Refactor to remove static methods

Removed static methods for getting ExtensionHelpers and Callbacks
to make code more clear about dependencies.

pom.xml

@@ -19,15 +19,15 @@
 			<groupId>net.portswigger.burp.extender</groupId>
 			<artifactId>burp-extender-api</artifactId>
 			<version>2.3</version>
+			<scope>provided</scope>
 		</dependency>
-
 	</dependencies>
 
 	<build>
 		<plugins>
 			<plugin>
 				<artifactId>maven-compiler-plugin</artifactId>
-				<version>3.8.1</version>
+				<version>3.11.0</version>
 			</plugin>
 		</plugins>
 	</build>

src/main/java/burp/BurpExtender.java

@@ -7,6 +7,7 @@
 
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
+import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
@@ -21,80 +22,78 @@
  */
 public class BurpExtender implements IBurpExtender, IContextMenuFactory, ActionListener {
 
-    private static IBurpExtenderCallbacks burpExtenderCallbacks;
-    private PocTabManager pocTabManager;
-    private IContextMenuInvocation icMenuInvocation;
-    private int tabCount;
-    private final LinkedList<JMenuItem> menuItems;
-
-    /**Initialize all variables needed*/
-    public BurpExtender() {
-        this.menuItems = new LinkedList<>();
-        this.tabCount = 1;        
-    }
-
-    @Override
-    public void registerExtenderCallbacks(IBurpExtenderCallbacks ibec) {
-        BurpExtender.burpExtenderCallbacks = ibec;
-        this.pocTabManager = new PocTabManager();
-        ibec.registerContextMenuFactory(this);
-        ibec.setExtensionName("CSRF PoC Creator");
-        BurpExtender.burpExtenderCallbacks.addSuiteTab(new TabImpl("CSRF PoC", this.pocTabManager));
-        // add menus
-        Iterator<String> pocKeys = Pocs.getPocKeys();
-        while (pocKeys.hasNext()) {
-            String key = pocKeys.next();
-            JMenuItem item = new JMenuItem(key);
-            item.addActionListener(BurpExtender.this);
-            this.menuItems.add(item);
-        }
-        BurpExtender.burpExtenderCallbacks.printOutput("Burp csrf-poc-creator plugin for Burp Suite Free loaded!");
-        BurpExtender.burpExtenderCallbacks.printOutput("Created by @rammarj");
-    }
-    /**
-     * Creates the menu items shown in burp suite
-     * @param icmi the context menu invocation
-     * @return List of menu items
-     */
-    @Override
-    public List<JMenuItem> createMenuItems(IContextMenuInvocation icmi) {
-        this.icMenuInvocation = icmi;
-        byte invocation_context = icmi.getInvocationContext();
-        if (invocation_context == IContextMenuInvocation.CONTEXT_MESSAGE_VIEWER_REQUEST
-                || invocation_context == IContextMenuInvocation.CONTEXT_PROXY_HISTORY
-                || invocation_context == IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST) {
-            return menuItems;
-        }
-        return null;
-    }
-
-    /**This method is executed when the "send to csrf ..." was clicked
-     * @param e event argument
-     */
-    @Override
-    public void actionPerformed(ActionEvent e) {
-        IHttpRequestResponse[] selectedMessages = this.icMenuInvocation.getSelectedMessages();
-        for (IHttpRequestResponse ihrr : selectedMessages) {
-            try {
-                String actionCommand = e.getActionCommand();
-                IPoc poc = Pocs.getPoc(actionCommand);
-                byte[] pocContent = poc.getPoc(ihrr);
-
-                PocCreatorTab pocCreatorTab = new PocCreatorTab(ihrr, pocContent);
-                pocCreatorTab.setSelectedItem(actionCommand);
-                this.pocTabManager.addTab(String.valueOf((this.tabCount++)), pocCreatorTab);
-            } catch (Exception ex) {
-                JOptionPane.showMessageDialog(this.pocTabManager, ex.getMessage(), "Error", JOptionPane.ERROR_MESSAGE);
-            }
