Burp Suite User Forum

Create new post

Decode Base64 Post body for Scanner

checkm50 | Last updated: Nov 26, 2022 01:52AM UTC

Hi team, I have a requirement wherein I want to perform active scan on requests that contain base64 encoded POST body. The entire body is base64 encoded. The body when decoded, gives JSON data. I want to write an extension that , 1. Decodes the POST body 2. Sends the decoded request to scanner for scanner to inject its payload 3. Encode the POST body back to Base64 format before it is sent to the server. Could you kindly assist me as to how I can achieve this? Thanks

Hannah, PortSwigger Agent | Last updated: Nov 28, 2022 09:03AM UTC

The Scanner should be able to insert payloads into Base 64 encoded data automatically. Are you finding that this isn't the case?

checkm50 | Last updated: Nov 28, 2022 02:53PM UTC

Hi Hannah, Nope it does not. All the payloads are applied outside of the base64 body. For example, following is one of the payloads that scanner injected, eyJhIjoiYSIsImIiOiJiIn0=' and (select*from(select(sleep(20)))a)-- Base64 string is untouched and the payloads are being appended. This is how scanner injected for every single request.

Hannah, PortSwigger Agent | Last updated: Nov 29, 2022 10:39AM UTC

Hi Could you drop us an email at support@portswigger.net? Would it be possible for you to include an example of a request that you are scanning? In terms of extension writing, you may find the following blog post helpful: https://www.pentagrid.ch/en/blog/teaching_burp_a_new_http_transport_encoding/

checkm50 | Last updated: Dec 05, 2022 01:32PM UTC

Hi Hannah, I am sorry I was out of office for couple of weeks. I will see if I can put together an example. We observed this during one of our engagements. Thanks a lot.

Hannah, PortSwigger Agent | Last updated: Dec 06, 2022 10:29AM UTC

No worries, feel free to drop us an email whenever you get a chance :)

Ankit | Last updated: May 31, 2023 07:11AM UTC

I too have a similar requirement. Is this currently supported by Burp Suite Pro?

Michelle, PortSwigger Agent | Last updated: Jun 01, 2023 01:47PM UTC

Can you email support@portswigger.net with a few more details of your requirement? Do you have any sample requests you could share with us to help explain what you need to achieve? Are you looking to create an extension to achieve these goals?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.