert.ExtensionAlert.NAME)
var Alert = org.zaproxy.zap.extension.alert;
var JTree = Java.type("javax.swing.JTree");
var tree = new(JTree);
print(tree)
var JTree = Java.type("javax.swing.JTree");
var tree = new(JTree);
print(tree)
}
output:
javax.swing.JTree[,0,0,0x0,invalid,alignmentX=0.0,alignmentY=0.0,border=com.formdev.flatlaf.ui.FlatEmptyBorder@75cfc82a,flags=16777576,maximumSize=,minimumSize=,preferredSize=,editable=false,invokesStopCellEditing=false,largeModel=false,rootVisible=true,rowHeight=0,scrollsOnExpand=true,showsRootHandles=false,toggleClickCount=2,visibleRowCount=20]
Not sure i shall try to convert JTree treeAlert = this.extAlert.getAlertPanel().getTreeAlert(); to JS somehow.
I'm completely lost.
Cristian
kingthorin+owaspzap
Oct 5, 2021, 12:48:16 PM10/5/21
to OWASP ZAP User Group
Try:
extAlert = org.parosproxy.paros.control.Control.getSingleton().getExtensionLoader().getExtension(org.zaproxy.zap.extension.alert.ExtensionAlert.class)
kingthorin+owaspzap
Oct 5, 2021, 1:04:54 PM10/5/21
to OWASP ZAP User Group
And Alert should be a Java.type
Reply all
Reply to author
Forward
0 new messages