Burp Suite User Forum

Login to post

how to redirect and aduit in burp extention.

MayLion | Last updated: Apr 11, 2022 10:08AM UTC

I am creating an extension using python to send additional attack signatures with burp extender's doactive scan and analyze XSS etc. I specified an arbitrary attack signature that I set as the insertion point, and it succeeded from the response to the judgment of the vulnerability, but even if I receive status code 302 etc., the request after redirect does not occur. Like Audit in Burp professionnal, I want to check XSS to the redirect destination. What kind of function or code should I use? A cookie is required for the redirect destination request.

Hannah, PortSwigger Agent | Last updated: Apr 11, 2022 12:13PM UTC

Hi Extensions will not automatically follow redirects. You will have to specify that behavior yourself in your extension. In order to make an HTTP request, you can use IBurpExtenderCallbacks.makeHttpRequest().

MayLion | Last updated: Apr 11, 2022 12:54PM UTC

Thank you for your comment. It was exactly what I expected. You have to make an http request yourself, right? How can a redirect send the current logged-in cookie? It seems that redirect-related resources are relatively in demand, but isn't the sample code etc. publicly available?

Hannah, PortSwigger Agent | Last updated: Apr 11, 2022 01:40PM UTC

Yes, you would need to make the HTTP request yourself. If your original request contains the logged-in cookie, you could retrieve it from there. You could also experiment with session handling rules - however, this would require further testing to verify whether it gets applied to a hand-crafted HTTP request sent through the Extender API. We don't have any sample code available. Redirections can get complex, as you can have various different methods for redirection. You can find out more information about redirections in HTTP here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections If there are any BApp Store extensions that contain the functionality that you are trying to implement, you could check out how they've done it. All BApp Store extensions have their source code publicly available on GitHub here: https://github.com/PortSwigger If there's anything else we can help with then please let us know :)

You need to Log in to post a reply. Or register here, for free.