Initial commit.

Author: Marshall Lee Whittaker

LICENSE

@@ -0,0 +1,44 @@
+Manifest-Version: 1.0
+
+Name: background.js
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: TP4S/BKQ1rWVYGRndhS2GA==
+SHA1-Digest: PCB97/Xkw75jDRhh0/2qXHEgNJM=
+SHA256-Digest: UvtG1GoFnRC2ZP1kcHtqQrQ9RANZuZ1AiP1CKDsY14E=
+
+Name: clipboard-helper.js
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: tDFPztbqrF9ar9pR+aNm2g==
+SHA1-Digest: 39zXoXLRg2nZTruOlwjg5YwJ2FY=
+SHA256-Digest: axFhQX62MwNPnO8C9NClAveznGo1nYItAylvSTaTqDk=
+
+Name: manifest.json
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: CoVNfHtG/hLZ1Ybd5m/a7g==
+SHA1-Digest: yTzLs8wi4Pxbbz4qEW7Z49IeWGM=
+SHA256-Digest: odUIevfgY1aTVweTRWmP0Da7qVFJUkXScUADXldYP/E=
+
+Name: options.html
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: WlF6qQXvxJ4FeMG7eq/HzQ==
+SHA1-Digest: gffYdrKNKX6UHgSh7BqYYl0jK9I=
+SHA256-Digest: cO8Z3SYWD3SXBfmrPyRxtiXvnxY9VQjqhra8YU2gg9Q=
+
+Name: options.js
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: Eudt0sct2Z8Kl2+lugNNNw==
+SHA1-Digest: mBy4IrKcyHWlHu1Fg/AF0kSrpEc=
+SHA256-Digest: MOrFbOKiab85MzFeDlucreD9fcI71hjQw6iIU1ZAYYE=
+
+Name: README.md
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: TD6YsrFf1Eu5RqGdwnRGYA==
+SHA1-Digest: jAOgm/tfT9HqVS6siLTGX4vTq+Y=
+SHA256-Digest: PQlm6a4LrHUV0EcJtBIxGfD23ipPaGuQ1uFasLfAHHA=
+
+Name: LICENSE
+Digest-Algorithms: MD5 SHA1 SHA256
+MD5-Digest: l0HDRu71YTEWPhO52xJBsw==
+SHA1-Digest: 0iFXq8D8C0rpY4DAlSjiPPdykKk=
+SHA256-Digest: HyVuytGSiAUQ6ErWBHTqt1iSGHhLmlC8fO7jTCuR8dU=
+

META-INF/manifest.mf

@@ -0,0 +1,5 @@
+Signature-Version: 1.0
+MD5-Digest-Manifest: f6AwJD0h0gVG9YEXiu9rlg==
+SHA1-Digest-Manifest: +sm5rqNMR8VbkyQ4qLW+9N4B5ug=
+SHA256-Digest-Manifest: 4N6wvE74sfZ1y+K2DhEgeWmpR+BPA81IBch96QaKirU=
+

META-INF/mozilla.rsa

@@ -0,0 +1,2 @@
+#sqlmap helper
+This is an extension for firefox to help generate sqlmap commands for web exploitation.