-        }
-    }
-
-    /**
-     * Get the extender callback for this plugin
-     * @return the extender callbacks
-     */
-    public static IBurpExtenderCallbacks getBurpExtenderCallbacks() {
-        return burpExtenderCallbacks;
-    }
-
+	private IBurpExtenderCallbacks burpExtenderCallbacks;
+	private PocTabManager pocTabManager;
+	private IContextMenuInvocation icMenuInvocation;
+	private int tabCount;
+	private Pocs pocs;
+	private List<JMenuItem> menuItems;
+
+	/** Initialize all variables needed */
+	public BurpExtender() {
+		this.tabCount = 1;
+		this.menuItems = new ArrayList<>();
+	}
+
+	@Override
+	public void registerExtenderCallbacks(IBurpExtenderCallbacks ibec) {
+		this.burpExtenderCallbacks = ibec;
+		this.pocTabManager = new PocTabManager();
+		this.pocs = new Pocs(this.burpExtenderCallbacks.getHelpers());
+		ibec.registerContextMenuFactory(this);
+		ibec.setExtensionName("CSRF PoC Creator");
+		this.burpExtenderCallbacks.addSuiteTab(new TabImpl("CSRF PoC", this.pocTabManager));
+		// add menus
+		Iterator<String> pocKeys = this.pocs.getPocKeys();
+		while (pocKeys.hasNext()) {
+			String key = pocKeys.next();
+			JMenuItem item = new JMenuItem(key);
+			item.addActionListener(BurpExtender.this);
+			this.menuItems.add(item);
+		}
+		this.burpExtenderCallbacks.printOutput("Burp csrf-poc-creator plugin for Burp Suite Free loaded!");
+		this.burpExtenderCallbacks.printOutput("Created by @rammarj");
+	}
+
+	/**
+	 * Creates the menu items shown in burp suite
+	 * 
+	 * @param icmi the context menu invocation
+	 * @return List of menu items
+	 */
+	@Override
+	public List<JMenuItem> createMenuItems(IContextMenuInvocation icmi) {
+		this.icMenuInvocation = icmi;
+		byte invocation_context = icmi.getInvocationContext();
+		if (invocation_context == IContextMenuInvocation.CONTEXT_MESSAGE_VIEWER_REQUEST
+				|| invocation_context == IContextMenuInvocation.CONTEXT_PROXY_HISTORY
+				|| invocation_context == IContextMenuInvocation.CONTEXT_MESSAGE_EDITOR_REQUEST) {
+			return menuItems;
+		}
+		return null;
+	}
+
+	/**
+	 * This method is executed when the "send to csrf ..." was clicked
+	 * 
+	 * @param e event argument
+	 */
+	@Override
+	public void actionPerformed(ActionEvent e) {
+		IHttpRequestResponse[] selectedMessages = this.icMenuInvocation.getSelectedMessages();
+		for (IHttpRequestResponse ihrr : selectedMessages) {
+			try {
+				String selectedPOC = e.getActionCommand();
+				IPoc poc = this.pocs.getPoc(selectedPOC);
+				byte[] pocContent = poc.getPoc(ihrr);
+
+				PocCreatorTab pocCreatorTab = new PocCreatorTab(this.burpExtenderCallbacks, ihrr, this.pocs, pocContent);
+				pocCreatorTab.setSelectedItem(selectedPOC);
+				this.pocTabManager.addTab(String.valueOf(this.tabCount++), pocCreatorTab);
+			} catch (Exception ex) {
+				JOptionPane.showMessageDialog(this.pocTabManager, ex.getMessage(), "Error", JOptionPane.ERROR_MESSAGE);
+			}
+		}
+	}
+
 }

src/main/java/burp/Parameter.java

@@ -159,19 +159,5 @@ else switch (type) {
         }
         return a.toString();
     }
-
-    /**
-     * Constructs a parameter from a string.
-     * @param t the parameter as a string.
-     * @return a {@link Parameter} object.
-     */
-    public static Parameter build(String t){
-        Parameter parameter = new Parameter();
-        String[] split = t.split("=");
-        if (split.length>=2) {
-            parameter.setName(split[0]);
-            parameter.setValue(split[1]);
-        }
-        return parameter;
-    }    
+
 }

src/main/java/burp/pocs/AjaxPoc.java

@@ -14,18 +14,23 @@
  * @author Joaquin R. Martinez <[email protected]>
  */
 public class AjaxPoc implements IPoc {
+
+	private IExtensionHelpers helpers;
+
+	public AjaxPoc(IExtensionHelpers helpers) {
+		this.helpers = helpers;
+	}
 
