github-starred/burp-ui
2
0
Fork 0
mirror of https://github.com/ziirish/burp-ui.git synced 2026-05-21 06:45:24 -06:00
Code Issues 1 Projects Packages Wiki Activity Actions

new feature: ability to download files from a backup directly from the interface + few fixes

Browse source
This commit is contained in:
ziirish 2014-09-04 21:30:40 +02:00
parent 96e595d82e
commit 27e69512a8
8 changed files with 630 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

92
burpui/misc/backend/burp1.py
View file

@ -1,15 +1,22 @@
# -*- coding: utf8 -*-
import re
import os
import socket
import time
import json
import datetime
import ConfigParser
import shutil
import subprocess
import zipfile
from burpui.misc.utils import human_readable as _hr
from burpui.misc.backend.interface import BUIbackend, BUIserverException
g_burpport = 4972
g_burphost = '127.0.0.1'
g_tmpdir = '/tmp/buirestore'
g_burpbin = '/usr/sbin/burp'
class Burp(BUIbackend):
states = {
@ -52,25 +59,57 @@ class Burp(BUIbackend):
'path'
]
def __init__(self, app=None, host='127.0.0.1', port=4972, conf=None):
global g_burpport, g_burphost
def __init__(self, app=None, conf=None):
global g_burpport, g_burphost, g_tmpdir, g_burpbin
self.app = app
self.host = host
self.port = port
self.host = g_burphost
self.running = []
if conf:
config = ConfigParser.ConfigParser({'bport': g_burpport, 'bhost': g_burphost})
config = ConfigParser.ConfigParser({'bport': g_burpport, 'tmpdir': g_tmpdir, 'burpbin': g_burpbin})
with open(conf) as fp:
config.readfp(fp)
try:
self.port = config.getint('Burp1', 'bport')
self.host = config.get('Burp1', 'bhost')
tdir = config.get('Burp1', 'tmpdir')
bbin = config.get('Burp1', 'burpbin')
if not bbin.startswith('/'):
self.app.logger.warning('Please provide an absolute path for the \'burpbin\' option. Fallback to \'%s\'', g_burpbin)
bbin = g_burpbin
elif not re.match('^\S+$', bbin):
self.app.logger.warning('Incorrect value for the \'burpbin\' option. Fallback to \'%s\'', g_burpbin)
bbin = g_burpbin
elif not os.path.isfile(bbin) or not os.access(bbin, os.X_OK):
self.app.logger.warning('\'%s\' does not exist or is not executable. Fallback to \'%s\'', bbin, g_burpbin)
bbin = g_burpbin
if not tdir.startswith('/'):
self.app.logger.warning('Please provide an absolute path for the \'tmpdir\' option. Fallback to \'%s\'', g_tmpdir)
tdir = g_tmpdir
elif not re.match('^\S+$', tdir):
self.app.logger.warning('Incorrect value for the \'tmpdir\' option. Fallback to \'%s\'', g_tmpdir)
tdir = g_tmpdir
elif os.path.isdir(tdir) and os.listdir(tdir):
raise Exception('\'{0}\' is not empty!'.format(tdir))
elif os.path.isdir(tdir) and not os.access(tdir, os.W_OK|os.X_OK):
self.app.logger.warning('\'%s\' is not writable. Fallback to \'%s\'', tdir, g_tmpdir)
tdir = g_tmpdir
self.burpbin = bbin
self.tmpdir = tdir
except ConfigParser.NoOptionError, e:
self.app.logger.error(str(e))
except ConfigParser.NoSectionError, e:
self.app.logger.error(str(e))
self.app.logger.info('burp port: %d', self.port)
self.app.logger.info('burp host: %s', self.host)
else:
self.port = g_burpport
self.burpbin = g_burpbin
self.tmpdir = g_tmpdir
self.app.logger.info('burp port: %d', self.port)
self.app.logger.info('burp host: %s', self.host)
self.app.logger.info('burp binary: %s', self.burpbin)
self.app.logger.info('temporary dir: %s', self.tmpdir)
"""
Utilities functions
@ -206,7 +245,7 @@ class Burp(BUIbackend):
returns a dict
"""
r = {}
if not name or name not in running:
if not name or name not in self.running:
return r
f = self.status('c:{0}\n'.format(name))
if not f:
@ -253,7 +292,7 @@ class Burp(BUIbackend):
except BUIserverException:
return False
for line in f:
r = re.search('^{0}\s+\d\s+(\S)'.format(name), line)
r = re.search('^{0}\s+\d\s+(\w)'.format(name), line)
if r and r.group(1) not in [ 'i', 'c', 'C' ]:
return True
return False
@ -372,3 +411,36 @@ class Burp(BUIbackend):
t['parent'] = top
r.append(t)
return r
def restore_files(self, name=None, backup=None, files=None):
if not name or not backup or not files:
return None
flist = json.loads(files)
if 'restore' not in flist:
return None
if os.path.isdir(self.tmpdir):
shutil.rmtree(self.tmpdir)
for r in flist['restore']:
reg = ''
if r['folder'] and r['key'] != '/':
reg = r['key']+'/'
else:
reg = r['key']
#cmd = self.burpbin+' -C '+name+' -a r -b '+str(backup)+' -r \''+reg+'\' -d '+self.tmpdir
status = subprocess.call([self.burpbin, '-C', name, '-a', 'r', '-b', str(backup), '-r', reg, '-d', self.tmpdir])
if status != 0:
return None
zip_dir = self.tmpdir.rstrip(os.sep)
zip_file = zip_dir+'.zip'
if os.path.isfile(zip_file):
os.remove(zip_file)
zip_len = len(zip_dir) + 1
with zipfile.ZipFile(zip_file, mode='w', compression=zipfile.ZIP_DEFLATED) as zf:
for dirname, subdirs, files in os.walk(zip_dir):
for filename in files:
path = os.path.join(dirname, filename)
entry = path[zip_len:]
zf.write(path, entry)
return zip_file

