Burp Suite User Forum

Login to post

Burp Extension Python Import Error

John | Last updated: Jul 02, 2017 02:33PM UTC

Hi, I'm trying to create a new python extension but i'm guessing Jython cannot find the burp libs so i'm getting the following error: ImportError: cannot import name IBurpExtender While the extension code for this test only had: from burp import IBurpExtender Jython2.7.0_Standalone Burp 1.7.23 Could be related to syspath of something but i couldn't solve this problem. I doubt i need to create my own burp class for everything but i also wonder where does it supposed to take the API's from? the burp.jar itself? I should also mention i tried different variations of things: different burp versions separating all 3 files to a separate dir looking online

PortSwigger Agent | Last updated: Jul 03, 2017 07:02AM UTC

Yes, interfaces like IBurpExtender should load from the main burp jar. This usually works without any particular configuration. Do Python extensions in the BApp store work? e.g. NMAP Parser? To get more info, try the following code: print sys.path from java.lang import ClassLoader cl = ClassLoader.getSystemClassLoader() print map(lambda url: url.getFile(), cl.getURLs()) Please let us know if you need any further assistance.

Burp User | Last updated: Jul 03, 2017 01:03PM UTC

Hi, I got the following error from the provided code: SyntaxError: ("no viable alternative at input 'from'" at org.python.core.ParserFacade.fixParseError(ParserFacade.java:95) at org.python.core.ParserFacade.parse(ParserFacade.java:190) at org.python.core.Py.compile_flags(Py.java:1956) at org.python.core.__builtin__.execfile_flags(__builtin__.java:527) at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at burp.id.<init>(Unknown Source) at burp.emc.a(Unknown Source) at burp.qg.run(Unknown Source) at java.lang.Thread.run(Unknown Source I think there might be something wrong with Java in my OS But i've tried python extension from BApp store and they work fine, when coping the same extensions and loading them manually they again fail to find the Extender class.

PortSwigger Agent | Last updated: Jul 03, 2017 01:18PM UTC

Sorry, line breaks got messed up. Try this: bc. print sys.path from java.lang import ClassLoader cl = ClassLoader.getSystemClassLoader() print map(lambda url: url.getFile(), cl.getURLs())

PortSwigger Agent | Last updated: Jul 03, 2017 01:19PM UTC

Thanks for providing further information. That error is expected. The output is very useful - and shows that both the Python module path and Java class path are as expected. I agree with your diagnosis. There appears to be something corrupt with either Java or Jython. I recommend you reinstall both. To debug further you could try: java -cp burpsuite_pro_v1.7.23.jar:jython-standalone-2.7.0.jar org.python.util.jython from burp import IBurpExtender This should succeed. If it fails, send me the error message.

Burp User | Last updated: Jul 03, 2017 05:00PM UTC

Ok here is the error i got: Traceback (most recent call last): File "<string>", line 1, in <module> NameError: name 'BurpExtender' is not defined at org.python.core.Py.NameError(Py.java:284) at org.python.core.PyFrame.getname(PyFrame.java:257) at org.python.pycode._pyx5.f$0(<string>:1) at org.python.pycode._pyx5.call_function(<string>) at org.python.core.PyTableCode.call(PyTableCode.java:167) at org.python.core.PyCode.call(PyCode.java:18) at org.python.core.Py.runCode(Py.java:1386) at org.python.core.Py.exec(Py.java:1430) at org.python.util.PythonInterpreter.exec(PythonInterpreter.java:267) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at burp.id.<init>(Unknown Source) at burp.emc.a(Unknown Source) at burp.qg.run(Unknown Source) at java.lang.Thread.run(Unknown Source) And the output of the prints: ['C:\\Users\\admin\\Downloads\\test\\Lib', 'C:\\Users\\admin\\Downloads\\test\\jython-standalone-2.7.0.jar\\Lib', '__classpath__', '__pyclasspath__/', 'C:\\Users\\admin\\Downloads\\test'] [u'/C:/Users/admin/Downloads/test/burpsuite_pro_v1.7.23.jar']

Burp User | Last updated: Jul 04, 2017 11:15AM UTC

Hi Paul, Thanks for the detailed info, regarding the cmd command this is the error: Error: Could not find or load main class org.python.util.jython I would really hate to do any reinstalls and overwrite my configuration so it would be better for me to resolve this issue manually, just need to understand what it's looking for. I've installed Jython using the installer.jar and added it the PATH so it works from CMD Added\Changed JAVA_HOME too so it's correct and working now. JYTHON JAVA_HOME java jython all work and correct Re ran the above afterwards and still received the same error :(

PortSwigger Agent | Last updated: Jul 04, 2017 11:20AM UTC

Hi John, Burp needs the standalone Jython jar, not the installer. Can you double check that this file exists: C:\Users\admin\Downloads\test\jython-standalone-2.7.0.jar You need to execute the command I sent you in the directory: C:\Users\admin\Downloads\test\ The error message indicates that it can't find the main class within Jython. In that case you have some issue with Jython that is unrelated to Burp. Please let us know if you need any further assistance.

Burp User | Last updated: Jul 04, 2017 02:09PM UTC

Hi Paul, Understood, but the standalone is there in the same folder, just in case here are the contents of that dir: Directory of C:\Users\admin\Downloads\test 04-Jul-17 05:07 PM <DIR> . 04-Jul-17 05:07 PM <DIR> .. 02-Jul-17 05:27 PM 2,241 burp$py.class 03-Jul-17 07:57 PM 142 burp.py 13-Jun-17 01:52 PM 27,296,795 burpsuite_pro_v1.7.23.jar 13-Jun-17 01:33 PM 37,021,723 jython-standalone-2.7.0.jar The error is still the same as i mentioned above (files were there previously too) Any ideas how to debug it further?

