Burp community forum

How to transfer some domain’s requests to my server?

fyooo | Last updated: Jul 29, 2015 09:11AM UTC

I use Burpsuite as a proxy, and I want to collect all the requests of some domain, then send these requests to my server . For example, I want to collect all the requests of [target.com]. When a request like below come through Burpsuite: ### request begin ### http://target.com/post.php?t=12 title=hi&content=thx ### request end ### To collect these requests, I created a web server in my laptop ### request begin ### http://127.0.0.1/getreq req_get=%68%74%74%70%3a%2f%2f%74%61%72%67%65%74%2e%63%6f%6d%2f%70%6f%73%74%2e%70%68%70%3f%74%3d%31%32&req_post=%74%69%74%6c%65%3d%68%69%26%63%6f%6e%74%65%6e%74%3d%74%68%78 ### request end ### It’s obvious that the `req_get` above is the urlencode of the get parameters of target.com, and the `req_post` is the urlencode of the post parameters of target.com. I found that the traffic redirector example [http://blog.portswigger.net/2012/12/sample-burp-suite-extension-traffic.html] is similar. My code: ``` package burp; import java.io.PrintWriter; import java.net.URL; public class BurpExtender implements IBurpExtender, IHttpListener, IBurpExtenderCallbacks, IExtensionHelpers { private static final String HOST_FROM = "target.com"; private static final String HOST_TO = "127.0.0.1"; private IExtensionHelpers helpers; // // implement IBurpExtender // @Override public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) { // obtain an extension helpers object helpers = callbacks.getHelpers(); // set our extension name callbacks.setExtensionName("Traffic redirector"); // register ourselves as an HTTP listener callbacks.registerHttpListener(this); } // // implement IHttpListener // @Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { // only process requests if (messageIsRequest) { // get the HTTP service for the request IHttpService httpService = messageInfo.getHttpService(); // if the host is HOST_FROM, change it to HOST_TO if (HOST_FROM.equalsIgnoreCase(httpService.getHost())) { byte[] request = messageInfo.getRequest(); String request_string = new String(request); String req_encode = urlEncode(request_string); byte[] report_req = buildHttpRequest(new URL("http://127.0.0.1/getreq")); String req_p_name = "reqs"; IParameter new_param = buildParameter(req_p_name, req_encode, PARAM_BODY); byte[] report_req = addParameter(report_req, new_param); byte[] resp = makeHttpRequest(HOST_TO, 80, false, report_req); messageInfo.setHttpService(helpers.buildHttpService( HOST_FROM, httpService.getPort(), httpService.getProtocol())); } } } } ``` When I compiled the code by command: `javac -d build src/burp/*.java` There’s errors: ``` src/burp/BurpExtender.java:6: error: BurpExtender is not abstract and does not override abstract method makeScannerInsertionPoint(String,byte[],int,int) in IExtensionHelpers public class BurpExtender implements IBurpExtender, IHttpListener, IExtensionHelpers ^ src/burp/BurpExtender.java:48: error: cannot find symbol String req_encode = urlEncode(request_string); ^ symbol: method urlEncode(String) location: class BurpExtender src/burp/BurpExtender.java:49: error: cannot find symbol byte[] report_req = buildHttpRequest(new URL("http://127.0.0.1/getreq")); ^ symbol: method buildHttpRequest(URL) location: class BurpExtender src/burp/BurpExtender.java:51: error: cannot find symbol IParameter new_param = buildParameter(req_p_name, req_encode, PARAM_BODY); ^ symbol: variable PARAM_BODY location: class BurpExtender src/burp/BurpExtender.java:52: error: variable report_req is already defined in method processHttpMessage(int,boolean,IHttpRequestResponse) byte[] report_req = addParameter(report_req, new_param); ^ src/burp/BurpExtender.java:52: error: cannot find symbol byte[] report_req = addParameter(report_req, new_param); ^ symbol: method addParameter(byte[],IParameter) location: class BurpExtender src/burp/BurpExtender.java:53: error: cannot find symbol byte[] resp = makeHttpRequest(HOST_TO, 80, false, report_req); ^ symbol: method makeHttpRequest(String,int,boolean,byte[]) location: class BurpExtender 7 errors ```

PortSwigger Agent | Last updated: Jul 29, 2015 10:13AM UTC

Your extension should not be implementing the interfaces IBurpExtenderCallbacks or IExtensionHelpers. Burp will provide instances of those to your extension for your code to use.

Burp User | Last updated: Jul 30, 2015 01:32AM UTC

@Dafydd Stuttard I've tried to remove IBurpExtenderCallbacks and IExtensionHelpers, such as: ``` public class BurpExtender implements IBurpExtender, IHttpListener ``` There's still an error: ``` javac -d build src/burp/*.java src/burp/BurpExtender.java:48: error: cannot find symbol String req_encode = urlEncode(request_string); ^ symbol: method urlEncode(String) location: class BurpExtender ```

PortSwigger Agent | Last updated: Jul 30, 2015 07:58AM UTC

Do you have a method called urlEncode()? Did you mean to call the method on IExtensionHelpers? You can obtain a helpers object by calling IBurpExtenderCallbacks.getHelpers().