57
burpui/routes.py
View file

@ -1,8 +1,8 @@
# -*- coding: utf8 -*-
import math
from flask import Flask, request, render_template, jsonify, redirect, url_for, abort, flash, g, session
from flask.ext.login import login_user, login_required, logout_user, current_user
from flask import Flask, request, render_template, jsonify, redirect, url_for, abort, flash, send_file
from flask.ext.login import login_user, login_required, logout_user
from burpui import app, bui, login_manager
from burpui.forms import LoginForm
@ -15,22 +15,30 @@ def load_user(userid):
return bui.uhandler.user(userid)
return None
@app.route('/login', methods=['POST', 'GET'])
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = bui.uhandler.user(form.username.data)
if user.active and user.login(form.username.data, passwd=form.password.data):
login_user(user, remember=form.remember.data)
flash('Logged in successfully', 'success')
return redirect(request.args.get("next") or url_for('home'))
return render_template('login.html', form=form, login=True)
@app.route('/test/download')
def test_download():
try:
resp = send_file('/tmp/monfichierr', as_attachment=True)
resp.set_cookie('fileDownload', 'true')
return resp
except Exception, e:
abort(500)
@app.route('/logout')
@app.route('/api/restore/<name>/<int:backup>', methods=['POST'])
@login_required
def logout():
logout_user()
return redirect(url_for('home'))
def restore(name=None, backup=None):
l = request.form.get('list')
if not l or not name or not backup:
abort(500)
archive = bui.cli.restore_files(name, backup, l)
if not archive:
abort(500)
try:
resp = send_file(archive, as_attachment=True)
resp.set_cookie('fileDownload', 'true')
return resp
except Exception, e:
abort(500)
"""
Here is the API
@ -300,6 +308,23 @@ def client(name=None):
return redirect(url_for('live_monitor', name=name))
return render_template('client.html', client=True, overview=True, cname=c)
@app.route('/login', methods=['POST', 'GET'])
def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = bui.uhandler.user(form.username.data)
if user.active and user.login(form.username.data, passwd=form.password.data):
login_user(user, remember=form.remember.data)
flash('Logged in successfully', 'success')
return redirect(request.args.get("next") or url_for('home'))
return render_template('login.html', form=form, login=True)
@app.route('/logout')
@login_required
def logout():
logout_user()
return redirect(url_for('home'))
@app.route('/')
@login_required
def home():

