Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Sending an unmodified and a modified HTTP request

Bill | Last updated: Jun 24, 2019 05:20PM UTC

I am trying to write an extension that when the user makes a request the extension will send two requests, an unmodified request so that the browser will load normally and one where a parameter is added at the end of the URL to test the website's response. I have been able to either make the website load but the parameter not being added consistently (sometimes added correctly, sometimes not added at all, and sometimes added multiple times) or the parameter is added properly and the website will not load. This is the basics of what I have now (which is the inconsistent adding but websites are loading): public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { if (!messageIsRequest) { executor.submit(() -> modifyAndProcessHttpMessage(toolFlag, messageInfo, this)); } } public static void modifyAndProcessHttpMessage(int toolFlag, IHttpRequestResponse messageInfo, BurpExtender burp) { // stringbuilder to create new request with size of the request plus a little for variable StringBuilder modifiedRequest = new StringBuilder(burp.helpers.bytesToString(messageInfo.getRequest()).length() + 32); // create copy of response IHttpRequestResponse newRequest = cloneIHttpRequestResponse(messageInfo); // split at new line String[] allLines = burp.helpers.bytesToString(newRequest.getRequest()).split("\\r?\\n"); // split first line String[] firstLine = allLines[0].split(" "); // temp to hold first line StringBuilder tempFirst = new StringBuilder(allLines[0].length() + 16); // check the first char if (burp.helpers.bytesToString(newRequest.getRequest()).charAt(0) == 'G') { // check if there are variables in the path to determine concat if (firstLine[1].contains("?")) { firstLine[1] = firstLine[1].concat("&asdf=1234"); } else { firstLine[1] = firstLine[1].concat("?asdf=1234"); } // temp to hold first line StringBuilder temp = new StringBuilder(allLines[0].length() + 16); // recreate first line for (int i = 0; i < firstLine.length; i++) { temp.append(firstLine[i] + " "); } // set the first line in all lines to the first line allLines[0] = temp.toString(); // recreate request for (int i = 0; i < allLines.length; i++) { modifiedRequest.append(allLines[i] + "\n"); } // the final request in string form String finalRequestString = modifiedRequest.toString(); // change from string to bytes and set request newRequest.setRequest(burp.helpers.stringToBytes(finalRequestString)); } else if (burp.helpers.bytesToString(newRequest.getRequest()).charAt(0) == 'P') { // make sure it is post and not put if (burp.helpers.bytesToString(newRequest.getRequest()).charAt(1) == 'O') { // check if there are variables in the path to determine concat if (firstLine[1].contains("?")) { firstLine[1] = firstLine[1].concat("&qwer=5678"); } else { firstLine[1] = firstLine[1].concat("?qwer=5678"); } // recreate first line for (int i = 0; i < firstLine.length; i++) { tempFirst.append(firstLine[i] + " "); } // set the first line in all lines to the first line allLines[0] = tempFirst.toString(); // recreate request for (int i = 0; i < allLines.length; i++) { modifiedRequest.append(allLines[i] + "\n"); } // the final request in string form String finalRequestString = modifiedRequest.toString(); // change from string to bytes and set request newRequest.setRequest(burp.helpers.stringToBytes(finalRequestString)); } else { // don't need to do anything if it is not post or get } } else { // don't need to do anything if it is not post or get } // make request that will test the page IHttpRequestResponse modifiedRequestResponse = burp.callbacks.makeHttpRequest(newRequest.getHttpService(), newRequest.getRequest()); if (modifiedRequestResponse.getResponse() == null) { modifiedRequestResponse.setResponse(new byte[0]); } } There's been a lot of different versions of this and a lot of different tests tried so this code might have some janky parts from previous attempts. Any help and/or advice would be greatly appreciated! Thanks!

PortSwigger Agent | Last updated: Jun 25, 2019 10:33AM UTC