Burp User | Last updated: Jul 30, 2015 09:58AM UTC

@Dafydd Stuttard thanks for your reply. I can compile my extender right now by : ``` javac -d build src/burp/*.java&&rm -rf bin/*.jar&&jar cf bin/b104ex.jar -C build burp ``` However, when I tried to add the extender into my burpsuite and send the target.com request, there's an error: ``` java.lang.NullPointerException at burp.BurpExtender.processHttpMessage(BurpExtender.java:58) at burp.cib.run(Unknown Source) at java.lang.Thread.run(Thread.java:745) ``` The line 58 is: ``` byte[] resp = cbs.makeHttpRequest(HOST_TO, 80, false, report_req); ``` And now my code is: ``` package burp; import java.net.*; public class BurpExtender implements IBurpExtender, IHttpListener { private static final String HOST_FROM = "target.com"; private static final String HOST_TO = "127.0.0.1"; private IExtensionHelpers helpers; private IBurpExtenderCallbacks cbs; // // implement IBurpExtender // @Override public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) { // obtain an extension helpers object helpers = callbacks.getHelpers(); // set our extension name callbacks.setExtensionName("Traffic redirector"); // register ourselves as an HTTP listener callbacks.registerHttpListener(this); } // // implement IHttpListener // @Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { //cbs.printOutput("Test in!"); // only process requests if (messageIsRequest) { // get the HTTP service for the request IHttpService httpService = messageInfo.getHttpService(); // if the host is HOST_FROM, change it to HOST_TO if (HOST_FROM.equalsIgnoreCase(httpService.getHost())) { byte[] request = messageInfo.getRequest(); String request_string = new String(request); String req_encode = helpers.urlEncode(request_string); try{ URL r_url = new URL("http://127.0.0.1/getreq"); byte[] report_req = helpers.buildHttpRequest(r_url); String req_p_name = "reqs"; IParameter new_param = helpers.buildParameter(req_p_name, req_encode, IParameter.PARAM_URL); report_req = helpers.addParameter(report_req, new_param); byte[] resp = cbs.makeHttpRequest(HOST_TO, 80, false, report_req); }catch (MalformedURLException e){ System.err.println("New URL failed"); System.err.println("exception thrown: " + e.getMessage()); } messageInfo.setHttpService(helpers.buildHttpService( HOST_FROM, httpService.getPort(), httpService.getProtocol())); } } } } ```

Burp User | Last updated: Jul 30, 2015 10:49AM UTC

I've fixed the bug by add a global `public burp.IBurpExtenderCallbacks mCallbacks; `, and now I can compiled and run it. But the web server cannot get any request like `http://127.0.0.1/getreq?reqs=xxx`. I don't know what's going on. What's more, I want to debug the program, but the code below could not work:( `mCallbacks.printOutput("Test in!");` The full source code is: ``` package burp; import java.net.*; public class BurpExtender implements IBurpExtender, IHttpListener { private static final String HOST_FROM = "target.com"; private static final String HOST_TO = "127.0.0.1"; private IExtensionHelpers helpers; public burp.IBurpExtenderCallbacks mCallbacks; // // implement IBurpExtender // @Override public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) { mCallbacks = callbacks; // obtain an extension helpers object helpers = callbacks.getHelpers(); // set our extension name callbacks.setExtensionName("Traffic redirector"); // register ourselves as an HTTP listener callbacks.registerHttpListener(this); } // // implement IHttpListener // @Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { //mCallbacks.printOutput("Test in!"); // only process requests if (messageIsRequest) { // get the HTTP service for the request IHttpService httpService = messageInfo.getHttpService(); // if the host is HOST_FROM, change it to HOST_TO if (HOST_FROM.equalsIgnoreCase(httpService.getHost())) { byte[] request = messageInfo.getRequest(); String request_string = new String(request); String req_encode = helpers.urlEncode(request_string); try{ URL r_url = new URL("http://127.0.0.1/getreq"); byte[] report_req = helpers.buildHttpRequest(r_url); String req_p_name = "reqs"; IParameter new_param = helpers.buildParameter(req_p_name, req_encode, IParameter.PARAM_URL); report_req = helpers.addParameter(report_req, new_param); byte[] resp = mCallbacks.makeHttpRequest(HOST_TO, 80, false, report_req); }catch (MalformedURLException e){ System.err.println("New URL failed"); System.err.println("exception thrown: " + e.getMessage()); } messageInfo.setHttpService(helpers.buildHttpService( HOST_FROM, httpService.getPort(), httpService.getProtocol())); } } } } ```

PortSwigger Agent | Last updated: Jul 30, 2015 12:36PM UTC

Sorry, I think this thread has gone beyond the scope of Burp support, and it's not feasible for us to provide general programming assistance to extension authors. If anyone else want to help out with this code, then feel free to do so.

Burp User | Last updated: Aug 04, 2015 02:22AM UTC

I just update the source code of Burpsuite API, it works right now. Thank you:)

You need to Log in to post a reply. Or register here, for free.