453
burpui/static/jquery/jquery.fileDownload.js Normal file
View file

@ -0,0 +1,453 @@
/*
* jQuery File Download Plugin v1.4.2
*
* http://www.johnculviner.com
*
* Copyright (c) 2013 - John Culviner
*
* Licensed under the MIT license:
* http://www.opensource.org/licenses/mit-license.php
*
* !!!!NOTE!!!!
* You must also write a cookie in conjunction with using this plugin as mentioned in the orignal post:
* http://johnculviner.com/jquery-file-download-plugin-for-ajax-like-feature-rich-file-downloads/
* !!!!NOTE!!!!
*/
(function($, window){
// i'll just put them here to get evaluated on script load
var htmlSpecialCharsRegEx = /[<>&\r\n"']/gm;
var htmlSpecialCharsPlaceHolders = {
'<': 'lt;',
'>': 'gt;',
'&': 'amp;',
'\r': "#13;",
'\n': "#10;",
'"': 'quot;',
"'": '#39;' /*single quotes just to be safe, IE8 doesn't support &apos;, so use &#39; instead */
};
$.extend({
//
//$.fileDownload('/path/to/url/', options)
// see directly below for possible 'options'
fileDownload: function (fileUrl, options) {
//provide some reasonable defaults to any unspecified options below
var settings = $.extend({
//
//Requires jQuery UI: provide a message to display to the user when the file download is being prepared before the browser's dialog appears
//
preparingMessageHtml: null,
//
//Requires jQuery UI: provide a message to display to the user when a file download fails
//
failMessageHtml: null,
//
//the stock android browser straight up doesn't support file downloads initiated by a non GET: http://code.google.com/p/android/issues/detail?id=1780
//specify a message here to display if a user tries with an android browser
//if jQuery UI is installed this will be a dialog, otherwise it will be an alert
//
androidPostUnsupportedMessageHtml: "Unfortunately your Android browser doesn't support this type of file download. Please try again with a different browser.",
//
//Requires jQuery UI: options to pass into jQuery UI Dialog
//
dialogOptions: { modal: true },
//
//a function to call while the dowload is being prepared before the browser's dialog appears
//Args:
// url - the original url attempted
//
prepareCallback: function (url) { },
//
//a function to call after a file download dialog/ribbon has appeared
//Args:
// url - the original url attempted
//
successCallback: function (url) { },
//
//a function to call after a file download dialog/ribbon has appeared
//Args:
// responseHtml - the html that came back in response to the file download. this won't necessarily come back depending on the browser.
// in less than IE9 a cross domain error occurs because 500+ errors cause a cross domain issue due to IE subbing out the
// server's error message with a "helpful" IE built in message
// url - the original url attempted
//
failCallback: function (responseHtml, url) { },
//
// the HTTP method to use. Defaults to "GET".
//
httpMethod: "GET",
//
// if specified will perform a "httpMethod" request to the specified 'fileUrl' using the specified data.
// data must be an object (which will be $.param serialized) or already a key=value param string
//
data: null,
//
//a period in milliseconds to poll to determine if a successful file download has occured or not
//
checkInterval: 100,
//
//the cookie name to indicate if a file download has occured
//
cookieName: "fileDownload",
//
//the cookie value for the above name to indicate that a file download has occured
//
cookieValue: "true",
//
//the cookie path for above name value pair
//
cookiePath: "/",
//
//if specified it will be used when attempting to clear the above name value pair
//useful for when downloads are being served on a subdomain (e.g. downloads.example.com)
//
cookieDomain: null,
//
//the title for the popup second window as a download is processing in the case of a mobile browser
//
popupWindowTitle: "Initiating file download...",
//
//Functionality to encode HTML entities for a POST, need this if data is an object with properties whose values contains strings with quotation marks.
