Products Solutions Research Academy Daily Swig

Burp Suite User Forum

Login to post

How addToSiteMap decides if there is any existing matching item in the site map?

Marimuthu | Last updated: Aug 21, 2019 04:02AM UTC

I'm working on a burp extension to create a site map from burp logs saved in an XML file. The burp log may contain redundant logs in it. Hence, when adding IHttpRequestResponse to site map using "IBurpExtenderCallbacks.addToSiteMap" the redundant logs are removed. I want to have a list of all the redundant logs which are not included in the site map. Since "addToSiteMap" method does not return anything. There is no way I could figure out whether given IHttpRequestResponse is successfully or rejected. I tried to compare the content (byte[] returned by IHttpRequestResponse.getRequest and IHttpRequestResponse.getResponse) of IHttpRequestResponse's returned from "getSiteMap" method passing the URL prefix of the request I'm adding with the IHttpRequestResponse I'm adding using Arrays.equals. But the number of matching requests is far less than the requests not added to site map. I even tried to compare the request I'm adding with an entire site map, just to be sure I not missing anything but of no use. For example. After adding 2000 IHttpRequestResponse using addToSiteMap, sitemap contains only 1200 requests and matching requests list contains only 60 logs in it. I'm sure addToSiteMap is not just comparing the byte[] of requests and responses it is doing some kind of deep comparison of object. Is there any way I can extract the requests that are not added to sitemap when calling addToSiteMap?

Burp User | Last updated: Aug 21, 2019 07:17AM UTC

Looks like IHttpRequestResponse comparison is done based on byte[] returned by IHttpRequestResponse.getRequest only.

Mike, PortSwigger Agent | Last updated: Aug 21, 2019 12:32PM UTC

Hi Marimuthu, looking through the code, it appears that it uses a Java map to store the sites based on URL keys. So when you add a new site to the sitemap it will first look for if a site already exists with that URL and it if doesn't exist then it will add it to the sitemap. Unfortunately there is no obvious way to get what sites are redundant in your case, could you use IBurpExtenderCallback.getSiteMap(urlPrefix) to get the current sitemap and then compare what you already have in that list compared to what is in your logfile to work out what is redundant?

You need to Log in to post a reply. Or register here, for free.