META-INF/mozilla.sf

@@ -0,0 +1,192 @@
+/* Written by oxagast. Edited some things from mycliget to get this to work. */
+
+/*
+ * V: 0.0.9 - 3/25/2019
+*/
+
+/*
+ * clipboard function originated with mozilla webextension examples here:
+ * https://github.com/mdn/webextensions-examples
+ */
+ 
+ 
+var quotesOption = false;
+var programOption = 'curl';
+var fileOption = 'auto';
+var verboseOption = false;
+var headers = '';
+var sqlmapheaders = '';
+var snackbarOption = false;
+var trigger;
+
+
+//Right click context adds for links + audio/video
+browser.contextMenus.create({
+ id: "copy-link-to-clipboard",
+ title: "Copy SQLMap command to clipboard",
+ contexts: ["link"]
+});
+browser.contextMenus.create({
+ id: "copy-media-to-clipboard",
+ title: "Copy SQLMap command to clipboard",
+ contexts: ['video', 'audio']
+});
+
+//basic promisified xmlhttpreq, will be stopped at building the request
+let ajaxGet = (obj) => {
+ return new Promise((resolve, reject) => {
+ let xhr = new XMLHttpRequest();
+ xhr.timeout = 5000;
+ xhr.open(obj.method || "GET", obj.url);
+ if (obj.headers) {
+ Object.keys(obj.headers).forEach(key => {
+ xhr.setRequestHeader(key, obj.headers[key]);
+ });
+ }
+ xhr.send(obj.body || '');
+ resolve(true);
+ });
+};
+
+// callback for onBeforeSendHeaders listener.
+// Returns a promise and adds cancel request to the xmlhttpreq
+// trigger now looped into main promise.all
+let getHeaders = (e) => {
+ headers = '';
+ sqlmapheaders = '';
+ for (let header of e.requestHeaders) {
+ sqlmapheaders += " --header '" + header.name + ": " + header.value + "'";
+ }
+ //console.log('headers: ' + headers.toString());
+ 
+
+ var asyncCancel = new Promise((resolve, reject) => {
+ resolve({cancel: true});
+ });
+ trigger(true);
+ return asyncCancel;
+};
+
+// main command builder function
+function assembleCmd(url, referUrl) {
+ let sqlmapText = "sqlmap.py"; // sqlmap command holder
+ if (verboseOption) {sqlmapText += " -v 4"; }
+ // ######################################################################
+ // use remote suggested filename, how safe is this? also only available in moderately up to date 
+ // ## replacement for -O -J, same security issues though, make optional 
+ // ## this version will accept filename or location header
+ // curl -s -D - "$url" -o /dev/null | grep -i "filename\|Location" | (IFS= read -r spo; sec=$(echo ${spo//*\//filename=}); echo ${sec#*filename=});
+ // ######################################################################
+ 
+ 
+ sqlmapText += sqlmapheaders;
+ try {
+ if (sqlmapUserOption.replace(/\s/g,'')) { sqlmapText += " " + sqlmapUserOption; } 
+ }
+ catch (e) {
+ //ignore empty user option text inputs
+ }
+ sqlmapText += " -u '" + url + "'";
+ 
+ 
+ 
+ if (quotesOption) {
+ sqlmapText = wgetText.replace(/'/g,'"');
+ }
+ const sqlmapCode = "copyToClipboard(" + JSON.stringify(sqlmapText) + ", " + snackbarOption + ");";
+ 
+ switch (programOption) {
+ case "sqlmap":
+ return (sqlmapCode);
+ break;
+ }
+ //return (programOption === "curl") ? curlCode : wgetCode;
+};
+
+function copyCommand(code, tab) {
+browser.tabs.executeScript({
+ code: "typeof copyToClipboard === 'function';",
+ }).then((results) => {
+ // The content script's last expression will be true if the function
+ // has been defined. If this is not the case, then we need to run
+ // clipboard-helper.js to define function copyToClipboard.
+ if (!results || results[0] !== true) {
+ return browser.tabs.executeScript(tab.id, {
+ file: "clipboard-helper.js",
+ });
+ }
+ }).then(() => {
+ return browser.tabs.executeScript(tab.id, {
+ code,
+ });
+ }).catch((error) => {
+ // This could happen if the extension is not allowed to run code in
+ // the page, for example if the tab is a privileged page.
+ console.error("Failed : " + error);
+ });
+};
+
+browser.contextMenus.onClicked.addListener((info, tab) => {
+ 
+ let url = (info.menuItemId === 'copy-media-to-clipboard') ? info.srcUrl : info.linkUrl
+ let referUrl = info.pageUrl;
+ let cleanedUrl = '';
+ 
+ let gettingHeaders = new Promise(function(resolve, reject) {trigger = resolve;});
+ 
+ // basic port num strip for certain urls
+ // TODO more robust sanitize of url for match pattern
+ if (RegExp('//').test(url)) {
+ let temp = url.split('/');
+ temp[2] = temp[2].replace(/:[0-9]+/, '');
+ cleanedUrl = temp.join('/');
+ }
+ 
+ // add onbeforesendheaders listener for clicked url
+ browser.webRequest.onBeforeSendHeaders.addListener(
+ getHeaders, {urls: [cleanedUrl]}, ["blocking","requestHeaders"]);
+ 
+ // workaround for xmlhttpget firing before addlistener is complete 
+ let gettingHtml = new Promise (function(resolve,reject) {
+ setTimeout(function(){ 
+ resolve(ajaxGet({url: url}));
+ }, 1);
+ });
+ 
+ // check the saved options each click in case they changed
+ let gettingOptions = browser.storage.sync.get(
+ ['quotes','prog','file','filename','ratelimit','verbose','resume','wgetUser','curlUser', 'sqlmapUser', 'snackbar'])
+ .then((res) => {
+ quotesOption = res.quotes;
+ programOption = res.prog;
+ fileOption = res.file;
+ filenameOption = res.filename;
+ verboseOption = res.verbose;
+ sqlmapUserOption = res.sqlmapUser;
+ snackbarOption = res.snackbar;
+ });
+ let promiseCancel = new Promise(function(resolve,reject) {
+ setTimeout(function() {
+ reject(false);
+ },2000);
+ });
+
+ // 2s timeout if somehow the request was not caught on the 
+ // header generation.
+ let cancelled = Promise.race([promiseCancel, gettingHeaders]);
+ 
+ // loop all requesite async functions into promise.all
+ Promise.all([gettingOptions,gettingHtml,cancelled]).then(() => { 
+ let code = assembleCmd(url, referUrl);
+ copyCommand(code,tab);
+ 
+ browser.webRequest.onBeforeSendHeaders.removeListener(getHeaders);
+ },
+ () => {
+ // reset listener on reject
+ browser.webRequest.onBeforeSendHeaders.removeListener(getHeaders);
+ });
+ 
+ 
+});
+

