Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Other Extension interference

Tyler | Last updated: Jun 13, 2023 11:01AM UTC

Hey, I've written an extension that analyses an app's parameters. However, I come across an issue with other extensions such as log4shell everywhere adding the query parameter "action" to every request. I've played with the order of extensions but it doesn't seem to change. I am using Montoya and notice Log4shell uses Wiener, not sure if this matters. I am also using the HttpHandler interface when gathering request parameters. Any suggestions on how to avoid this? Thank you.

Hannah, PortSwigger Agent | Last updated: Jun 15, 2023 04:29PM UTC

Hi The order that extensions are in in the list is the order that they are loaded into Burp. In addition, requests go through the network stack in a specific order. It looks like Log4Shell everywhere is using a proxy listener/handler. When Proxy traffic comes into Burp, it first passes through the Proxy handler before being passed to the HTTP handler. This means that despite the ordering of extensions, the traffic will always have the parameter added to it before it gets passed to the HttpHandler. You could work around this by registering a ProxyRequestHandler for Proxy tool traffic. You must also ensure that your extension is loaded into Burp first.

Tyler | Last updated: Jun 16, 2023 08:04AM UTC

Hi Hannah, That solution should work, thank you.,

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.