     @Override
     public byte[] getPoc(final IHttpRequestResponse request) {
-        IExtensionHelpers iexHelpers = BurpExtender.getBurpExtenderCallbacks().getHelpers();
         String lineSeparator = System.lineSeparator();
         StringBuilder pocString = new StringBuilder();
         pocString.append("<!DOCTYPE html>").append(lineSeparator);
         pocString.append("<html>").append(lineSeparator).append("  <!-- CSRF PoC - generated by Burp Suite plugin -->").append(lineSeparator);
         pocString.append("<body>").append(lineSeparator).append("    <script>\n      function submitRequest()").append(lineSeparator);
         pocString.append("      {").append(lineSeparator).append("        var xhr = new XMLHttpRequest();").append(lineSeparator);
         String method;
-        IRequestInfo requestInfo = iexHelpers.analyzeRequest(request);
+        IRequestInfo requestInfo = helpers.analyzeRequest(request);
         method = requestInfo.getMethod();
         pocString.append("        xhr.open(\"").append(method).append("\", \"");
 
@@ -34,7 +39,7 @@ public byte[] getPoc(final IHttpRequestResponse request) {
             pocString.append("        xhr.send();\n");
         } else {
             pocString.append(requestInfo.getUrl().toString()).append("\", true);").append(lineSeparator);
-            String body = iexHelpers.bytesToString(request.getRequest()).substring(requestInfo.getBodyOffset());
+            String body = helpers.bytesToString(request.getRequest()).substring(requestInfo.getBodyOffset());
             body = Util.escape(body);
             String accept = "*/*";
             String content = "text/plain";

src/main/java/burp/pocs/HtmlPoc.java

@@ -2,6 +2,7 @@
 package burp.pocs;
 
 import burp.BurpExtender;
+import burp.IBurpExtenderCallbacks;
 import burp.IExtensionHelpers;
 import burp.IHttpRequestResponse;
 import burp.IParameter;
@@ -16,12 +17,17 @@
  */
 public class HtmlPoc implements IPoc {
 
+	private IExtensionHelpers helpers;
+
+	public HtmlPoc(IExtensionHelpers helpers) {
+		this.helpers = helpers;
+	}
+
     @Override
     public byte[] getPoc(final IHttpRequestResponse request) {
-        IExtensionHelpers iexHelpers = BurpExtender.getBurpExtenderCallbacks().getHelpers();
         String lineSep = System.lineSeparator();
         StringBuilder pocString = new StringBuilder();
-        IRequestInfo requestInfo = iexHelpers.analyzeRequest(request);
+        IRequestInfo requestInfo = helpers.analyzeRequest(request);
         pocString.append("<!DOCTYPE html>").append(lineSep);
         pocString.append("<html>").append(lineSep)
                 .append("  <!-- CSRF PoC - generated by Burp Suite plugin -->").append(lineSep);
@@ -32,8 +38,8 @@ public byte[] getPoc(final IHttpRequestResponse request) {
         List<IParameter> parameters = requestInfo.getParameters();
         parameters.forEach((parameter) -> {
             pocString.append("\t\t<input type=\"text\" name=\"")
-                    .append(Util.encodeHTML(iexHelpers.urlDecode(parameter.getName())))
-                    .append("\" value=\"").append(Util.encodeHTML(iexHelpers.urlDecode(parameter.getValue())))
+                    .append(Util.encodeHTML(helpers.urlDecode(parameter.getName())))
+                    .append("\" value=\"").append(Util.encodeHTML(helpers.urlDecode(parameter.getValue())))
                     .append("\">").append(lineSep);
         });
         pocString.append("\t\t<input type=\"submit\" value=\"Send\">").append(lineSep);

src/main/java/burp/pocs/Pocs.java

@@ -6,22 +6,24 @@
 import java.util.Iterator;
 import java.util.Map;
 
