diff --git a/gitimg/attack_dialog.png b/gitimg/attack_dialog.png index 14a2a82..ac667e8 100644 Binary files a/gitimg/attack_dialog.png and b/gitimg/attack_dialog.png differ diff --git a/gitimg/brute_force_attack.png b/gitimg/brute_force_attack.png index 6c2c2b6..bc9cd09 100644 Binary files a/gitimg/brute_force_attack.png and b/gitimg/brute_force_attack.png differ diff --git a/gitimg/editor_flask.png b/gitimg/editor_flask.png index e32817f..ff80b69 100644 Binary files a/gitimg/editor_flask.png and b/gitimg/editor_flask.png differ diff --git a/gitimg/key_dialog.png b/gitimg/key_dialog.png index 337e4ed..2be66d9 100644 Binary files a/gitimg/key_dialog.png and b/gitimg/key_dialog.png differ diff --git a/gitimg/settings_view.png b/gitimg/settings_view.png index 8562548..4a1b85d 100644 Binary files a/gitimg/settings_view.png and b/gitimg/settings_view.png differ diff --git a/gitimg/unknown_tab.png b/gitimg/unknown_tab.png index bfcf0e1..0b8060d 100644 Binary files a/gitimg/unknown_tab.png and b/gitimg/unknown_tab.png differ diff --git a/gitimg/wordlist_view.png b/gitimg/wordlist_view.png index 01936d8..4090ecc 100644 Binary files a/gitimg/wordlist_view.png and b/gitimg/wordlist_view.png differ diff --git a/src/main/java/one/d4d/sessionless/itsdangerous/crypto/TokenSigner.java b/src/main/java/one/d4d/sessionless/itsdangerous/crypto/TokenSigner.java index 50514dd..451fdc9 100644 --- a/src/main/java/one/d4d/sessionless/itsdangerous/crypto/TokenSigner.java +++ b/src/main/java/one/d4d/sessionless/itsdangerous/crypto/TokenSigner.java @@ -21,7 +21,8 @@ public class TokenSigner implements Cloneable { public Derivation keyDerivation = Derivation.HMAC; public MessageDerivation messageDerivation = MessageDerivation.NONE; public MessageDigestAlgorithm messageDigestAlgorithm = MessageDigestAlgorithm.SHA1; - public Set knownDerivations = EnumSet.allOf(Derivation.class); + public Set knownDerivations = EnumSet.of(Derivation.HASH, + Derivation.DJANGO, Derivation.CONCAT, Derivation.HMAC, Derivation.NONE); public byte[] secret_key; public byte[] salt = "itsdangerous.Signer".getBytes(); public byte[] sep; diff --git a/src/main/java/one/d4d/sessionless/utils/Utils.java b/src/main/java/one/d4d/sessionless/utils/Utils.java index 1e33906..8634050 100644 --- a/src/main/java/one/d4d/sessionless/utils/Utils.java +++ b/src/main/java/one/d4d/sessionless/utils/Utils.java @@ -1,5 +1,6 @@ package one.d4d.sessionless.utils; +import burp.api.montoya.http.message.MimeType; import com.google.common.primitives.Ints; import com.google.gson.Gson; import com.google.gson.JsonParser; @@ -26,6 +27,7 @@ import java.util.zip.Inflater; public class Utils { + public static final Set SUPPORTED_MIMETYPES = Set.of(MimeType.HTML, MimeType.PLAIN_TEXT, MimeType.JSON, MimeType.XML, MimeType.YAML); public static final int BRUTE_FORCE_CHUNK_SIZE = 4096; public static final int WORDLIST_ONE_CHAR = 256; public static final int WORDLIST_TWO_CHAR = 65536;