//HTML entity encoding is done by replacing all &,<,>,',",\r,\n characters.
//Note that some browsers will POST the string htmlentity-encoded whilst others will decode it before POSTing.
//It is recommended that on the server, htmlentity decoding is done irrespective.
//
encodeHTMLEntities: true
}, options);
var deferred = new $.Deferred();
//Setup mobile browser detection: Partial credit: http://detectmobilebrowser.com/
var userAgent = (navigator.userAgent || navigator.vendor || window.opera).toLowerCase();
var isIos; //has full support of features in iOS 4.0+, uses a new window to accomplish this.
var isAndroid; //has full support of GET features in 4.0+ by using a new window. Non-GET is completely unsupported by the browser. See above for specifying a message.
var isOtherMobileBrowser; //there is no way to reliably guess here so all other mobile devices will GET and POST to the current window.
if (/ip(ad|hone|od)/.test(userAgent)) {
isIos = true;
} else if (userAgent.indexOf('android') !== -1) {
isAndroid = true;
} else {
isOtherMobileBrowser = /avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|playbook|silk|iemobile|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(userAgent) || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|e\-|e\/|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(di|rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|xda(\-|2|g)|yas\-|your|zeto|zte\-/i.test(userAgent.substr(0, 4));
}
var httpMethodUpper = settings.httpMethod.toUpperCase();
if (isAndroid && httpMethodUpper !== "GET") {
//the stock android browser straight up doesn't support file downloads initiated by non GET requests: http://code.google.com/p/android/issues/detail?id=1780
if ($().dialog) {
$("<div>").html(settings.androidPostUnsupportedMessageHtml).dialog(settings.dialogOptions);
} else {
alert(settings.androidPostUnsupportedMessageHtml);
}
return deferred.reject();
}
var $preparingDialog = null;
var internalCallbacks = {
onPrepare: function (url) {
//wire up a jquery dialog to display the preparing message if specified
if (settings.preparingMessageHtml) {
$preparingDialog = $("<div>").html(settings.preparingMessageHtml).dialog(settings.dialogOptions);
} else if (settings.prepareCallback) {
settings.prepareCallback(url);
}
},
onSuccess: function (url) {
//remove the perparing message if it was specified
if ($preparingDialog) {
$preparingDialog.dialog('close');
};
settings.successCallback(url);
deferred.resolve(url);
},
onFail: function (responseHtml, url) {
//remove the perparing message if it was specified
if ($preparingDialog) {
$preparingDialog.dialog('close');
};
//wire up a jquery dialog to display the fail message if specified
if (settings.failMessageHtml) {
$("<div>").html(settings.failMessageHtml).dialog(settings.dialogOptions);
}
settings.failCallback(responseHtml, url);
deferred.reject(responseHtml, url);
}
};
internalCallbacks.onPrepare(fileUrl);
//make settings.data a param string if it exists and isn't already
if (settings.data !== null && typeof settings.data !== "string") {
settings.data = $.param(settings.data);
}
var $iframe,
downloadWindow,
formDoc,
$form;
if (httpMethodUpper === "GET") {
if (settings.data !== null) {
//need to merge any fileUrl params with the data object
var qsStart = fileUrl.indexOf('?');
if (qsStart !== -1) {
//we have a querystring in the url
if (fileUrl.substring(fileUrl.length - 1) !== "&") {
fileUrl = fileUrl + "&";
}
} else {
fileUrl = fileUrl + "?";
}
fileUrl = fileUrl + settings.data;
}
if (isIos || isAndroid) {
downloadWindow = window.open(fileUrl);
downloadWindow.document.title = settings.popupWindowTitle;
window.focus();
} else if (isOtherMobileBrowser) {
window.location(fileUrl);
} else {
//create a temporary iframe that is used to request the fileUrl as a GET request
$iframe = $("<iframe>")
.hide()
.prop("src", fileUrl)
.appendTo("body");
}
} else {
var formInnerHtml = "";
