Burp Extensions - Page 41 - Burp Suite User Forum

Python interface text control

Hi guys, I am reading the API documentation and i have not clean the funtion that i need to use for my question. Easy question, what API funtion i have to use for control the text portion selected from any part of...

Supported Layout Managers

I've been noticing that when I use certain layout managers in my extension the extension no longer works. It doesn't throw any errors when I'm loading it, but it never creates its tab. What layout managers are actually...

Update the content of the Intruder attack window

I would like to intercept a request after an intruder attack is started. After the intercept, I want to modify the request and send them out. At the moment I'm trying it with a httpListener, but this does not update the...

extender

So this 'issue' has been happening to me for the last few versions of burp suite pro. right now I am running the latest .18 version. In the extender tab i have the option to automatically reload extensions on startup...

Adding a header with ISessionHandlingAction

I have a super simple extension to just jack in a static header for an api authentication on a Backbone site. It doesn't work, and I don't know why. Anyone have any ideas? from burp import IBurpExtender from burp import...

[python] registered callback 'performAction' never called

I want to use a python extension to calculate a custom header I need to read a header, url and body (in case of POST) and calc a SHA1. my code so far: https://paste.cybertinus.nl/p/u33AS8kCnT I double checked al...

Burp plugin that does not launch Burp GUI

We want to write a plugin that runs certain Burp functions, but does so in the background, and without launching the Burp GUI. Is there a way to suppress the GUI while executing certain functions (e.g., Scan)? Please...

Design of Active Scanner plugin vs InsertionPoints

Hi all, I'm new to extending Burp and I wanted to add an active scanner plugin for XXE injection. Therefore I want it to take all post requests, change the content type to text/html and perform some xml entity queries...

Is it possible to get the request that originated a response from a MessageEditorTab?

Hi, Is it possible to get the request that originated a response from a MessageEditorTab? Im only adding the tab for the responses, I want to search a log file based on a request header and paste the log entry in the...

Sqlite-jdbc and jython

Hello, I am trying to do a Python Burp Suite extension (with jython 2.7) and I want to use sqlite to save some data. I have some code examples to use "sqlite.JDBC" working properly with "jython" through the following...

Burp extension - OS Scanner

Just wondering if there are any type of extensions that may report OS vulnerabilities at all.

Use "Extract" UI in Plugin

Hello, Is it possible to integrate the existing Intruder "Define grep extract item" UI (or the Macro::Configure Item "Define Customer Parameter" UI) as part of an extension? I read through the API documentation but could...

Parsing AMF3 - Burp

Hi, I have a Flex app that is sending data using AMF3. I can see the contents in the AMF decode just fine. The problem now is that one of my request parameters is a Byte array. I can edit it in Raw mode, but if the length...

Need more info on GUI controls, configuration storing and parameters' parsing for my Burp extension

Greetings. I'm trying to compose my first Burp extension, and stumbled upon some problems I haven't been able to resolve with google's help. I have to mention that I'm not so skillfull programmer, also, so I'm in search for...

exitSuite

Can someone provide some example code for stopping burp suite programmatically using exitSuite as a Burp extension?

Which Java?

do i need to install Java SE Runtime (oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html) or Java for windows (java.com/en/download/windows_xpi.jsp?locale=en) to work with Extensions correctly? i...

Browser repeater extansion failed to load

Hi, I'm trying without luck to load "Browser repeater" extension. I'm doing this under 1.6.09 and 1.6.10 Burp Pro versions with jython-standalone-2.5.4-rc1.jar. I'm getting all the time the following error. Does...

Additional Scanner Checks Extension

What is the context in which the Additional Scanner Checks extension decides whether or not a header needs the following properties. strict-transport-security x-content-type-options: no sniff X-XSS-protection Some...

Extension bugs

Hi, Any tips for identifying extensions failing to meet Burp's level of quality? Right now I have java consuming all available CPU and looks like it's not going to recover. Considering how much extra work a crashed...