搜索结果到目标管理的逻辑更新

src/InternetSearch/SearchResultEntry.java

@@ -220,11 +220,8 @@ public String getTitle() {
 	public void setTitle(String title) {
 		this.title = title;
 	}
-	public void AddToTarget() {
-		AddToTarget(null);
-	}
-
-	public void AddToTarget(String trustLevel) {
+
+	public void AddToTarget(String trustLevel,String commentToAdd) {
 		DomainManager domainResult = BurpExtender.getGui().getDomainPanel().getDomainResult();
 		if (IPAddressUtils.isValidIPv4NoPort(this.host)) {
 			domainResult.getSpecialPortTargets().add(this.host);
@@ -234,14 +231,14 @@ public void AddToTarget(String trustLevel) {
 		}
 
 		if (DomainUtils.isValidDomainMayPort(this.host)) {
-			domainResult.addToTargetAndSubDomain(this.host,true);
+			domainResult.addToTargetAndSubDomain(this.host,true,commentToAdd);
 			if (this.port >=0 && this.port <= 65535) {
-				domainResult.addToTargetAndSubDomain(this.host+":"+this.port,true,trustLevel);
+				domainResult.addToTargetAndSubDomain(this.host+":"+this.port,true,trustLevel,commentToAdd);
 			}
 		}
 
 		if (StringUtils.isEmpty(this.rootDomain)) {
-			domainResult.addToTargetAndSubDomain(this.rootDomain,true,trustLevel);
+			domainResult.addToTargetAndSubDomain(this.rootDomain,true,trustLevel,commentToAdd);
 		}
 	}
 

src/InternetSearch/SearchResultEntryMenu.java

@@ -4,12 +4,16 @@
 import java.io.PrintWriter;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import javax.swing.AbstractAction;
 import javax.swing.JMenuItem;
+import javax.swing.JOptionPane;
 import javax.swing.JPopupMenu;
 import javax.swing.SwingWorker;
 
+import org.apache.commons.lang3.StringUtils;
+
 import com.bit4woo.utilbox.utils.SystemUtils;
 import com.bit4woo.utilbox.utils.TextUtils;
 
@@ -154,7 +158,7 @@ protected Object doInBackground() throws Exception {
 						try{
 							List<SearchResultEntry> entries = searchTableModel.getEntries(modelRows);
 							for (SearchResultEntry entry:entries) {
-								entry.AddToTarget();
+								entry.AddToTarget(null,null);
 							}
 							guiMain.getDomainPanel().saveDomainDataToDB();
 						}
@@ -177,7 +181,33 @@ protected Object doInBackground() throws Exception {
 						try{
 							List<SearchResultEntry> entries = searchTableModel.getEntries(modelRows);
 							for (SearchResultEntry entry:entries) {
-								entry.AddToTarget(AssetTrustLevel.Confirm);
+								entry.AddToTarget(AssetTrustLevel.Confirm,null);
+							}
+							guiMain.getDomainPanel().saveDomainDataToDB();
+						}
+						catch (Exception e1)
+						{
+							e1.printStackTrace(stderr);
+						}
+						return null;
+					}
+				}.execute();
+			}
+		});
+
+		JMenuItem addToTargetWithCommentItem = new JMenuItem(new AbstractAction("Add Host/Domain To Target With Comment") {
+			@Override
+			public void actionPerformed(ActionEvent actionEvent) {
+				new SwingWorker(){
+					@Override
+					protected Object doInBackground() throws Exception {
+						try{
+							List<SearchResultEntry> entries = searchTableModel.getEntries(modelRows);
+							for (SearchResultEntry entry:entries) {
+								String comment = JOptionPane.showInputDialog("to find which value", "");
+								if (StringUtils.isNotBlank(comment)) {
+									entry.AddToTarget(null,null);
+								}
 							}
 							guiMain.getDomainPanel().saveDomainDataToDB();
 						}
@@ -190,6 +220,32 @@ protected Object doInBackground() throws Exception {
 				}.execute();
 			}
 		});
+
+
+		JMenuItem addIPToBlackListItem = new JMenuItem(new AbstractAction("Add IP To Black List") {
+			@Override
+			public void actionPerformed(ActionEvent actionEvent) {
+				new SwingWorker(){
+					@Override
+					protected Object doInBackground() throws Exception {
+						try{
+							List<SearchResultEntry> entries = searchTableModel.getEntries(modelRows);
+							Set<String> blackIPSet = new HashSet<String>();
+							for (SearchResultEntry entry:entries) {
+								blackIPSet.addAll(entry.getIPSet());
+							}
+							guiMain.getDomainPanel().getDomainResult().getNotTargetIPSet().addAll(blackIPSet);
+							guiMain.getDomainPanel().saveDomainDataToDB();
+						}
+						catch (Exception e1)
+						{
+							e1.printStackTrace(stderr);
+						}
+						return null;
+					}
+				}.execute();
+			}
+		});
 
