Burp community forum

Parsing AMF3 - Burp

Arvind | Last updated: Mar 05, 2015 03:55PM UTC

Hi, I have a Flex app that is sending data using AMF3. I can see the contents in the AMF decode just fine. The problem now is that one of my request parameters is a Byte array. I can edit it in Raw mode, but if the length is increased/decreased by even a single byte - it messes up my request. And I can't apparently edit the Byte array contents using the AMF3 decoder - I can edit other fields though. Effectively I need to convert bytes_to_string, edit, convert string_back_to_bytes and forward. All this is straight forward with a simple extension, but I need to extract the byte array from my request body (Flex) for this and getParameters() fails as that's only for name=value pairs (I think). So the question is - is there a clean way to achieve what I am doing without writing *another* AMF 3 parser all together as that seems like an utter waste of time? :) Thanks Arvind

PortSwigger Agent | Last updated: Mar 09, 2015 11:51AM UTC

Unfortunately there isn't a way to access the internals of the AMF structure via the API, sorry. But have you tried the Blazer extension in the BApp Store - this generally has better AMF handling capabilities than Burp does natively, and it might do what you need without any further work.

Burp User | Last updated: Mar 13, 2015 07:06PM UTC

I'll give it a try the next time I have this problem. Thanks :)

You need to Log in to post a reply. Or register here, for free.