if (settings.data !== null) {
$.each(settings.data.replace(/\+/g, ' ').split("&"), function () {
var kvp = this.split("=");
var key = settings.encodeHTMLEntities ? htmlSpecialCharsEntityEncode(decodeURIComponent(kvp[0])) : decodeURIComponent(kvp[0]);
if (key) {
var value = settings.encodeHTMLEntities ? htmlSpecialCharsEntityEncode(decodeURIComponent(kvp[1])) : decodeURIComponent(kvp[1]);
formInnerHtml += '<input type="hidden" name="' + key + '" value="' + value + '" />';
}
});
}
if (isOtherMobileBrowser) {
$form = $("<form>").appendTo("body");
$form.hide()
.prop('method', settings.httpMethod)
.prop('action', fileUrl)
.html(formInnerHtml);
} else {
if (isIos) {
downloadWindow = window.open("about:blank");
downloadWindow.document.title = settings.popupWindowTitle;
formDoc = downloadWindow.document;
window.focus();
} else {
$iframe = $("<iframe style='display: none' src='about:blank'></iframe>").appendTo("body");
formDoc = getiframeDocument($iframe);
}
formDoc.write("<html><head></head><body><form method='" + settings.httpMethod + "' action='" + fileUrl + "'>" + formInnerHtml + "</form>" + settings.popupWindowTitle + "</body></html>");
$form = $(formDoc).find('form');
}
$form.submit();
}
//check if the file download has completed every checkInterval ms
setTimeout(checkFileDownloadComplete, settings.checkInterval);
function checkFileDownloadComplete() {
//has the cookie been written due to a file download occuring?
if (document.cookie.indexOf(settings.cookieName + "=" + settings.cookieValue) != -1) {
//execute specified callback
internalCallbacks.onSuccess(fileUrl);
//remove cookie
var cookieData = settings.cookieName + "=; path=" + settings.cookiePath + "; expires=" + new Date(0).toUTCString() + ";";
if (settings.cookieDomain) cookieData += " domain=" + settings.cookieDomain + ";";
document.cookie = cookieData;
//remove iframe
cleanUp(false);
return;
}
//has an error occured?
//if neither containers exist below then the file download is occuring on the current window
if (downloadWindow || $iframe) {
//has an error occured?
try {
var formDoc = downloadWindow ? downloadWindow.document : getiframeDocument($iframe);
if (formDoc && formDoc.body != null && formDoc.body.innerHTML.length) {
var isFailure = true;
if ($form && $form.length) {
var $contents = $(formDoc.body).contents().first();
try {
if ($contents.length && $contents[0] === $form[0]) {
isFailure = false;
}
} catch (e) {
if (e && e.number == -2146828218) {
// IE 8-10 throw a permission denied after the form reloads on the "$contents[0] === $form[0]" comparison
isFailure = true;
} else {
throw e;
}
}
}
if (isFailure) {
// IE 8-10 don't always have the full content available right away, they need a litle bit to finish
setTimeout(function () {
internalCallbacks.onFail(formDoc.body.innerHTML, fileUrl);
cleanUp(true);
}, 100);
return;
}
}
}
catch (err) {
//500 error less than IE9
internalCallbacks.onFail('', fileUrl);
cleanUp(true);
return;
}
}
//keep checking...
setTimeout(checkFileDownloadComplete, settings.checkInterval);
}
//gets an iframes document in a cross browser compatible manner
function getiframeDocument($iframe) {
var iframeDoc = $iframe[0].contentWindow || $iframe[0].contentDocument;
if (iframeDoc.document) {
iframeDoc = iframeDoc.document;
}
return iframeDoc;
}
function cleanUp(isFailure) {
setTimeout(function() {
if (downloadWindow) {
if (isAndroid) {
downloadWindow.close();
}
if (isIos) {
if (downloadWindow.focus) {
downloadWindow.focus(); //ios safari bug doesn't allow a window to be closed unless it is focused
if (isFailure) {
downloadWindow.close();
}
}
}
}
//iframe cleanup appears to randomly cause the download to fail
//not doing it seems better than failure...
//if ($iframe) {
// $iframe.remove();
//}
}, 0);
}
function htmlSpecialCharsEntityEncode(str) {
return str.replace(htmlSpecialCharsRegEx, function(match) {
return '&' + htmlSpecialCharsPlaceHolders[match];
});
}
return deferred.promise();
}
});
})(jQuery, this);