+import burp.IExtensionHelpers;
+
 /**
  * Contains all types of PoC's supported by this plugin.
  * 
  * @author Joaquin R. Martinez <[email protected]>
  */
 public class Pocs {
 
-	private static final Map<String, IPoc> POCS = new HashMap<>();
-	static Pocs poc = new Pocs();
+	private final Map<String, IPoc> pocs;
 
 	/**
 	 * Inaccesible constructor.
 	 */
-	private Pocs() {
-		Pocs.POCS.put("Ajax", new AjaxPoc());
-		Pocs.POCS.put("HTML", new HtmlPoc());
+	public Pocs(IExtensionHelpers helpers) {
+		this.pocs = new HashMap<>();
+		this.pocs.put("Ajax", new AjaxPoc(helpers));
+		this.pocs.put("HTML", new HtmlPoc(helpers));
 		// Add more kind of PoC's
 	}
 
@@ -31,17 +33,17 @@ private Pocs() {
 	 * @param key the key of the {@link IPoc}.
 	 * @return the {@link IPoc} object.
 	 */
-	public static IPoc getPoc(String key) {
-		return Pocs.POCS.get(key);
+	public IPoc getPoc(String key) {
+		return pocs.get(key);
 	}
 
 	/**
 	 * Get the {@link IPoc} as a {@link Enumeration}.
 	 * 
 	 * @return an {@link Iterator} with the keys of all {@link IPoc} objects.
 	 */
-	public static Iterator<String> getPocKeys() {
-		return Pocs.POCS.keySet().iterator();
+	public Iterator<String> getPocKeys() {
+		return this.pocs.keySet().iterator();
 	}
 
 }

src/main/java/burp/tab/MessageEditorController.java

@@ -1,6 +1,6 @@
 package burp.tab;
 
-import burp.BurpExtender;
+import burp.IExtensionHelpers;
 import burp.IHttpRequestResponse;
 import burp.IHttpService;
 import burp.IHttpServiceImpl;
@@ -10,17 +10,19 @@
 
 public class MessageEditorController implements IMessageEditorController {
 
+	private IExtensionHelpers helpers;
 	private IHttpRequestResponse request;
 	private IMessageEditor messageEditor;
 
-	public MessageEditorController(IHttpRequestResponse request, IMessageEditor messageEditor) {
+	public MessageEditorController(IExtensionHelpers helpers, IHttpRequestResponse request, IMessageEditor messageEditor) {
+		this.helpers = helpers;
 		this.request = request;
 		this.messageEditor = messageEditor;
 	}
 
 	@Override
     public IHttpService getHttpService() {
-        IRequestInfo analyzeRequest = BurpExtender.getBurpExtenderCallbacks().getHelpers().analyzeRequest(this.request);
+        IRequestInfo analyzeRequest = this.helpers.analyzeRequest(this.request);
         return new IHttpServiceImpl(analyzeRequest);
     }
 

src/main/java/burp/tab/POCTypesComboBox.java

@@ -17,11 +17,13 @@ public class POCTypesComboBox extends JComboBox<String> implements ItemListener
 	private static final long serialVersionUID = 1L;
 	private IHttpRequestResponse request;
 	private ITextEditor textEditor;
+	private Pocs pocs;
 
-	public POCTypesComboBox(ITextEditor textEditor, IHttpRequestResponse request) {
+	public POCTypesComboBox(ITextEditor textEditor, IHttpRequestResponse request, Pocs pocs) {
 		this.textEditor = textEditor;
 		this.request = request;
-		Iterator<String> pocKeys = Pocs.getPocKeys();
+		this.pocs = pocs;
+		Iterator<String> pocKeys = pocs.getPocKeys();
 		while (pocKeys.hasNext()) {
 			addItem(pocKeys.next());
 		}
@@ -31,7 +33,7 @@ public POCTypesComboBox(ITextEditor textEditor, IHttpRequestResponse request) {
 	@Override
 	public void itemStateChanged(ItemEvent e) {
 		String selectedItem = getSelectedItem().toString();
-        IPoc poc = Pocs.getPoc(selectedItem);
+        IPoc poc = this.pocs.getPoc(selectedItem);
         try {
             byte[] pocContent = poc.getPoc(this.request);
             this.textEditor.setText(pocContent);