README.md

@@ -0,0 +1,50 @@
+// This function must be called in a visible page, such as a browserAction popup
+// or a content script. Calling it in a background page has no effect!
+function copyToClipboard(text, show) {
+ function oncopy(event) {
+ document.removeEventListener("copy", oncopy, true);
+ // Hide the event from the page to prevent tampering.
+ event.stopImmediatePropagation();
+
+ // Overwrite the clipboard content.
+ event.preventDefault();
+ event.clipboardData.setData("text/plain", text);
+ 
+ if (show == true) {
+ var mydiv = document.getElementById('addon-clg-snackbar');
+ // check for existing snackbar, if not found add stylesheet and bar
+ if (!mydiv) {
+ // push snackbar style into document
+ var style = document.createElement('style');
+ style.type = 'text/css';
+ style.innerHTML = '.clg-snackbar { visibility: visible; min-width: 200px; background-color: #333; \
+ border-style:solid; border-color: black; animation: fadeinout 3s ease-out forwards; \
+ color: #fff; text-align: center; border-radius: 2px; padding: 16px; position: fixed; \
+ z-index: 10000; left: 50%; bottom: 30px; } \
+ @keyframes fadeinout { \
+ 0%,100% { opacity: 0; } \
+ 50% { opacity: 1; } }'
+ 
+ document.getElementsByTagName('head')[0].appendChild(style);
+ 
+ document.body.innerHTML += "<div class='clg-snackbar' id='addon-clg-snackbar'>Selected item added to copy buffer</div>";
+ }
+ else {
+ mydiv.style.visibility = 'visible';
+ // if bar exists, toggle classname to fire animation with minimal delay between states
+ mydiv.className = ''; 
+ setTimeout(function() {mydiv.className = 'clg-snackbar';}, 10);
+ //hide div after fadeout so any underlying html is accessible
+ setTimeout(function() {mydiv.style.visibility = 'hidden'; }, 3200);
+ }
+ 
+ }
+ 
+ 
+ 
+ }
+ document.addEventListener("copy", oncopy, true);
+
+ // Requires the clipboardWrite permission, or a user gesture:
+ document.execCommand("copy");
+}