 		this.add(itemNumber);
 
@@ -198,6 +254,11 @@ protected Object doInBackground() throws Exception {
 		//常用多选操作
 		this.add(addToTargetItem);
 		this.add(addToTargetConfirmItem);
+		this.add(addToTargetWithCommentItem);
+		this.add(addIPToBlackListItem);
+
+		this.addSeparator();
+
 		this.add(copyUrlItem);
 		this.add(copyHostItem);
 		this.add(copyIPItem);

src/domain/DomainManager.java

@@ -367,6 +367,14 @@ public boolean isTargetByCertInfo(Set<String> certDomains) {
 		}
 		return false;
 	}
+
+	public void addToTargetAndSubDomain(String enteredRootDomain, boolean autoSub,String trustLevel,String commentToAdd) {
+		if (enteredRootDomain == null) return;
+		if (guiMain.getDomainPanel().fetchTargetModel().addOrUpdateRowIfValid(new TargetEntry(enteredRootDomain, autoSub,trustLevel,commentToAdd))) {
+			subDomainSet.add(enteredRootDomain);
+		};
+	}
+
 	/**
 	 * 添加到目标，并且设置资产可信度级别
 	 * @param enteredRootDomain
@@ -375,14 +383,14 @@ public boolean isTargetByCertInfo(Set<String> certDomains) {
 	 */
 	public void addToTargetAndSubDomain(String enteredRootDomain, boolean autoSub,String trustLevel) {
 		if (enteredRootDomain == null) return;
-		if (guiMain.getDomainPanel().fetchTargetModel().addRowIfValid(new TargetEntry(enteredRootDomain, autoSub,trustLevel))) {
+		if (guiMain.getDomainPanel().fetchTargetModel().addOrUpdateRowIfValid(new TargetEntry(enteredRootDomain, autoSub,trustLevel))) {
 			subDomainSet.add(enteredRootDomain);
 		};
 	}
 
 	public void addToTargetAndSubDomain(String enteredRootDomain, boolean autoSub) {
 		if (enteredRootDomain == null) return;
-		if (guiMain.getDomainPanel().fetchTargetModel().addRowIfValid(new TargetEntry(enteredRootDomain, autoSub))) {
+		if (guiMain.getDomainPanel().fetchTargetModel().addOrUpdateRowIfValid(new TargetEntry(enteredRootDomain, autoSub))) {
 			subDomainSet.add(enteredRootDomain);
 		};
 	}
@@ -391,8 +399,8 @@ public boolean addTLDToTargetAndSubDomain(String enteredRootDomain) {
 		if (enteredRootDomain == null) return false;
 		String tldDomainToAdd  = guiMain.getDomainPanel().fetchTargetModel().getTLDDomainToAdd(enteredRootDomain);
 		TargetEntry tmp = new TargetEntry(tldDomainToAdd, false);
-		guiMain.getDomainPanel().fetchTargetModel().addRowIfValid(tmp);
-		if (guiMain.getDomainPanel().fetchTargetModel().addRowIfValid(tmp)) {
+		guiMain.getDomainPanel().fetchTargetModel().addOrUpdateRowIfValid(tmp);
+		if (guiMain.getDomainPanel().fetchTargetModel().addOrUpdateRowIfValid(tmp)) {
 			subDomainSet.add(enteredRootDomain);
 			return true;
 		};