PortSwigger Agent | Last updated: Jul 04, 2017 02:09PM UTC

Hi, First, try: bc. cd C:\Users\admin\Downloads\test java -cp jython-standalone-2.7.0.jar org.python.util.jython That should create a Python interpreter. If not, please send me the precise error. (don't say "same error as before" - that's unclear) Then try: bc. java -cp burpsuite_pro_v1.7.23.jar:jython-standalone-2.7.0.jar org.python.util.jython >>> from burp import IBurpExtender In addition, send a screenshot of the Extender > Options screen within Burp.

PortSwigger Agent | Last updated: Jul 04, 2017 02:16PM UTC

Hi John, Thanks for following up, and correcting the colon (Mac/Linux) to semi-colon (Windows). Lets recap where we're up to: 1) IBurpExtender imports correctly from command-line Jython 2) Extension has correct sys.path and classpath 3) BApp store extensions work fine 4) A simple extension "from burp import IBurpExtender" fails Can I ask you to try the Python hello world example from here: - http://blog.portswigger.net/2012/12/sample-burp-suite-extension-hello-world.html Hopefully that will work. Perhaps there is a typo in your original extension. Otherwise, go back to the output of sys.path and classpath from the code I sent a couple of days ago. Go through each directory and make sure your user account can read them. Perhaps the importer / classloader is failing on an early directory. You could try setting sys.path in interactive Jython to see how it behaves.

Burp User | Last updated: Jul 04, 2017 04:07PM UTC

Hi, For the first part there was no errors or issues. For the second part after changing : to ; in java -cp burpsuite_pro_v1.7.23.jar;jython-standalone-2.7.0.jar org.python.util.jython Since it's loading 2 separate jars. The command also ran without any issues and afterwards running from burp import IBurpExtender Also worked. Here is a link to the SS https://pasteboard.co/GzoGVNM.png Now how do i make it work in the gui?

PortSwigger Agent | Last updated: Jul 05, 2017 10:30AM UTC

Hi John, Glad to hear it's working! We'll bear this in mind if someone else has a similar issue in future. Yes, Intruder is only partially scriptable. Perhaps IIntruderPayloadGenerator would do what you need? Alternatively, you might be better using an IScannerCheck that implements doActiveScan.

Burp User | Last updated: Jul 05, 2017 12:59PM UTC

Hi Paul, The hello world application loaded successfully for me so i started playing with the original code to see what makes it work and ended up with something like this: from burp import IBurpExtender class BurpExtender(IBurpExtender): def registerExtenderCallbacks(self, callbacks): return Have just the import line isn't enough and it will complain about not having BurpExtender but have a class the implements IBurpExtender even if it's empty solves this issue. So in conclusion the test should be with an empty class and not just an import line :) Thanks for all the help i"l take it from here. As a side note and just to confirm there is no Intruder based API at this time right? just a way to pass info to the intruder tool. So if i want to automate a custom attack scenario i would have to make a new tool from scratch right? i.e. dictionary based input validation on all the fields in the history tab.

Burp User | Last updated: Jul 06, 2017 08:38AM UTC

Hi Paul, Thanks for the help with the original issue! IIntruderPayloadGenerator Only helps with custom payloads not initiating a full scale attack so tho it is useful in my case it still won't allow me to accomplish what is needed. I think you are right regarding the active scan since i can use doActiveScan to initiate requests with my custom payload, this will limit the extension to the pro version but sounds achievable and reasonable enough. Thanks for pointing it out i will continue to play with it..

Abu | Last updated: Mar 08, 2022 04:47PM UTC

def queueRequests(target, wordlists): engine = RequestEngine(endpoint=target.endpoint, concurrentConnections=1, requestsPerConnection=100, pipeline=False, engine=Engine.BURP ) for num in range(0, 10000): mfa_code='{0:04}'.format(num) engine.queue(target.req, mfa_code.rstrip()) def handleResponse(req, interesting): if '302 Found' in req.response: table.add(req) in this program i am getting user python error check extender for full details:The request has payload specified,but no %injection marker ..please solve my problem

Ben, PortSwigger Agent | Last updated: Mar 09, 2022 08:03AM UTC

Hi, Is this in relation to Turbo Intruder or something else?

sungat | Last updated: Sep 23, 2022 08:33AM UTC

Turbo Intruder i am getting user python error check extender for full please solve my problem user Python error,check extender for full details:java.lang.ArrayIndexOutofBondsExpcetionjava.lang.ArrayIndexOutOfBondsExpcetion:java.ArrayIndexOutOfBondsExpcetion Turbo Intruder # if you edit this file, ensure you keep the line endings as CRLF or you'll have a bad time import re def queueRequests(target, wordlists): # to use Burp's HTTP stack for upstream proxy rules etc engine-Engine.BURP engine = RequestEngine (endpoint-target.endpoint, concurrentConnections=1, requestsPerConnection=1, # if you increase this from 1, you may get false positives resume SSL=False, timeout=10, pipeline=False, maxRetriesPerRequest=0, engine=Engine.THREADED, ) # This will prefix the victim's request. Edit it to achieve the desired effect. attack = target.reg for 1 in range (1000): engine.queue(attack) time.sleep(1.1) def handleResponse(req, interesting): table.add(req) please solve my problem

Ben, PortSwigger Agent | Last updated: Sep 23, 2022 10:22AM UTC

Hi Sungat, If you navigate to the Extender -> Extensions tab within Burp, select Turbo Intruder from the list of extensions and then select the 'Output' tab this should provide some more details with regards to the error that is occurring - what are the details of the full stack trace? In addition to the above, what are you trying to achieve with the script that you have created?

You need to Log in to post a reply. Or register here, for free.