Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Design of Active Scanner plugin vs InsertionPoints

Dirk | Last updated: May 15, 2015 10:52AM UTC

Hi all, I'm new to extending Burp and I wanted to add an active scanner plugin for XXE injection. Therefore I want it to take all post requests, change the content type to text/html and perform some xml entity queries for existing files. Problems I face : 1. I want this plugin to send one request url that supports POST. ( no matter how many parameters ) I tried to check for INS_PARAM_BODY, but that one does not get triggered when the body in the base request is empty. Dirty solution I guess I could (mis) check for the method and the INS_PARAM_URL insertion point, since that one seems to be called only once on each url. 2.So I'll define a custom insertion point. I want to create a custom insertion point that will only be used by some of my active scanner plugins. Now it appears to me that all the payloads are tried on all insertion points. This does seem like the logical approach , since than I could also test for other vulnerabilities where the payload is the full request body So my questions : 1. Is there a better way to create a scanner plugin that gets triggered only one time for each distinct url that was requested using POST ? 2. how to make sure that the insertion point in only used by active scanner plugins that explicitly defined them? Kind regards

PortSwigger Agent | Last updated: May 15, 2015 02:28PM UTC