Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

using IMessageEditorController in Repeater

Jerome | Last updated: Oct 03, 2020 02:03PM UTC

Hi guys, I am trying to create an extension that adds a tab to the message editor where I need to access request values like the url in the response tab. As far as I know this is done using the getRequest method of the IMessageEditorController interface. This works fine in the Proxy tab, and also for extensions that implement this interface like Logger++. However, this doesn't seem to work in the Repeater tab. Now, I can understand why. When you send something to the Repeater there is no request yet, let alone an IHttpRequestResponse object, and as such the getRequest method returns null. However, after pressing the Send button, I guess internally there is some sort of IHttpRequestResponse object but this doesn't seem to be available to the controller. Could you explain what I am doing wrong, or if I just hit a limitation? My current hacky solution is to use processProxyMessage to add fake headers with request info to the response so I can access the request information using the content variable of a message editor. Thanks, Jerome P.S. I am writing this from my phone so I cannot share any source code, but to reproduce just add a simple tab that displays controller.getRequest() and see the difference between the Proxy tab and the Repeater tab.

Hannah, PortSwigger Agent | Last updated: Oct 05, 2020 11:42AM UTC

Hi Have you had a look at some example code that adds a tab to the Repeater messages? You can find the code for our Custom Editor Tab example on our Extensibility page: https://portswigger.net/burp/extender

Jerome | Last updated: Oct 05, 2020 05:55PM UTC

Hi Hannah, Thank you for your response. Unfortunately your example does not cover what I am trying to achieve. Let me try to explain again. The tab I am adding to the response side of the Repeater needs to access the content of the request side. This is done using https://portswigger.net/burp/extender/api/burp/IMessageEditorController.html#getRequest() Your example does not use this function. As mentioned before, using the getRequest function works fine in the Proxy tab but not in the Repeater tab. Jerome

Uthman, PortSwigger Agent | Last updated: Oct 07, 2020 01:17PM UTC

Hi Jerome, Can you look at examples on GitHub? - https://github.com/PortSwigger If you do not find a suitable example and your hack works, I would suggest going ahead with that.

Jerome | Last updated: Oct 08, 2020 01:57PM UTC

Hello, Thanks for your reply. I already looked at other extensions but could not find any that serve my purpose. In all honesty I am slightly disappointed with the reply to use a dirty hack. Despite my efforts to explain my issue in detail I don't have the feeling both support agents even tried to reproduce the issue and confirm what I am seeing. If you would confirm the issue, it can still go two ways. Either this is a known limitation so this post would become a feature request. If this is a bug, this post could serve as a bug report. Two replies referring to the documentation that I've already quoted and a generic github project is not particularly helpful, with all due respect. Jerome

Uthman, PortSwigger Agent | Last updated: Oct 09, 2020 08:45AM UTC