Burp Suite User Forum

Login to post

How to update the Multipart Attributes parameter correctly?

fa1ntStar | Last updated: Nov 10, 2021 09:14AM UTC

Dear support, I'm working on an extension that modifies the multipart attributes of a file that is uploaded via a multipart request. See the example request below: POST /doUpload.action HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------3297196947930723492622433018 Content-Length: 839 Origin: Connection: close Referer: Cookie: JSESSIONID=1s26nmfx3306dctknrgfonn02 Upgrade-Insecure-Requests: 1 -----------------------------3297196947930723492622433018 Content-Disposition: form-data; name="upload"; filename="Modify This Value!!!" Content-Type: application/octet-stream -----------------------------3297196947930723492622433018 Content-Disposition: form-data; name="caption" -----------------------------3297196947930723492622433018-- I'm want to modify the the value of filename by BurpSuite Extender API,but when I try to update the "PARAM_MULTIPART_ATTR" parameter, I'll catch a "java.lang.UnsupportedOperationException",so how can I update the Multipart Attributes parameter(like filename) correctly?See the code below: List<IParameter> parameters = helpers.analyzeRequest(messageInfo.getRequest()).getParameters(); Iterator iterator = parameters.iterator(); while (iterator.hasNext()){ IParameter oldParameter = (IParameter) iterator.next(); if (oldParameter.getType()==IParameter.PARAM_MULTIPART_ATTR && oldParameter.getName().equals("filename")){ IParameter newParameter = helpers.buildParameter(oldParameter.getName(),"test", IParameter.PARAM_MULTIPART_ATTR); try { //updateParameter will throw java.lang.UnsupportedOperationException newRequest = helpers.updateParameter(newRequest,newParameter); } catch (Exception e) { return null; } } } Kind regards

Hannah, PortSwigger Agent | Last updated: Nov 10, 2021 01:13PM UTC

Hi Thank you for your message. Have you had a look at how "Burp Bounty, Scan Check Builder" implements this functionality? That extension allows you to define the payload option for that insertion point type. You can find the source code for this extension (as well as others) on our GitHub repository here: - https://github.com/PortSwigger/scan-check-builder - https://github.com/PortSwigger Cheers Hannah Law Technical Product Specialist PortSwigger

You need to Log in to post a reply. Or register here, for free.