Research Academy Daily Swig
My account Customers About Blog Careers Legal Contact

Burp Suite User Forum

Login to post

Burp Custom Tab Extender

Jasveer | Last updated: Mar 18, 2020 03:57PM UTC

Hi, I am trying to learn how to write Burp Extender and I used one of the example from the following: https://github.com/PortSwigger/example-custom-editor-tab Since the above example, was using base64 encode and decode, I have decided change the extender from encoding/decoding Base64 to automatically URL encode and decode everything which was sent to the server. In my custom tab, I was able to view URL decoded value but upon trying to modify the value in custom tab, the custom tab automatically closes when I click on "Raw" tab and Raw and Hex are empty with no HTTP header, body and etc Below is my code. It would be grateful, if could tell me where I went wrong as I am still trying to learn programming. Thanks in advance. def getMessage(self): if self._txtInput.isTextModified(): # reserialize the data text = self._txtInput.getText() #base64 works but not urlEncode #input = self._extender._helpers.urlEncode(self._extender._helpers.base64Encode(text)) input = self._extender._helpers.urlEncode(text) print (input) # update the request with the new parameter value return self._extender._helpers.updateParameter(self._currentMessage, self._extender._helpers.buildParameter("data", input, IParameter.PARAM_BODY)) else: return self._currentMessage

Hannah, PortSwigger Agent | Last updated: Mar 19, 2020 10:30AM UTC

Hi. Although you have changed the methods used in getMessage(), you haven't changed the methods used in setMessage(). This means that your extension is trying to base64 decode an input that is not base64. As there is no error handling, the unexpected behavior occurs.

You need to Log in to post a reply. Or register here, for free.