background.js

@@ -0,0 +1,34 @@
+{
+ "manifest_version": 2,
+ "name": "SQLMap Helper",
+ "description": "Adds a helper menu for SQLMap.",
+ "version": "0.0.9",
+ "homepage_url": "https://github.com/oxagast/sqlmap-helper",
+
+ "background": {
+ "scripts": [
+ "background.js"
+ ]
+ },
+ 
+ "options_ui": {
+ "page": "options.html"
+ },
+
+ "permissions": [
+ "activeTab",
+ "contextMenus",
+ "clipboardWrite",
+ "cookies",
+ "<all_urls>",
+ "storage",
+ "webRequest",
+ "webRequestBlocking"
+ ],
+ "applications": {
+ "gecko": {
+ "id": "sqlmaphelper@maskster.site",
+ "strict_min_version": "55.0"
+ }
+ }
+}

clipboard-helper.js

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+
+<html>
+ <head>
+ <meta charset="utf-8">
+ </head>
+
+<body>
+ <form id='optionsForm'>
+ Use double quotes:: 
+ <input type="checkbox" name="quotes" id="quotes"><br>
+ <input visibility="hidden" type="radio" name="prog" id="prog" value="sqlmap"> SQLMap <br>
+ Show Message on Copy: <input type="checkbox" name="snackbar" id="snackbar" checked="checked"><br>
+ Verbose output: <input type="checkbox" name="verbose" id="verbose"><br><br><br>
+ Any input in the boxes below will be inserted as options for the respective commands<br>
+ SQLMap Options: <input type="text" name="sqlmapUser" id="sqlmapUser" ><br><br><br>
+ 
+ <button type="submit">Save</button>
+ </form>
+ <script src="options.js"></script>
+</body>
+
+</html>

manifest.json

@@ -0,0 +1,38 @@
+function saveOptions(e) {
+ browser.storage.sync.set({
+ quotes: document.querySelector('input[name=quotes]').checked,
+ prog: document.querySelector('input[name=prog]:checked').value,
+ file: document.querySelector('input[name=file]:checked').value,
+ filename: document.querySelector('input[name=filename]').value,
+ verbose: document.querySelector('input[name=verbose]').checked,
+ sqlmapUser: document.querySelector('input[name=sqlmapUser]').value,
+ snackbar: document.querySelector('input[name=snackbar]').checked,
+ 
+ });
+ if (typeof(e) !== "undefined") {
+ e.preventDefault();
+ }
+
+}
+
+function restoreOptions() {
+ var gettingItem = browser.storage.sync.get(
+ ['quotes', 'prog','verbose','resume','sqlmapUser','snackbar']);
+ gettingItem.then((res) => {
+ 
+ if (Object.keys(res).length > 0 && res.constructor === Object) {
+ document.querySelector('input[name=quotes]').checked = res.quotes ? res.quotes : false;
+ document.querySelector('input[name=prog][value=' + res.prog + ']').checked = true;
+ document.querySelector('input[name=verbose]').checked = res.verbose ? res.verbose : false;
+ document.querySelector('input[name=sqlmapUser]').value = res.sqlmapUser ? res.sqlmapUser : '';
+ document.querySelector('input[name=snackbar]').checked = res.snackbar ? res.snackbar : false;
+ }
+ // if no saved info save the defaults to initialize
+ else {
+ saveOptions();
+ }
+ });
+}
+
+document.addEventListener('DOMContentLoaded', restoreOptions);
+document.querySelector("form").addEventListener("submit", saveOptions);