Burp community forum

How can i modify http requests with processHttpMessage

Onur | Last updated: Dec 16, 2015 07:36AM UTC

Hello, Im using the following code to replace "ReplaceMe" string to "x" string in intruder request however response still didn't replace "ReplaceMe" string. public void processHttpMessage(String toolName, boolean messageIsRequest, IHttpRequestResponse messageInfo) { try { String lowerCaseToolName = toolName.toLowerCase(); if ("intruder".equals(lowerCaseToolName)) { if (messageIsRequest) { String editedMessage = messageInfo.getRequest().toString().replaceAll("ReplaceMe", "x"); messageInfo.setRequest(editedMessage.getBytes()); } } } catch (Exception e) { } } Any help would be appreciated :)

Burp User | Last updated: Dec 16, 2015 07:37AM UTC

**request actually didn't changed

PortSwigger Agent | Last updated: Dec 16, 2015 10:32AM UTC

We would suggest printing the exception stack trace in your catch block, and inserting some debug/logging, to identify why your code isn't working.

Burp User | Last updated: Dec 16, 2015 11:36AM UTC

Hello, I actually did :\ In my log screen i saw that my ReplaceMe string is replaced with timestamp (as i wanted) processHttpMessage called inside intruder this is a message Replaced line GET /1450265429357 HTTP/1.1 processHttpMessage called inside intruder processHttpMessage called inside intruder this is a message Replaced line GET /14502654314681 HTTP/1.1 however Intruder tool still shows the original request with "ReplaceMe" string unreplaced Thanks for your answer

PortSwigger Agent | Last updated: Dec 16, 2015 11:39AM UTC

Changes made via an IHttpListener happen after a request has "left" the invoking tool, and before it hits the wire. The invoking tool doesn't know about them, and for various reasons the tools just report the request as they generated it. This is needed to ensure things like highlighting of payloads in scan requests is correctly applied.

Burp User | Last updated: Dec 16, 2015 11:52AM UTC

Thanks a lot ! :) I got your point, I define an upstream proxy to my burp and observe that requests are actually changing as i wanted. However intruder tool already sent the packet therefore cannot change the shown request

Burp User | Last updated: Jan 08, 2016 09:24PM UTC

The problem is that you use ´getRequest().toString()´ in a byte array. You must use 'bytesToString(byte[] s)' method of 'IExtensionHelpers'. You can create an object of that implemented interface by calling 'getHelpers()' from 'IBurpExtenderCallbacks' .

You need to Log in to post a reply. Or register here, for free.