9
burpui/templates/client-browse.html
View file

@ -44,5 +44,14 @@
</tbody>
</table>
</div>
<br />
<div class="row">
<form id="form-restore" class="form-inline" method="POST" role="form" action="{{ url_for("restore", name=cname, backup=nbackup) }}">
<input type="hidden" name="list">
<div id="restore-form" style="display:none;">
<button type="submit" class="btn btn-info">Restore selected files</button>
</div>
</form>
</div>
</div>
{% endblock %}

2
burpui/templates/gerard.js
View file

@ -97,7 +97,7 @@ $('#input-client').typeahead(null, {
{% endif -%}
{% if live -%}
{% include "js/live-report.js" %}
{% include "js/live-monitor.js" %}
{% endif -%}
var _async_ajax = function(b) {

28
burpui/templates/js/client-browse.js
View file

@ -32,6 +32,8 @@
* }
*/
$("#tree").fancytree({
checkbox: true,
selectMode: 2,
extensions: ["glyph", "table", "gridnav", "filter"],
glyph: {
map: {
@ -110,7 +112,6 @@
});
},
*/
selectMode: 1,
scrollParent: $(window),
renderColumns: function(event, data) {
var node = data.node;
@ -121,6 +122,21 @@
$tdList.eq(3).text(node.data.gid);
$tdList.eq(4).text(node.data.size);
$tdList.eq(5).text(node.data.date);
},
select: function(event, data) {
var s = data.tree.getSelectedNodes();
if (s.length > 0) {
$("#restore-form").show();
v = [];
$.each(s, function(i, n) {
v.push({key: n.key, folder: n.folder});
});
r = {restore:v};
$("input[name=list]").val(JSON.stringify(r));
} else {
$("#restore-form").hide();
$("input[name=list]").val('');
}
}
});
@ -168,3 +184,13 @@
$("input[name=search-tree]").keyup();
});
$("#form-restore").on('submit', function(e) {
$.fileDownload($(this).prop('action'), {
preparingMessageHtml: "We are processing the restoration, please wait...",
failMessageHtml: "There was an error restoring files",
httpMethod: "POST",
data: $(this).serialize()
});
e.preventDefault();
});

23
burpui/templates/layout.html
View file

@ -11,12 +11,12 @@
<!-- Bootstrap core CSS -->
<link href="{{ url_for('static', filename='bootstrap/bootstrap.min.css') }}" rel="stylesheet">
{% if report %}
{% if report -%}
<link href="{{ url_for('static', filename='nvd3/nv.d3.min.css') }}" rel="stylesheet">
{% endif %}
{% if tree %}
{% endif -%}
{% if tree -%}
<link href="{{ url_for('static', filename='fancytree/skin-bootstrap/ui.fancytree.css') }}" rel="stylesheet">
{% endif %}
{% endif -%}
<!-- Custom styles for this template -->
<link href="{{ url_for('static', filename='dashboard.css') }}" rel="stylesheet">
@ -29,9 +29,9 @@
<div class="container-fluid">
<div class="row">
{% if not live and not login %}
{% if not live and not login -%}
{% include "sidebar.html" %}
{% endif %}
{% endif -%}
{% block body %}{% endblock %}
</div>
</div>
@ -45,19 +45,22 @@
================================================== -->
<script src="{{ url_for('static', filename='typeahead/typeahead.jquery.min.js') }}"></script>
<script src="{{ url_for('static', filename='typeahead/bloodhound.min.js') }}"></script>
{% if report %}
{% if report -%}
<!-- d3 + nvd3 Javascript
================================================== -->
<script src="{{ url_for('static', filename='d3/d3.min.js') }}"></script>
<script src="{{ url_for('static', filename='nvd3/nv.d3.min.js') }}"></script>
{% endif %}
{% if tree %}
{% endif -%}
{% if tree -%}
<!-- Fancytree Javascript
================================================== -->
<script src="{{ url_for('static', filename='jquery-ui/jquery-ui-1.10.4.min.js') }}"></script>
<script src="{{ url_for('static', filename='fancytree/jquery.fancytree-custom.min.js') }}"></script>
<script src="{{ url_for('static', filename='fancytree/jquery.fancytree.filter.js') }}"></script>
{% endif %}
<!-- FileDownload Javascript
================================================== -->
<script src="{{ url_for('static', filename='jquery/jquery.fileDownload.js') }}"></script>
{% endif -%}
<script type="text/javascript">
{% include "gerard.js" %}
</script>

4
share/burpui/etc/burpui.cfg
View file

@ -25,6 +25,10 @@ refresh: 15
#[Burp1]
## burp status port
#bport: 4972
## burp binary
#burpbin: /usr/sbin/burp
## temporary dir for the on the fly restoration
#tmpdir: /tmp/buirestore
## ldapauth specific options
#[LDAP]