src/domain/target/TargetControlPanel.java

@@ -48,7 +48,7 @@ public void actionPerformed(ActionEvent e) {
 				} else {
 					String enteredRootDomain = JOptionPane.showInputDialog("Enter Root Domain", null);
 					TargetEntry entry = new TargetEntry(enteredRootDomain);
-					if(domainPanel.fetchTargetModel().addRowIfValid(entry)){
+					if(domainPanel.fetchTargetModel().addOrUpdateRowIfValid(entry)){
 						domainPanel.getDomainResult().addIfValid(enteredRootDomain);
 						btnFresh.doClick();
 					}
@@ -66,7 +66,7 @@ public void actionPerformed(ActionEvent e) {
 				} else {
 					String enteredRootDomain = JOptionPane.showInputDialog("Enter Root Domain", null);
 					TargetEntry entry = new TargetEntry(enteredRootDomain,false);
-					if(domainPanel.fetchTargetModel().addRowIfValid(entry)){
+					if(domainPanel.fetchTargetModel().addOrUpdateRowIfValid(entry)){
 						domainPanel.getDomainResult().addIfValid(enteredRootDomain);
 						btnFresh.doClick();
 					}
@@ -164,7 +164,7 @@ public void selectedToBalck(){
 			for (int i = rowindexs.length - 1; i >= 0; i--) {
 				TargetEntry entry = domainTableModel.getValueAt(rowindexs[i]);
 				entry.setTrustLevel(AssetTrustLevel.NonTarget);
-				domainTableModel.updateRow(entry);
+				domainTableModel.addOrUpdateRow(entry);
 			}
 		}
 	}

src/domain/target/TargetEntry.java

@@ -53,6 +53,16 @@ public TargetEntry(String input) {
 		this(input,true);
 	}
 
+	public TargetEntry(String input,boolean autoSub,String trustLevel,String comment) {
+		this(input,autoSub);
+		if (AssetTrustLevel.getLevelList().contains(trustLevel)) {
+			this.setTrustLevel(trustLevel);
+		}else {
+			//已经有默认初始值了，无需再设置
+		}
+		addComment(comment);
+	}
+
 	public TargetEntry(String input,boolean autoSub,String trustLevel) {
 		this(input,autoSub);
 		if (AssetTrustLevel.getLevelList().contains(trustLevel)) {
@@ -61,6 +71,26 @@ public TargetEntry(String input,boolean autoSub,String trustLevel) {
 			//已经有默认初始值了，无需再设置
 		}
 	}
+
+	private void autoDetectTrustLevel() {
+		//resources/cloud_service_domain_names.txt
+		String domains = "aliyun.com\r\n"
+				+ "aliyuncs.com\r\n"
+				+ "amazon.com\r\n"
+				+ "amazonaws.com\r\n"
+				+ "huaweicloud.com\r\n"
+				+ "myhuaweicloud.com\r\n"
+				+ "myqcloud.com\r\n"
+				+ "tencent.com\r\n"
+				+ "tencentcloudapi.com\r\n"
+				+ "cloudfront.net";
+		for (String item:domains.split("\r\n")) {
+			if (target.toLowerCase().strip().endsWith(item)) {
+				this.setTrustLevel(AssetTrustLevel.Cloud);
+				break;
+			}
+		}
+	}
 
 	public TargetEntry(String input,boolean autoSub) {
 
@@ -103,6 +133,7 @@ public TargetEntry(String input,boolean autoSub) {
 				keyword = domainKeyword;
 			}
 		}
+		autoDetectTrustLevel();
 	}
 
 
@@ -167,7 +198,7 @@ public void setComments(Set<String> comments) {
 	}
 
 	public void addComment(String commentToAdd) {
-		if (StringUtils.isEmpty(commentToAdd)) return;
+		if (StringUtils.isBlank(commentToAdd)) return;
 		comments.addAll(Arrays.asList(commentToAdd.split(",")));
 	}